Movatterモバイル変換

[0]ホーム
URL:

  1. Web
  2. Web APIs
  3. SubtleCrypto
  4. verify()

SubtleCrypto: verify() method

Baseline Widely available *

This feature is well established and works across many devices and browser versions. It’s been available across browsers since January 2020.

* Some parts of this feature may have varying levels of support.

Secure context: This feature is available only insecure contexts (HTTPS), in some or allsupporting browsers.

Note: This feature is available inWeb Workers.

Theverify() method of theSubtleCryptointerface verifies a digitalsignature.

It takes as its arguments akey to verify the signature with, some algorithm-specific parameters, the signature, and the original signed data.It returns aPromise which will be fulfilled with a boolean value indicating whether the signature is valid.

Syntax

js
verify(algorithm, key, signature, data)

Parameters

algorithm

A string or object defining the algorithm to use, and for some algorithm choices, some extra parameters.The values given for the extra parameters must match those passed into the correspondingsign() call.

  • To useRSASSA-PKCS1-v1_5,pass the string"RSASSA-PKCS1-v1_5" or an object of the form{ "name": "RSASSA-PKCS1-v1_5" }.
  • To useRSA-PSS, pass anRsaPssParams object.
  • To useECDSA, pass anEcdsaParams object.
  • To useHMAC, pass the string"HMAC" or an object of the form{ "name": "HMAC" }.
  • To useEd25519, pass an object of the form{ "name": "Ed25519" }.
key

ACryptoKey containing the key that will be used to verify the signature.It is the secret key for a symmetric algorithm and the public key for a public-key system.

signature

AnArrayBuffer containing thesignature to verify.

data

AnArrayBuffer containing the data whose signature is to be verified.

Return value

APromise that fulfills with aboolean value:true if the signature is valid,falseotherwise.

Exceptions

The promise is rejected when the following exception is encountered:

InvalidAccessErrorDOMException

Raised when the encryption key is not a key for the requested verifying algorithm or when trying to use an algorithm that is either unknown or isn't suitable for a verify operation.

Supported algorithms

Theverify() method supports the same algorithms as thesign() method.

Examples

Note:You cantry the working examples out on GitHub.

RSASSA-PKCS1-v1_5

This code uses a public key to verify a signature.See the complete code on GitHub.

js
/*Fetch the contents of the "message" textbox, and encode itin a form we can use for sign operation.*/function getMessageEncoding() {  const messageBox = document.querySelector(".rsassa-pkcs1 #message");  let message = messageBox.value;  let enc = new TextEncoder();  return enc.encode(message);}/*Fetch the encoded message-to-sign and verify it against the stored signature.* If it checks out, set the "valid" class on the signature.* Otherwise set the "invalid" class.*/async function verifyMessage(publicKey) {  const signatureValue = document.querySelector(    ".rsassa-pkcs1 .signature-value",  );  signatureValue.classList.remove("valid", "invalid");  let encoded = getMessageEncoding();  let result = await window.crypto.subtle.verify(    "RSASSA-PKCS1-v1_5",    publicKey,    signature,    encoded,  );  signatureValue.classList.add(result ? "valid" : "invalid");}

RSA-PSS

This code uses a public key to verify a signature.See the complete code on GitHub.

js
/*Fetch the contents of the "message" textbox, and encode itin a form we can use for sign operation.*/function getMessageEncoding() {  const messageBox = document.querySelector(".rsa-pss #message");  let message = messageBox.value;  let enc = new TextEncoder();  return enc.encode(message);}/*Fetch the encoded message-to-sign and verify it against the stored signature.* If it checks out, set the "valid" class on the signature.* Otherwise set the "invalid" class.*/async function verifyMessage(publicKey) {  const signatureValue = document.querySelector(".rsa-pss .signature-value");  signatureValue.classList.remove("valid", "invalid");  let encoded = getMessageEncoding();  let result = await window.crypto.subtle.verify(    {      name: "RSA-PSS",      saltLength: 32,    },    publicKey,    signature,    encoded,  );  signatureValue.classList.add(result ? "valid" : "invalid");}

ECDSA

This code uses a public key to verify a signature.See the complete code on GitHub.

js
/*Fetch the contents of the "message" textbox, and encode itin a form we can use for sign operation.*/function getMessageEncoding() {  const messageBox = document.querySelector(".ecdsa #message");  let message = messageBox.value;  let enc = new TextEncoder();  return enc.encode(message);}/*Fetch the encoded message-to-sign and verify it against the stored signature.* If it checks out, set the "valid" class on the signature.* Otherwise set the "invalid" class.*/async function verifyMessage(publicKey) {  const signatureValue = document.querySelector(".ecdsa .signature-value");  signatureValue.classList.remove("valid", "invalid");  let encoded = getMessageEncoding();  let result = await window.crypto.subtle.verify(    {      name: "ECDSA",      hash: { name: "SHA-384" },    },    publicKey,    signature,    encoded,  );  signatureValue.classList.add(result ? "valid" : "invalid");}

HMAC

This code uses a secret key to verify a signature.See the complete code on GitHub.

js
/*Fetch the contents of the "message" textbox, and encode itin a form we can use for sign operation.*/function getMessageEncoding() {  const messageBox = document.querySelector(".hmac #message");  let message = messageBox.value;  let enc = new TextEncoder();  return enc.encode(message);}/*Fetch the encoded message-to-sign and verify it against the stored signature.* If it checks out, set the "valid" class on the signature.* Otherwise set the "invalid" class.*/async function verifyMessage(key) {  const signatureValue = document.querySelector(".hmac .signature-value");  signatureValue.classList.remove("valid", "invalid");  let encoded = getMessageEncoding();  let result = await window.crypto.subtle.verify(    "HMAC",    key,    signature,    encoded,  );  signatureValue.classList.add(result ? "valid" : "invalid");}

Ed25519

TheEd25519 live example inSubtleCrypto.sign() shows how to generate public and private keys, use the private key to sign some data, and then use the public key to verify the signature.

The excerpt below shows the part that is relevant for verifying the signature using the public key and encoded data:

js
// Verify the signature using the public keyconst verifyResult = await crypto.subtle.verify(  {    name: "Ed25519",  },  publicKey,  signature,  encodedData,);// True if the signature is valid.

Specifications

Specification
Web Cryptography Level 2
# SubtleCrypto-method-verify

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on byMDN contributors.

[8]ページ先頭
©2009-2026 Movatter.jp