Skip to main content
Version: 3.28.0

verify()

The verify() method verifies a digital signature.

It takes as its arguments a key to verify the signature with, some algorithm-specific parameters, the signature, and the original signed data. It returns a Promise which will be fulfilled with a boolean value indicating whether the signature is valid.

Syntax

verify(algorithm, key, signature, data)

Parameters

  • algorithm
    • : A string or object defining the algorithm to use, and for some algorithm choices, some extra parameters. The values given for the extra parameters must match those passed into the corresponding sign() call.
      • To use RSASSA-PKCS1-v1_5, pass the string "RSASSA-PKCS1-v1_5" or an object of the form { "name": "RSASSA-PKCS1-v1_5" }.
      • To use HMAC, pass the string "HMAC" or an object of the form { "name": "HMAC" }.
  • key
    • : A CryptoKey containing the key that will be used to verify the signature. It is the secret key for a symmetric algorithm and the public key for a public-key system.
  • signature
    • : A ArrayBuffer containing the signature to verify.
  • data
    • : A ArrayBuffer containing the data whose signature is to be verified.

Return value

A Promise that fulfills with a boolean value: true if the signature is valid, false otherwise.

Exceptions

The promise is rejected when the following exception is encountered:

  • InvalidAccessError
    • : Raised when the encryption key is not a key for the requested verifying algorithm or when trying to use an algorithm that is either unknown or isn't suitable for a verify operation.

Supported algorithms

The verify() method supports the same algorithms as the sign() method.