Nossos voluntários ainda não traduziram este artigo para o Português (do Brasil). Junte-se a nós e ajude-nos a fazer o trabalho!
Você também pode ler o artigo em English (US).

The SubtleCrypto.verify() method verifies a digital signature.

It takes as arguments a key to verify the signature with, some algorithm-specific parameters, the signature, and the original signed data. It returns a Promise which will be resolved with a Boolean value indicating whether the signature is valid.

Syntax

var result = crypto.subtle.verify(algorithm, key, signature, data);

Parameters

  • algorithm is a DOMString defining the algorithm to use, and for some algorithm choices, some extra parameters. The values given for the extra parameters must match those passed into the corresponding sign() call.
    • To use RSASSA-PKCS1-v1_5, pass the string "RSASSA-PKCS1-v1_5" or an object of the form { "name": "RSASSA-PKCS1-v1_5" }.
    • To use RSA-PSS, pass an RsaPssParams object.
    • To use ECDSA, pass an EcdsaParams object.
    • To use HMAC, pass the string "HMAC" or an object of the form { "name": "HMAC" }. 
  • key is a CryptoKey containing the key which will be used to verify the signature. It is the secret key for a symmetric algorithm and the public key for an public-key system.
  • signature is a ArrayBuffer containing the signature to verify.
  • data is a ArrayBuffer containing the data whose signature is to be verified.

Return value

  • result is a Promise that on success resolves with a Boolean: true if the signature is valid, false otherwise.

Exceptions

The promise is rejected when the following exception is encountered:

  • InvalidAccessError when the encryption key is not a key for the requested verifying algorithm or when trying to use an algorithm that is either unknown or isn't suitable for a verify operation.

Supported algorithms

The verify() method supports the same algorithms as the sign() method.

Examples

RSASSA-PKCS1-v1_5

This code uses a public key to verify a signature.

/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for sign operation.
*/
function getMessageEncoding() {
  const messageBox = document.querySelector(".rsassa-pkcs1 #message");
  let message = messageBox.value;
  let enc = new TextEncoder();
  return enc.encode(message);
}

/*
Fetch the encoded message-to-sign and verify it against the stored signature.
* If it checks out, set the "valid" class on the signature.
* Otherwise set the "invalid" class.
*/
async function verifyMessage(publicKey) {
  const signatureValue = document.querySelector(".rsassa-pkcs1 .signature-value");
  signatureValue.classList.remove("valid", "invalid");

  let encoded = getMessageEncoding();
  let result = await window.crypto.subtle.verify(
    "RSASSA-PKCS1-v1_5",
    publicKey,
    signature,
    encoded
  );

  signatureValue.classList.add(result ? "valid" : "invalid");
}

RSA-PSS

This code uses a public key to verify a signature.

/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for sign operation.
*/
function getMessageEncoding() {
  const messageBox = document.querySelector(".rsa-pss #message");
  let message = messageBox.value;
  let enc = new TextEncoder();
  return enc.encode(message);
}

/*
Fetch the encoded message-to-sign and verify it against the stored signature.
* If it checks out, set the "valid" class on the signature.
* Otherwise set the "invalid" class.
*/
async function verifyMessage(publicKey) {
  const signatureValue = document.querySelector(".rsa-pss .signature-value");
  signatureValue.classList.remove("valid", "invalid");

  let encoded = getMessageEncoding();
  let result = await window.crypto.subtle.verify(
    {
      name: "RSA-PSS",
      saltLength: 32,
    },
    publicKey,
    signature,
    encoded
  );

  signatureValue.classList.add(result ? "valid" : "invalid");
}

ECDSA

This code uses a public key to verify a signature.

/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for sign operation.
*/
function getMessageEncoding() {
  const messageBox = document.querySelector(".ecdsa #message");
  let message = messageBox.value;
  let enc = new TextEncoder();
  return enc.encode(message);
}

/*
Fetch the encoded message-to-sign and verify it against the stored signature.
* If it checks out, set the "valid" class on the signature.
* Otherwise set the "invalid" class.
*/
async function verifyMessage(publicKey) {
  const signatureValue = document.querySelector(".ecdsa .signature-value");
  signatureValue.classList.remove("valid", "invalid");

  let encoded = getMessageEncoding();
  let result = await window.crypto.subtle.verify(
    {
      name: "ECDSA",
      hash: {name: "SHA-384"},
    },
    publicKey,
    signature,
    encoded
  );

  signatureValue.classList.add(result ? "valid" : "invalid");
}

HMAC

This code uses a secret key to verify a signature.

/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for sign operation.
*/
function getMessageEncoding() {
   const messageBox = document.querySelector(".hmac #message");
   let message = messageBox.value;
   let enc = new TextEncoder();
   return enc.encode(message);
}

/*
Fetch the encoded message-to-sign and verify it against the stored signature.
* If it checks out, set the "valid" class on the signature.
* Otherwise set the "invalid" class.
*/
async function verifyMessage(key) {
   const signatureValue = document.querySelector(".hmac .signature-value");
   signatureValue.classList.remove("valid", "invalid");

   let encoded = getMessageEncoding();
   let result = await window.crypto.subtle.verify(
     "HMAC",
     key,
     signature,
     encoded
   );

   signatureValue.classList.add(result ? "valid" : "invalid");
}

Specifications

Specification Status Comment
Web Cryptography API
The definition of 'SubtleCrypto.verify()' in that specification.
Recommendation Initial definition.

Browser compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Basic supportChrome Full support 37Edge Partial support 12
Notes
Partial support 12
Notes
Notes Not supported: RSA-PSS, ECDSA.
Firefox Full support 34
Full support 34
No support 32 — 34
Disabled
Disabled From version 32 until version 34 (exclusive): this feature is behind the dom.webcrypto.enabled preference (needs to be set to true). To change preferences in Firefox, visit about:config.
IE Partial support 11
Notes
Partial support 11
Notes
Notes Returns CryptoOperation instead of Promise
Opera Full support 24Safari Full support 7WebView Android Full support 37Chrome Android Full support 37Edge Mobile Full support 12Firefox Android Full support 34
Full support 34
No support 32 — 34
Disabled
Disabled From version 32 until version 34 (exclusive): this feature is behind the dom.webcrypto.enabled preference (needs to be set to true). To change preferences in Firefox, visit about:config.
Opera Android Full support 24Safari iOS Full support 7Samsung Internet Android Full support 6.0

Legend

Full support  
Full support
Partial support  
Partial support
See implementation notes.
See implementation notes.
User must explicitly enable this feature.
User must explicitly enable this feature.

See also

Etiquetas do documento e colaboradores

Colaboradores desta página: wbamberg, fscholz, Dans24, abbycar, jyasskin, teoli, GreatCall-KayeK
Última atualização por: wbamberg,