Function verifyBuf

  • verify signature with specified public key, algorithm and data

    Parameters

    • sigalg: SignatureAlgorithmName

      signature algorithm name (ex. SHA256withRSA)

    • keyobjOrString: string | CryptoKey

      key for verification. CryptoKey object, PKCS#8 PEM public key or HMAC hexadecimal key string

    • abSig: ArrayBuffer

      ArrayBuffer signature value

    • abData: ArrayBuffer

      ArrayBuffer data to be verified

    • Optional saltlen: number

      RSA-PSS salt length when you don't want to use default length

    Returns Promise<boolean>

    true if signature is valid

    See

    Description

    NOTE1: Generated ECDSA signature value will be a concatinated signature value of R and S which is compatible to JWS(JSON Web Signatures) or W3C Web Crypto API. However it doesn't with OpenSSL nor Java because OpenSSL or Java's ECDSA signature value is an ASN.1 data of R and S. So you may need to convert signature by sigASN1toRS function to verify a OpenSSL EC signature.
    NOTE2: Regarding to RSA-PSS signature verification, default salt length depends on hash algorithm. For SHA1withRSAandMGF1, SHA256withRSAandMGF1, SHA384withRSAandMGF1 or SHA512withRSAandMGF1, it will be 20, 32, 48 or 64 respectively.

    Example

    await verifyBuf("SHA256withECDSA", pubkey, hextoArrayBuffer("91ac..."), hextoArrayBuffer("616161")) -> true