菜单
开源
verify
verify() 操作用于验证数字签名。它确保某些数据由已知密钥签名,并且自签名以来数据未被篡改。
使用
verify(algorithm, key, signature, data)参数
| 名称 | 类型 | 描述 |
|---|---|---|
algorithm | string 或包含单个 name 字符串属性的对象 ({name: "RSASSA-PKCS1-v1_5"}) 或 EcdsaParams、HmacKeyGenParams 或 RsaPssParams 对象。 | 要使用的签名算法。 |
key | CryptoKey | 用于验证签名的密钥。 |
signature | ArrayBuffer | 要验证的签名。 |
data | ArrayBuffer | 要验证其签名的数据。 |
支持的算法
| ECDSA | HMAC | RSASSA-PKCS1-v1_5 | RSA-PSS |
|---|---|---|---|
| ✅ EcdsaParams | ✅ HmacKeyGenParams | ✅ | ✅ RsaPssParams |
返回值
一个 Promise,解析为一个 boolean 值,指示签名是否有效。
抛出
| 类型 | 描述 |
|---|---|
InvalidAccessError | 当密钥不支持 verify 操作或与所选算法不兼容时抛出。 |
示例
验证 HMAC 签名
export default async function () {
const generatedKey = await crypto.subtle.generateKey(
{
name: 'HMAC',
hash: { name: 'SHA-1' },
},
true,
['sign', 'verify']
);
const data = string2ArrayBuffer('Hello World');
/**
* Signes the encoded data with the provided key using the HMAC algorithm
* the returned signature can be verified using the verify method.
*/
const signature = await crypto.subtle.sign('HMAC', generatedKey, data);
/**
* Verifies the signature of the encoded data with the provided key using the HMAC algorithm.
*/
const verified = await crypto.subtle.verify('HMAC', generatedKey, signature, data);
console.log('verified: ', verified);
}
function string2ArrayBuffer(str) {
const buf = new ArrayBuffer(str.length * 2); // 2 bytes for each char
const bufView = new Uint16Array(buf);
for (let i = 0, strLen = str.length; i < strLen; i++) {
bufView[i] = str.charCodeAt(i);
}
return buf;
}验证 ECDSA 签名
export default async function () {
const publicKey = await crypto.subtle.importKey(
'spki',
spkiPublicKeyData,
{ name: 'ECDSA', namedCurve: 'P-256' },
true,
['verify']
);
// Verifies the signature of the encoded data with the provided key
const verified = await crypto.subtle.verify(
{
name: 'ECDSA',
hash: 'SHA-256',
},
publicKey,
signature,
plaintText
);
console.log('verified: ', verified);
}
const spkiPublicKeyData = new Uint8Array([
48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0,
4, 10, 5, 30, 56, 111, 103, 196, 166, 225, 229, 203, 238, 125, 55, 116, 91, 88, 142, 190, 114, 15,
117, 89, 22, 40, 111, 150, 41, 105, 122, 57, 23, 17, 216, 106, 234, 201, 103, 8, 210, 58, 38, 35,
216, 198, 237, 187, 84, 217, 164, 63, 100, 6, 105, 49, 128, 15, 53, 29, 158, 117, 235, 238, 30,
]);
const plaintText = new Uint8Array([
95, 77, 186, 79, 50, 12, 12, 232, 118, 114, 90, 252, 229, 251, 210, 91, 248, 62, 90, 113, 37, 160,
140, 175, 231, 60, 62, 186, 196, 33, 119, 157, 249, 213, 93, 24, 12, 58, 233, 148, 38, 69, 225,
216, 47, 238, 140, 157, 41, 75, 60, 177, 160, 138, 153, 49, 32, 27, 60, 14, 129, 252, 71, 202,
207, 131, 21, 162, 175, 102, 50, 65, 19, 195, 182, 98, 48, 195, 70, 8, 196, 244, 89, 54, 52, 206,
2, 178, 103, 54, 34, 119, 240, 168, 64, 202, 116, 188, 61, 26, 98, 54, 149, 44, 94, 215, 170, 248,
168, 254, 203, 221, 250, 117, 132, 230, 151, 140, 234, 93, 42, 91, 159, 183, 241, 180, 140, 139,
11, 229, 138, 48, 82, 2, 117, 77, 131, 118, 16, 115, 116, 121, 60, 240, 38, 170, 238, 83, 0, 114,
125, 131, 108, 215, 30, 113, 179, 69, 221, 178, 228, 68, 70, 255, 197, 185, 1, 99, 84, 19, 137,
13, 145, 14, 163, 128, 152, 74, 144, 25, 16, 49, 50, 63, 22, 219, 204, 157, 107, 225, 104, 184,
72, 133, 56, 76, 160, 62, 18, 96, 10, 193, 194, 72, 2, 138, 243, 114, 108, 201, 52, 99, 136, 46,
168, 192, 42, 171,
]);
const signature = new Uint8Array([
83, 223, 63, 226, 42, 29, 106, 105, 225, 145, 197, 180, 118, 154, 109, 110, 66, 67, 47, 251, 53,
190, 203, 65, 207, 36, 19, 57, 49, 122, 124, 118, 59, 74, 222, 134, 42, 235, 180, 229, 134, 24,
205, 81, 171, 156, 100, 218, 127, 242, 126, 53, 27, 77, 249, 101, 157, 132, 244, 30, 67, 30, 64,
12,
]);
