1. Home
  2. Reference documentation
  3. VCL reference
  4. Functions
  5. Cryptographic

digest.ecdsa_verify

BOOLdigest.ecdsa_verifyIDhash_methodSTRINGpublic_keySTRINGpayloadSTRINGdigestIDdigest_formatIDbase64_method

Available inall subroutines.

Returns true if the ECDSA signature of payload using public_key matches digest.

The hash_method parameter is the hash function used in the signing scheme. It can be sha1, sha256, sha384, or sha512.

The public_key parameter requires an NIST P-256 public key (ANSI prime256v1) in the PEM key format.

The payload parameter is the original message to verify against digest.

The digest parameter is the Base64-encoded purported signature of payload. This will be decoded as if by digest.base64_decode using the base64_method described below.

The digest_format parameter is the signature format of digest. It can be der, the standard ECDSA format (ASN.1 DER-encoded r, s pair), or jwt, the signature part (R || S) of a JWT as specified by RFC-7515.

The optional base64_method parameter selects the Base64 variant to use to decode digest. It can be standard, url, url_nopad, or default (url_nopad).

Verification of JWT signatures only supports JWA ES256 (see RFC-7518), which requires the sha256 hash function. Note that the signature part must be extracted from the JWT.

Examples

Verifying a JWT signature provided as a Bearer Token

In this simple example, the JWT header and payload are not examined. In practice, the details of any given JWT (in particular its algorithm and expiry) should be verified to ensure they meet expectations. The Decoding JSON Web Tokens tutorial demonstrates how to do this.

declare local var.header_and_payload STRING;
declare local var.signature STRING;


if (req.http.Authorization ~ "^Bearer ([a-zA-Z\d\-_=]+\.[a-zA-Z\d\-_=]+)\.([a-zA-Z\d\-_=]+)\z") {
    set var.header_and_payload = re.group.1;
    set var.signature = re.group.2;
} else {
    # Handle unexpected Authorization header format
    # ...
}


if (digest.ecdsa_verify(sha256, {"-----BEGIN PUBLIC KEY-----
aabbccddIieEffggHHhEXAMPLEPUBLICKEY
-----END PUBLIC KEY-----"}, var.header_and_payload, var.signature, jwt, url_nopad)) {
  set req.http.Verified = "Verified";
} else {
  set req.http.Verified = "Not Verified";
}

Verifying a DER digest

if (digest.ecdsa_verify(sha256, {"-----BEGIN PUBLIC KEY-----
aabbccddIieEffggHHhEXAMPLEPUBLICKEY
-----END PUBLIC KEY-----"}, req.http.Payload, req.http.Digest, der, url_nopad)) {
  set req.http.Verified = "Verified";
} else {
  set req.http.Verified = "Not Verified";
}
Fastly
© Fastly 2025