Web Crypto API RSASSA-PKCS1-v1_5 Generate Keys Sign & verify Message

by Anish

Posted on Monday september 24, 2018

This sample chapter extracted from the book, Cryptography for JavaScript Developers.

The Web crypto api RSASSA-PKCS1-v1_5 algorithm identifier is used to perform signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in [RFC3447] and using the SHA hash functions defined in this specification.

  • Sign: Perform the signature generation operation
  • Verify: Perform the signature verification operation
  • Generate Key: Generate an RSA key pair, with RSA modulus length equal to the modulusLength attribute of normalizedAlgorithm and RSA public exponent equal to the publicExponent attribute of normalizedAlgorithm

RSASSA-PKCS1-v1_5 Demo

This is the web cryptography api example of performing RSASSA-PKCS1-v1_5 message signing and verifying the signature, for the demo purpose the RSASSA-PKCS1-v1_5 keys are extracted in JWK format

Input Text to Signed
Signature Output (Hex)
RSASSA-PKCS1-v1_5 Public Key (JWK) :
RSASSA-PKCS1-v1_5 Private Key (JWK):

RSASSA-PKCS1-v1_5 Javascript example of using webcrypto api

Generate RSASSA-PKCS1-v1_5 Keys for the signing and verifying purpose, message signing is done through

            name: "RSASSA-PKCS1-v1_5",
            modulusLength: 2048, //can be 1024, 2048, or 4096
            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
            hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
        true, //whether the key is extractable (i.e. can be used in exportKey)
        ["sign", "verify"] //can be any combination of "sign" and "verify"
    .then(function(key) {

        publicKey = key.publicKey;
        privateKey = key.privateKey;
        // For Demo Purpos Only Exported in JWK format
        window.crypto.subtle.exportKey("jwk", key.publicKey).then(
            function(keydata) {
                publicKeyhold = keydata;
                publicKeyJson = JSON.stringify(publicKeyhold);
                document.getElementById("rsapublic").value = publicKeyJson;

        window.crypto.subtle.exportKey("jwk", key.privateKey).then(
            function(keydata) {
                privateKeyhold = keydata;
                privateKeyJson = JSON.stringify(privateKeyhold);
                document.getElementById("rsaprivate").value = privateKeyJson;

The sign process using the user private key.

                    name: "RSASSA-PKCS1-v1_5",
                privateKey, //from generateKey or importKey above
                asciiToUint8Array(plainText) //ArrayBuffer of data you want to sign
            .then(function(signature) {
                //returns an ArrayBuffer containing the signature
                document.getElementById("cipherText").value = bytesToHexString(signature);
            .catch(function(err) {

    .catch(function(err) {

RSASSA-PKCS1-v1_5 Verify the message signature using the public key

            name: "RSASSA-PKCS1-v1_5",
        publicKey, //from generateKey or importKey above
        hexStringToUint8Array(cipherText), //ArrayBuffer of the data
    .then(function(decrypted) {
        alert("Verified   " + decrypted);
    .catch(function(err) {

Download the sample code here
Next Reading RSA-OAEP generateKey/Encrypt/Decrypt

Thanku for reading !!! Give a Share for Support

Asking for donation sound bad to me, so i'm raising fund from The Modern Cryptography CookBook for Just $9. Leanpub books Discount coupon first 100 reader. No hurry read the sample chapters here then decide.

Alternatively to support you can buy My all four Cryptography book Just $10.99

  • The Modern Cryptography Book.
  • Go lang Cryptography for developers
  • Python Cryptography
  • Cryptography for JavaScript Developer

python Cryptography Topics
For Coffee/ Beer/ Amazon Bill and further development of the project Support by Purchasing, The Modern Cryptography CookBook for Just $9 Coupon Price

Cryptography for Python Developers

Cryptography for JavaScript Developers

Go lang ryptography for Developers