Sjoerd Smink sjoerdsmink
ottokruse
/ verify-jwt-rs256.ts
Last active
May 19, 2025 15:47
Verify JWT signature, for RS256 in NodeJS (code in TypeScript). Only needs public key modulus and exponent (i.e. not as PEM/DER)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| This gist's core function is verifyJwt, whose purpose is to verify JWT's signed | |
| using RS256 | |
| The public key needs to be provided as n (modulus) and e (exponent). | |
| JWT algorithm RS256 in fact means RSASSA-PKCS1-v1_5 using SHA-256: | |
| https://tools.ietf.org/html/rfc7518#section-3.1 | |
| The specification of RSASSA-PKCS1-v1_5 specifies the steps to verify signatures: |