Available in all subroutines.

Returns true if the RSA signature of payload using public_key matches digest. The hash_method parameter selects the digest function to use. It can be sha256, sha384, sha512, or default (default is equivalent to sha256). The STRING parameter in the payload or digest could reference headers such as req.http.payload and req.http.digest. The base64_method parameter is optional. It can be standard, url, url_nopad, or default (default is equivalent to url_nopad).

Base64 decoding behaves as if by a call to digest.base64_decode. See that function for handling invalid characters and the behavior of padding. Unlike digest.base64_decode, the decoded output is used directly (rather than constructing a VCL STRING type), and so binary content is permitted, including possible NUL bytes.


if (digest.rsa_verify(sha256, {"-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----"}, req.http.payload, req.http.digest, url_nopad)) {
set req.http.verified = "Verified";
} else {
set req.http.verified = "Not Verified";
error 900;

Try it out

digest.rsa_verify is used in the following solution recipes, which show real world use cases. Click RUN to provision a Fastly service, execute the code on Fastly, and see how the function behaves.

JSON web tokens

Decode the popular JWT format to verify user session tokens before forwarding trusted authentication data to your origin.

User contributed notes

We welcome comments that add use cases, ideas, tips, and caveats. All comments will be moderated before publication. To post support questions, visit our support center and we'll find you the help you need.