WebCrypto GOST: Signature verification tool

This is a live on-line tool. All buttons execute appropriate javascript algorithms with values from the page. The tool is intended for experimentation with data processing. Feel free to make changes in the javascript algorithms, their settings..

Algorithm parameters

GOST do not regulate the parameters of digital signature algorithms and hash functions. Different manufacturers use their sets. If the set is known, you can select otherwise enter the parameters of the algorithm manually.

Public key & signature

In this example public key and singnature must be present as Big-endian Integer values. Some implementations of algorithm show data in machine Little-endian order - uses swap bytes button.

Signed data verification

Preferably use a binary file, HEX or BASE64 encoding to verify the signature. The source plain text can be changed implicity, for example, because of the various options new line (CR, LFCR, CRLF) or char encoding mistmatch. In this case verification may fail.

Source data file
Verify procedure
// Decode data from source
function decode(ondata) {
    var format = fromtype.value.split('/');
    if (format[0] === 'Binary') { 
        var reader = new FileReader();
        reader.onload = function(e) {
    } else {
        ondata(gostCrypto.coding[format[0]].decode(source.textContent, format[1]));

// Verify signature
function verify(publicKey, signature, message) {
    var algorithm = {name: 'GOSTR3410'};

    // Set curve parameters
    if (namedCurve.value === 'Other') {
        algorithm.a = '0x' + paramA.value;
        algorithm.b = '0x' + paramB.value;
        algorithm.p = '0x' + paramP.value;
        algorithm.q = '0x' + paramQ.value;
        algorithm.x = '0x' + paramX.value;
        algorithm.y = '0x' + paramY.value;
    } else
        algorithm.namedCurve = namedCurve.value; 

    var modes = hashParam.value.split('/');
    algorithm.hash = {name: modes[0], sBox: modes[1]};

    // Get public key from trusted source
    gostCrypto.subtle.importKey('raw', publicKey,
            algorithm, true, ['verify']).then(function(key) {

        // Use public key for verify message signature
        return gostCrypto.subtle.verify(algorithm, key, signature, message);
    }).then(function(result) {

        // Check result
        verified.value = result ? 'Yes' : 'No';

// Execute procedure
decode(function(message) {
    verify(gostCrypto.coding.Hex.decode(publicKey.value, 'BigEndian'), 
        gostCrypto.coding.Hex.decode(signature.value, 'BigEndian'), message);