HTML Email Signature Builder - Online Professional Footer Creator
Create a polished HTML email signature with your photo, links, and company details. Live preview and copy HTML to clipboard. Works with Gmail, Outlook, Apple Mail.
UD5 Toolkit
Verify HMAC, RSA & EC signatures online — runs entirely in your browser
-----BEGIN PUBLIC KEY----- and end with -----END PUBLIC KEY-----. This is the standard SPKI (SubjectPublicKeyInfo) format. For HMAC algorithms, simply provide the raw shared secret string.
alg must match your key type. (2) Using the wrong key — HMAC requires the exact shared secret; RSA/EC require the correct public key. (3) The token was modified after signing. (4) Extra whitespace or encoding issues in the key. (5) Using a private key instead of a public key for RSA/EC verification, or vice versa.
exp (expiration time) claim in the decoded payload. It's a Unix timestamp (seconds since epoch). If the current time is past this value, the token has expired. Similarly, iat (issued at) tells you when the token was created, and nbf (not before) indicates when the token becomes valid. This tool automatically highlights expired tokens with a warning indicator.
+ is replaced with -, / is replaced with _, and trailing = padding characters are omitted. This ensures JWT tokens can be safely used in URLs and query parameters without additional encoding.
alg field. This tool automatically extracts and displays it. However, in production systems, you should never blindly trust the header's alg value without validation, as this can lead to algorithm confusion attacks. Always maintain an allowlist of accepted algorithms on your server.
Create a polished HTML email signature with your photo, links, and company details. Live preview and copy HTML to clipboard. Works with Gmail, Outlook, Apple Mail.
Type your name and create a stylized ASCII text banner for email signatures or forum posts. Choose a font style.
Draw your signature on a canvas and overlay it onto a PDF document. All editing stays in your browser.
Sign a message with a private key and verify the signature with the public key. Learn digital signature flow.
Hash passwords using the bcrypt algorithm with configurable cost factor. Also verify a password against a stored hash. All local.
Paste a JSON Web Token and decode its header and payload. Verify signature if you provide the secret. Fully local.
Decode the header and payload of a JSON Web Token (JWT) without verifying the signature. Inspect claims securely on the client side. Great for developers.