RsaPssParams

The RsaPssParams dictionary of the Web Crypto API represents the object that should be passed as the algorithm parameter into SubtleCrypto.sign() or SubtleCrypto.verify(), when using the RSA-PSS algorithm.

Properties

name

A DOMString. This should be set to RSA-PSS.

saltLength

A long integer representing the length of the random salt to use, in bytes.

RFC 3447 says that "Typical salt lengths" are either 0 or the length of the output of the digest algorithm that was selected when this key was generated. For example, if you use SHA-256 as the digest algorithm, this could be 32.

The maximum size of saltLength is given by:

Math.ceil((keySizeInBits - 1)/8) - digestSizeInBytes - 2

So for a key length of 2048 bits and a digest output size of 32 bytes, the maximum size would be 222.

Examples

See the examples for SubtleCrypto.sign() and SubtleCrypto.verify().

Specifications

Browser compatibility

See also

© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/RsaPssParams