RsaPssParams

TheRsaPssParams dictionary of theWeb Crypto API represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.sign() orSubtleCrypto.verify(), when using theRSA-PSS algorithm.

Instance properties

name

A string. This should be set toRSA-PSS.

saltLength

Along integer representing the length of the random salt to use, in bytes.

RFC 3447 says that "Typical salt lengths" are either 0 or the length of the output of thedigest algorithm that was selected when this key wasgenerated. For example, if you useSHA-256 as the digest algorithm, this could be 32.

The maximum size ofsaltLength is given by:

Math.ceil((keySizeInBits - 1) / 8) - digestSizeInBytes - 2;

So for a key length of 2048 bits and a digest output size of 32 bytes, the maximum size would be 222.

Examples

See the examples forSubtleCrypto.sign() andSubtleCrypto.verify().

Specifications

Specification
Web Cryptography Level 2 # dfn-RsaPssParams

Browser compatibility

Browsers that support the "RSA-PSS" algorithm for theSubtleCrypto.sign() andSubtleCrypto.verify() methods will support this type.

Help improve MDN

Learn how to contribute

This page was last modified on⁨Jun 23, 2025⁩ byMDN contributors.

View this page on GitHub •Report a problem with this content

Movatterモバイル変換