The RsaHashedKeyGenParams dictionary of the Web Crypto API represents the object that should be passed as the algorithm parameter into SubtleCrypto.generateKey(), when generating any RSA-based key pair: that is, when the algorithm is identified as any of RSASSA-PKCS1-v1_5, RSA-PSS, or RSA-OAEP.
Properties
name- A
DOMString. This should be set toRSASSA-PKCS1-v1_5,RSA-PSS, orRSA-OAEP, depending on the algorithm you want to use. modulusLength- A
Number. The length in bits of the RSA modulus. This should be at least 2048: see for example see NIST SP 800-131A Rev. 1. Some organizations are now recommending that it should be 4096. publicExponentA
Uint8Array. The public exponent. Unless you have a good reason to use something else, specify 65537 here ([0x01, 0x00, 0x01]).hashA
DOMStringrepresenting the name of the digest function to use. You can pass any ofSHA-256,SHA-384, orSHA-512here.Warning: Although you can technically pass
SHA-1as a value here, this is strongly discouraged as SHA-1 is considered vulnerable.
Examples
See the examples for SubtleCrypto.generateKey().
Specifications
| Specification | Status | Comment |
| Web Cryptography APIThe definition of 'SubtleCrypto.RsaHashedKeyGenParams' in that specification. | Recommendation |
Browser compatibility
Browsers that support any RSA-based algorithm for the SubtleCrypto.generateKey() method will support this type.
See also
RsaHashedKeyGenParams by Mozilla Contributors is licensed under CC-BY-SA 2.5.
