Unrecommended RSASSA-PSS signature parameters
According to security recommendations (e.g., as described here), the following changes should be done to the signature creation module (lib/crypto/signatures.js
):
- Use a SHA-2 hash function, e.g.,
SHA256
- Change the salt length to
hLen
, i.e., the length of the output of the hash function in bytes (32 forSHA256
)