diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7686d7ec..5a829cbc 100755
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,6 +1,10 @@
 
 ChangeLog for jsrsasign
 
+* Changes between 4.0.1 to 4.0.2 (2013-Jul-23)
+  - RSAPSS signing and validation fix by Dave(github.com/davedoesdev)
+    (base64x,crypto,rsasign)
+
 * Changes between 4.0.0 to 4.0.1
   - rsasign-1.2.js
     - small fix for PSS by Dave's contribution (github.com/davedoesdev)
diff --git a/base64x-1.1.min.js b/base64x-1.1.min.js
index d013cc9f..19011264 100755
--- a/base64x-1.1.min.js
+++ b/base64x-1.1.min.js
@@ -1,3 +1,3 @@
 /*! base64x-1.1.2 (c) 2013 Kenji Urushima | kjur.github.com/jsjws/license
  */
-function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c<d.length;c++){b[c]=d.charCodeAt(c)}return b}function BAtos(b){var d="";for(var c=0;c<b.length;c++){d=d+String.fromCharCode(b[c])}return d}function BAtohex(b){var e="";for(var d=0;d<b.length;d++){var c=b[d].toString(16);if(c.length==1){c="0"+c}e=e+c}return e}function stohex(a){return BAtohex(stoBA(a))}function stob64(a){return hex2b64(stohex(a))}function stob64u(a){return b64tob64u(hex2b64(stohex(a)))}function b64utos(a){return BAtos(b64toBA(b64utob64(a)))}function b64tob64u(a){a=a.replace(/\=/g,"");a=a.replace(/\+/g,"-");a=a.replace(/\//g,"_");return a}function b64utob64(a){if(a.length%4==2){a=a+"=="}else{if(a.length%4==3){a=a+"="}}a=a.replace(/-/g,"+");a=a.replace(/_/g,"/");return a}function hextob64u(a){return b64tob64u(hex2b64(a))}function b64utohex(a){return b64tohex(b64utob64(a))}var utf8tob64u,b64utoutf8;if(typeof Buffer==="function"){utf8tob64u=function(a){return b64tob64u(new Buffer(a,"utf8").toString("base64"))};b64utoutf8=function(a){return new Buffer(b64utob64(a),"base64").toString("utf8")}}else{utf8tob64u=function(a){return hextob64u(uricmptohex(encodeURIComponentAll(a)))};b64utoutf8=function(a){return decodeURIComponent(hextouricmp(b64utohex(a)))}}function utf8tob64(a){return hex2b64(uricmptohex(encodeURIComponentAll(a)))}function b64toutf8(a){return decodeURIComponent(hextouricmp(b64tohex(a)))}function utf8tohex(a){return uricmptohex(encodeURIComponentAll(a))}function hextoutf8(a){return decodeURIComponent(hextouricmp(a))}function hextorstr(c){var b="";for(var a=0;a<c.length-1;a+=2){b+=String.fromCharCode(parseInt(c.substr(a,2),16))}return b}function rstrtohex(c){var a="";for(var b=0;b<c.length;b++){a+=("0"+String.charCodeAt(c.substr(b,1)).toString(16)).slice(-2)}return a}function uricmptohex(a){return a.replace(/%/g,"")}function hextouricmp(a){return a.replace(/(..)/g,"%$1")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c<d.length;c++){if(d[c]=="%"){b=b+d.substr(c,3);c=c+2}else{b=b+"%"+stohex(d[c])}}return b}function newline_toUnix(a){a=a.replace(/\r\n/mg,"\n");return a}function newline_toDos(a){a=a.replace(/\r\n/mg,"\n");a=a.replace(/\n/mg,"\r\n");return a};
\ No newline at end of file
+function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c<d.length;c++){b[c]=d.charCodeAt(c)}return b}function BAtos(b){var d="";for(var c=0;c<b.length;c++){d=d+String.fromCharCode(b[c])}return d}function BAtohex(b){var e="";for(var d=0;d<b.length;d++){var c=b[d].toString(16);if(c.length==1){c="0"+c}e=e+c}return e}function stohex(a){return BAtohex(stoBA(a))}function stob64(a){return hex2b64(stohex(a))}function stob64u(a){return b64tob64u(hex2b64(stohex(a)))}function b64utos(a){return BAtos(b64toBA(b64utob64(a)))}function b64tob64u(a){a=a.replace(/\=/g,"");a=a.replace(/\+/g,"-");a=a.replace(/\//g,"_");return a}function b64utob64(a){if(a.length%4==2){a=a+"=="}else{if(a.length%4==3){a=a+"="}}a=a.replace(/-/g,"+");a=a.replace(/_/g,"/");return a}function hextob64u(a){return b64tob64u(hex2b64(a))}function b64utohex(a){return b64tohex(b64utob64(a))}var utf8tob64u,b64utoutf8;if(typeof Buffer==="function"){utf8tob64u=function(a){return b64tob64u(new Buffer(a,"utf8").toString("base64"))};b64utoutf8=function(a){return new Buffer(b64utob64(a),"base64").toString("utf8")}}else{utf8tob64u=function(a){return hextob64u(uricmptohex(encodeURIComponentAll(a)))};b64utoutf8=function(a){return decodeURIComponent(hextouricmp(b64utohex(a)))}}function utf8tob64(a){return hex2b64(uricmptohex(encodeURIComponentAll(a)))}function b64toutf8(a){return decodeURIComponent(hextouricmp(b64tohex(a)))}function utf8tohex(a){return uricmptohex(encodeURIComponentAll(a))}function hextoutf8(a){return decodeURIComponent(hextouricmp(a))}function hextorstr(c){var b="";for(var a=0;a<c.length-1;a+=2){b+=String.fromCharCode(parseInt(c.substr(a,2),16))}return b}function rstrtohex(c){var a="";for(var b=0;b<c.length;b++){a+=("0"+c.charCodeAt(b).toString(16)).slice(-2)}return a}function uricmptohex(a){return a.replace(/%/g,"")}function hextouricmp(a){return a.replace(/(..)/g,"%$1")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c<d.length;c++){if(d[c]=="%"){b=b+d.substr(c,3);c=c+2}else{b=b+"%"+stohex(d[c])}}return b}function newline_toUnix(a){a=a.replace(/\r\n/mg,"\n");return a}function newline_toDos(a){a=a.replace(/\r\n/mg,"\n");a=a.replace(/\n/mg,"\r\n");return a};
\ No newline at end of file
diff --git a/crypto-1.1.min.js b/crypto-1.1.min.js
index 0c8ac11d..f33c87c8 100755
--- a/crypto-1.1.min.js
+++ b/crypto-1.1.min.js
@@ -1,3 +1,3 @@
-/*! crypto-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! crypto-1.1.0.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414"};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f<l;f+=2){g+="ff"}var e=b+g+k;return e};this.sha1=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha1",prov:"cryptojs"});return b.digestString(a)};this.sha256=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestString(a)};this.sha512=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestString(a)};this.md5=function(a){var b=new KJUR.crypto.MessageDigest({alg:"md5",prov:"cryptojs"});return b.digestString(a)};this.ripemd160=function(a){var b=new KJUR.crypto.MessageDigest({alg:"ripemd160",prov:"cryptojs"});return b.digestString(a)}};KJUR.crypto.MessageDigest=function(params){var md=null;var algName=null;var provName=null;var _CryptoJSMdName={md5:"CryptoJS.algo.MD5",sha1:"CryptoJS.algo.SHA1",sha224:"CryptoJS.algo.SHA224",sha256:"CryptoJS.algo.SHA256",sha384:"CryptoJS.algo.SHA384",sha512:"CryptoJS.algo.SHA512",ripemd160:"CryptoJS.algo.RIPEMD160"};this.setAlgAndProvider=function(alg,prov){if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(alg)!=-1&&prov=="cryptojs"){try{this.md=eval(_CryptoJSMdName[alg]).create()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.md.update(wHex)};this.digest=function(){var hash=this.md.finalize();return hash.toString(CryptoJS.enc.Hex)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}if(":sha256:".indexOf(alg)!=-1&&prov=="sjcl"){try{this.md=new sjcl.hash.sha256()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var baHex=sjcl.codec.hex.toBits(hex);this.md.update(baHex)};this.digest=function(){var hash=this.md.finalize();return sjcl.codec.hex.fromBits(hash)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digest=function(){throw"digest() not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};if(typeof params!="undefined"){if(typeof params.alg!="undefined"){this.algName=params.alg;this.provName=params.prov;this.setAlgAndProvider(params.alg,params.prov)}}};KJUR.crypto.Signature=function(g){var j=null;var i=null;var l=null;var p=null;var c=null;var n=null;var b=null;var o=null;var e=null;var a=null;var f=null;var d=null;var m=null;var h=null;this._setAlgNames=function(){if(this.algName.match(/^(.+)with(.+)$/)){this.mdAlgName=RegExp.$1.toLowerCase();this.pubkeyAlgName=RegExp.$2.toLowerCase()}};this._zeroPaddingOfSignature=function(v,u){var t="";var q=u/4-v.length;for(var r=0;r<q;r++){t=t+"0"}return t+v};this.setAlgAndProvider=function(s,r){this._setAlgNames();if(r!="cryptojs/jsrsa"){throw"provider not supported: "+r}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(this.mdAlgName)!=-1){try{this.md=new KJUR.crypto.MessageDigest({alg:this.mdAlgName,prov:"cryptojs"})}catch(q){throw"setAlgAndProvider hash alg set fail alg="+this.mdAlgName+"/"+q}this.initSign=function(t){this.prvKey=t;this.state="SIGN"};this.initVerifyByPublicKey=function(t){this.pubKey=t;this.state="VERIFY"};this.initVerifyByCertificatePEM=function(t){var u=new X509();u.readCertPEM(t);this.pubKey=u.subjectPublicKeyRSA;this.state="VERIFY"};this.updateString=function(t){this.md.updateString(t)};this.updateHex=function(t){this.md.updateHex(t)};this.sign=function(){var t=KJUR.crypto.Util;var u=this.prvKey.n.bitLength();this.sHashHex=this.md.digest();this.hDigestInfo=t.getDigestInfoHex(this.sHashHex,this.mdAlgName);this.hPaddedDigestInfo=t.getPaddedDigestInfoHex(this.sHashHex,this.mdAlgName,u);var w=parseBigInt(this.hPaddedDigestInfo,16);this.hoge=w.toString(16);var v=this.prvKey.doPrivate(w);this.hSign=this._zeroPaddingOfSignature(v.toString(16),u);return this.hSign};this.signString=function(t){this.updateString(t);this.sign()};this.signHex=function(t){this.updateHex(t);this.sign()};this.verify=function(t){var u=KJUR.crypto.Util;var w=this.pubKey.n.bitLength();this.sHashHex=this.md.digest();var A=parseBigInt(t,16);var z=this.pubKey.doPublic(A);this.hPaddedDigestInfo=z.toString(16);var y=this.hPaddedDigestInfo;y=y.replace(/^1ff+00/,"");var v=KJUR.crypto.Util.DIGESTINFOHEAD[this.mdAlgName];if(y.indexOf(v)!=0){return false}var x=y.substr(v.length);return(x==this.sHashHex)}}};this.initVerifyByPublicKey=function(q){throw"initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov="+this.algProvName};this.initVerifyByCertificatePEM=function(q){throw"initVerifyByCertificatePEM(certPEM) not supported for this alg:prov="+this.algProvName};this.initSign=function(q){throw"initSign(prvKey) not supported for this alg:prov="+this.algProvName};this.updateString=function(q){throw"updateString(str) not supported for this alg:prov="+this.algProvName};this.updateHex=function(q){throw"updateHex(hex) not supported for this alg:prov="+this.algProvName};this.sign=function(){throw"sign() not supported for this alg:prov="+this.algProvName};this.signString=function(q){throw"digestString(str) not supported for this alg:prov="+this.algProvName};this.signHex=function(q){throw"digestHex(hex) not supported for this alg:prov="+this.algProvName};this.verify=function(q){throw"verify(hSigVal) not supported for this alg:prov="+this.algProvName};if(typeof g!="undefined"){if(typeof g.alg!="undefined"){this.algName=g.alg;this.provName=g.prov;this.algProvName=g.alg+":"+g.prov;this.setAlgAndProvider(g.alg,g.prov);this._setAlgNames()}if(typeof g.prvkeypem!="undefined"){if(typeof g.prvkeypas!="undefined"){throw"both prvkeypem and prvkeypas parameters not supported"}else{try{var j=new RSAKey();j.readPrivateKeyFromPEMString(g.prvkeypem);this.initSign(j)}catch(k){throw"fatal error to load pem private key: "+k}}}}};
\ No newline at end of file
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414"};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f<l;f+=2){g+="ff"}var e=b+g+k;return e};this.sha1=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha1",prov:"cryptojs"});return b.digestString(a)};this.sha256=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestString(a)};this.sha256Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestHex(a)};this.sha512=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestString(a)};this.sha512Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestHex(a)};this.md5=function(a){var b=new KJUR.crypto.MessageDigest({alg:"md5",prov:"cryptojs"});return b.digestString(a)};this.ripemd160=function(a){var b=new KJUR.crypto.MessageDigest({alg:"ripemd160",prov:"cryptojs"});return b.digestString(a)}};KJUR.crypto.MessageDigest=function(params){var md=null;var algName=null;var provName=null;var _CryptoJSMdName={md5:"CryptoJS.algo.MD5",sha1:"CryptoJS.algo.SHA1",sha224:"CryptoJS.algo.SHA224",sha256:"CryptoJS.algo.SHA256",sha384:"CryptoJS.algo.SHA384",sha512:"CryptoJS.algo.SHA512",ripemd160:"CryptoJS.algo.RIPEMD160"};this.setAlgAndProvider=function(alg,prov){if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(alg)!=-1&&prov=="cryptojs"){try{this.md=eval(_CryptoJSMdName[alg]).create()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.md.update(wHex)};this.digest=function(){var hash=this.md.finalize();return hash.toString(CryptoJS.enc.Hex)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}if(":sha256:".indexOf(alg)!=-1&&prov=="sjcl"){try{this.md=new sjcl.hash.sha256()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var baHex=sjcl.codec.hex.toBits(hex);this.md.update(baHex)};this.digest=function(){var hash=this.md.finalize();return sjcl.codec.hex.fromBits(hash)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digest=function(){throw"digest() not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};if(typeof params!="undefined"){if(typeof params.alg!="undefined"){this.algName=params.alg;this.provName=params.prov;this.setAlgAndProvider(params.alg,params.prov)}}};KJUR.crypto.Signature=function(g){var j=null;var i=null;var l=null;var p=null;var c=null;var n=null;var b=null;var o=null;var e=null;var a=null;var f=null;var d=null;var m=null;var h=null;this._setAlgNames=function(){if(this.algName.match(/^(.+)with(.+)$/)){this.mdAlgName=RegExp.$1.toLowerCase();this.pubkeyAlgName=RegExp.$2.toLowerCase()}};this._zeroPaddingOfSignature=function(v,u){var t="";var q=u/4-v.length;for(var r=0;r<q;r++){t=t+"0"}return t+v};this.setAlgAndProvider=function(s,r){this._setAlgNames();if(r!="cryptojs/jsrsa"){throw"provider not supported: "+r}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(this.mdAlgName)!=-1){try{this.md=new KJUR.crypto.MessageDigest({alg:this.mdAlgName,prov:"cryptojs"})}catch(q){throw"setAlgAndProvider hash alg set fail alg="+this.mdAlgName+"/"+q}this.initSign=function(t){if(typeof t.ecprvhex=="string"&&typeof t.eccurvename=="string"){this.ecprvhex=t.ecprvhex;this.eccurvename=t.eccurvename}else{this.prvKey=t}this.state="SIGN"};this.initVerifyByPublicKey=function(t){if(typeof t.ecpubhex=="string"&&typeof t.eccurvename=="string"){this.ecpubhex=t.ecpubhex;this.eccurvename=t.eccurvename}else{this.pubKey=t}this.state="VERIFY"};this.initVerifyByCertificatePEM=function(t){var u=new X509();u.readCertPEM(t);this.pubKey=u.subjectPublicKeyRSA;this.state="VERIFY"};this.updateString=function(t){this.md.updateString(t)};this.updateHex=function(t){this.md.updateHex(t)};this.sign=function(){if(typeof this.ecprvhex!="undefined"&&typeof this.eccurvename!="undefined"){var v=new KJUR.crypto.ECDSA({curve:this.eccurvename});this.sHashHex=this.md.digest();this.hSign=v.signHex(this.sHashHex,this.ecprvhex);return this.hSign}else{var t=KJUR.crypto.Util;var u=this.prvKey.n.bitLength();this.sHashHex=this.md.digest();this.hDigestInfo=t.getDigestInfoHex(this.sHashHex,this.mdAlgName);this.hPaddedDigestInfo=t.getPaddedDigestInfoHex(this.sHashHex,this.mdAlgName,u);var x=parseBigInt(this.hPaddedDigestInfo,16);this.hoge=x.toString(16);var w=this.prvKey.doPrivate(x);this.hSign=this._zeroPaddingOfSignature(w.toString(16),u);return this.hSign}};this.signString=function(t){this.updateString(t);this.sign()};this.signHex=function(t){this.updateHex(t);this.sign()};this.verify=function(v){if(typeof this.ecpubhex!="undefined"&&typeof this.eccurvename!="undefined"){this.sHashHex=this.md.digest();var z=new KJUR.crypto.ECDSA({curve:this.eccurvename});return z.verifyHex(this.sHashHex,v,this.ecpubhex)}else{var y=KJUR.crypto.Util;var t=this.pubKey.n.bitLength();this.sHashHex=this.md.digest();var u=parseBigInt(v,16);var w=this.pubKey.doPublic(u);this.hPaddedDigestInfo=w.toString(16);var B=this.hPaddedDigestInfo;B=B.replace(/^1ff+00/,"");var x=KJUR.crypto.Util.DIGESTINFOHEAD[this.mdAlgName];if(B.indexOf(x)!=0){return false}var A=B.substr(x.length);return(A==this.sHashHex)}}}};this.initVerifyByPublicKey=function(q){throw"initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov="+this.algProvName};this.initVerifyByCertificatePEM=function(q){throw"initVerifyByCertificatePEM(certPEM) not supported for this alg:prov="+this.algProvName};this.initSign=function(q){throw"initSign(prvKey) not supported for this alg:prov="+this.algProvName};this.updateString=function(q){throw"updateString(str) not supported for this alg:prov="+this.algProvName};this.updateHex=function(q){throw"updateHex(hex) not supported for this alg:prov="+this.algProvName};this.sign=function(){throw"sign() not supported for this alg:prov="+this.algProvName};this.signString=function(q){throw"digestString(str) not supported for this alg:prov="+this.algProvName};this.signHex=function(q){throw"digestHex(hex) not supported for this alg:prov="+this.algProvName};this.verify=function(q){throw"verify(hSigVal) not supported for this alg:prov="+this.algProvName};if(typeof g!="undefined"){if(typeof g.alg!="undefined"){this.algName=g.alg;this.provName=g.prov;this.algProvName=g.alg+":"+g.prov;this.setAlgAndProvider(g.alg,g.prov);this._setAlgNames()}if(typeof g.prvkeypem!="undefined"){if(typeof g.prvkeypas!="undefined"){throw"both prvkeypem and prvkeypas parameters not supported"}else{try{var j=new RSAKey();j.readPrivateKeyFromPEMString(g.prvkeypem);this.initSign(j)}catch(k){throw"fatal error to load pem private key: "+k}}}}};
\ No newline at end of file
diff --git a/index.html b/index.html
index b95f4656..1294b09d 100644
--- a/index.html
+++ b/index.html
@@ -53,6 +53,12 @@ <h3>FEATURES</h3>
 
 <h3>NEWS</h3>
 <dl>
+<dt><b>2013-Jul-23</b>: 
+<dd>Release 4.0.2 is now available.
+<ul>
+<li>RSAPSS signing and validation fix by Davegithub.com/davedoesdev)</li>
+</ul>
+
 <dt><b>2013-Jul-18</b>: 
 <dd>Release 4.0.0 is now available.
 <ul>
diff --git a/rsasign-1.2.min.js b/rsasign-1.2.min.js
index d9885997..2e488675 100644
--- a/rsasign-1.2.min.js
+++ b/rsasign-1.2.min.js
@@ -1,3 +1,3 @@
 /*! rsasign-1.2.3.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
-var _RSASIGN_DIHEAD=[];_RSASIGN_DIHEAD.sha1="3021300906052b0e03021a05000414";_RSASIGN_DIHEAD.sha256="3031300d060960864801650304020105000420";_RSASIGN_DIHEAD.sha384="3041300d060960864801650304020205000430";_RSASIGN_DIHEAD.sha512="3051300d060960864801650304020305000440";_RSASIGN_DIHEAD.md2="3020300c06082a864886f70d020205000410";_RSASIGN_DIHEAD.md5="3020300c06082a864886f70d020505000410";_RSASIGN_DIHEAD.ripemd160="3021300906052b2403020105000414";var _RSASIGN_HASHHEXFUNC=[];_RSASIGN_HASHHEXFUNC.sha1=function(a){return KJUR.crypto.Util.sha1(a)};_RSASIGN_HASHHEXFUNC.sha256=function(a){return KJUR.crypto.Util.sha256(a)};_RSASIGN_HASHHEXFUNC.sha512=function(a){return KJUR.crypto.Util.sha512(a)};_RSASIGN_HASHHEXFUNC.md5=function(a){return KJUR.crypto.Util.md5(a)};_RSASIGN_HASHHEXFUNC.ripemd160=function(a){return KJUR.crypto.Util.ripemd160(a)};var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(l,f,b){var c=f/4;var h=_RSASIGN_HASHHEXFUNC[b];var d=h(l);var a="0001";var j="00"+_RSASIGN_DIHEAD[b]+d;var g="";var k=c-a.length-j.length;for(var e=0;e<k;e+=2){g+="ff"}sPaddedMessageHex=a+g+j;return sPaddedMessageHex}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b<a;b++){c=c+"0"}return c+e}function _rsasign_signString(e,c){var f=_rsasign_getHexPaddedDigestInfoForString(e,this.n.bitLength(),c);var b=parseBigInt(f,16);var d=this.doPrivate(b);var a=d.toString(16);return _zeroPaddingOfSignature(a,this.n.bitLength())}function _rsasign_signStringWithSHA1(a){return _rsasign_signString.call(this,a,"sha1")}function _rsasign_signStringWithSHA256(a){return _rsasign_signString.call(this,a,"sha256")}function pss_mgf1_str(c,a,e){var b="",d=0;while(b.length<a){b+=e(c+String.fromCharCode.apply(String,[(d&4278190080)>>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}function _rsasign_signStringPSS(r,a,k){var o=_RSASIGN_HASHHEXFUNC[a];var l=o(r);var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;if(k===-1){k=g}else{if((k===-2)||(k===undefined)){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f));var j=[];for(d=0;d<c-k-g-2;d+=1){j[d]=0}var e=String.fromCharCode.apply(String,j)+"\x01"+f;var h=pss_mgf1_str(n,e.length,o);var q=[];for(d=0;d<e.length;d+=1){q[d]=e.charCodeAt(d)^h.charCodeAt(d)}var p=(65280>>(8*c-m))&255;q[0]&=~p;for(d=0;d<g;d++){q.push(n.charCodeAt(d))}q.push(188);return _zeroPaddingOfSignature(this.doPrivate(new BigInteger(q)).toString(16),this.n.bitLength())}function _rsasign_getDecryptSignatureBI(a,d,c){var b=new RSAKey();b.setPublic(d,c);var e=b.doPublic(a);return e}function _rsasign_getHexDigestInfoFromSig(a,c,b){var e=_rsasign_getDecryptSignatureBI(a,c,b);var d=e.toString(16).replace(/^1f+00/,"");return d}function _rsasign_getAlgNameAndHashFromHexDisgestInfo(f){for(var e in _RSASIGN_DIHEAD){var d=_RSASIGN_DIHEAD[e];var b=d.length;if(f.substring(0,b)==d){var c=[e,f.substring(b)];return c}}return[]}function _rsasign_verifySignatureWithArgs(f,b,g,j){var e=_rsasign_getHexDigestInfoFromSig(b,g,j);var h=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(h.length==0){return false}var d=h[0];var i=h[1];var a=_RSASIGN_HASHHEXFUNC[d];var c=a(f);return(i==c)}function _rsasign_verifyHexSignatureForMessage(c,b){var d=parseBigInt(c,16);var a=_rsasign_verifySignatureWithArgs(b,d,this.n.toString(16),this.e.toString(16));return a}function _rsasign_verifyString(f,j){j=j.replace(_RE_HEXDECONLY,"");if(j.length!=this.n.bitLength()/4){return 0}j=j.replace(/[ \n]+/g,"");var b=parseBigInt(j,16);var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=_RSASIGN_HASHHEXFUNC[d];var c=a(f);return(h==c)}function _rsasign_verifyStringPSS(o,k,l,c){if(k.bitLength()>this.n.bitLength()){return false}var s=_RSASIGN_HASHHEXFUNC[l];var f=s(o);var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var r;if(c===-1){c=h}else{if((c===-2)||(c===undefined)){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(r=0;r<a.length;r+=1){a[r]&=255}while(a.length<m){a.unshift(0)}if(a[m-1]!==188){throw"encoded message does not end in 0xbc"}a=String.fromCharCode.apply(String,a);var d=a.substr(0,m-h-1);var e=a.substr(d.length,h);var q=(65280>>(8*m-g))&255;if((d.charCodeAt(0)&q)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,s);var p=[];for(r=0;r<d.length;r+=1){p[r]=d.charCodeAt(r)^n.charCodeAt(r)}p[0]&=~q;var b=m-h-c-2;for(r=0;r<b;r+=1){if(p[r]!==0){throw"leftmost octets not zero"}}if(p[b]!==1){throw"0x01 marker not found"}return rstrtohex(e)===s("\x00\x00\x00\x00\x00\x00\x00\x00"+j+String.fromCharCode.apply(String,p.slice(-c)))}RSAKey.prototype.signString=_rsasign_signString;RSAKey.prototype.signStringWithSHA1=_rsasign_signStringWithSHA1;RSAKey.prototype.signStringWithSHA256=_rsasign_signStringWithSHA256;RSAKey.prototype.sign=_rsasign_signString;RSAKey.prototype.signWithSHA1=_rsasign_signStringWithSHA1;RSAKey.prototype.signWithSHA256=_rsasign_signStringWithSHA256;RSAKey.prototype.signStringPSS=_rsasign_signStringPSS;RSAKey.prototype.signPSS=_rsasign_signStringPSS;RSAKey.SALT_LEN_HLEN=-1;RSAKey.SALT_LEN_MAX=-2;RSAKey.prototype.verifyString=_rsasign_verifyString;RSAKey.prototype.verifyHexSignatureForMessage=_rsasign_verifyHexSignatureForMessage;RSAKey.prototype.verify=_rsasign_verifyString;RSAKey.prototype.verifyHexSignatureForByteArrayMessage=_rsasign_verifyHexSignatureForMessage;RSAKey.prototype.verifyStringPSS=_rsasign_verifyStringPSS;RSAKey.prototype.verifyPSS=_rsasign_verifyStringPSS;RSAKey.SALT_LEN_RECOVER=-2;
\ No newline at end of file
+var _RSASIGN_DIHEAD=[];_RSASIGN_DIHEAD.sha1="3021300906052b0e03021a05000414";_RSASIGN_DIHEAD.sha256="3031300d060960864801650304020105000420";_RSASIGN_DIHEAD.sha384="3041300d060960864801650304020205000430";_RSASIGN_DIHEAD.sha512="3051300d060960864801650304020305000440";_RSASIGN_DIHEAD.md2="3020300c06082a864886f70d020205000410";_RSASIGN_DIHEAD.md5="3020300c06082a864886f70d020505000410";_RSASIGN_DIHEAD.ripemd160="3021300906052b2403020105000414";var _RSASIGN_HASHHEXFUNC=[];_RSASIGN_HASHHEXFUNC.sha1=function(a){return KJUR.crypto.Util.sha1(a)};_RSASIGN_HASHHEXFUNC.sha256=function(a){return KJUR.crypto.Util.sha256(a)};_RSASIGN_HASHHEXFUNC.sha512=function(a){return KJUR.crypto.Util.sha512(a)};_RSASIGN_HASHHEXFUNC.md5=function(a){return KJUR.crypto.Util.md5(a)};_RSASIGN_HASHHEXFUNC.ripemd160=function(a){return KJUR.crypto.Util.ripemd160(a)};_RSASIGN_HASHHEXFUNC.sha256Hex=function(a){return KJUR.crypto.Util.sha256Hex(a)};_RSASIGN_HASHHEXFUNC.sha512Hex=function(a){return KJUR.crypto.Util.sha512Hex(a)};var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(l,f,b){var c=f/4;var h=_RSASIGN_HASHHEXFUNC[b];var d=h(l);var a="0001";var j="00"+_RSASIGN_DIHEAD[b]+d;var g="";var k=c-a.length-j.length;for(var e=0;e<k;e+=2){g+="ff"}sPaddedMessageHex=a+g+j;return sPaddedMessageHex}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b<a;b++){c=c+"0"}return c+e}function _rsasign_signString(e,c){var f=_rsasign_getHexPaddedDigestInfoForString(e,this.n.bitLength(),c);var b=parseBigInt(f,16);var d=this.doPrivate(b);var a=d.toString(16);return _zeroPaddingOfSignature(a,this.n.bitLength())}function _rsasign_signStringWithSHA1(a){return _rsasign_signString.call(this,a,"sha1")}function _rsasign_signStringWithSHA256(a){return _rsasign_signString.call(this,a,"sha256")}function pss_mgf1_str(c,a,e){var b="",d=0;while(b.length<a){b+=hextorstr(e(rstrtohex(c+String.fromCharCode.apply(String,[(d&4278190080)>>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}function _rsasign_signStringPSS(r,a,k){var o=_RSASIGN_HASHHEXFUNC[a+"Hex"];var l=o(rstrtohex(r));var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;if(k===-1){k=g}else{if((k===-2)||(k===undefined)){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d<c-k-g-2;d+=1){j[d]=0}var e=String.fromCharCode.apply(String,j)+"\x01"+f;var h=pss_mgf1_str(n,e.length,o);var q=[];for(d=0;d<e.length;d+=1){q[d]=e.charCodeAt(d)^h.charCodeAt(d)}var p=(65280>>(8*c-m))&255;q[0]&=~p;for(d=0;d<g;d++){q.push(n.charCodeAt(d))}q.push(188);return _zeroPaddingOfSignature(this.doPrivate(new BigInteger(q)).toString(16),this.n.bitLength())}function _rsasign_getDecryptSignatureBI(a,d,c){var b=new RSAKey();b.setPublic(d,c);var e=b.doPublic(a);return e}function _rsasign_getHexDigestInfoFromSig(a,c,b){var e=_rsasign_getDecryptSignatureBI(a,c,b);var d=e.toString(16).replace(/^1f+00/,"");return d}function _rsasign_getAlgNameAndHashFromHexDisgestInfo(f){for(var e in _RSASIGN_DIHEAD){var d=_RSASIGN_DIHEAD[e];var b=d.length;if(f.substring(0,b)==d){var c=[e,f.substring(b)];return c}}return[]}function _rsasign_verifySignatureWithArgs(f,b,g,j){var e=_rsasign_getHexDigestInfoFromSig(b,g,j);var h=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(h.length==0){return false}var d=h[0];var i=h[1];var a=_RSASIGN_HASHHEXFUNC[d];var c=a(f);return(i==c)}function _rsasign_verifyHexSignatureForMessage(c,b){var d=parseBigInt(c,16);var a=_rsasign_verifySignatureWithArgs(b,d,this.n.toString(16),this.e.toString(16));return a}function _rsasign_verifyString(f,j){j=j.replace(_RE_HEXDECONLY,"");if(j.length!=this.n.bitLength()/4){return 0}j=j.replace(/[ \n]+/g,"");var b=parseBigInt(j,16);var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=_RSASIGN_HASHHEXFUNC[d];var c=a(f);return(h==c)}function _rsasign_verifyStringPSS(o,k,l,c){if(k.bitLength()>this.n.bitLength()){return false}var s=_RSASIGN_HASHHEXFUNC[l+"Hex"];var f=s(rstrtohex(o));var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var r;if(c===-1){c=h}else{if((c===-2)||(c===undefined)){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(r=0;r<a.length;r+=1){a[r]&=255}while(a.length<m){a.unshift(0)}if(a[m-1]!==188){throw"encoded message does not end in 0xbc"}a=String.fromCharCode.apply(String,a);var d=a.substr(0,m-h-1);var e=a.substr(d.length,h);var q=(65280>>(8*m-g))&255;if((d.charCodeAt(0)&q)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,s);var p=[];for(r=0;r<d.length;r+=1){p[r]=d.charCodeAt(r)^n.charCodeAt(r)}p[0]&=~q;var b=m-h-c-2;for(r=0;r<b;r+=1){if(p[r]!==0){throw"leftmost octets not zero"}}if(p[b]!==1){throw"0x01 marker not found"}return e===hextorstr(s(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+j+String.fromCharCode.apply(String,p.slice(-c)))))}RSAKey.prototype.signString=_rsasign_signString;RSAKey.prototype.signStringWithSHA1=_rsasign_signStringWithSHA1;RSAKey.prototype.signStringWithSHA256=_rsasign_signStringWithSHA256;RSAKey.prototype.sign=_rsasign_signString;RSAKey.prototype.signWithSHA1=_rsasign_signStringWithSHA1;RSAKey.prototype.signWithSHA256=_rsasign_signStringWithSHA256;RSAKey.prototype.signStringPSS=_rsasign_signStringPSS;RSAKey.prototype.signPSS=_rsasign_signStringPSS;RSAKey.SALT_LEN_HLEN=-1;RSAKey.SALT_LEN_MAX=-2;RSAKey.prototype.verifyString=_rsasign_verifyString;RSAKey.prototype.verifyHexSignatureForMessage=_rsasign_verifyHexSignatureForMessage;RSAKey.prototype.verify=_rsasign_verifyString;RSAKey.prototype.verifyHexSignatureForByteArrayMessage=_rsasign_verifyHexSignatureForMessage;RSAKey.prototype.verifyStringPSS=_rsasign_verifyStringPSS;RSAKey.prototype.verifyPSS=_rsasign_verifyStringPSS;RSAKey.SALT_LEN_RECOVER=-2;
\ No newline at end of file