diff --git a/attest/wrapped_tpm20.go b/attest/wrapped_tpm20.go
index b5558436..d2c519a1 100644
--- a/attest/wrapped_tpm20.go
+++ b/attest/wrapped_tpm20.go
@@ -606,8 +606,8 @@ func signRSA(rw io.ReadWriter, key tpmutil.Handle, digest []byte, opts crypto.Si
 	}
 
 	if pss, ok := opts.(*rsa.PSSOptions); ok {
-		if pss.SaltLength != rsa.PSSSaltLengthAuto && pss.SaltLength != len(digest) {
-			return nil, fmt.Errorf("PSS salt length %d is incorrect, expected rsa.PSSSaltLengthAuto or %d", pss.SaltLength, len(digest))
+		if pss.SaltLength != rsa.PSSSaltLengthAuto && pss.SaltLength != rsa.PSSSaltLengthEqualsHash && pss.SaltLength != len(digest) {
+			return nil, fmt.Errorf("PSS salt length %d is incorrect, expected rsa.PSSSaltLengthAuto, rsa.PSSSaltLengthEqualsHash or %d", pss.SaltLength, len(digest))
 		}
 		scheme.Alg = tpm2.AlgRSAPSS
 	}