diff --git a/authenticate-oauth/Web/Authenticate/OAuth.hs b/authenticate-oauth/Web/Authenticate/OAuth.hs
index 87ce2f53..e7dc6dbe 100644
--- a/authenticate-oauth/Web/Authenticate/OAuth.hs
+++ b/authenticate-oauth/Web/Authenticate/OAuth.hs
@@ -35,7 +35,11 @@ import Data.Digest.Pure.SHA
 import Data.ByteString.Base64
 import Data.Time
 import Numeric
+#if MIN_VERSION_RSA(2, 0, 0)
+import Codec.Crypto.RSA (rsassa_pkcs1_v1_5_sign, hashSHA1)
+#else
 import Codec.Crypto.RSA (rsassa_pkcs1_v1_5_sign, ha_SHA1)
+#endif
 import Crypto.Types.PubKey.RSA (PrivateKey(..), PublicKey(..))
 import Network.HTTP.Types (Header)
 import Blaze.ByteString.Builder (toByteString)
@@ -344,7 +348,11 @@ genSign oa tok req =
     PLAINTEXT ->
       return $ BS.intercalate "&" $ map paramEncode [oauthConsumerSecret oa, tokenSecret tok]
     RSASHA1 pr ->
+#if MIN_VERSION_RSA(2, 0, 0)
+      liftM (encode . toStrict . rsassa_pkcs1_v1_5_sign hashSHA1 pr) (getBaseString tok req)
+#else
       liftM (encode . toStrict . rsassa_pkcs1_v1_5_sign ha_SHA1 pr) (getBaseString tok req)
+#endif
 
 #if MIN_VERSION_http_conduit(2, 0, 0)
 addAuthHeader :: BS.ByteString -> Credential -> Request -> Request
diff --git a/authenticate-oauth/authenticate-oauth.cabal b/authenticate-oauth/authenticate-oauth.cabal
index 2abf7c63..ea4db124 100644
--- a/authenticate-oauth/authenticate-oauth.cabal
+++ b/authenticate-oauth/authenticate-oauth.cabal
@@ -19,7 +19,7 @@ library
                    , transformers                  >= 0.1      && < 0.4
                    , bytestring                    >= 0.9
                    , crypto-pubkey-types           >= 0.1      && < 0.5
-                   , RSA                           >= 1.2      && < 1.3
+                   , RSA                           >= 1.2      && < 2.1
                    , time
                    , data-default
                    , base64-bytestring             >= 0.1      && < 1.1