Merge pull request #1491 from usnistgov/livebe01-patch-1

removes SHA-1 from RSA sigVer FIPS186-5
usnistgov · Feb 2, 2024 · 4ad694d · 4ad694d
2 parents db15f89 + 4d960ff
commit 4ad694d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/rsa/sections/05-sigver-capabilities.adoc b/src/rsa/sections/05-sigver-capabilities.adoc
@@ -139,7 +139,7 @@ The following RSA / sigVer / FIPS186-5 capabilities *MAY* be advertised by the A
 | modulo | supported RSA modulo for signature verification - see <<FIPS186-5>>, Section 5 | integer | any one of the supported modulo sizes {2048, 3072, 4096}
 | maskFunction | the mask function used, only valid for PSS | array | any subset of {"mgf1", "shake-128", "shake-256"}
 | hashPair | supported hash algorithms and optional salt length for signature verification for this sigType and modulo - see <<SP800-131A>>, Section 9 | array | an array of objects containing a hashAlg and an optional saltLen
-| hashAlg | supported hash algorithms for this sigType and modulo - see <<SP800-131A>>, Section 9 | array | any non-empty subset of {"SHA-1", "SHA2-224", "SHA2-256", "SHA2-384", "SHA2-512", "SHA2-512/224", "SHA2-512/256", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512", "SHAKE-128", "SHAKE-256"} NOTE: SHAKE-128 and SHAKE-256 are only valid for pss.
+| hashAlg | supported hash algorithms for this sigType and modulo - see <<SP800-131A>>, Section 9 | array | any non-empty subset of {"SHA2-224", "SHA2-256", "SHA2-384", "SHA2-512", "SHA2-512/224", "SHA2-512/256", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512", "SHAKE-128", "SHAKE-256"} NOTE: SHAKE-128 and SHAKE-256 are only valid for pss.
 | saltLen | supported salt lengths for PSS signature verification - see <<FIPS186-5>>, Section 5.5 | integer | See the note below
 |===