CKM_RSA_PKCS_PSS

NOTE   This mechanism name and RSASSA-PSS are referring to the same underlying RSA signature scheme.

Firmware 7.9.0 and Newer Summary

FIPS approved? Yes
Supported functions Sign | Verify
Functions restricted from FIPS use Can verify only if PP45 enabled
Minimum key length (bits) 256
Minimum key length for FIPS use (bits) 2048
Minimum legacy key length for FIPS use (bits) 1024
Maximum key length (bits) 8192
Block size 0
Digest size 0
Key types RSA
Algorithms None
Modes None
Flags PSS

NOTE   Using Luna HSM Firmware 7.9.0 or newer, signature verification is permitted in FIPS approved configuration, as long as partition policy 45: Allow ECDSA/RSA Prehash SigVer is set to 1 on the partition.

Firmware 7.8.9 and Older Summary

FIPS approved? Yes
Supported functions Sign | Verify
Functions restricted from FIPS use None
Minimum key length (bits) 256
Minimum key length for FIPS use (bits) 2048
Minimum legacy key length for FIPS use (bits) 1024
Maximum key length (bits) 8192
Block size 0
Digest size 0
Key types RSA
Algorithms None
Modes None
Flags PSS