CKM_SHA1_RSA_PKCS_PSS

CKM_SHA1_RSA_PKCS_PSS

Firmware 7.7.0 and Newer Summary

FIPS approved?	Yes
Supported functions	Sign \| Verify
Functions restricted from FIPS use	Cannot sign
Minimum key length (bits)	256
Minimum key length for FIPS use (bits)	2048
Minimum legacy key length for FIPS use (bits)	1024
Maximum key length (bits)	8192
Block size	64
Digest size	20
Key types	RSA
Algorithms	SHA
Modes	None
Flags	Extractable \| PSS

NOTE Using Luna HSM Firmware 7.7.0 or newer, to comply with FIPS SP800-131a Rev2 published in March 2019, this mechanism is not allowed to sign data when the HSM is in FIPS approved configuration.

Firmware 7.4.2 and Older Summary

FIPS approved?	Yes
Supported functions	Sign \| Verify
Functions restricted from FIPS use	None
Minimum key length (bits)	256
Minimum key length for FIPS use (bits)	2048
Minimum legacy key length for FIPS use (bits)	1024
Maximum key length (bits)	8192
Block size	64
Digest size	20
Key types	RSA
Algorithms	SHA
Modes	None
Flags	Extractable \| PSS



	SUPPORT	LEGAL
Luna PCIe HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-10-28 08:00:29 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information