Skip to content

Commit

Permalink
Document RSA operations (hashicorp#19377)
Browse files Browse the repository at this point in the history 
Also clarify hash function choices.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
  • Loading branch information
@cipherboy
cipherboy committed Mar 1, 2023
1 parent 0d52c0e commit 3e663fc
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions website/content/docs/secrets/transit/index.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,12 @@ supports HMAC, and behaves identically to other algorithms with
respect to the HMAC operations but supports key import. By default,
the HMAC key type uses a 256-bit key.

RSA operations use one of the following methods:

- OAEP (encrypt, decrypt), with SHA-256 hash function and MGF,
- PSS (sign, verify), with configurable hash function also used for MGF, and
- PKCS#1v1.5: (sign, verify), with configurable hash function.

## Convergent Encryption

Convergent encryption is a mode where the same set of plaintext+context always
Expand Down

0 comments on commit 3e663fc

Please sign in to comment.