An optional list of rules for extending or modifying the specifications. Add the following setting for each custom rule.
Choose a key name
Write a name for the new rule.
Mandatory: Yes.
Minimal RSA public key length
The minimal key length allowed for RSA public keys.
Mandatory: No. This optional value defaults to 2048 bits.
Minimal elliptic curve (EC) public key length
The minimal key length allowed for EC (Elliptic-curve) public keys.
Mandatory: No. This optional value defaults to 256 bits.
Digest algorithm
The list of supported one-way digest algorithms. Supported list items are:
- SHA-256
- SHA-384
Mandatory: No. When omitting this optional value, both SHA-256 and SHA-384 are supported.
MAC algorithm
The list of supported MAC (Message Authentication Code) algorithms.
Mandatory: No. When omitting this value, a default list is built from the Digest algorithm value.
Signature class
The list of supported signature algorithm classes. Supported list items are:
- rsa
- ecdsa
Mandatory: No. When omitting this optional value, both rsa and ecdsa are supported.
Signing algorithm
The list of supported signing algorithms.
Mandatory: No. When omitting this value, a default list is built from the Digest algorithm and Signature-class values.
EC public key algorithm
The list of algorithms of supported EC public keys. Supported list items are:
- secp256r1
- secp384r1
Mandatory: No. When omitting this optional value, both secp256r1 and secp384r1 are supported.
Excluded test
The list of specific tests to be excluded during validation of the message.
Mandatory: No.