p192: better citation for not implementing ECDSA signing (#854)

RustCrypto · Apr 14, 2023 · ec6b153 · ec6b153
1 parent ec9ba6b
commit ec6b153
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/p192/README.md b/p192/README.md
@@ -30,7 +30,7 @@ For more information, see:
 > Government use.
 
 Following the recommendations from this document, this crate only provides
-public-key operations intended for legacy interop purposes. There is
+public key operations intended for legacy interop purposes. There is
 deliberately no `SecretKey`, ECDH support, or ECDSA `SigningKey`.
 
 ### Unaudited!

diff --git a/p192/src/ecdsa.rs b/p192/src/ecdsa.rs
@@ -20,9 +20,14 @@
 //!
 //! From Section 3: Digital Signatures:
 //!
-//! > ECDSA: See FIPS 186-238 and FIPS 186-4, which include specifications of
-//! > elliptic curves that may continue to be used for signature verification but not
-//! > signature generation: B-163, K-163 and P-192.
+//! > <112 bits of security strength: ECDSA: len(n) < 224
+//! >
+//! > [...]
+//! >
+//! > Digital signature generation:
+//! >
+//! > Private-key lengths providing less than 112 bits of security **shall not** be used to
+//! > generate digital signatures.
 //!
 //! [NIST Special Publication 800-131A Revision 2]: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf