SHA-1 is easily compromised as an encryption algorithm, so I’m trying to confirm that we only used SHA-1 in the lab to simplify the process.
Correct SHA – 1 is said to be "Good Enough" for a one time use like in the LAB and SHA-2 is better still and perhaps a better habit to establish — here is how to update the LAB.
Source AWS: https://aws.amazon.com/premiumsupport/knowledge-center/invalidciphertext-kms/
By default, OpenSSL uses the SHA-1 hash function.
To avoid import errors when you use the RSAES_OAEP_SHA_256 algorithm (SHA-256 hash function), encrypt your key material with OpenSSL using the openssl pkeyutl command and specify the parameters –pkeyopt rsa_padding_mode:oaep and –pkeyopt rsa_oaep_md:sha256.
i second that concern please clarity