Go to main content

Supported Cryptography Classes

The implementation of security and cryptography in the RI supports the use of the following classes:

javacardx.crypto.AEADCipher
javacardx.crypto.Cipher
javacard.security.Checksum
javacard.security.InitializedMessageDigest
javacard.security.KeyAgreement
javacard.security.KeyBuilder
javacard.security.KeyPair
javacard.security.MessageDigest
javacard.security.RandomData
javacard.security.Signature
javacard.security.SignatureMessageRecovery

Note:

The implementation of RandomData in the RI is not suitable for porting.

Table 14-1 lists the cryptography algorithms that are implemented for the RI.

Table 14-1 Algorithms Implemented by the Cryptography Classes

Class	Algorithm
`AEADCipher`	Supports `ALG_AES_CCM` and `ALG_AES_GCM` (supports only the 12 byte IV length, which is the value recommended by NIST)
`Checksum`	`ALG_ISO3309_CRC16`—ISO/IEC 3309-compliant 16-bit CRC algorithm. This algorithm uses the generator polynomial: `x^16+x^12+x^5+1`. The default initial checksum value used by this algorithm is 0. This algorithm is also compliant with the frame-checking sequence as specified in section 4.2.5.2 of the ISO/IEC 13239 specification. `ALG_ISO3309_CRC32`—ISO/IEC 3309-compliant 32-bit CRC algorithm. This algorithm uses the generator polynomial: `X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8 +X^7+X^5+X^4+X^2+X+1`. The default initial checksum value used by this algorithm is 0. This algorithm is also compliant with the frame-checking sequence as specified in section 4.2.5.3 of the ISO/IEC 13239 specification.
`Cipher`	`ALG_DES_CBC_ISO9797_M2`—provides a cipher using `DES` in `CBC` mode. This algorithm uses `CBC` for `DES` and `3DES`. Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme. `ALG_RSA_PKCS1`—provides a cipher using `RSA`. Input data is padded according to the `PKCS#1` (v1.5) scheme. `ALG_AES_BLOCK_128_CBC_NOPAD`—provides a cipher using `AES` with block size 128 in CBC mode and does not pad input data. `AEADCipher`—Supports `ALG_AES_CCM` and `ALG_AES_GCM` (supports only the 12 byte IV length, which is the value recommended by NIST)
`InitializedMessageDigest`	Provides the functionality of MessageDigest, with the additional ability to allow for initialization with a starting hash value corresponding to a previously hashed part of the message. Provides for SHA1 and SHA256.
`KeyAgreement`	`ALG_EC_SVDP_DH`—elliptic curve secret value derivation primitive, Diffie-Hellman version, per [IEEE P1363]. `ALG_EC_SVDP_DHC`—elliptic curve secret value derivation primitive, Diffie-Hellman version, with cofactor multiplication, per [IEEE P1363].
`KeyBuilder`	The algorithms define the key lengths for: 128-bit `AES` 64-bit `DES` 112-, 128-, 160-, 192-bit `ECC` 128-bit `DES3` 512-bit `RSA`
`KeyPair`	The algorithms define the key lengths for: 112-, 128-, 160-, 192-bit `ECC` 512-bit `RSA`
`MessageDigest`	Message digest algorithm `SHA1` and `SHA256`
`RandomData`	Pseudo-random number generator with a 48-bit seed, which is modified using a linear congruential formula.
`Signature`	`ALG_DES_MAC8_ISO9797_M2`—generates an 8-byte `MAC` (most significant 8 bytes of encrypted block) using `DES` or `3DES` in `CBC` mode. This algorithm uses `CBC` for `DES` and `3DES`. Input data is padded according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme. `ALG_RSA_SHA_PKCS1`—encrypts the 20 byte `SHA1` digest using `RSA`. The digest is padded according to the `PKCS#1` (v1.5) scheme. `ALG_AES_MAC_128_NOPAD`—generates a 16-byte MAC using `AES` with blocksize 128 in CBC mode and does not pad input data. `ALG_ECDSA_SHA`—signs/verifies the 20-byte SHA digest using ECDSA. `ALG_AES_CMAC_128`
`SignatureMessageRecovery`	`ALG_RSA_SHA_ISO9796_MR`—This algorithm uses the first part of the input message as padding bytes during signing. During verification, these message bytes (recoverable message) can be recovered to reconstruct the message.