Overview of Using Cryptography Extensions

Security and cryptography classes are supported by the RI (cref). The support for security and cryptography enables you to:

• Generate message digests using the SHA1 algorithm

• Generate cryptographic keys on Java Card technology-compliant smart cards for use in the ECC and RSA algorithms

• Set cryptographic keys on Java Card technology-compliant smart cards for use in the AES, DES, 3DES, ECC, and RSA algorithms

• Encrypt and decrypt data with the keys using the AES, DES, 3DES, and RSA algorithms

• Generate signatures using the AES, DES, 3DES, ECC, or SHA and RSA algorithms

• Generate sequences of random bytes

• Generate checksums

• Use part of a message as padding in a signature block

  Note:

  DES is also known as single-key DES. 3DES is also known as triple-DES.

For more information on the SHA1, DES, 3DES, and RSA encryption schemes, see:

• For SHA1—"Secure Hash Standard", FIPS Publication 180-1: http://www.itl.nist.gov

• For DES—"Data Encryption Standard (DES)", FIPS Publication 46-2 and "DES Modes of Operation", FIPS Publication 81: http://www.itl.nist.gov

• For RSA—"RSAES-OAEP (Optimal Asymmetric Encryption Padding) Encryption Scheme": http://www.emc.com

• For AES—"Advanced Encryption Standard (AES)" FIPs Publication 197: http://www.itl.nist.gov

• For ECC—"Public Key Cryptography for the Financial Industry: The Elliptic Curve Digital Signature Algorithm" (ECDSA) X9.62-1998: http://www.x9.org

• For Checksum—"Information technology—Telecommunications and information exchange between systems—High-level data link control (HDLC) procedures" ISO/IEC-13239:2002 (replaces ISO-3309): http://www.iso.org