Overview of Using Cryptography Extensions
A selection of Security and Cryptography classes are supported by the simulator (cref
). The support for security and cryptography enables you to:
-
Generate message digests using the
SHA1
andSHA256
algorithms. -
Generate cryptographic keys on Java Card technology-compliant smart cards for use in the
ECC
andRSA
algorithms -
Set cryptographic keys on Java Card technology-compliant smart cards for use in the
AES
,DES
,3DES
,HMAC
,ECC
, andRSA
algorithms -
Encrypt and decrypt data with the keys using the
AES
,DES
,3DES
, andRSA
algorithms. -
Generate and verify signatures using
MAC
,CMAC
,HMAC
,DSA
,ECDSA
, andRSA
algorithms. -
Generate sequences of random bytes
-
Generate checksums
-
Use part of a message as padding in a signature block
-
Generate derived data using
KDF
in Counter mode and PRF forTLSv1.2
algorithmsNote:
DES
is also known as single-keyDES
.3DES
is also known as triple-DES
.
Refer to the following publications, for more information on the cryptographic algorithms and schemes:
-
For
SHA1
— "Secure Hash Standard", FIPS Publication 180-1:http://www.itl.nist.gov
-
For
DES
— "Data Encryption Standard (DES)", FIPS Publication 46-2 and "DES Modes of Operation", FIPS Publication 81:http://www.itl.nist.gov
-
For
RSA
— "RSAES-OAEP (Optimal Asymmetric Encryption Padding) Encryption Scheme":http://www.emc.com
-
For
AES
— "Advanced Encryption Standard (AES)" FIPs Publication 197:http://www.itl.nist.gov
-
For
ECC
— "Public Key Cryptography for the Financial Industry: The Elliptic Curve Digital Signature Algorithm" (ECDSA) X9.62-1998:http://www.x9.org
-
For Checksum — "Information technology—Telecommunications and information exchange between systems—High-level data link control (HDLC) procedures" ISO/IEC-13239:2002 (replaces ISO-3309):
http://www.iso.org
-
For
SHA256
— "Secure Hash Standard", FIPS Publication 180-2:http://www.itl.nist.gov
-
For
HMAC
— "Keyed-Hashing for Message Authentication", RFC-2104 -
For
KDF
in Counter mode — "Key Derivation Function in Counter Mode", NIST SP 800-108 -
For
PRF
ofTLS
—"Pseudo Random Function",TLS version 1.2
defined in IETF RFC 5246 -
For
DSA
— "Digital Signature Algorithm", Standard, NIST FIPS 186.