This topic describes the supported secure random algorithms, key types, message digests, MAC/HMAC algorithms, maximum encryption and decryption lengths, and signatures by the JCE Provider.
Supported secure random algorithms
Algorithm | Size |
---|---|
AES-CTR-DRBG (FIPS compliant) | The AES-CTR-DRBG secure random algorithm can generate up to 8000 bytes of random number within the HSM for each API call. |
Supported key types
Algorithm | Supported Size (bits) |
---|---|
AES | 128, 192, 256 (default) |
RSA key pairs | 2048, 2304, 2560, 2816,3072, 3328, 3584, 3840,4096 (default) |
Triple DES (DESede) | 192 |
EC key pairs | NIST P256NIST P384 (No default value because the key must be constructed using a standard name.) |
XDH key pairs | X25519 |
ECC curve | secp256k1 |
HMAC | HmacSHA1, HmacSHA224, HmacSHA256, HmacSHA384, HmacSHA512 |
Supported message digests
Digest name |
---|
AES-CMAC |
SHA-1 |
SHA-224 |
SHA-256 |
SHA-384 |
SHA-512 |
Supported MAC/HMAC algorithms
Algorithm | JCA name |
---|---|
HmacSHA1 | HmacSHA1, Hmac128SHA1 |
HmacSHA224 | HmacSHA224, Hmac128SHA224 |
HmacSHA256 | HmacSHA256, Hmac128SHA256 |
HmacSHA384 | HmacSHA384, Hmac256SHA384 |
HmacSHA512 | HmacSHA512, Hmac256SHA512 |
AESCMAC | AESCMAC |
Supported maximum encryption and decryption lengths
Algorithm | Encryption Maximum Length | Decryption Maximum Length |
---|---|---|
AES-CBC | No max limit | No max limit |
AES-CCM | 16000 bytes | 16000 bytes |
AES-CTR | No max limit | No max limit |
AES-ECB | No max limit | No max limit |
AES-GCM | 16000 bytes | 16000 bytes |
DESede-CBC | No max limit | No max limit |
DESede-ECB | No max limit | No max limit |
Supported signatures
Algorithm | Signatures | JCA name |
---|---|---|
EC | NONE with ECDSA | NONEwithECDSA |
SHA1 with ECDSA | SHA1withECDSA | |
SHA224 with ECDSA | SHA224withECDSA | |
SHA256 with ECDSA | SHA256withECDSA | |
SHA384 with ECDSA | SHA384withECDSA | |
SHA512 with ECDSA | SHA512withECDSA | |
RSA/PKCS1.5 | NONEwithRSA | NONEwithRSA |
SHA1 with RSA | SHA1withRSA | |
SHA224 with RSA | SHA224withRSA | |
SHA256 with RSA | SHA256withRSA | |
SHA384 with RSA | SHA384withRSA | |
SHA512 with RSA | SHA512withRSA | |
PSS | PSS SHA1 with RSA | SHA1withRSA/PSS SHA1withRSAandMGF1 |
PSS SHA224 with RSA | SHA224withRSA/PSS SHA224withRSAandMGF1 | |
PSS SHA256 with RSA | SHA256withRSA/PSS SHA256withRSAandMGF1 | |
PSS SHA384 with RSA | SHA384withRSA/PSS SHA384withRSAandMGF1 | |
PSS SHA512 with RSA | SHA512withRSA/PSS SHA512withRSAandMGF1 |