RIM Crypto API: Cryptographic algorithms

This document provides information on the different algorithms and functions provided by Research In Motion's Crypto related factories.

Because of memory-related handheld constraints, not all of the supported algorithms are loaded on the device in its default configuration. To maximize performance, the handheld can be optimized to include only a minimal set of crypto functionality. Conversely, to increase security, users who wish to use PGP, S/MIME or TLS must load a larger set of crypto files on the device.

For organization, and for increased performance, the crypto api has been organized into three .cod or .jar files. The list below describes the algorithms that are provided as part of the base install and the algorithms provided in each of the three crypto jar files. All of the crypto jar files build on each other. That is, the presence of Crypto 2, ensures that Crypto 1 is already installed on the handheld.

Factory Algorithms supported in each cod file
Bundled with O/S Crypto 1: WTLS
(net_rim_crypto1.cod)
Crypto 2: SSL/TLS
(net_rim_crypto2.cod)
Crypto 3: Miscellaneous
(net_rim_crypto3.cod)
DigestFactory
"SHA1"
"MD5"
"SHA256"
"SHA384"
"SHA512"
"Null"
 
"MD2"
"MD4"
"RIPEMD128"
"RIPEMD160"
MACFactory

The general format of the algorithm string is:
"<Algorithm>[/<Parameters>]"

e.g. "HMAC/SHA1", or "CBCMAC/DES"

"HMAC" (returns HMAC_SHA1)
"HMAC_<Digest>"
"Null"
   
"CBCMAC_<BlockEncryptorEngine>"
SignatureSignerFactory

The general format of the algorithm string is:
"<Algorithm>[/<Parameters>]"

e.g. "DSA/SHA1", or "RSA_PKCS1_V20/MD2"

 
"DSA"
"RSA_PKCS1_V15"
"Null"
"RSA_PKCS1" (returns RSA_PKCS1_V20)
"RSA_PKCS1_V20"
"EC" (returns ECDSA)
"ECDSA"
"ECNR"
"RSA_PSS"
"RSA_X931"
SymmetricKeyFactory

The general format of the algorithm string is:
"<Algorithm>[_<KeyBitLength>]"

e.g. "TripleDES", or "RC5_64"

 
"AES"
"ARC4"
"DES"
"HMAC"
"RC4"
"RC5"
"TripleDES"
 
"CAST128"
"RC2"
"Skipjack"
InitializationVectorFactory

The general format of the algorithm string is:
"<Algorithm>[_<KeyBitLength>_<BlockBitLength>]"

e.g. "TripleDES", or "RC5_64_64"

 
"AES"
"DES"
"HMAC"
"RC5"
"TripleDES"
 
"CAST128"
"RC2"
"Skipjack"
EncryptorFactory / DecryptorFactory

Symmetric Key Algorithms

The general format of the algorithm string is:
"<Cipher>[/<Mode>][/<Padding>]"

where <Cipher> is:
<Algorithm>[_<KeyBitLength>[_<BlockBitLength>[_<NumberOfRounds>]]].

e.g. "TripleDES/CBC/PKCS5", or "RC5_64_64_16/CFB"

 
Symmetic Key Algorithms
"AES"
"ARC4"
"RC4"
"DES"
"RC5"
"TripleDES"
Modes
"ECB"
"CBC"
Padding
"PKCS5"
 
Algorithms
"CAST128"
"RC2"
"Skipjack"
Modes
"CFB"
"CFB8"
"OFB"

Public Key Algorithms

The general format of the algorithm string is:
"<Cipher>[/<Parameters>]"

e.g. "RSA/PKCS1", or "ECIES/HMAC_SHA1"

 
Public Key Algorithms
"RSA" (Returns "textbook" RSA if called from the getBlockEncryptorEngine function, otherwise returns RSA with PKCS1 formatting if called from the getEncryptorOutputstream function)
"RSA/<Formatter>"
Formatter
"PKCS1"
 
Algorithms
"ECIES" (Returns ECIES/HMAC_SHA1)
"ECIES/<MACAlgorithm>"
"ElGamal"
Formatter
"OAEP"