Skip to end of banner
Go to start of banner

Applet Requirements

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

1 Contents

2 Overview

OpenFIPS201 (and PIV in general) places a number of minimum requirements on any smart-card it is installed and used on. If the applet fails to load, it is most likely because the smartcard fails to meet one or more criteria.

The requirements are:

  • Java Card - Your JCRE/JCVM must be Java Card 3.0.4 or above

  • Global Platform - Version 2.2.1 or higher is required, with:

    • Support for Secure Channel Protocol 03 (SCP03)

    • Support for org.globalplatform.CVM

  • Randomness - Support for the ALG_SECURE_RANDOM random generator type

  • Memory - The base applet takes approximately 19kb of EEPROM and 468 bytes or RAM, but this various by installed platform.

2.1 Cryptographic Mechanisms

OpenFIPS201 attempts to be as flexible as possible, when the applet is installed it will attempt to make use of all of the following cryptographic primitives. Any that are not available will simply mean that corresponding mechanism is not available.

PIV Mechanisms

Javacard Primitive

08, 0A, 0C

Cipher.ALG_AES_BLOCK_128_ECB_NOPAD

00,03

Cipher.ALG_DES_ECB_NOPAD

06,07

Cipher.ALG_RSA_NOPAD

11, 14, 27, 2E

KeyAgreement.ALG_EC_SVDP_DH_PLAIN

11, 14, 27, 2E

MessageDigest.ALG_SHA_256

11, 14, 27, 2E

MessageDigest.ALG_SHA_384

11, 14

Signature.ALG_ECDSA_SHA

11, 14

Signature.ALG_ECDSA_SHA_256

11, 14

Signature.ALG_ECDSA_SHA_384

11, 14

Signature.ALG_ECDSA_SHA_512

  • No labels