RE: [OCF] 3-DES

Wed, 11 Oct 2000 01:50:53 -0700 

Hi,

>-----Original Message-----
>From: Data [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, October 11, 2000 10:17 AM
>To: [EMAIL PROTECTED]
>Subject: [OCF] 3-DES
>
>
>According to the JavaCard 2.1 API,
>
>Interface DESKey contains an 8/16/24 byte key for single/2 key triple
>DES/3 key triple DES operations. And Gemxpresso 211is states that it
>supports only security algorithm of 3-DES.
--------------------------------------------------------------------------
No 8/16/24 are available in JC API, 3DES security restriction is for Openplatform
security. Only NO_PAD algos are available, take care of this... 
--------------------------------------------------------------------------
>
>Hence, is it true that Gemxpresso 211is can only manipulate the DES key
>with
>length at most *24* byte?
--------------------------------------------------------------------------
No
--------------------------------------------------------------------------
>
>By the way, if I want to generate a 3-DES key with KeyGenerator in
>package javax.crypto, its length must be 112 bits. The problem is how
>can I generate the 3-DES key with correct length (off-card) that can
>work on Gemxpresso 211is.
--------------------------------------------------------------------------
On board key generation is for RSA keys only in Gxp211PK and Gxp211PKis.
No on-board key generation available for symetric keys. You can use 
"javacard.security.RandomData" (with ALG_SECURE_RANDOM) class to generate 
a good DES or 3DES key.
--------------------------------------------------------------------------
>
>Thanks
>
>
>-Tsang Hin Chung
>
>
--------------------------------------------------------------------------
Regards,

        Christophe (GemXpresso RAD Team)
--------------------------------------------------------------------------
>
>---
>> Visit the OpenCard web site at http://www.opencard.org/ for more
>> information on OpenCard---binaries, source code, documents.
>> This list is being archived at 
>http://www.opencard.org/archive/opencard/
>
>! To unsubscribe from the [EMAIL PROTECTED] mailing list 
>send an email
>! to
>!                           [EMAIL PROTECTED]
>! containing the word
>!                           unsubscribe 
>! in the body.
>
>


---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/

! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
!                           [EMAIL PROTECTED]
! containing the word
!                           unsubscribe 
! in the body.

Reply via email to