public final class IAIK extends ExtendedProvider
The provider architecture has been introduced by the Java Cryptographic Architecture (JCA) making it possible for different cryptographic implementations to operate on common interfaces.
For generally accessing and using providerspecific algorithm
implementations, engine classes and factory methods are used.
Engine classes provide interfaces to the functionality of a type of
cryptographic algorithm, and factory methods are used for obtaining some
specific implementation. To get, for instance, an object of the
MessageDigest
engine class, use the corresponding
getInstance
factory method:
MessageDigest md = MessageDigest.getInstance("AlgorithmName", "ProviderName");
Specifying a particular provider is optionally (for using the IAIK provider,
specify "IAIK"
). If no provider is given, all installed
providers are searched until one is found that implements the desired
algorithm, e.g.:
MessageDigest sha256 = MessageDigest.getInstance("SHA256");
If none of the installed providers supports the requested algorithm, a
NoSuchAlgorithmException
is thrown.
The term provider is an abbreviation for Cryptographic Package Provider and denotes a package or a set of packages supplying a concrete implementation of a subset of the cryptography aspects of the Java Security API (JCA). A JCA provider may realize implementations of digital signature, message digest, and key pair generation algorithms. If the JCA API is extended by a Java Cryptography Extension (JCE) API for supporting encryption and key exchange, a provider additionally may implement encryption and key exchange algorithms.
This class represents the master class of the IAIK security package provider.
It extends the java.security.Provider
class for registering the
IAIK provider specific security implementations within the Java security
architecture. The IAIK provider supports both, algorithm implementations for
JCA, and for the JCE extension. If you want to use the IAIK provider with
Java 1.4 you will have to use the signed version (see installation
instructions).
Note that depending on which IAIK JCE JAR file you are using not all algorithms may be available because of legal issues. In particular RC5, RC6, IDEA, and ESDH are not included in the default distribution. If you want to use those algorithms as well you need to download the full version of the JAR file, see the download page, but make sure you have understood the related legal and patent issues.
The following table lists the names  case sensitive  of several algorithms supported by the IAIK provider. The table is divided into two parts. The first part contains the JCA related implementations, and the second part lists the JCE algorithms. For each algorithm, the corresponding specification and all registered aliases are reported.
JCA implementations  

Message Digest Algorithms
MessageDigest md = MessageDigest.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
SHA1 (Secure Hash Algorithm)

SHA1 message digest algorithm as specified in FIPS PUB 1801 for producing a 160bit hash value  SHA, SHA1, 1.3.14.3.2.26, 1.3.14.3.2.18 
SHA224 (224 bit Secure
Hash Algorithm) 
224 bit message digest algorithm as proposed by NIST  SHA224, 2.16.840.1.101.3.4.2.4 
SHA256 (256 bit Secure
Hash Algorithm) 
256 bit message digest algorithm as proposed by NIST  SHA256, 2.16.840.1.101.3.4.2.1 
SHA384 (384 bit Secure
Hash Algorithm) 
384 bit message digest algorithm as proposed by NIST  SHA384, 2.16.840.1.101.3.4.2.2 
SHA512 (512 bit Secure
Hash Algorithm) 
512 bit message digest algorithm as proposed by NIST  SHA512, 2.16.840.1.101.3.4.2.3 
SHA512/224 (256 bit Secure
Hash Algorithm) 
224 bit message digest algorithm based on SHA512 as proposed by FIPS 1804  SHA512/224, 2.16.840.1.101.3.4.2.5 
SHA512/256 (256 bit Secure
Hash Algorithm) 
256 bit message digest algorithm based on SHA512 as proposed by FIPS 1804  SHA512/256, 2.16.840.1.101.3.4.2.6 
SHA3224 (224 bit Secure
Hash Algorithm 3) 
224 bit message digest algorithm as proposed by NIST (FIPS PUB 202)  SHA3224, 2.16.840.1.101.3.4.2.7 
SHA3256 (256 bit Secure
Hash Algorithm 3) 
256 bit message digest algorithm as proposed by NIST (FIPS PUB 202)  SHA3256, 2.16.840.1.101.3.4.2.8 
SHA3384 (384 bit Secure
Hash Algorithm 3) 
384 bit message digest algorithm as proposed by NIST (FIPS PUB 202)  SHA3384, 2.16.840.1.101.3.4.2.9 
SHA3512 (512 bit Secure
Hash Algorithm 3) 
512 bit message digest algorithm as proposed by NIST (FIPS PUB 202)  SHA3512, 2.16.840.1.101.3.4.2.10 
SHAKE128 (SHA3 XOF
"Secure Hash Algorithm with KECCAK" with 128 bits security strength) 
SHAKE128 Extendable Output Function (XOF) as proposed by NIST (FIPS PUB 202).
Also available as MessageDigest engine . 
SHAKE128, 2.16.840.1.101.3.4.2.11, 2.16.840.1.101.3.4.2.17 
SHAKE256 (SHA3 XOF
"Secure Hash Algorithm with KECCAK" with 256 bits security strength) 
SHAKE256 Extendable Output Function (XOF) as proposed by NIST (FIPS PUB 202).
Also available as MessageDigest engine . 
SHAKE256, 2.16.840.1.101.3.4.2.12, 2.16.840.1.101.3.4.2.18 
SHAKE128 (SHA3 XOF
"Secure Hash Algorithm with KECCAK" with 128 bits security strength) 
SHAKE128 Extendable Output Function (XOF) as proposed by NIST (FIPS PUB 202).
Also available as . 
SHAKE128, 2.16.840.1.101.3.4.2.11, 2.16.840.1.101.3.4.2.17 
SHAKE256 (SHA3 XOF
"Secure Hash Algorithm with KECCAK" with 256 bits security strength) 
SHAKE256 Extendable Output Function (XOF) as proposed by NIST (FIPS PUB 202).
Also available as . 
SHAKE256, 2.16.840.1.101.3.4.2.12, 2.16.840.1.101.3.4.2.18 
Md2 (Message Digest 2) 
RSA Data Security, Inc.'s MD2 message digest algorithm, as specified in RFC 1319 for producing a 128bit hash value  1.2.840.113549.2.2 
Md5 (Message Digest 5) 
RSA Data Security, Inc.'s MD5 message digest algorithm, as specified in RFC 1321 for producing a 128bit hash value  1.2.840.113549.2.5 
RIPEMD128 (RACE
Integrity Primitives Evaluation Message Digest 128) 
128bit hash value producing message digest algorithm; developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 19881992); specified in ISO/IEC 101183.  RipeMd128, RIPEMD128, 1.3.36.3.2.2, 1.0.10118.3.0.50 
RIPEMD160 (RACE
Integrity Primitives Evaluation Message Digest 160) 
160bit hash value producing message digest algorithm; developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 19881992) ; specified in ISO/IEC 101183.  RipeMd160, RIPEMD160, 1.3.36.3.2.1, 1.0.10118.3.0.49 
RIPEMD256 (RACE
Integrity Primitives Evaluation Message Digest 256) 
256bit hash value producing message digest algorithm; developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 19881992); specified in ISO/IEC 101183.  RipeMd256, RIPEMD256, 1.3.36.3.2.3 
RIPEMD320 (RACE
Integrity Primitives Evaluation Message Digest 320) 
320bit hash value producing message digest algorithm; developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 19881992)  RipeMd320, RIPEMD320 
Whirlpool 
512bit hash value producing message digest algorithm; developed by Paulo S.L.M. Barreto and Vincent Rijmen; specified in ISO/IEC 101183.  1.0.10118.3.0.55 
GOST3411 
256bit hash value producing Russian message digest algorithm; see RFC 5831  GOST3411, 1.2.643.2.2.9 
BLAKE224 
224bit hash value producing SHA3 candidate BLAKE  BLAKE224 
BLAKE256 
256bit hash value producing SHA3 candidate BLAKE  BLAKE256 
BLAKE384 
384bit hash value producing SHA3 candidate BLAKE  BLAKE384 
BLAKE512 
512bit hash value producing SHA3 candidate BLAKE  BLAKE512 
Groestl224 
224bit hash value producing SHA3 candidate Groestl  Groestl224 
Groestl256 
256bit hash value producing SHA3 candidate Groestl  Groestl256 
Groestl384 
384bit hash value producing SHA3 candidate Groestl  Groestl384 
Groestl512 
512bit hash value producing SHA3 candidate Groestl  Groestl512 
JH224 
224bit hash value producing SHA3 candidate JH  JH224 
JH256 
256bit hash value producing SHA3 candidate JH  JH256 
JH384 
384bit hash value producing SHA3 candidate JH  JH384 
JH512 
512bit hash value producing SHA3 candidate JH  JH512 
KECCAK224 
224bit hash value producing SHA3 candidate Keccak  KECCAK224 
KECCAK256 
256bit hash value producing SHA3 candidate Keccak  KECCAK256 
KECCAK384 
384bit hash value producing SHA3 candidate Keccak  KECCAK384 
KECCAK512 
512bit hash value producing SHA3 candidate Keccak  KECCAK512 
Skein224 
224bit hash value producing SHA3 candidate Skein  Skein224 
Skein256 
256bit hash value producing SHA3 candidate Skein  Skein256 
Skein384 
384bit hash value producing SHA3 candidate Skein  Skein384 
Skein512 
512bit hash value producing SHA3 candidate Skein  Skein512 
Digital Signature Algorithms^{2, 3}
Signature sig = Signature.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
RawDSA (Raw Digital
Signature Algorithm) 
"Raw" (input has to be already hashed with SHA1) DSA signature algorithm as specified in FIPS PUB 186  NONEwithDSA 
DSA (Digital Signature
Algorithm) 
DSS (DSA with SHA1) signature algorithm as specified in FIPS PUB 1862  SHA/DSA, SHA1/DSA, DSS, SHAwithDSA, SHA1withDSA, 1.3.14.3.2.13, 1.3.14.3.2.27, 1.2.840.10040.4.3 
SHA224withDSA
(Digital Signature Algorithm with SHA224) 
DSA signature algorithm using SHA224 for hash calculation as specified in FIPS PUB 1863  SHA224/DSA, SHA224/DSA, SHA224withDSA, SHA224withDSA, 2.16.840.1.101.3.4.3.1 
SHA256withDSA
(Digital Signature Algorithm with SHA256) 
DSA signature algorithm using SHA256 for hash calculation as specified in FIPS PUB 1863  SHA256/DSA, SHA256/DSA, SHA256withDSA, SHA256withDSA, 2.16.840.1.101.3.4.3.2 
SHA384withDSA
(Digital Signature Algorithm with SHA384) 
DSA signature algorithm using SHA384 for hash calculation as specified in FIPS PUB 1863  SHA384/DSA, SHA384/DSA, SHA384withDSA, SHA384withDSA, 2.16.840.1.101.3.4.3.3 
SHA512withDSA
(Digital Signature Algorithm with SHA512) 
DSA signature algorithm using SHA512 for hash calculation as specified in FIPS PUB 1863  SHA512/DSA, SHA512/DSA, SHA512withDSA, SHA512withDSA, 2.16.840.1.101.3.4.3.4 
SHA3224withDSA
(Digital Signature Algorithm with SHA3224) 
DSA signature algorithm using SHA3224 for hash calculation as specified in FIPS PUB 1863  SHA3224/DSA, , 2.16.840.1.101.3.4.3.5 
SHA3256withDSA
(Digital Signature Algorithm with SHA3256) 
DSA signature algorithm using SHA3256 for hash calculation as specified in FIPS PUB 1863  SHA3256/DSA, 2.16.840.1.101.3.4.3.6 
SHA3384withDSA
(Digital Signature Algorithm with SHA3384) 
DSA signature algorithm using SHA3384 for hash calculation as specified in FIPS PUB 1863  SHA3384/DSA, 2.16.840.1.101.3.4.3.7 
SHA3512withDSA
(Digital Signature Algorithm with SHA3512) 
DSA signature algorithm using SHA3512 for hash calculation as specified in FIPS PUB 1863  SHA3512/DSA, 2.16.840.1.101.3.4.3.8 
SSL/RSA (SSL
with RSA encryption) 
RSA based signature algorithm using the SHA and MD5 hash algorithms for message digest computation as specified by the Secure Sockets Layer (SSL) protocol; in accordance to PKCS#1   
MD2/RSA (MD2
with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the MD2 algorithm for message digest computation as specified in PKCS#1  MD2WithRSA, MD2withRSA, 1.2.840.113549.1.1.2 
MD5/RSA (MD5
with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the MD5 algorithm for message digest computation as specified in PKCS#1  MD5WithRSA, MD5withRSA, 1.2.840.113549.1.1.4 
SHA1/RSA (SHA
with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the Secure Hash Algorithm (SHA1) for message digest computation; in accordance to PKCS#1  SHA/RSA, SHA1/RSA, SHA1/RSA, SHAWithRSA, SHA1WithRSA, SHAwithRSA, SHA1withRSA, SHA1withRSA, 1.3.14.3.2.29, 1.2.840.113549.1.1.5 
SHA224/RSA
(SHA224 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA224 algorithm for message digest computation; in accordance to PKCS#1  SHA224/RSA, SHA224WithRSA, SHA224withRSA, 1.2.840.113549.1.1.14 
SHA256/RSA
(SHA256 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA256 algorithm for message digest computation; in accordance to PKCS#1  SHA256/RSA, SHA256WithRSA, SHA256withRSA, 1.2.840.113549.1.1.11 
SHA384/RSA
(SHA384 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA384 algorithm for message digest computation; in accordance to PKCS#1  SHA384/RSA, SHA384WithRSA, SHA384withRSA, 1.2.840.113549.1.1.12 
SHA512/RSA
(SHA512 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA512 algorithm for message digest computation; in accordance to PKCS#1  SHA512/RSA, SHA512WithRSA, SHA512withRSA, 1.2.840.113549.1.1.13 
SHA512224/RSA
(SHA512224 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA512224 algorithm for message digest computation; in accordance to PKCS#1  SHA512/224WithRSA, SHA512224WithRSA, SHA512/224withRSA, SHA512224withRSA, 1.2.840.113549.1.1.15 
SHA512256/RSA
(SHA512256 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA512256 algorithm for message digest computation; in accordance to PKCS#1  SHA512/256WithRSA, SHA512256WithRSA, SHA512/256withRSA, SHA512256withRSA, 1.2.840.113549.1.1.16 
SHA3224/RSA
(SHA3224 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA3224 algorithm for message digest computation; in accordance to PKCS#1  SHA3224WithRSA, SHA3224withRSA, 2.16.840.1.101.3.4.3.13 
SHA3256/RSA
(SHA3256 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA3256 algorithm for message digest computation; in accordance to PKCS#1  SHA3256WithRSA, SHA3256withRSA, 2.16.840.1.101.3.4.3.14 
SHA3384/RSA
(SHA3384 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA3384 algorithm for message digest computation; in accordance to PKCS#1  SHA3384WithRSA, SHA3384withRSA, 2.16.840.1.101.3.4.3.15 
SHA3512/RSA
(SHA3512 with RSA encryption) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the SHA3512 algorithm for message digest computation; in accordance to PKCS#1  SHA3512WithRSA, SHA3512withRSA, 2.16.840.1.101.3.4.3.16 
RIPEMD160/RSA (rsaSignatureWithRipemd160) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the RipeMd160 algorithm for message digest computation  RipeMd160WithRSA, RipeMd160withRSA, RIPEMD160/RSA, 1.3.36.3.3.1.2 
RIPEMD128/RSA (rsaSignatureWithRipemd128) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the RipeMd128 algorithm for message digest computation  RipeMd128WithRSA, RipeMd128withRSA, RIPEMD128/RSA, 1.3.36.3.3.1.3 
RIPEMD128/RSA (rsaSignatureWithRipemd256) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the RipeMd256 algorithm for message digest computation  RipeMd256WithRSA, RipeMd256withRSA, RIPEMD256/RSA, 1.3.36.3.3.1.4 
WHIRLPOOL/RSA (rsaSignatureWithWhirlpool) 
RSA PKCS#1v1.5 based signature algorithm (PKCS#1) using the Whirlpool algorithm (ISO/IEC 101183) for message digest computation  WHIRLPOOLWithRSA, WHIRLPOOLwithRSA, WHIRLPOOL/RSA 
RSA (Raw RSA) 
Raw RSA PKCS#1v1.5 based signature algorithm (PKCS#1) requiring the application to do all the hashing and DigestInfo coding outside.  RawRSA, NONEwithRSA, RSAforSSL 
RawRSASSAPKCS1v1_5 (Raw RSA PKCS1v1.5) 
Raw RSA PKCS#1v1.5 based signature algorithm (PKCS#1) requiring the application to do the hashing outside.  RSAPkcs15, RawRSAPkcs15, NONEwithRSAPkcs15, RSASSAPKCS1v1_5, RawRSASSAPKCS1v1_5, NONEwithRSASSAPKCS1v1_5 
MD2withRSAandMGF1 (RSA PSS with MD2 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using MD2 as hash and MGF1 as mask generation algorithm.   
MD5withRSAandMGF1 (RSA PSS with MD5 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using MD5 as hash and MGF1 as mask generation algorithm.   
SHA1withRSAandMGF1 (RSA PSS with SHA1 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA1 as hash and MGF1 as mask generation algorithm.  SHAwithRSAandMGF1, SHA1withRSAandMGF1 
SHA224withRSAandMGF1 (RSA PSS with SHA224 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA224 as hash and MGF1 as mask generation algorithm.  SHA224withRSAandMGF1 
SHA256withRSAandMGF1 (RSA PSS with SHA256 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA256 as hash and MGF1 as mask generation algorithm.  SHA256withRSAandMGF1 
SHA384withRSAandMGF1 (RSA PSS with SHA384 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA384 as hash and MGF1 as mask generation algorithm.  SHA384withRSAandMGF1 
SHA512withRSAandMGF1 (RSA PSS with SHA512 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA512 as hash and MGF1 as mask generation algorithm.  SHA512withRSAandMGF1 
SHA512/224withRSAandMGF1 (RSA PSS with SHA512/224 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA512/224 as hash and MGF1 as mask generation algorithm.  SHA512224withRSAandMGF1 
SHA512/256withRSAandMGF1 (RSA PSS with SHA512/256 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA512/256 as hash and MGF1 as mask generation algorithm.  SHA512256withRSAandMGF1 
SHA3224withRSAandMGF1 (RSA PSS with SHA3224 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA3224 as hash and MGF1 as mask generation algorithm.   
SHA3256withRSAandMGF1 (RSA PSS with SHA3256 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA3256 as hash and MGF1 as mask generation algorithm.   
SHA3384withRSAandMGF1 (RSA PSS with SHA3384 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA3384 as hash and MGF1 as mask generation algorithm.   
SHA3512withRSAandMGF1 (RSA PSS with SHA3512 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using SHA3512 as hash and MGF1 as mask generation algorithm.   
RIPEMD128withRSAandMGF1 (RSA PSS with RipeMd128 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using RipeMd128 as hash and MGF1 as mask generation algorithm.  RIPEMD128withRSAandMGF1 
RIPEMD160withRSAandMGF1 (RSA PSS with RipeMd160 and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using RipeMd160 as hash and MGF1 as mask generation algorithm.  RIPEMD160withRSAandMGF1 
WHIRLPOOLwithRSAandMGF1 (RSA PSS with WHIRLPOOL and MGF1) 
RSA PKCS#1v2.1 PSS based signature algorithm using WHIRLPOOL as hash and MGF1 as mask generation algorithm.   
RSASSAPSS (RSA
PSS) 
RSA PKCS#1v2.1 PSS signature algorithm; all parameters have to be supplied by the application.  RSAPss, PSS, 1.2.840.113549.1.1.10 
RawRSASSAPSS
(Raw RSA PSS) 
RSA PKCS#1v2.1 PSS signature algorithm; all parameters and message hash have to be supplied by the application.  RawRSAPss, RawPSS, NONEwithRSAPss 
RSAISO97962 (RSA ISO97962 S1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery  RSAISO979621 
RSAISO9796223 (RSA ISO97962 S2 S3) 
RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery  1.3.36.3.4.2.2, 1.3.36.3.4.2.3 
SHA/RSAISO97962 (RSA ISO97962 S1 with SHA1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using SHA1 as hash algorithm  SHA1/RSAISO97962, SHA1/RSAISO97962, SHAwithRSA/ISO97962, SHA1withRSA/ISO97962, SHA1withRSA/ISO97962, SHA/RSAISO979621, SHA1/RSAISO979621, SHA1/RSAISO979621 
SHA256/RSAISO97962 (RSA ISO97962 S1 with SHA256) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using SHA256 as hash algorithm  SHA256/RSAISO97962, SHA256withRSA/ISO97962, SHA256withRSA/ISO97962, SHA256/RSAISO979621, SHA256/RSAISO979621 
SHA384/RSAISO97962 (RSA ISO97962 S1 with SHA384) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using SHA384 as hash algorithm  SHA384/RSAISO97962, SHA384withRSA/ISO97962, SHA384withRSA/ISO97962, SHA384/RSAISO979621, SHA384/RSAISO979621 
SHA512/RSAISO97962 (RSA ISO97962 S1 with SHA512) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using SHA512 as hash algorithm  SHA512/RSAISO97962, SHA512withRSA/ISO97962, SHA512withRSA/ISO97962, SHA512/RSAISO979621, SHA512/RSAISO979621 
RIPEMD128/RSAISO97962 (RSA ISO97962 S1 with RIPEMD128) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using RIPEMD128 as hash algorithm  RIPEMD128/RSAISO97962, RIPEMD128withRSA/ISO97962, RIPEMD128withRSA/ISO97962, RIPEMD128/RSAISO979621, RIPEMD128/RSAISO979621 
RIPEMD160/RSAISO97962 (RSA ISO97962 S1 with RIPEMD160) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using RIPEMD160 as hash algorithm  RIPEMD160/RSAISO97962, RIPEMD160withRSA/ISO97962, RIPEMD160withRSA/ISO97962, RIPEMD160/RSAISO979621, RIPEMD160/RSAISO979621 
WHIRLPOOL/RSAISO97962 (RSA ISO97962 S1 with WHIRLPOOL) 
RSA based ISO 97962 (2002) signature algorithm (scheme S1) with message recovery using WHIRLPOOL as hash algorithm  WHIRLPOOL/RSAISO97962, WHIRLPOOLwithRSA/ISO97962, WHIRLPOOL/RSAISO979621 
SHAandMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with SHA1 and MGF1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using SHA1 as hash and MGF1 as mask generation algorithm  SHA1andMGF1/RSAISO9796223, SHA1andMGF1/RSAISO9796223, SHAwithRSAandMGF1/ISO97962, SHA1withRSAandMGF1/ISO97962, SHA1withRSAandMGF1/ISO97962, 1.3.36.3.4.2.2.1, 1.3.36.3.4.2.3.1 
SHA256andMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with SHA256 and MGF1)

RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using SHA256 as hash and MGF1 as mask generation algorithm  SHA256andMGF1/RSAISO9796223, SHA256withRSAandMGF1/ISO97962, SHA256withRSAandMGF1/ISO97962 
SHA384andMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with SHA384 and MGF1)

RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using SHA384 as hash and MGF1 as mask generation algorithm  SHA384andMGF1/RSAISO9796223, SHA384withRSAandMGF1/ISO97962, SHA384withRSAandMGF1/ISO97962 
SHA512andMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with SHA512 and MGF1)

RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using SHA512 as hash and MGF1 as mask generation algorithm  SHA512andMGF1/RSAISO9796223, SHA512withRSAandMGF1/ISO97962, SHA512withRSAandMGF1/ISO97962 
RIPEMD128andMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with RIPEMD128 and
MGF1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using RIPEMD128 as hash and MGF1 as mask generation algorithm  RIPEMD128andMGF1/RSAISO9796223, RIPEMD128withRSAandMGF1/ISO97962, RIPEMD128withRSAandMGF1/ISO97962 
RIPEMD160andMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with RIPEMD160 and
MGF1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using RIPEMD160 as hash and MGF1 as mask generation algorithm  RIPEMD160andMGF1/RSAISO9796223, RIPEMD160withRSAandMGF1/ISO97962, RIPEMD160withRSAandMGF1/ISO97962, 1.3.36.3.4.2.2.2, 1.3.36.3.4.2.3.2 
WHIRLPOOLandMGF1/RSAISO9796223 (RSA ISO97962 S2, S3 with SHA512 and
MGF1) 
RSA based ISO 97962 (2002) signature algorithm (scheme S2, S3) with message recovery using WHIRLPOOL as hash and MGF1 as mask generation algorithm  WHIRLPOOLandMGF1/RSAISO9796223, WHIRLPOOLwithRSAandMGF1/ISO97962, WHIRLPOOLwithRSAandMGF1/ISO97962 
Key Pair Generators
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
RSA (RSA key
pair generator) 
Key pair generation method for the RSA signature scheme as described in PKCS#1. The RSA modulus is generated according to IEEE P1363.   
RSAFIPS1863 (RSA key pair generator) 
Key pair generation method for the RSA signature scheme as described in PKCS#1. The RSA modulus is generated according to FIPS 1863  RSAFIPS 
RSASSAPSS (RSAPSS key pair generator) 
Key pair generator for generating RSASSAPSS keys according to RFC 4055 to be used for the RSASSAPSS signature scheme as specified by PKCS#1v2.1. The RSA modulus is generated according to IEEE P1363.  RSAPSS, PSS, 1.2.840.113549.1.1.10 
RSASSAPSSFIPS1863 (RSAPSS key pair generator) 
Key pair generator for generating RSASSAPSS keys according to RFC 4055 to be used for the RSASSAPSS signature scheme as specified by PKCS#1v2.1. The RSA modulus is generated according to FIPS 1863  RSAPSSFIPS1863, RSAPSSFIPS, PSSFIPS1863, PSSFIPS 
DSA (DSA key
pair generator) 
Key pair generation method for the DSA algorithm as described in FIPS PUB 1862  SHAwithDSA, SHA1withDSA, SHA1withDSA, SHA/DSA, SHA1/DSA, SHA1/DSA, 1.3.14.3.2.12, 1.2.840.10040.4.1 
SHA224withDSA (DSA key
pair generator) 
Key pair generation method for the DSA algorithm as described in FIPS PUB 1862  SHAwithDSA, SHA1withDSA, SHA/DSA, SHA1/DSA, SHA1/DSA, 1.3.14.3.2.12, 1.2.840.10040.4.1 
SHA224withDSA (DSA/SHA224 key pair generator) 
Key pair generation method for the DSA algorithm using SHA224 for parameter generation as specified in FIPS PUB 1863  SHA224/DSA, SHA224/DSA, SHA224withDSA, SHA224withDSA, 2.16.840.1.101.3.4.3.1 
SHA256withDSA (DSA/SHA256 key pair generator) 
Key pair generation method for the DSA algorithm using SHA256 for parameter generation as specified in FIPS PUB 1863  SHA256/DSA, SHA256/DSA, SHA256withDSA, SHA256withDSA, 2.16.840.1.101.3.4.3.2 
Key Factories
KeyFactory keyFac = KeyFactory.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
RSA (RSA key
factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for RSA encryption which is described in PKCS#1   
RSASSAPSS
(RSAPSS key facrory) 
Key factory for converting RSASSAPSS ( RFC 4055) keys into key specifications (and vice versa) to to be used for the RSASSAPSS signature scheme as specified by PKCS#1v2.1  RSAPSS, PSS, 1.2.840.113549.1.1.10 
DSA (DSA key
factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for the DSA algorithm which is described in FIPS PUB 1862  SHAwithDSA, SHA1withDSA, SHA1withDSA, SHA/DSA, SHA1/DSA, SHA1/DSA, 1.3.14.3.2.12, 1.2.840.10040.4.1, 1.3.14.3.2.13, 1.3.14.3.2.27, 1.2.840.10040.4.3, SHA224/DSA, SHA224/DSA, SHA224withDSA, SHA224withDSA, 2.16.840.1.101.3.4.3.1, SHA256/DSA, SHA256/DSA, SHA256withDSA, SHA256withDSA, 2.16.840.1.101.3.4.3.2 
Algorithm Parameter Generators
AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DSA (DSA
parameter generator) 
Generator for creating parameters (prime, subprime, base generator) to be used for DSA according to FIPS PUB 186.  SHAwithDSA, SHA1withDSA, SHA1withDSA, SHA/DSA, SHA1/DSA, SHA1/DSA, 1.3.14.3.2.12, 1.2.840.10040.4.1, 1.3.14.3.2.13, 1.3.14.3.2.27, 1.2.840.10040.4.3 
SHA224withDSA (DSA/SHA224 parameter generator) 
DSA parameter generator using SHA224 as hash algorithm as specified in FIPS PUB 1863  SHA224/DSA, SHA224/DSA, SHA224withDSA, SHA224withDSA, 2.16.840.1.101.3.4.3.1 
SHA256withDSA (DSA/SHA256 parameter generator) 
DSA parameter generator using SHA256 as hash algorithm as specified in FIPS PUB 1863  SHA256/DSA, SHA256/DSA, SHA256withDSA, SHA256withDSA, 2.16.840.1.101.3.4.3.2 
Algorithm Parameters
AlgorithmParameters params = AlgorithmParameters.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DSA (DSA
parameters) 
Algorithm parameters (p, q, g) representation for the Digital Signature Algorithm (DSA)  SHAwithDSA, SHA1withDSA, SHA1withDSA, SHA/DSA, SHA1/DSA, SHA1/DSA, 1.3.14.3.2.12, 1.2.840.10040.4.1, 1.3.14.3.2.13, 1.3.14.3.2.27, 1.2.840.10040.4.3, SHA224/DSA, SHA224/DSA, SHA224withDSA, SHA224withDSA, 2.16.840.1.101.3.4.3.1, SHA256/DSA, SHA256/DSA, SHA256withDSA, SHA256withDSA, 2.16.840.1.101.3.4.3.2 
RawRSASSAPKCS1v1_5 (RSA PKCS1v1.5 signature algorithm parameters) 
Algorithm parameters for the RSASSAPKCS1v1_5 signature
scheme (see PKCS#1; only may be used to specify the hash algorithm
when using a raw RSA PKCS1v1.5 signature engine 
RSASSAPKCS1v1_5, RSAPkcs15, RawRSAPkcs15, NONEwithRSAPkcs15, NONEwithRSASSAPKCS1v1_5 
RSASSAPSS (RSA
PSS parameters) 
Algorithm parameters for the RSA PKCS#1v2.1 PSS signature scheme  RSAPSS, RSAPss, PSS, 1.2.840.113549.1.1.10 
ISO97962RM
(ISO 97962 recovered message) 
Algorithm parameters to may be get from an ISO 97962
Signature engine for retrieving
the recovered part of the messafe 
 
MGF1 (MGF1
parameters) 
Algorithm parameters for the RSA PKCS#1v2.1 MGF1 mask generation function as used by the PSS signature and OAEP encryption scheme  mgf1, 1.2.840.113549.1.1.8 
Key Stores
KeyStore keyStore = KeyStore.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
IAIKKeyStore
(IAIK key store) 
The IAIKKeyStore uses the password based key derivation function 2 from the PKCS#5 v2.0 PasswordBased Cryptography Standard  KeyStore 
PKCS12 (PKCS#12
key store) 
The PKCS12 keystore uses the PKCS#12 (Personal Information Exchange Syntax) standard format to read and store keys and certificates. This allows key exchange with various other products like Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook, Firefox, Thunderbird and many more.  PKCS#12 
Certificate Factories
X509Certificate x509Certificate = CertificateFactory.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
X.509 (X.509
certificate factory) 
Certifcate factory for generating X.509 certificates and CRLs (as specified in the RFC 3280) from their encodings   
Qualified (Qualified certificate factory) 
Certifcate factory for generating qualified certificates from their encodings according to the PKIX Qualified Certificate Profile   
X.509 AC (Attribute certificate factory) 
Certifcate factory for generating attribute certificates and attribute certificate revocation lists from their encodings according to the PKIX Attribute Certificate Profile for Authorization  X.509AC, X509 AC, X509AC, X509_AC, AC 
Mask Generation Functions
MaskGenerationAlgorithm mga = MaskGenerationAlgorithm.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
MGF1 
(PKCS#1v2.1) mask generation function MGF1 as used by the PSS signature and OAEP encryption scheme.  mgf1, 1.2.840.113549.1.1.8 
Secure Random Generators
SecureRandom random = SecureRandom.getInstance(<Standard Name>  <Alias>, "IAIK");or SecureRandom random = new <Class Name>(); 

Standard Name  Class Name  Specification   
SHA1PRNG 
A SHA1 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.   
MD5Random
(not available via SecureRandom.getInstance() ) 
A MD5 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.   
RipeMd128Random
(not available via SecureRandom.getInstance() ) 
A RIPEMD128 hashbased secure random   
RipeMD160PRNG

A RIPEMD160 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.  RIPEMD160PRNG 
SHA256PRNG 
A SHA256 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.   
SHA384PRNG 
A SHA384 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.   
SHA512PRNG 
A SHA512 hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.   
WhirlpoolPRNG

A WHIRLPOOL hashbased secure random according to example E.5 of the AIS 20 (v2.0) document for Common Criteria from BSI.  WHIRLPOOLPRNG 
SHA1PRNGFIPS186 
A SHA1 hashbased secure random according to the general purpose version of the FIPS 1862 random generator.  SHA1PRNGFIPS 
RipeMd160PRNGFIPS186 
A RIPEMD160 hashbased secure random according to the general purpose version of the FIPS 1862 random generator.  RipeMd160PRNGFIPS 
SHA256PRNGFIPS186 
A SHA256 hashbased secure random according to the general purpose version of the FIPS 1862 random generator.  SHA256PRNGFIPS 
SHA384PRNGFIPS186 
A SHA384 hashbased secure random according to the general purpose version of the FIPS 1862 random generator.  SHA384PRNGFIPS 
SHA512PRNGFIPS186 
A SHA512 hashbased secure random according to the general purpose version of the FIPS 1862 random generator.  SHA512PRNGFIPS 
SHA1PRNGSP80090 
A SHA1 hashbased secure random according to NIST SP80090   
SHA224PRNGSP80090 
A SHA224 hashbased secure random according to NIST SP80090   
SHA256PRNGSP80090 
A SHA256 hashbased secure random according to SHA256PRNGSP80090   
SHA384PRNGSP80090 
A SHA384 hashbased secure random according to NIST SP80090   
SHA512PRNGSP80090 
A SHA512 hashbased secure random according to NIST SP80090   
HMacSHA1PRNGSP80090 
A HMac/SHA1 hashbased secure random according to NIST SP80090   
HMacSHA224PRNGSP80090 
A HMac/SHA224 hashbased secure random according to NIST SP80090   
HMacSHA256PRNGSP80090 
A HMac/SHA256 hashbased secure random according to NIST SP80090   
HMacSHA384PRNGNISTSP80090 
A HMac/SHA384 hashbased secure random according to NIST SP80090  HMacSHA384PRNGSP80090 
HMacSHA512PRNGSP80090 
A HMac/SHA512 hashbased secure random according to NIST SP80090   
AES128PRNGSP80090 
An AES128 hashbased secure random according to NIST SP80090   
AES192PRNGSP80090 
An AES192 hashbased secure random according to NIST SP80090   
AES256PRNGSP80090 
An AES256 hashbased secure random according to NIST SP80090   
DESedePRNG 
A triple DES based secure random according to ANSI X9.17.  3DESPRNG, TripleDESPRNG 
. It supports 128, 192 and 256 bit keys. . It supports twokey Triple DES (112 bit) and threekey Triple DES (168 bit). . It supports 128, 192 and 256 bit keys. . . . . . . *
JCE implementations  

Ciphers^{1}
Cipher cipher = Cipher.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
AES (Advanced
Encryption Standard AES) 
Block cipher with variable block length (this implementation uses 128 bit) and key length, designed by Joan Daemen and Vincent Rijmen, see http://www.nist.gov/aes/.  AES, AES128, AES128, AES_128, AES192, AES192, AES_192, AES256, AES256, AES_256, Rijndael 
Blowfish (Blowfish) 
64bit block cipher with variable length keys (up to 448 bits); developed by Bruce Schneier   
Camellia (Camellia) 
128 bit block cipher with 128, 192 and 256bit key sizes, developed by Nippon Telegraph and Telephone Corporation and Mitsubishi Electric Corporation, see http://www.ietf.org/rfc/rfc3713.txt.  Camellia128, Camellia128, Camellia_128, Camellia192, Camellia192, Camellia_192, Camellia256, Camellia256, Camellia_256 
CAST128 (Carlisle
Adams and Stafford Tavares) 
64 bit Feistel type block cipher with a key length of 40128 bits  CAST, CAST5 
ChaCha20 
256bitkeysize stream cipher, specified by RFC 7539.   
ChaCha20Poly1305 
AEAD algorithm, specified by RFC 8439 Based on the ChaCha20 stream cipher and Poly1305 message authentication algorithm.  ChaCha20Poly1305, 1.2.840.113549.1.9.16.3.18 
DES (Data Encryption
Standard) 
Symmetric 64bit block encryption algorithm as defined by NIST in FIPS PUB 461 and FIPS PUB 462   
DESede (Triple DES)

A variant of the Data Encryption Standard (DES) using an encryptingdecryptingencrypting (EDE) scheme based on two or three keys  3DES 
ElGamal 
Public key encryption algorithm scheme over prime fields  ElGamal/ECB/PKCS1Padding, 1.3.14.7.2.1.1 
GOST (Gosudarstvennyi
Standard) 
Russian 64 bit Feistel based block cipher with a key length of 256 bits; described in the goverment standard GOST 2814789   
IDEA (International Data
Encryption Algorithm) 
Symmetric 64bit block encryption algorithm, patented by MediaCrypt; key length: 128 bits   
MARS (AES candidate) 
128 bit block cipher with a total of 32 rounds and accepts keys from 128 to 448 bits, specified by IBM in their paper MARS  a candidate cipher for AES available at http://www.research.ibm.com/security/mars.html.   
RC2 (Ron's Code 2;
Rivest Cipher 2) 
Variablekeysize 64Bit block cipher; developed by Ron Rivest for RSA Data Security, Inc.; described in RFC2268   
ARCFOUR 
Variablekeysize stream cipher, specified by the IETF draft "A Stream Cipher Encryption Algorithm 'Arcfour'" (draftkaukonencipherarcfour03.txt). It is believed to be compatible with RC4[TM] (described for example in Bruce Schneier's Applied Cryptography), a proprietary cipher of RSA Security Inc..  RC4 
RC5 (Ron's Code 5;
Rivest Cipher 5) 
Variablekeysize 64Bit block cipher with variable number of rounds; developed by Ron Rivest for RSA Data Security, Inc. The RC5 [TM] algorithm is patented, for licensing conditions contact RSA DSI.   
RC6 (AES candidate) 
128 bit block cipher with 20 rounds aimed at the keysizes of 128, 192, and 256 bits, specified by Ronald L. Rivest, M.J.B. Robshaw, R. Sidney, and Y.L. Yin in their paper The RC6 [TM] Block Cipher available from the AES Web site at http://www.nist.gov/aes/.   
Rijndael (Advanced
Encryption Standard AES) 
Block cipher with variable block length (this implementation uses 128 bit) and key length, designed by Joan Daemen and Vincent Rijmen, see http://www.nist.gov/aes/.  AES, AES128, AES128, AES_128, AES192, AES192, AES_192, AES256, AES256, AES_256 
Rijndael256
(Rijndael 256) 
Rijndael cipher implementation for block size of 256 bit   
RSA (Rivest Shamir
Adleman) 
Public key encryption algorithm, developed by Ron Rivest, Adi Shamir and Leonard Adleman; described in PKCS#1. See note about blinding.  RSA/ECB/PKCS1Padding 
Serpent (AES
candidate) 
128 bit block cipher with variable key length, designed R. Anderson, E. Biham, L. Knudsen, see http://www.nist.gov/aes/.   
Twofish (AES
candidate) 
128bit Feisteltype block cipher that accepts a variablelength key up to 256 bits, developed by B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall and N. Ferguson, see http://www.nist.gov/aes/.   
PbeWithMD5AndDES_CBC (password based "MD5 with DESCBC" algorithm) 
Password based keyencryption algorithm for encrypting a given message with the DES algorithm in CBC mode using a secret key which is derived from a password with the MD5 messagedigest algorithm; specified in PKCS#5  PBEWithMD5AndDES, 1.2.840.113549.1.5.3 
PbeWithSHAAnd3_KeyTripleDES_CBC (password based "SHA with TripleDESCBC"
algorithm) 
Password based keyencryption algorithm for encrypting a given message (octet string) with the TripleDES algorithm in CBC mode using a secret key which is derived from a password with the SHA hash algorithm as described in "http://www.rsa.com/rsalabs/pkcs/" target="_blank">PKCS#12  PBEWithSHA1And3_KeyTripleDES_CBC, PBEWithSHA1AndDESede, 1.2.840.113549.1.12.1.3 
PbeWithSHAAnd40BitRC2_CBC (password based "SHA with 40BitRC2CBC" algorithm)

Password based keyencryption algorithm for encrypting a given message with the RC2 algorithm in CBC mode using a 40Bit secret key which is derived from a password with the SHA hash algorithm as described in PKCS#12  PBEWithSHA1AndRC2_40, 1.2.840.113549.1.12.1.6 
AESWrapAES (AES
Key Wrap) 
AES key wrap algorithm as specified by RFC 3394 for wrapping AES content encryption keys with AES key encryption keys  AESWRAP, AES128WRAP, AES128WrapAES128, AESWrap_128, 2.16.840.1.101.3.4.1.5, AES192WRAP, AES192WrapAES192, AESWrap_192 2.16.840.1.101.3.4.1.25, AES256WRAP, AES256WrapAES256, AESWrap_256, 2.16.840.1.101.3.4.1.45 
AESWrapWithPadding (AES
Key Wrap with Padding) 
AES key wrap with padding algorithm as specified by RFC 5649 for wrapping keys of any size with AES key encryption keys  AESWrapWithPadding, AES128WrapWithPadding, AESRFC5649Wrap, AES128RFC5649Wrap, AESRFC5649Wrap_128, 2.16.840.1.101.3.4.1.8, AES192WRAPWithPadding, AES192RFC5649Wrap, AESRFC5649Wrap_192, 2.16.840.1.101.3.4.1.28, AES256WRAPWithPadding, AES256RFC5649Wrap, AESRFC5649Wrap_256, 2.16.840.1.101.3.4.1.48 
CamelliaWrapCamellia (Camellia Key Wrap) 
Camellia key wrap algorithm as specified by RFC 3657 for wrapping Camellia content encryption keys with Camellia key encryption keys  CamelliaWRAP, Camellia128WRAP, Camellia128WrapCamellia128, CamelliaWrap_128, 1.2.392.200011.61.1.1.3.2, Camellia192WRAP, Camellia192WrapCamellia192, CamelliaWrap_192, 1.2.392.200011.61.1.1.3.3, Camellia256WRAP, Camellia256WrapCamellia256, CamelliaWrap_256, 1.2.392.200011.61.1.1.3.4 
PBES2 (Password Based Encryption Scheme 2) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 (using AES128CBC as cipher algorithm and hMACSHA1 as PRF by default)  1.2.840.113549.1.5.13 
PBES2WithHmacSHA1AndAES (PBES2 with hMACSHA1 and AES128CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES128CBC as cipher algorithm and hMACSHA1 as PRF  PBES2WithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES, PBEWithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES_128 
PBES2WithHmacSHA1AndAES256 (PBES2 with hMACSHA1 and AES256CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES256CBC as cipher algorithm and hMACSHA256 as PRF  PBES2WithHmacSHA1AndAES256, PBEWithHmacSHA1AndAES256, PBEWithHmacSHA1AndAES256, PBEWithHmacSHA1AndAES_256 
PBES2WithHmacSHA224AndAES (PBES2 with hMACSHA224 and AES128CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES128CBC as cipher algorithm and hMACSHA224 as PRF  PBES2WithHmacSHA224AndAES128, PBEWithHmacSHA224AndAES, PBEWithHmacSHA224AndAES128, PBEWithHmacSHA224AndAES_128 
PBES2WithHmacSHA224AndAES256 (PBES2 with hMACSHA224 and AES256CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES256CBC as cipher algorithm and hMACSHA256 as PRF  PBES2WithHmacSHA224AndAES256, PBEWithHmacSHA224AndAES256, PBEWithHmacSHA224AndAES256, PBEWithHmacSHA224AndAES_256 
PBES2WithHmacSHA256AndAES (PBES2 with hMACSHA256 and AES128CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES128CBC as cipher algorithm and hMACSHA256 as PRF  PBES2WithHmacSHA256AndAES128, PBES2WithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES, PBEWithHmacSHA256AndAES128, PBES2WithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_128 
PBES2WithHmacSHA256AndAES256 (PBES2 with hMACSHA256 and AES256CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES256CBC as cipher algorithm and hMACSHA256 as PRF  PBES2WithHmacSHA256AndAES_256, PBEWithHmacSHA256AndAES256, PBEWithHmacSHA256AndAES_256 
PBES2WithHmacSHA384AndAES (PBES2 with hMACSHA384 and AES128CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES128CBC as cipher algorithm and hMACSHA384 as PRF  PBES2WithHmacSHA384AndAES128, PBES2WithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES, PBEWithHmacSHA384AndAES128, PBES2WithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_128 
PBES2WithHmacSHA384AndAES192 (PBES2 with hMACSHA384 and AES192CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES192CBC as cipher algorithm and hMACSHA384 as PRF  PBES2WithHmacSHA384AndAES_192, PBEWithHmacSHA384AndAES192, PBEWithHmacSHA384AndAES_192 
PBES2WithHmacSHA384AndAES256 (PBES2 with hMACSHA384 and AES256CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES256CBC as cipher algorithm and hMACSHA384 as PRF  PBES2WithHmacSHA384AndAES_256, PBEWithHmacSHA384AndAES256, PBEWithHmacSHA384AndAES_256 
PBES2WithHmacSHA512AndAES256 (PBES2 with hMACSHA512 and AES256CBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using AES256CBC as cipher algorithm and hMACSHA512 as PRF  PBES2WithHmacSHA512AndAES_256, PBEWithHmacSHA512AndAES256, PBEWithHmacSHA512AndAES_256 
PBES2WithHmacSHA1AndDESede (PBES2 with hMACSHA1 and DESedeCBC) 
Password based keyencryption algorithm for encrypting a given message with the PBES2 password scheme according to PKCS#5v2.1 using DESedeCBC as cipher algorithm and hMACSHA1 as PRF  PBEWithHmacSHA1AndDESede, PBES2WithHmacSHA1AndTripleDES, PBEWithHmacSHA1AndTripleDES 
AESWrapAES (AES
Key Wrap) 
AES key wrap algorithm as specified by RFC 3394 for wrapping AES content encryption keys with AES key encryption keys  AESWRAP, AES128WRAP, AES128WrapAES128, AESWrap_128, 2.16.840.1.101.3.4.1.5, AES192WRAP, AES192WrapAES192, AESWrap_192, 2.16.840.1.101.3.4.1.25, AES256WRAP, AES256WrapAES256, AESWrap_256, 2.16.840.1.101.3.4.1.45 
CamelliaWrapCamellia (Camellia Key Wrap) 
Camellia key wrap algorithm as specified by RFC 3657 for wrapping Camellia content encryption keys with Camellia key encryption keys  CamelliaWRAP, Camellia128WRAP, Camellia128WrapCamellia128, CamelliaWrap_128, 1.2.392.200011.61.1.1.3.2, Camellia192WRAP, Camellia192WrapCamellia192, CamelliaWrap_192, 1.2.392.200011.61.1.1.3.3, Camellia256WRAP, Camellia256WrapCamellia256, CamelliaWrap_256, 1.2.392.200011.61.1.1.3.4 
CAST128WrapCAST128 (CAST128 Key Wrap) 
CAST128 key wrap algorithm as used by CMS for wrapping CAST128 content encryption keys with CAST128 key encryption keys  CAST5WrapCAST5, CASTWrapCAST, CASTWRAP, CAST128WRAP, CAST5WRAP, CAST128Wrap, CAST5Wrap, 1.2.840.113533.7.66.15 
DESedeWrapDESede (TripleDES Key Wrap) 
TripleDES key wrap algorithm as used by CMS for wrapping TripleDES content encryption keys with TripleDES key encryption keys  3DESWrap3DES, TripleDESWrapTripleDES, DESEDEWRAP, 1.2.840.113549.1.9.16.3.6 
IDEAWrapIDEA
(IDEA Key Wrap) 
IDEA key wrap algorithm as used by CMS for wrapping IDEA content encryption keys with IDEA key encryption keys  IdeaWrapIdea, IDEAWRAP, IDEAWrap, 1.3.6.1.4.1.188.7.1.1.6 
RC2WrapRC2 (RC2
Key Wrap) 
RC2 key wrap algorithm as used by CMS for wrapping RC2 content encryption keys with RC2 key encryption keys  RC2WRAP, RC2Wrap, 1.2.840.113549.1.9.16.3.7 
3DESwrapHMAC
(3DES based HMAC Key Wrap) 
Key wrap algorithm as used by CMS for wrapping a HMAC key with a 3DES key encryption key according to RFC 3537  HMACwith3DESwrap, HMACwithTripleDESwrap, HMACwithDESedewrap, 1.2.840.113549.1.9.16.3.11 
AESwrapHMAC
(AES based HMAC Key Wrap) 
Key wrap algorithm as used by CMS for wrapping a HMAC key with an AES key encryption key according to RFC 3537  HMACwithAESwrap, 1.2.840.113549.1.9.16.3.12 
AESCBCCMac128
(AESCBCCMAC128) 
AESCBCCMAC authenticated encryption algorithm for 128 bit AES keys as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac128, AESCMac128, AESCMac_128, AESCBCCMac128, AESCBCCMac_128, AESCMAC128, AESCBCCMAC128, 0.4.0.127.0.7.1.3.1.1.2 
AESCBCCMac192
(AESCBCCMAC192) 
AESCBCCMAC authenticated encryption algorithm for 192 bit AES keys as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac192, AESCMac192, AESCMac_192, AESCBCCMac192, AESCBCCMac_192, AESCMAC192, AESCBCCMAC192, 0.4.0.127.0.7.1.3.1.1.3 
AESCBCCMac256
(AESCBCCMAC256) 
AESCBCCMAC authenticated encryption algorithm for 256 bit AES keys as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac256, AESCMac256, AESCMac_256, AESCBCCMac256, AESCBCCMac_256, AESCMAC256, AESCBCCMAC256, 0.4.0.127.0.7.1.3.1.1.4 
Key Exchange Algorithms
KeyAgreement keyAgr = KeyAgreement.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DH (Diffie Hellman
Key Agreement) 
DH key exchange protocol as described in PKCS#3  DiffieHellman, DiffieHellman, 1.2.840.113549.1.3.1 
ESDH (Ephemeral
Static Diffie Hellman Key Agreement) 
ESDH key exchange based algorithm for generating shared key materialas as described in RFC 2631  ESDiffieHellman, 1.2.840.113549.1.9.16.3.5 
Message Authentiaction Codes
MAC mac = MAC.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
HMAC/MD5 (HMAC with MD5)

KeyedHashing for Message Authentication as described in RFC 2104 using MD5 as message digest algorithm  HmacMD5, 1.3.6.1.5.5.8.1.1 
HMAC/SHA1 (HMAC with SHA1)

KeyedHashing for Message Authentication as described in RFC 2104 using SHA1 as message digest algorithm  HmacSHA1, HMAC/SHA1, HMAC/SHA, 1.3.6.1.5.5.8.1.2, 1.2.840.113549.2.7 
HMAC/SHA224 (HMAC
with SHA224) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA224 as message digest algorithm  HmacSHA224, HMAC/SHA224, 1.2.840.113549.2.8 
HMAC/SHA256 (HMAC
with SHA256) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA256 as message digest algorithm  HmacSHA256, HMAC/SHA256, 1.2.840.113549.2.9 
HMAC/SHA384 (HMAC
with SHA384) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA384 as message digest algorithm  HmacSHA384, HMAC/SHA384, 1.2.840.113549.2.10 
HMAC/SHA512 (HMAC
with SHA512) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA512 as message digest algorithm  HmacSHA512, HMAC/SHA512, 1.2.840.113549.2.11 
HMAC/SHA512224 (HMAC
with SHA512/224) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA512/224 as message digest algorithm  HmacSHA512/224, HMAC/SHA512224 
HMAC/SHA512256 (HMAC
with SHA512/256) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA512/256 as message digest algorithm  HmacSHA512/256, HMAC/SHA512256 
HMAC/SHA3224 (HMAC
with SHA3224) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA3224 as message digest algorithm  HmacSHA3224, HMAC/SHA3224, 2.16.840.1.101.3.4.2.13 
HMAC/SHA3256 (HMAC
with SHA3256) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA3256 as message digest algorithm  HmacSHA3256, HMAC/SHA3256, 2.16.840.1.101.3.4.2.14 
HMAC/SHA3384 (HMAC
with SHA3384) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA3384 as message digest algorithm  HmacSHA3384, HMAC/SHA3384, 2.16.840.1.101.3.4.2.15 
HMAC/SHA3512 (HMAC
with SHA3512) 
KeyedHashing for Message Authentication as described in RFC 2104 using SHA3512 as message digest algorithm  HmacSHA3512, HMAC/SHA3512, 2.16.840.1.101.3.4.2.16 
HMAC/RIPEMD128
(HMAC with RipeMd128) 
KeyedHashing for Message Authentication as described in RFC 2104 using RipeMd128 as message digest algorithm  HmacRipeMd128, HMAC/RIPEMD128, HMAC/RipeMd128 
HMAC/RIPEMD160
(HMAC with RipeMd160) 
KeyedHashing for Message Authentication as described in RFC 2104 using RipeMd160 as message digest algorithm  HmacRipeMd160, HMAC/RIPEMD160, 1.3.6.1.5.5.8.1.4, HMAC/RipeMd160 
HMAC/WHIRLPOOL
(HMAC with WHIRLPOOL) 
KeyedHashing for Message Authentication as described in RFC 2104 using WHIRLPOOL as message digest algorithm  HmacWHIRLPOOL, HmacWhirlpool 
HMAC/GOST3411
(HMAC with GOST3411) 
KeyedHashing for Message Authentication as described in RFC 2104 using GOST3411 as message digest algorithm  HmacGOST, 1.2.643.2.2.10 
CmacAES (CMAC with AES) 
Message Authentication as described in NISP SP 80038B. using AES as block cipher algorithm  CMAC/AES 
CmacDESede (CMAC with
Triple DES) 
Message Authentication as described in NISP SP 80038B. using Triple DES (TDEA) as block cipher algorithm  CMAC/DESede 
CBCMAC/AES 
CBC Message Authentication as described in ISO/IEC 97971. algorithm  CBCmacAES 
CBCMAC/DESede 
CBC Message Authentication as described in ISO/IEC 97971. algorithm  CBCmacDESede 
CBCMAC/DES 
CBC Message Authentication as described in ISO/IEC 97971. algorithm  CBCmacDES 
Poly1305 
Message authentication algorithm, specified by RFC 8439   
Key Pair Generators
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DH (Diffie
Hellman key pair generator) 
Key pair generation method for Diffie Hellman key exchange as described in PKCS#3  DiffieHellman, DiffieHellman, 1.2.840.113549.1.3.1 
ElGamal (ElGamal pair generator) 
Key pair generation method for ElGamal public key encryption scheme over prime fields  1.3.14.7.2.1.1 
ESDH (ESDH
Key Pair Generator) 
Key pair generator for Ephemeral Static Diffie Hellman key exchange as described in RFC 2631  ESDiffieHellman 
RSA (RSA key
pair generator) 
Key pair generation method for the RSA encryption scheme as described in PKCS#1. The RSA modulus is generated according to IEEE P1363.   
RSAFIPS1863 (RSA key pair generator) 
Key pair generation method for the RSA encryption scheme as described in PKCS#1. The RSA modulus is generated according to FIPS 1863  RSAFIPS 
RSAESOAEP (RSAOAEP key pair generator) 
Key pair generator for generating RSAESOAEP keys according to RFC 4055 to be used for the RSAESOAEP encryption method as specified by PKCS#1v2.1  RSAOAEP, OAEP, 1.2.840.113549.1.1.7 
RSAESOAEPFIPS1863 (RSAOAEP key pair generator) 
Key pair generator for generating RSAESOAEP keys according to RFC 4055 to be used for the RSAESOAEP encryption method as specified by PKCS#1v2.1. The RSA modulus is generated according to FIPS 1863  RSAOAEPFIPS1863, RSAOAEPFIPS, OAEPFIPS, OAEPFIPS1863 
Key Factories
KeyFactory keyFac = KeyFactory.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DH (Diffie Hellman
key factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for Diffie Hellman key exchange which is described in PKCS#3  DiffieHellman, DiffieHellman, 1.2.840.113549.1.3.1 
ElGamal (ElGamal
key factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for ElGamal encryption scheme over prime fields>  1.3.14.7.2.1.1 
ESDH (Ephemeral
Static Diffie Hellman key factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for Ephemeral Static Diffie Hellman key exchange which is described in RFC 2631  ESDiffieHellman, 1.2.840.10046.2.1 
RSA (RSA key
factory) 
Key factory for converting keys into key specifications (and vice versa) to be used for RSA encryption which is described in PKCS#1   
RSAESOAEP
(RSAOAEP key factory) 
Key factory for converting RSAESOAEP ( RFC 4055) keys into key specifications (and vice versa) to be used for the RSAESOAEP encryption method as specified by PKCS#1v2.1  RSAOAEP, OAEP, 1.2.840.113549.1.1.7 
Key Generators
keyGen = KeyGenerator.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
AES (AES key
generator) 
Key generation method for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES128, AES128, AES_128, 2.16.840.1.101.3.4.1.2 
AES192
(AES192 key generator) 
Key generation method for creating 192bit keys for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES192, AES192, AES_192, 2.16.840.1.101.3.4.1.22 
AES256
(AES256 key generator) 
Key generation method for creating 256bit keys for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES256, AES256, AES_256, 2.16.840.1.101.3.4.1.42 
Blowfish
(Blowfish key generator) 
Key generation method for the Blowfish 64bit block cipher; developed by Bruce Schneier   
Camellia
(Camellia key generator) 
Key generation method for the Camellia block cipher.  Camellia128, Camellia128, Camellia_128, 1.2.392.200011.61.1.1.1.2 
Camellia192 (Camellia192 key generator) 
Key generation method for creating 192bit keys for the Camellia block cipher.  Camellia192, Camellia192, Camellia_192, 1.2.392.200011.61.1.1.1.3 
Camellia256 (Camellia256 key generator) 
Key generation method for creating 256bit keys for the Camellia block cipher.  Camellia256, Camellia256, Camellia_256, 1.2.392.200011.61.1.1.1.4 
ChaCha20 
Key generation method for the ChaCha20 stream cipher as specified by RFC 7539  ChaCha20Poly1305, ChaCha20Poly1305, 1.2.840.113549.1.9.16.3.18 
CAST128
(CAST128 key generator) 
Key generation method for the CAST128 64 bit Feistel type block cipher  CAST, CAST5 
DES (DES key
generator) 
Key generation method for the DES cipher which is defined by NIST in FIPS PUB 461 and FIPS PUB 462   
DESede
(Triple DES key generator) 
Key generation method for the TripleDES cipher  3DES 
GOST (GOST
key generator) 
Key generation method for the GOST 64bit block cipher.   
IDEA (IDEA
key generator) 
Key generation method for the IDEA cipher which is patented by MediaCrypt   
MARS (MARS
key generator) 
Key generation method for the MARS AES candidate block cipher.   
RC2 (RC2 key
generator) 
Key generation method for the RC2 cipher which has been developed by Ron Rivest for RSA Data Security, Inc.   
ARCFOUR
(ARCFOUR key generator) 
Key generation method for the ARCFOUR stream cipher.  RC4 
RC5 (RC5 key
generator) 
Key generation method for the RC5 block cipher.   
RC6 (RC6 key
generator) 
Key generation method for the RC6 AES candidate block cipher.   
Rijndael
(Rijndael key generator) 
Key generation method for the Rijndael AES block cipher.   
Rijndael256 (Rijndael key generator) 
Key generation method for the Rijndael block cipher with block size of 256 bits.   
Serpent
(Serpent key generator) 
Key generation method for the Serpent AES candidate block cipher.   
Twofish
(Twofish key generator) 
Key generation method for the Twofish AES candidate block cipher.   
PBKDF2 (password based key
derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA1 as PRF by default  1.2.840.113549.1.5.12 
PBKDF2WithHmacSHA1
(password based key derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA1 as PRF  
PBKDF2WithHmacSHA224
(password based key derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA224 as PRF  
PBKDF2WithHmacSHA256
(password based key derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA256 as PRF  
PBKDF2WithHmacSHA384
(password based key derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA384 as PRF  
PBKDF2WithHmacSHA512
(password based key derivation function 2) 
Key generation method for deriving secret keys from password, salt and an iteration count; specified by the PKCS#5 Version 2.1 PasswordBased Cryptography Standard) using hMACSHA512 as PRF  
PKCS#12
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA1 as hash function.  PKCS#12SHA1, PKCS#12SHA1 
PKCS#12SHA224
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA224 as hash function.  PKCS#12SHA224 
PKCS#12SHA256
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA256 as hash function.  PKCS#12SHA256 
PKCS#12SHA384
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA384 as hash function.  PKCS#12SHA384 
PKCS#12SHA512
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA512 as hash function.  PKCS#12SHA512 
PKCS#12SHA512/224
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA512/224 as hash function.  PKCS#12SHA512/224 
PKCS#12SHA512/256
(PKCS#12 key generator) 
Key generation method for deriving PKCS#12 secret keys from password, salt and iteration count, using SHA512/256 as hash function.  PKCS#12SHA512/256 
PKCS12IV (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA1 as hash function.  PKCS12IVSHA1, PKCS12IVSHA1 
PKCS12IVSHA224 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA224 as hash function.  PKCS12IVSHA224 
PKCS12IVSHA256 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA256 as hash function.  PKCS12IVSHA256/td> 
PKCS12IVSHA384 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA384 as hash function.  PKCS12IVSHA384/td> 
PKCS12IVSHA512 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA512 as hash function.  PKCS12IVSHA512/td> 
PKCS12IVSHA512/224 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA512/224 as hash function.  PKCS12IVSHA512/224/td> 
PKCS12IVSHA512/256 (PKCS#12 Iv
generator) 
Key generation method for deriving PKCS#12 initialization vectors from password, salt and iteration count, using SHA512/256 as hash function.  PKCS12IVSHA512/256/td> 
PKCS12MAC
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA1 as hash function.  PKCS12MACSHA1, PKCS12MACSHA1 
PKCS12MACSHA224
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA224 as hash function.  PKCS12MACSHA224 
PKCS12MACSHA256
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA256 as hash function.  PKCS12MACSHA256 
PKCS12MACSHA384
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA384 as hash function.  PKCS12MACSHA384 
PKCS12MACSHA512
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA512 as hash function.  PKCS12MACSHA512 
PKCS12MACSHA512/224
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA512/224 as hash function.  PKCS12MACSHA512/224 
PKCS12MACSHA512/256
(PKCS#12 MACKey generator) 
Key generation method for deriving PKCS#12 MACkeys from password, salt and an iteration count, using SHA512/256 as hash function.  PKCS12MACSHA512/256 
HMAC/MD5
(HMAC with MD5) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using MD5 as message digest algorithm  HmacMD5, 1.3.6.1.5.5.8.1.1 
HMAC/SHA1
(HMAC with SHA) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA1 as message digest algorithm  HmacSHA1, HMAC/SHA1, HMAC/SHA, 1.3.6.1.5.5.8.1.2, 1.2.840.113549.2.7 
HMAC/SHA224 (HMAC with SHA224) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA224 as message digest algorithm  HmacSHA224, HMAC/SHA224, 1.2.840.113549.2.8 
HMAC/SHA256 (HMAC with SHA256) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA256 as message digest algorithm  HmacSHA256, HMAC/SHA256, 1.2.840.113549.2.9 
HMAC/SHA384 (HMAC with SHA384) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA384 as message digest algorithm  HmacSHA384, HMAC/SHA384, 1.2.840.113549.2.10 
HMAC/SHA512 (HMAC with SHA512) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA512 as message digest algorithm  HmacSHA512, HMAC/SHA512, 1.2.840.113549.2.11 
HMAC/SHA512224 (HMAC
with SHA512/224) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA512/224 as message digest algorithm  HmacSHA512/224, HMAC/SHA512224 
HMAC/SHA512256 (HMAC
with SHA512/256) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA512/256 as message digest algorithm  HmacSHA512/256, HMAC/SHA512256 
HMAC/SHA3224 (HMAC
with SHA3224) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA3224 as message digest algorithm  HmacSHA3224, HMAC/SHA3224, 2.16.840.1.101.3.4.2.13 
HMAC/SHA3256 (HMAC
with SHA3256) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA3256 as message digest algorithm  HmacSHA3256, HMAC/SHA3256, 2.16.840.1.101.3.4.2.14 
HMAC/SHA3384 (HMAC
with SHA3384) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA3384 as message digest algorithm  HmacSHA3384, HMAC/SHA3384, 2.16.840.1.101.3.4.2.15 
HMAC/SHA3512 (HMAC
with SHA3512) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using SHA3512 as message digest algorithm  HmacSHA3512, HMAC/SHA3512, 2.16.840.1.101.3.4.2.16 
HMAC/RIPEMD128 (HMAC with RipeMd128) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using RipeMd128 as message digest algorithm  HmacRipeMd128, HMAC/RIPEMD128, HMAC/RipeMd128 
HMAC/RIPEMD160 (HMAC with RipeMd160) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using RipeMd160 as message digest algorithm  HmacRipeMd160, HMAC/RIPEMD160, 1.3.6.1.5.5.8.1.4, HMAC/RipeMd160 
HMAC/WHIRLPOOL (HMAC with WHIRLPOOL) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using WHIRLPOOL as message digest algorithm  HmacWHIRLPOOL, HmacWhirlpool 
HMAC/GOST3411 (HMAC with GOST3411) 
Key generator for the KeyedHashing for Message Authentication as described in RFC 2104 using GOST3411 as message digest algorithm  HmacGOST, 1.2.643.2.2.10 
AESWrapAES
(AES Key Wrap) 
Key generator for generating AES 128 bit key encryption keys for wrapping content encryption keys with 128 bit AES key encryption keys as specified by RFC 3394, or wrapping keys of arbitrary size as specified by RFC 5649  AESWRAP, AES128WRAP, AES128WrapAES128, AESWrap_128, 2.16.840.1.101.3.4.1.5, AESWrapWithPadding, AES128WrapWithPadding, AESRFC5649Wrap, AES128RFC5649Wrap, AESRFC5649Wrap_128, 2.16.840.1.101.3.4.1.8 
AES192WrapAES192 (AES Key Wrap) 
Key generator for generating AES 192 bit key encryption keys for wrapping content encryption keys with 192 bit AES key encryption keys as specified by RFC 3394, or wrapping keys of arbitrary size as specified by RFC 5649  AES192WRAP, AES192WrapAES192, AESWrap_192, 2.16.840.1.101.3.4.1.25, AES192WRAPWithPadding, AES192RFC5649Wrap, AESRFC5649Wrap_192, 2.16.840.1.101.3.4.1.28 
AES256WrapAES256 (AES Key Wrap) 
Key generator for generating AES 256 bit key encryption keys for wrapping content encryption keys with 256 bit AES key encryption keys as specified by RFC 3394, or wrapping keys of arbitrary size as specified by RFC 5649  AES256WRAP, AES256WrapAES256, AESWrap_256, 2.16.840.1.101.3.4.1.45, AES256WRAPWithPadding, AES256RFC5649Wrap, AESRFC5649Wrap_256, 2.16.840.1.101.3.4.1.48 
CamelliaWrapCamellia (Camellia Key Wrap) 
Key generator for generating Camellia 128 bit key encryption keys for wrapping content encryption keys with 128 bit Camellia key encryption keys as specified by RFC 3657  CamelliaWRAP, Camellia128WRAP, Camellia128WrapCamellia128, CamelliaWrap_128, 1.2.392.200011.61.1.1.3.2 
Camellia192WrapCamellia192 (Camellia Key Wrap) 
Key generator for generating Camellia 192 bit key encryption keys for wrapping content encryption keys with 192 bit Camellia key encryption keys as specified by RFC 3657  Camellia192WRAP, Camellia192WrapCamellia192, CamelliaWrap_192, 1.2.392.200011.61.1.1.3.2 
Camellia256WrapCamellia256 (Camellia Key Wrap) 
Key generator for generating Camellia 256 bit key encryption keys for wrapping content encryption keys with 256 bit Camellia key encryption keys as specified by RFC 3657  Camellia256WRAP, Camellia256WrapCamellia256, CamelliaWrap_256, 1.2.392.200011.61.1.1.3.2 
CAST128WrapCAST128 (CAST128 Key Wrap) 
Key generator for generating CAST128 key encryption keys as used by CMS for wrapping CAST128 content encryption keys with CAST128 key encryption keys  CAST5WrapCAST5, CASTWrapCAST, CASTWRAP, CAST128WRAP, CAST5WRAP, CAST128Wrap, CAST5Wrap, 1.2.840.113533.7.66.15 
DESedeWrapDESede (TripleDES Key Wrap) 
Key generator for generating 3DES key encryption keys as used by CMS for wrapping TripleDES content encryption keys with TripleDES key encryption keys  3DESWrap3DES, TripleDESWrapTripleDES, DESEDEWRAP, 1.2.840.113549.1.9.16.3.6 
IDEAWrapIDEA
(IDEA Key Wrap) 
Key generator for generating IDEA key encryption keys used by CMS for wrapping IDEA content encryption keys with IDEA key encryption keys  IdeaWrapIdea, IDEAWRAP, IDEAWrap, 1.3.6.1.4.1.188.7.1.1.6 
RC2WrapRC2
(RC2 Key Wrap) 
Key generator for generating RC2 key encryption keys as used by CMS for wrapping RC2 content encryption keys with RC2 key encryption keys  RC2WRAP, RC2Wrap, 1.2.840.113549.1.9.16.3.7 
3DESwrapHMAC (3DES based HMAC Key Wrap) 
Key generator for generating 3DES key encryption keys as used by CMS for wrapping a HMAC key with a 3DES key encryption keys  HMACwith3DESwrap, HMACwithTripleDESwrap, HMACwithDESedewrap, 1.2.840.113549.1.9.16.3.11 
AESwrapHMAC
(AES based HMAC Key Wrap) 
Key generator for generating AES key encryption keys as used by CMS for wrapping a HMAC key with an AES key encryption key according to RFC 3537  HMACwithAESwrap, 1.2.840.113549.1.9.16.3.12 
AESCBCCMac128
(AESCBCCMAC128) 
Key generator for generating (128*2)bit keys for the AESCBCCMAC128 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac128, AESCMac128, AESCMac_128, AESCBCCMac128, AESCBCCMac_128, AESCMAC128, AESCBCCMAC128, 0.4.0.127.0.7.1.3.1.1.2 
AESCBCCMac192
(AESCBCCMAC192) 
Key generator for generating (192*2)bit keys for the AESCBCCMAC192 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac192, AESCMac192, AESCMac_192, AESCBCCMac192, AESCBCCMac_192, AESCMAC192, AESCBCCMAC192, 0.4.0.127.0.7.1.3.1.1.3 
AESCBCCMac256
(AESCBCCMAC256) 
Key generator for generating (256*2)bit keys for the AESCBCCMAC256 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac256, AESCMac256, AESCMac_256, AESCBCCMac256, AESCBCCMac_256, AESCMAC256, AESCBCCMAC256, 0.4.0.127.0.7.1.3.1.1.4 
Poly1305 
Key generation method for the Poly1305 autheticator as specified by RFC 8439   
KDF1
Key Derivation Function KDF1 
Key Derivation Function (KDF) 1 as specified by ISO/IEC 180332 for deriving keying material of desired length from a shared secret and additional, optional information.  1.0.18033.2.5.1 
KDF2
Key Derivation Function KDF2 
Key Derivation Function (KDF) 2 as specified by ANS X9.44 for deriving keying material of desired length from a shared secret and additional, optional information.  1.3.133.16.840.9.44.1.1 
KDF3
Key Derivation Function KDF3 
Key Derivation Function (KDF) 3 as specified by ANS X9.44 for deriving keying material of desired length from a shared secret and additional, optional information.  1.3.133.16.840.9.44.1.2 
HKDFwithSHA1
HMACbased ExtractandExpand Key Derivation Function (HKDF) using SHA1 as hash function 
Key generation method for deriving cryptographically strong secret keys from some initial keying material; specified by RFC 5869  HKDFwithSHA1, HKDF/SHA1, HKDF/SHA1 
HKDFwithSHA224
HMACbased ExtractandExpand Key Derivation Function (HKDF) using SHA224 as hash function 
Key generation method for deriving cryptographically strong secret keys from some initial keying material; specified by RFC 5869  HKDFwithSHA224, HKDF/SHA224, HKDF/SHA224 
HKDFwithSHA256
HMACbased ExtractandExpand Key Derivation Function (HKDF) using SHA256 as hash function 
Key generation method for deriving cryptographically strong secret keys from some initial keying material; specified by RFC 5869  HKDFwithSHA256, HKDF/SHA256, HKDF/SHA256, 1.2.840.113549.1.9.16.3.28 
HKDFwithSHA384
HMACbased ExtractandExpand Key Derivation Function (HKDF) using SHA384 as hash function 
Key generation method for deriving cryptographically strong secret keys from some initial keying material; specified by RFC 5869  HKDFwithSHA384, HKDF/SHA384, HKDF/SHA384, 1.2.840.113549.1.9.16.3.29 
HKDFwithSHA512
HMACbased ExtractandExpand Key Derivation Function (HKDF) using SHA512 as hash function 
Key generation method for deriving cryptographically strong secret keys from some initial keying material; specified by RFC 5869  HKDFwithSHA512, HKDF/SHA512, HKDF/SHA512, 1.2.840.113549.1.9.16.3.30 
Secret Key Factories
SecretKeyFactory skf = SecretKeyFactory.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
AES (AES
Key Factory) 
Key Factory for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES128, AES128, AES_128, 2.16.840.1.101.3.4.1.2 
AES192
(AES192 Key Factory) 
Key Factory for creating 192bit keys for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES192, AES192, AES_192, 2.16.840.1.101.3.4.1.22 
AES256
(AES256 Key Factory) 
Key Factory for creating 256bit keys for the Advanced Encryption Standard (AES, Rijndael) block cipher.  AES256, AES256, AES_256, 2.16.840.1.101.3.4.1.42 
Blowfish
(Blowfish Key Factory) 
Secret Key Factory for the Blowfish block cipher   
Camellia
(Camellia Key Factory) 
Secret Key Factory for the Camellia block cipher with block size of 128 bits.  Camellia128, Camellia128, Camellia_128, 1.2.392.200011.61.1.1.1.2 
Camellia192
(Camellia192 Key Factory) 
Key Factory for creating 192bit keys for the Camellia block cipher.  Camellia192, Camellia192, Camellia_192, 1.2.392.200011.61.1.1.1.3 
Camellia256
(Camellia256 Key Factory) 
Key Factory for creating 256bit keys for the Camellia block cipher.  Camellia256, Camellia256, Camellia_256, 1.2.392.200011.61.1.1.1.4 
CAST128
(CAST128 Key Factory) 
Secret Key Factory for the CAST128 block cipher  CAST5, CAST 
ChaCha20 
Secret Key Factory for the ChaCha20 stream cipher as specified by RFC 7539  ChaCha20Poly1305, ChaCha20Poly1305, 1.2.840.113549.1.9.16.3.18 
DES (DES
Key Factory) 
Symmetric 64bit block encryption algorithm as defined by NIST in FIPS PUB 461 and FIPS PUB 462   
DESede
(DESede Key Factory) 
Secret Key Factory for the DESede (3DES) algorithm  3DES 
GOST (GOST
Key Factory) 
Secret Key Factory for the GOST block cipher   
IDEA (IDEA
Key Factory) 
Secret Key Factory for the IDEA block cipher   
MARS (MARS
Key Factory) 
Secret Key Factory for the MARS AES candidate block cipher   
RC2 (RC2
Key Factory) 
Secret Key Factory for the RC2 block cipher   
ARCFOUR
(ARCFOUR Key Factory) 
Secret Key Factory for the ARCFOUR stream cipher   
RC5 (RC5
Key Factory) 
Secret Key Factory for the RC5 block cipher   
RC6 (RC6
Key Factory) 
Secret Key Factory for the RC6 AES candidate block cipher   
Serpent
(Serpent Key Factory) 
Secret Key Factory for the Serpent AES candidate block cipher   
Rijndael
(Rijndael Key Factory) 
Key Factory for the Rijndael AES block cipher.   
Rijndael256 (Rijndael Key Factory) 
Secret Key Factory for the Rijndael block cipher with block size of 256 bits.  
Twofish
(Twofish Key Factory) 
Secret Key Factory for the Twofish AES candidate block cipher   
AESCBCCMac128
(AESCBCCMAC128) 
Secret Key Factory for the AESCBCCMAC128 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac128, AESCMac128, AESCMac_128, AESCBCCMac128, AESCBCCMac_128, AESCMAC128, AESCBCCMAC128, 0.4.0.127.0.7.1.3.1.1.2 
AESCBCCMac192
(AESCBCCMAC192) 
Secret Key Factory for the AESCBCCMAC192 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac192, AESCMac192, AESCMac_192, AESCBCCMac192, AESCBCCMac_192, AESCMAC192, AESCBCCMAC192, 0.4.0.127.0.7.1.3.1.1.3 
AESCBCCMac256
(AESCBCCMAC256) 
Secret Key Factory for the AESCBCCMAC256 authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  AESCMac, AESCBCCMac, AESCMac256, AESCMac256, AESCMac_256, AESCBCCMac256, AESCBCCMac_256, AESCMAC256, AESCBCCMAC256, 0.4.0.127.0.7.1.3.1.1.4 
Poly1305 
Secret Key Factory for the Poly1305 authenticator as specified by RFC 8439   
PBE (Password Based
Encryption Key Factory) 
Password Based Encryption according to PKCS#5  PKCS#5, PKCS5, PbeWithMD5AndDES_CBC, PBEWithMD5AndDES, PbeWithMD5AndDES_CBC, 1.2.840.113549.1.5.3, PBES2, 1.2.840.113549.1.5.13, PBES2WithHmacSHA1AndAES, PBES2WithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES, PBEWithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES_128, PBES2WithHmacSHA1AndAES256, PBES2WithHmacSHA1AndAES_256, PBEWithHmacSHA1AndAES256, PBEWithHmacSHA1AndAES_256, PBES2WithHmacSHA224AndAES, PBES2WithHmacSHA224AndAES128, PBEWithHmacSHA224AndAES, PBEWithHmacSHA224AndAES128, PBEWithHmacSHA224AndAES_128, PBES2WithHmacSHA224AndAES256, PBES2WithHmacSHA224AndAES_256, PBEWithHmacSHA224AndAES256, PBEWithHmacSHA224AndAES_256, PBES2WithHmacSHA256AndAES, PBES2WithHmacSHA256AndAES128, PBES2WithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES, PBEWithHmacSHA256AndAES128, PBEWithHmacSHA256AndAES_128, PBES2WithHmacSHA256AndAES256, PBES2WithHmacSHA256AndAES_256, PBEWithHmacSHA256AndAES256, PBEWithHmacSHA256AndAES_256, PBES2WithHmacSHA384AndAES, PBES2WithHmacSHA384AndAES128, PBEWithHmacSHA384AndAES, PBEWithHmacSHA384AndAES128, PBEWithHmacSHA384AndAES_128, PBES2WithHmacSHA384AndAES192, PBES2WithHmacSHA384AndAES_192, PBEWithHmacSHA384AndAES192, PBEWithHmacSHA384AndAES_192, PBES2WithHmacSHA384AndAES256, PBES2WithHmacSHA384AndAES_256, PBEWithHmacSHA384AndAES256, PBEWithHmacSHA384AndAES_256, PBES2WithHmacSHA512AndAES, PBES2WithHmacSHA512AndAES128, PBEWithHmacSHA512AndAES, PBEWithHmacSHA512AndAES128, PBEWithHmacSHA512AndAES_128, PBES2WithHmacSHA512AndAES256, PBES2WithHmacSHA512AndAES_256, PBEWithHmacSHA512AndAES256, PBEWithHmacSHA512AndAES_256, PBES2WithHmacSHA1AndDESede, PBEWithHmacSHA1AndDESede, PBES2WithHmacSHA1AndTripleDES, PBEWithHmacSHA1AndTripleDES 
PKCS#12 (Password
Based Encryption Key Factory) 
Password Based Encryption according to PKCS#12  PKCS12, PbeWithSHAAnd3_KeyTripleDES_CBC, PBEWithSHA1And3_KeyTripleDES_CBC, PBEWithSHA1AndDESede, 1.2.840.113549.1.12.1.3, PbeWithSHAAnd40BitRC2_CBC, PBEWithSHA1AndRC2_40, 1.2.840.113549.1.12.1.6, 
Algorithm Parameter Generators
AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
DH (Diffie
Hellman parameter generator) 
Generator for creating parameters (prime modulus, base generator, length of the private value) to be used for Diffie Hellman key exchange according to RFC 2631.  DiffieHellman, DiffieHellman, 1.2.840.113549.1.3.1 
ElGamal (ElGamal
parameter generator) 
Generator for creating parameters (prime modulus, base generator,...) to be used for the ElGamal encryption scheme over prime fields/td>  1.3.14.7.2.1.1 
ESDH
(Ephemeral Static Diffie Hellman parameter generator) 
Generator for creating parameters for the Ephemeral Static Diffie Hellman key exchange according to RFC 2631.  ESDiffieHellman 
PBE (PBE
parameter generator) 
Generator for creating parameters (salt and iteration count) to be used for password based encryption according to PKCS#5 / PKCS#12   
Algorithm Parameters
AlgorithmParameters params = AlgorithmParameters.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
RSAESOAEP (RSA
OAEP parameters) 
Algorithm parameters for the RSA PKCS#1v2.1 OAEP encryption scheme  RSAOAEP, RSAOaep, OAEP, 1.2.840.113549.1.1.7, RSA/ECB/OAEP 
DH (Diffie Hellman
parameters) 
Algorithm parameters (prime modulus, base generator, length of the private value) representation for Diffie Hellman key exchange which is described in PKCS#3  DiffieHellman, DiffieHellman, 1.2.840.113549.1.3.1 
ElGamal (ElGamal
parameters) 
Algorithm parameters (prime modulus, base generator, length of the private value) representation for ElGamal encryption scheme over prime fields  1.3.14.7.2.1.1 
ESDH (Ephemeral
Static Diffie Hellman parameters) 
Algorithm parameters for Ephmeral Static Diffie Hellman key exchange according to RFC 2631  ESDiffieHellman 
ESDHKEK
(Ephemeral Static Diffie Hellman key encryption key (KEK) parameters) 
Algorithm parameters (OtherInfo) representation for generation of shared key material based on the Ephmeral Static Diffie Hellman key exchange according to RFC 2631  DiffieHellman 
AES (AES
parameters) 
Algorithm parameters (initialization vector) representation for the Rijndael Advanced Encryption Standard (AES)  Rijndael, AES128, AES128, AES_128, AES192, AES192, AES_192, AES256, AES256, AES_256, 2.16.840.1.101.3.4.1.2, 2.16.840.1.101.3.4.1.22, 2.16.840.1.101.3.4.1.42, AES/CBC/PKCS5Padding, AES128/CBC/PKCS5Padding, AES128/CBC/PKCS5Padding, AES_128/CBC/PKCS5Padding, AES192/CBC/PKCS5Padding, AES192/CBC/PKCS5Padding, AES_192/CBC/PKCS5Padding, AES256/CBC/PKCS5Padding, AES256/CBC/PKCS5Padding, AES_256/CBC/PKCS5Padding 
Blowfish
(Blowfish parameters) 
Algorithm parameters (initialization vector) representation for the Blowfish cipher   
Camellia
(Camellia parameters) 
Algorithm parameters (initialization vector) representation for the Camellia block cipher with block size of 128 bits.  Camellia128, Camellia128, Camellia_256, Camellia192, Camellia192, Camellia_192, Camellia256, Camellia256, Camellia_256, 1.2.392.200011.61.1.1.1.2, 1.2.392.200011.61.1.1.1.3, 1.2.392.200011.61.1.1.1.4, Camellia/CBC/PKCS5Padding, Camellia128/CBC/PKCS5Padding, Camellia128/CBC/PKCS5Padding, Camellia_128/CBC/PKCS5Padding, Camellia192/CBC/PKCS5Padding, Camellia192/CBC/PKCS5Padding, Camellia_192/CBC/PKCS5Padding, Camellia256/CBC/PKCS5Padding, Camellia256/CBC/PKCS5Padding, Camellia_256/CBC/PKCS5Padding 
CAST128
(CAST128 parameters) 
Algorithm parameters (initialization vector) representation for the CAST128 cipher  CAST5, CAST, CAST5/CBC/PKCS5Padding, CAST128/CBC/PKCS5Padding, CAST/CBC/PKCS5Padding 
DES (DES
parameters) 
Algorithm parameters (initialization vector) representation for the DES cipher  DES/CBC/PKCS5Padding 
DESede (DESede
parameters) 
Algorithm parameters (initialization vector) representation for the DESede cipher  3DES, 3DES/CBC/PKCS5Padding, DESede/CBC/PKCS5Padding, TripleDES/CBC/PKCS5Padding 
GOST (GOST
parameters) 
Algorithm parameters (initialization vector) representation for the GOST cipher   
IDEA (IDEA
parameters) 
Algorithm parameters (initialization vector) representation for the IDEA cipher  IDEA/CBC/PKCS5Padding 
IV (IV
parameters) 
Initialization vector   
MARS (MARS
parameters) 
Algorithm parameters (initialization vector) representation for the MARS cipher   
RC2 (RC2
parameters) 
Algorithm parameters representation for the RC2 cipher  RC2/CBC/PKCS5Padding 
RC5 (RC5
parameters) 
Algorithm parameters (initialization vector) representation for the RC5 cipher  RC5/CBC/PKCS5Padding 
RC6 (RC6
parameters) 
Algorithm parameters (initialization vector) representation for the RC6 cipher   
Rijndael
(Rijndael parameters) 
Algorithm parameters (initialization vector) representation for the Rijndael Advanced Encryption Standard (AES)  AES, AES128, AES128, AES192, AES192, AES_192, AES256, AES256, AES_256, 2.16.840.1.101.3.4.1.2, 2.16.840.1.101.3.4.1.22, 2.16.840.1.101.3.4.1.42, AES/CBC/PKCS5Padding, AES128/CBC/PKCS5Padding, AES128/CBC/PKCS5Padding, AES_128/CBC/PKCS5Padding, AES192/CBC/PKCS5Padding, AES192/CBC/PKCS5Padding, AES_192/CBC/PKCS5Padding, AES256/CBC/PKCS5Padding, AES256/CBC/PKCS5Padding, AES_256/CBC/PKCS5Padding 
Rijndael256
(Rijndael parameters) 
Algorithm parameters (initialization vector) representation for the Rijndael block cipher with block size of 256 bits.  
Serpent (Serpent
parameters) 
Algorithm parameters (initialization vector) representation for the Serpent cipher   
Twofish (Twofish
parameters) 
Algorithm parameters (initialization vector) representation for the Twofish cipher   
PBKDF2 (PBKDF2
parameters) 
Algorithm parameters (salt, iteration count, PRF, derived key length) representation for the PBDF2 key derivation function specified in PKCS#5v2.1  1.2.840.113549.1.5.12 
PBE (PBE
parameters) 
Algorithm parameters (salt and iteration count) representation for password based encryption according to PKCS#5 / PKCS#12  PbeWithMD5AndDES_CBC, PBEWithMD5AndDES, 1.2.840.113549.1.5.3, PbeWithSHAAnd3_KeyTripleDES_CBC, PBEWithSHA1And3_KeyTripleDES_CBC, PBEWithSHA1AndDESede, 1.2.840.113549.1.12.1.3, PbeWithSHAAnd40BitRC2_CBC, PBEWithSHA1AndRC2_40, 1.2.840.113549.1.12.1.6 
PBES2 (PBES2
parameters) 
Algorithm parameters (KDF (with salt, iteration count, PRF, derived key length) and encryption scheme) representation for password based encryption according to PKCS#5v2.1 PBES2 scheme  1.2.840.113549.1.5.13, PBES2WithHmacSHA1AndAES, PBES2WithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES, PBEWithHmacSHA1AndAES128, PBEWithHmacSHA1AndAES_128, PBES2WithHmacSHA1AndAES256, PBES2WithHmacSHA1AndAES_256, PBEWithHmacSHA1AndAES256, PBEWithHmacSHA1AndAES_256, PBES2WithHmacSHA224AndAES, PBES2WithHmacSHA224AndAES128, PBES2WithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES, PBEWithHmacSHA224AndAES128, PBEWithHmacSHA224AndAES_128, PBES2WithHmacSHA224AndAES256, PBES2WithHmacSHA224AndAES_256, PBEWithHmacSHA224AndAES256, PBEWithHmacSHA224AndAES_256, PBES2WithHmacSHA256AndAES, PBES2WithHmacSHA256AndAES128, PBES2WithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES, PBEWithHmacSHA256AndAES128, PBEWithHmacSHA256AndAES_128, PBES2WithHmacSHA256AndAES256, PBES2WithHmacSHA256AndAES_256, PBEWithHmacSHA256AndAES256, PBEWithHmacSHA256AndAES_256, PBES2WithHmacSHA384AndAES, PBES2WithHmacSHA384AndAES128, PBES2WithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES, PBEWithHmacSHA384AndAES128, PBEWithHmacSHA384AndAES_128, PBES2WithHmacSHA384AndAES192, PBES2WithHmacSHA384AndAES_192, PBEWithHmacSHA384AndAES192, PBEWithHmacSHA384AndAES_192, PBES2WithHmacSHA512AndAES256, PBES2WithHmacSHA384AndAES256, PBES2WithHmacSHA384AndAES_256, PBEWithHmacSHA384AndAES256, PBEWithHmacSHA384AndAES_256, PBES2WithHmacSHA512AndAES, PBES2WithHmacSHA512AndAES128, PBES2WithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES, PBEWithHmacSHA512AndAES128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES256, PBES2WithHmacSHA512AndAES_256, PBEWithHmacSHA512AndAES_256, PBES2WithHmacSHA1AndDESede, PBEWithHmacSHA1AndDESede, PBES2WithHmacSHA1AndTripleDES, PBEWithHmacSHA1AndTripleDES 
CAST128Wrap (CAST128 key wrap parameters) 
Algorithm parameters (key length) representation for the CAST128 Key Wrap algorithm as used by CMS.  CAST128KeyWrap, CAST128WrapCAST128, CAST128Wrap, CASTWrap, CASTKeyWrap, CASTWrapCAST, CAST5Wrap, CAST5KeyWrap, CAST5WrapCAST5 
RC2Wrap
(RC2 key wrap parameters) 
Algorithm parameters (RC2ParameterVersion) representation for the RC2 Key Wrap algorithm as used by CMS.  RC2KeyWrap, RC2WrapRC2, RC2WRAP, RC2Wrap 
CCM (Counter
with CBCMAC mode parameters) 
Algorithm parameters (associated data, nonce and macLength) for the CCM block cipher mode as specified in RFC 3610, NIST Special Publication 80038C and RFC 5084.  CCM, AES/CCM/NoPadding, AES128/CCM/NoPadding, AES192/CCM/NoPadding, AES256/CCM/NoPadding, AES128/CCM/NoPadding, AES_128/CCM/NoPadding, AES192/CCM/NoPadding, AES_192/CCM/NoPadding, AES256/CCM/NoPadding, AES_256/CCM/NoPadding 
CCMCMS
(Counter with CBCMAC mode parameters) 
Algorithm parameters (associated data, nonce and mac value) for the CCM block cipher mode as specified in RFC 3610, NIST Special Publication 80038C and RFC 5084 when used with CMS "http://www.ietf.org/rfc/rfc3610.txt?number=5084" target="_blank">RFC 5084.  CCMCMS, AES/CCMCMS/NoPadding, AES128/CCMCMS/NoPadding, AES192/CCMCMS/NoPadding, AES256/CCMCMS/NoPadding, AES128/CCMCMS/NoPadding, AES_128/CCMCMS/NoPadding, AES192/CCMCMS/NoPadding, AES_192/CCMCMS/NoPadding, AES256/CCMCMS/NoPadding, AES_256/CCMCMS/NoPadding 
GCM
(Galois/Counter mode parameters) 
Algorithm parameters (associated data, nonce, macLength and macBlock) for the GCM block cipher mode as specified in NIST Special Publication 80038D and RFC 5084.  GCM, AES/GCM/NoPadding, AES128/GCM/NoPadding, AES192/GCM/NoPadding, AES256/GCM/NoPadding, AES128/GCM/NoPadding, AES_128/GCM/NoPadding, AES192/GCM/NoPadding, AES_192/GCM/NoPadding, AES256/GCM/NoPadding, AES_256/GCM/NoPadding 
CBCCMac (CBCCMAC
parameters) 
Algorithm parameters for the AESCBCCMAC authenticated encryption algorithm as defined by the BSI Technical Guideline TR031091  CBCCMAC, AESCMac, AESCBCCMac, AESCMac128, AESCBCCMac128, AESCMac_128, AESCBCCMac_128, AESCMAC, AESCBCCMAC, AESCMAC128, AESCBCCMAC128, 0.4.0.127.0.7.1.3.1.1.2, AESCBCCMac192, AESCBCCMac_192, AESCMac192, AESCMac_192, AESCMAC192, AESCBCCMAC192, 0.4.0.127.0.7.1.3.1.1.3, AESCMac256, AESCMac_256, AESCBCCMac256, AESCBCCMac_256, AESCMAC256, AESCBCCMAC256, 0.4.0.127.0.7.1.3.1.1.4 
ChaCha20Poly1305 (ChaCha20Poly1305
parameters) 
Algorithm parameters for the ChaCha20Poly1305 authenticated encryption algorithm as defined by RFC 8439, RFC 8103  ChaCha20Poly1305, 1.2.840.113549.1.9.16.3.18 
KDF1
(KDF1 parameters) 
Algorithm parameters for the Key Derivation Function (KDF) 1 as specified by ISO/IEC 180332.  1.0.18033.2.5.1 
KDF2
(KDF2 parameters) 
Algorithm parameters for Key Derivation Function (KDF) 2 as specified by ANS X9.44.  1.3.133.16.840.9.44.1.1 
KDF3
(KDF3 parameters) 
Algorithm parameters for Key Derivation Function (KDF) 3 as specified by ANS X9.44.  1.3.133.16.840.9.44.1.2 
RsaKem 
Algorithm parameters for the RSAKEM Key Encapsulation Mechanism as specified by RFC 5990 and or ISO/IEC 180332.  1.0.18033.2.2.4 
Key Encapsulation Mechanisms
KeyEncapsulationMechanism kem = KeyEncapsulationMechanism.getInstance(<Standard Name>  <Alias>, "IAIK"); 

Standard Name  Specification  Aliases 
RsaKem 
RSAKEM Key Encapsulation Mechanism as specified by RFC 5990/a> and or ISO/IEC 180332.  1.0.18033.2.2.4 
General Usage:
for instance:Cipher cipher = Cipher.getInstance("Cipher/Operation Mode/Padding Scheme");
Cipher des = Cipher.getInstance("DES/CBC/PKCS5Padding", "IAIK");
Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding", "IAIK");
Cipher Modes (default: ECB)  
Name  Specification 
ECB (Electronic Code Book)  "DES MODES OF OPERATION", NIST FIPS PUB 81 
CBC (Cipher Block Chaining)  "DES MODES OF OPERATION", NIST FIPS PUB 81 
PCBC (Propagated Cipher Block Chaining)  defined by Kerberos 
CFB (Cipher FeedBack)  "DES MODES OF OPERATION", NIST FIPS PUB 81 
OFB (Output FeedBack)  "DES MODES OF OPERATION", NIST FIPS PUB 81 
CTR (Counter Mode Encryption)  "AES MODES OF OPERATION", NIST: Recommendation for Block Cipher Modes of Operation 
CTS (Ciphertext Stealing)  "Bruce Schneier, "Applied Cryptography"" 
CCM (Counter with CBCMAC)  specified in RFC 3610 and NIST Special Publication 80038C 
GCM (Galois/Counter Mode)  specified in NIST Special Publication 80038D 
0 (only for RSA ciphers)  block type 00 for RSA PKCS#1v1.5 encryption, private key operations, as specified by PKCS#1 
1 (only for RSA ciphers)  block type 01 for RSA PKCS#1v1.5 encryption, private key operations, as specified by PKCS#1 
2 (only for RSA ciphers)  block type 02 for RSA PKCS#1v1.5 encryption, public key operations, as specified by PKCS#1 
SSL (only for RSA ciphers)  PKCS#1v1.5 RSA encryption (PKCS#1) as used by IBMJSSE 
Padding Schemes (default: NoPadding)  
Name  Specification 
NoPadding  Uses no padding scheme. If no padding is used the input must be a multiple of the block size unless cipher mode is CFB, OFB, CTR, CTS, CCM or GCM. 
PKCS5Padding (PKCS#5 Padding), PKCS7Padding  padding scheme as described in specified by PKCS#5 
SSL3Padding  padding scheme as described in the Secure Sockets Layer (SSL v3) specification 
ISO78164Padding  padding scheme as described in the ISO 78164 Standard (Information technology  Identification cards  Integrated circuit(s) cards with contacts  Part 4: Interindustry commands for interchange) 
ISO101262  padding scheme as described in the ISO 101262 Standard; used by http://www.w3.org/TR/xmlenccore/ 
PKCS1Padding (only for RSA ciphers)  padding scheme as specified by PKCS#1 v1.5 
OAEP (only for RSA ciphers)  A padding scheme as specified by PKCS#1 v2.1 and P1363.
If just OAEP is used as padding name, the hash algorithm is
SHA1 and the mask generation function is MFG1 as specified in PKCS#1. To use
a different hash algorithm, the naming scheme is OAEPWith
<digest>And <mgf>Padding ; e.g.
OAEPWithSHA1AndMGF1Padding . This is as specified in the JCE
specification. 
RSACipher
class, which implements
the core RSA operation. In this class, blinding can be switched on and off.
Per default blinding is switched on. Practical performance measures showed
that blinding decreases the performance not that much. A few percent are
typical if public exponents are used which improve the performance; e.g.
65537 (decimal). In practice, such exponents are almost always used.
Modifier and Type  Field and Description 

static double 
version
Version number is currently 6.0.

Constructor and Description 

IAIK()
This is the default constructor which registers the implemented algorithms
to the Java Security API.

Modifier and Type  Method and Description 

static void 
addAsJDK14Provider()
Deprecated.
use method
IAIK.addAsProvider 
static void 
addAsJDK14Provider(boolean printStatusInfo)
Deprecated.
use method
IAIK.addAsProvider 
static void 
addAsProvider()
Static method which installs the SecurityProvider IAIK.

static void 
addAsProvider(boolean printStatusInfo)
Static method which installs the IAIK provider as first provider
and prints some system properties if desired.

static boolean 
getBufferMoreAEADCipherDataThanNecessary()
Gets whether the IAIK AEAD Cipher engines/modes ChaCha20Poly1305,
GCM and CCM shall buffer more than necessary cipher data during
update() calls during decryption. 
static boolean 
getCheckPKCS5PaddingBytes()
Asks whether PKCS#5 padding bytes shall be checked if having the same
value.

static boolean 
getCopyCipherData()
Gets whether to internally copy cipher data when Cipher
encryption/decryption uses the same array for input/output.

static IAIK 
getInstance()
Returns an instance of this class.

static java.security.MessageDigest 
getMd5()
Deprecated.

static boolean 
getUseOldMd5()
Deprecated.

static java.lang.String 
getVersionInfo()
Gets an info string with name and version og the IAIK provider.

static boolean 
isNativeAESAddonAvailable()
Method to look, if the class
iaik.security.provider.NativeAESAddon is in the classpath. 
static void 
setBufferMoreAEADCipherDataThanNecessary(boolean bufferCipherData)
Decides whether the IAIK AEAD Cipher engines/modes ChaCha20Poly1305,
GCM and CCM shall buffer more than necessary cipher data during
update() calls during decryption. 
static void 
setCheckPKCS5PaddingBytes(boolean checkPKCS5PaddingBytes)
Turns PKCS#5 padding byte value check on or off.

static void 
setCopyCipherData(boolean copyCipherData)
Decides whether to internally copy cipher data when Cipher
encryption/decryption uses the same array for input/output.

static void 
setNativeAESAddonEnabled(boolean enable)
This method can manually set whether or not the iaik_jce_native_aes.jar should be
used.

static void 
setUseOldMd5(boolean useOldMd5)
Deprecated.

isAvailable, puta, putc, putc
clear, elements, entrySet, get, getInfo, getName, getProperty, getService, getServices, getVersion, keys, keySet, load, put, putAll, putService, remove, removeService, toString, values
getProperty, list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, stringPropertyNames
public IAIK()
public static java.lang.String getVersionInfo()
public static void addAsProvider()
public static IAIK getInstance()
public static void addAsProvider(boolean printStatusInfo)
printStatusInfo
 prints some status information and system propertiespublic static void addAsJDK14Provider(boolean printStatusInfo)
IAIK.addAsProvider
IAIK.addAsProvider
.printStatusInfo
 whether to print some status information and system propertiespublic static void addAsJDK14Provider()
IAIK.addAsProvider
IAIK.addAsProvider
.public static void setUseOldMd5(boolean useOldMd5)
true
only if
MD5 crashes or hangs on your VM. This flag will only affect IAIK instances
created after this call is made.
The current default is to use the new version.
public static boolean getUseOldMd5()
true
if the old MD5 implementation is used,
false
if the new MD5 implementation is used (default)public static java.security.MessageDigest getMd5()
public static void setCheckPKCS5PaddingBytes(boolean checkPKCS5PaddingBytes)
PKCS#5 padding requires that all padding bytes have the same value. However, some application erroneously may use random padding values. By the default, the IAIK provider checks PKCS#5 padding bytes for the same value as required by the specification. You may use this method for switching off the PKCS#5 padding check, if required.
checkPKCS5PaddingBytes
 whether to check PKCS#5 padding bytes for the same value or not to
checkpublic static boolean getCheckPKCS5PaddingBytes()
PKCS#5 padding requires that all padding bytes have the same value.
However, some application erroneously may use random padding values. By the
default, the IAIK provider checks PKCS#5 padding bytes for the same value
as required by the specification. You may use method
setCheckPKCS5PaddingBytes
for
switching off the PKCS#5 padding check, if required.
true
if PKCS#5 padding bytes shall be checked
(default), false
if they shall be not checkedpublic static void setBufferMoreAEADCipherDataThanNecessary(boolean bufferCipherData)
update()
calls during decryption.
Usually cipher data may be buffered only if the given output buffer
is too small or more cipher data is required for completing a
block decryption operation.
When using a javax.crypto.CipherInputStream
for decrypting cipher data the final Cipher.doFinal
may
not be done before closing the CipherInputStream.
javax.crypto.CipherInputStream catches (and does not throw) any Exception
that may be thrown when calling Cipher.doFinal
. This
may cause an AEADBadTagException to be caught (and not thrown) inside
CipherInputStream.close() meaning that an invalid mac value may not be
detected when decrypting a cipher text using GCM, CCM or ChaCha20Poly1305.
For that reason it might be preferable to enforce that javax.crypto.CipherInputStream
calls Cipher.doFinal
already during the last read() call where
an AEADBadTagException may be thrown. When ensuring to read all cipher
data from the CipherInputStream (until 1), the final Cipher.doFinal()
will
be call will be done during the last read() call and an AEADBadTagException will
be thrown if the verification of the final mac value does fail. However, when,
for instance, only reading as many data bytes as expected (because knowing the
number of plain text bytes in advance) the final mac tag (if appended to the
cipher text) will not be read before closing the CipherInputStream:
int dataSize = ...; byte[] recoveredPlainText = new byte[dataSize]; int off = 0; int r = 0; do { r = cis.read(recoveredPlainText, off, dataSize  off); if (r > 0) { off += r; } } while (r >= 0 && off != dataSize); cis.close();This means that all data may be successfully decrypted to
recoveredPlainText
but the final mac tag will only be read when closing the CipherInputStream. If the
mac is invalid cis.close()
will not throw an Exception and the integrity
violation of the cipher data may not be detected.
setBufferMoreAEADCipherDataThanNecessary
the IAIK AEAD cipher modes CCM and GCM and the ChaCha20Poly1305 AEAD Cipher will buffer more
than necessary cipher data during update
calls during decryption. This
may ensure that the final mac tag is read during the last CipherInputStream.read()
call throwing an Exception if the mac value is invalid:
IAIK.setBufferMoreAEADCipherDataThanNecessary(true);Note that by default
setBufferMoreAEADCipherDataThanNecessary
is
set to false
for performance and interoperability
(some applications may read until no more bytes are returned and
therefore may stop reading when update()
does return 0)
reasons (and because the problem may be avoided by other means (see below)).
Note also that when setting it to true
even more care has to taken
to not stop decrypting cipher date if a Cipher.update()
call does
not return any decrypted data (0 bytes) since it may only require more cipher
input data for continuing decryption.
iaik.utils.CipherInputStream
which does not catch (and not throw) an AEADBadTagException within its close
method.bufferCipherData
 whether the IAIK AEAD Cipher engines/modes ChaCha20Poly1305,
GCM and CCM shall buffer more than necessary cipher data during
update()
calls during decryption (default: false
).public static boolean getBufferMoreAEADCipherDataThanNecessary()
update()
calls during decryption.update()
calls during decryption (default: false
).setBufferMoreAEADCipherDataThanNecessary(boolean)
public static void setCopyCipherData(boolean copyCipherData)
Copying cipher data may be required when the result of encryption/decryption operations overrides data that is still required for some further encryption/decryption step. However, copying data may also slow down the performance and also may be already done by the calling application. For that reason data is not copied internally by default.
copyCipherData
 whether to internally copy cipher data if Cipher
encryption/decryption uses the same array for input/output;
default: false
(data is not copied)public static boolean getCopyCipherData()
Copying cipher data may be required when the result of encryption/decryption operations overrides data that is still required for some further encryption/decryption step. However, copying data may also slow down the performance and also may be already done by the calling application. For that reason data is not copied internally by default.
true
if cipher data shall be copied if Cipher
encryption/decryption uses the same array for input/output;
false
(default) if notpublic static boolean isNativeAESAddonAvailable()
iaik.security.provider.NativeAESAddon
is in the classpath. (It
is then assumed that iaik_jce_native_aes.jar is included in the classpath.)true
, if iaik_jce_native_aes.jar is included in the
classpath.public static void setNativeAESAddonEnabled(boolean enable)
enable
is
set to true
. No classloader will be used to
look for the respective implementations.enable
 boolean
to set manually, if the jar file containing
the speedups is present. Disables the classloader.
6.0 (c) 2002 IAIK, (c) 2003  2022 SIC 