Supported Algorithms

Message digests (hashes)

  • SHA1
  • SHA224
  • SHA256
  • SHA384
  • SHA512


Message authentication codes (MAC)

  • HMAC
  • AES-CMAC


Unauthenticated ciphers

  • AES CTR / CCM* / CBC / ECB
  • ChaCha20


Authenticated encryption with associated data (AEAD)

  • AES CCM / GCM
  • AEAD-ChaCha20-Poly1305


Key derivation

  • HKDF
  • PBKDF2-HMAC
  • PBKDF2-CMAC-PRF128
  • TLS-1.2 PRF
  • TLS-1.2 PSK-to-Mastersecret


Asymmetric signature

  • RSASSA PKCS-v1.5 / PSS (1024 / 1536 / 2048 / 3072 / 4096 / 6144 / 8192 bit)
  • ECDSA P224 / P256 / P384
  • Ed25519


Asymmetric encryption

  • RSAES PKCS-v1.5 / OAEP (1024 / 1536 / 2048 / 3072 / 4096 / 6144 / 8192 bit)


Key agreement

  • ECDH P224 / P256 / P384
  • X25519


Password-authenticated key exchange (PAKE)

  • EC-JPAKE P256
  • SPAKE2+ P256 HMAC
  • SRP-6 3072 bit


Random number generation

  • CTR-DRBG
  • HMAC-DRBG