Encryption and Decryption Algorithms

Contents
casso1283
Contents
2
Open Format Cookie Encryption Algorithms
The open format cookie supports the following options for password-based encryptions:
  • FIPS_Compat and FIPS_Migration Modes
    PBE/SHA1/AES/CBC/PKCS12PBE-1000-128
    PBE/SHA1/AES/CBC/PKCS12PBE-1000-192
    PBE/SHA1/AES/CBC/PKCS12PBE-1000-256
    PBE/SHA256/AES/CBC/PKCS12PBE-1000-128
    PBE/SHA256/AES/CBC/PKCS12PBE-1000-192
    PBE/SHA256/AES/CBC/PKCS12PBE-1000-256
    PBE/SHA1/3DES_EDE/CBC/PKCS12PBE-1000-3
    PBE/SHA256/3DES_EDE/CBC/PKCS12PBE-1000-3
  • FIPS_Only Mode
    AES128/CBC/PKCS5Padding
    AES192/CBC/PKCS5Padding
    AES256/CBC/PKCS5Padding
    3DES_EDE/CBC/PKCS5Padding
Digital Signing and Private Key Algorithms
SiteMinder
uses the following algorithms for partnership signing options.
  • Encryption Key Algorithms
    RSA-V15, RSA-OEAP
  • Encryption Block Algorithms
    3DES, AES-128 (AES128_CBC), AES-256 (AES256_CBC)
    Additional algorithms supported from Release 12.8.05
    : AES-128-GCM, AES-192-GCM, AES-256-GCM, and RSA-OAEP
SiteMinder
uses the following algorithms for Private Key generation (Certificate/Keys):
  • Key Algorithm
    RSA
  • Sign Algorithms
    MD5withRSA, SHA1withRSA, SHA256withRSA & SHA512withRSA
    Additional algorithms supported from Release 12.8.05
    : RSASSA-PSS
Back Channel Communication Algorithms
For back channel communication related to HTTP-Artifact single sign-on and SAML 2.0 Single Logout,
SiteMinder
supports the following ciphers, depending upon the FIPS mode:
  • FIPS_Compat and FIPS_Migration Modes—RC4 and AES
    RSA_With_RC4_SHA
    RSA_With_RC4_MD5
    RSA_With_AES_128_CBC_SHA
    RSA_With_AES_256_CBC_SHA
  • FIPS_Only Mode—AES only
    RSA_With_AES_128_CBC_SHA
    RSA_With_AES_256_CBC_SHA
Java SDK Encryption Algorithms
The
SiteMinder
Federation Java SDK supports the following encryption algorithms:
  • Without a Password
    "AES/CBC/PKCS5Padding"
  • With a Password
    "PBE/SHA1/AES/CBC/PKCS12PBE-5-128"
Crypto Algorithm
  • FMCrypto Encryption/Decryption Algorithm
    AES_128