We are currently working on deploying a Java Card applet onto the eSIM (eUICC) inside an iPhone.
According to the GSMA SGP specifications, the eUICC is expected to support Java Card 3.0.5 Classic Edition. As defined in the Java Card 3.0.5 specification, the javacardx.****** package should support standard algorithms including MessageDigest.ALG_HMAC_SHA_512.
However, during our testing on the iPhone's embedded eSIM, we found that ALG_HMAC_SHA_512 appears to be unsupported or disabled. The same applet functions correctly on external Java Card platforms that support Java Card 3.0.5, leading us to believe that this is a restriction specific to the iPhone’s eUICC implementation.
Our main questions are:
- Why is
ALG_HMAC_SHA_512, which is part of the standard Java Card 3.0.5 specification, not available on the iPhone eSIM? - Has Apple imposed any internal restrictions or exclusions on certain ****** algorithms for security, performance, or compliance reasons?
- Is there a list or documentation of supported and unsupported Java Card APIs or algorithms on the eUICC used in iPhones?
Any insights from Apple engineers or other developers with experience on this topic would be greatly appreciated.
Thank you in advance!
We can’t really answer why questions here on the forums. See tip 3 in Quinn’s Top Ten DevForums Tips. If you want Apple to support this, I recommend that you file an enhancement request describing your requirements.
Regarding question 3, Apple Developer Forums is primarily focused on the APIs in Apple’s platform SDKs. It’s very unlikely you’ll encounter anyone with Java Card experience here. If you’re working on behalf of a carrier, I recommend that you escalate this via your carrier contact at Apple.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
