blob: 05e2b487283fdcc34915f9613d52f4b9ce31476d [file] [log] [blame] [raw]
/*
* copyright 1997, 2000
* the regents of the university of michigan
* all rights reserved
*
* permission is granted to use, copy, create derivative works
* and redistribute this software and such derivative works
* for any purpose, so long as the name of the university of
* michigan is not used in any advertising or publicity
* pertaining to the use or distribution of this software
* without specific, written prior authorization. if the
* above copyright notice or any other identification of the
* university of michigan is included in any copy of any
* portion of this software, then the disclaimer below must
* also be included.
*
* this software is provided as is, without representation
* from the university of michigan as to its fitness for any
* purpose, and without warranty by the university of
* michigan of any kind, either express or implied, including
* without limitation the implied warranties of
* merchantability and fitness for a particular purpose. the
* regents of the university of michigan shall not be liable
* for any damages, including special, indirect, incidental, or
* consequential damages, with respect to any claim arising
* out of or in connection with the use of the software, even
* if it has been or is hereafter advised of the possibility of
* such damages.
*
* SSH / smartcard integration project, smartcard side
*
* Tomoko Fukuzawa, created, Feb., 2000
* Naomaru Itoi, modified, Apr., 2000
*/
import javacard.framework.*;
import javacardx.framework.*;
import javacardx.crypto.*;
public class Ssh extends javacard.framework.Applet
{
/* constants declaration */
// code of CLA byte in the command APDU header
private final byte Ssh_CLA =(byte)0x05;
// codes of INS byte in the command APDU header
private final byte DECRYPT = (byte) 0x10;
private final byte GET_KEYLENGTH = (byte) 0x20;
private final byte GET_PUBKEY = (byte) 0x30;
private final byte GET_RESPONSE = (byte) 0xc0;
/* instance variables declaration */
private final short keysize = 1024;
//RSA_CRT_PrivateKey rsakey;
AsymKey rsakey;
CyberflexFile file;
CyberflexOS os;
byte buffer[];
//byte pubkey[];
static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
private Ssh()
{
file = new CyberflexFile();
os = new CyberflexOS();
rsakey = new RSA_CRT_PrivateKey (keysize);
rsakey.setKeyInstance ((short)0xc8, (short)0x10);
if ( ! rsakey.isSupportedLength (keysize) )
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
/*
pubkey = new byte[keysize/8];
file.selectFile((short)(0x3f<<8)); // select root
file.selectFile((short)(('s'<<8)|'h')); // select public key file
os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
*/
register();
} // end of the constructor
public static void install(APDU apdu)
{
new Ssh(); // create a Ssh applet instance (card)
} // end of install method
public void process(APDU apdu)
{
// APDU object carries a byte array (buffer) to
// transfer incoming and outgoing APDU header
// and data bytes between card and CAD
buffer = apdu.getBuffer();
// verify that if the applet can accept this
// APDU message
// NI: change suggested by Wayne Dyksen, Purdue
if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
ISOException.throwIt(ISO.SW_NO_ERROR);
switch (buffer[ISO.OFFSET_INS]) {
case DECRYPT:
if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
//decrypt (apdu);
short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
if (apdu.setIncomingAndReceive() != size)
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
buffer, (short) ISO.OFFSET_CDATA);
apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
return;
case GET_PUBKEY:
file.selectFile((short)(0x3f<<8)); // select root
file.selectFile((short)(('s'<<8)|'h')); // select public key file
os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
/*
apdu.setOutgoing();
apdu.setOutgoingLength((short)(keysize/8));
apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
*/
return;
case GET_KEYLENGTH:
buffer[0] = (byte)((keysize >> 8) & 0xff);
buffer[1] = (byte)(keysize & 0xff);
apdu.setOutgoingAndSend ((short)0, (short)2);
return;
case GET_RESPONSE:
return;
default:
ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
}
} // end of process method
/*
private void decrypt (APDU apdu)
{
short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
if (apdu.setIncomingAndReceive() != size)
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
//short offset = (short) ISO.OFFSET_CDATA;
rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
(short) ISO.OFFSET_CDATA);
apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
}
*/
} // end of class Ssh