blob: 05e2b487283fdcc34915f9613d52f4b9ce31476d [file] [log] [blame]
Ben Lindstrom3133dbb2001-07-04 05:35:00 +00001/*
2 * copyright 1997, 2000
3 * the regents of the university of michigan
4 * all rights reserved
5 *
6 * permission is granted to use, copy, create derivative works
7 * and redistribute this software and such derivative works
8 * for any purpose, so long as the name of the university of
9 * michigan is not used in any advertising or publicity
10 * pertaining to the use or distribution of this software
11 * without specific, written prior authorization. if the
12 * above copyright notice or any other identification of the
13 * university of michigan is included in any copy of any
14 * portion of this software, then the disclaimer below must
15 * also be included.
16 *
17 * this software is provided as is, without representation
18 * from the university of michigan as to its fitness for any
19 * purpose, and without warranty by the university of
20 * michigan of any kind, either express or implied, including
21 * without limitation the implied warranties of
22 * merchantability and fitness for a particular purpose. the
23 * regents of the university of michigan shall not be liable
24 * for any damages, including special, indirect, incidental, or
25 * consequential damages, with respect to any claim arising
26 * out of or in connection with the use of the software, even
27 * if it has been or is hereafter advised of the possibility of
28 * such damages.
29 *
30 * SSH / smartcard integration project, smartcard side
31 *
32 * Tomoko Fukuzawa, created, Feb., 2000
33 * Naomaru Itoi, modified, Apr., 2000
34 */
35
36import javacard.framework.*;
37import javacardx.framework.*;
38import javacardx.crypto.*;
39
40public class Ssh extends javacard.framework.Applet
41{
42 /* constants declaration */
43 // code of CLA byte in the command APDU header
44 private final byte Ssh_CLA =(byte)0x05;
45
46 // codes of INS byte in the command APDU header
47 private final byte DECRYPT = (byte) 0x10;
48 private final byte GET_KEYLENGTH = (byte) 0x20;
49 private final byte GET_PUBKEY = (byte) 0x30;
50 private final byte GET_RESPONSE = (byte) 0xc0;
51
52 /* instance variables declaration */
53 private final short keysize = 1024;
54
55 //RSA_CRT_PrivateKey rsakey;
56 AsymKey rsakey;
57 CyberflexFile file;
58 CyberflexOS os;
59
60 byte buffer[];
61 //byte pubkey[];
62
63 static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
64
65 private Ssh()
66 {
67 file = new CyberflexFile();
68 os = new CyberflexOS();
69
70 rsakey = new RSA_CRT_PrivateKey (keysize);
71 rsakey.setKeyInstance ((short)0xc8, (short)0x10);
72
73 if ( ! rsakey.isSupportedLength (keysize) )
74 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
75
76 /*
77 pubkey = new byte[keysize/8];
78 file.selectFile((short)(0x3f<<8)); // select root
79 file.selectFile((short)(('s'<<8)|'h')); // select public key file
80 os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
81 */
82 register();
83 } // end of the constructor
84
85 public static void install(APDU apdu)
86 {
87 new Ssh(); // create a Ssh applet instance (card)
88 } // end of install method
89
90 public void process(APDU apdu)
91 {
92 // APDU object carries a byte array (buffer) to
93 // transfer incoming and outgoing APDU header
94 // and data bytes between card and CAD
95 buffer = apdu.getBuffer();
96
97 // verify that if the applet can accept this
98 // APDU message
99 // NI: change suggested by Wayne Dyksen, Purdue
100 if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
101 ISOException.throwIt(ISO.SW_NO_ERROR);
102
103 switch (buffer[ISO.OFFSET_INS]) {
104 case DECRYPT:
105 if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
106 ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
107 //decrypt (apdu);
108 short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
109
110 if (apdu.setIncomingAndReceive() != size)
111 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
112
113 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
114 buffer, (short) ISO.OFFSET_CDATA);
115 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
116 return;
117 case GET_PUBKEY:
118 file.selectFile((short)(0x3f<<8)); // select root
119 file.selectFile((short)(('s'<<8)|'h')); // select public key file
120 os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
121 apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
122 /*
123 apdu.setOutgoing();
124 apdu.setOutgoingLength((short)(keysize/8));
125 apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
126 */
127 return;
128 case GET_KEYLENGTH:
129 buffer[0] = (byte)((keysize >> 8) & 0xff);
130 buffer[1] = (byte)(keysize & 0xff);
131 apdu.setOutgoingAndSend ((short)0, (short)2);
132 return;
133 case GET_RESPONSE:
134 return;
135 default:
136 ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
137 }
138
139 } // end of process method
140
141 /*
142 private void decrypt (APDU apdu)
143 {
144 short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
145
146 if (apdu.setIncomingAndReceive() != size)
147 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
148
149 //short offset = (short) ISO.OFFSET_CDATA;
150
151 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
152 (short) ISO.OFFSET_CDATA);
153 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
154 }
155 */
156} // end of class Ssh