]>
Commit | Line | Data |
---|---|---|
637b033d | 1 | /* |
2 | * copyright 1997, 2000 | |
3 | * the regents of the university of michigan | |
4 | * all rights reserved | |
5 | * | |
6 | * permission is granted to use, copy, create derivative works | |
7 | * and redistribute this software and such derivative works | |
8 | * for any purpose, so long as the name of the university of | |
9 | * michigan is not used in any advertising or publicity | |
10 | * pertaining to the use or distribution of this software | |
11 | * without specific, written prior authorization. if the | |
12 | * above copyright notice or any other identification of the | |
13 | * university of michigan is included in any copy of any | |
14 | * portion of this software, then the disclaimer below must | |
15 | * also be included. | |
16 | * | |
17 | * this software is provided as is, without representation | |
18 | * from the university of michigan as to its fitness for any | |
19 | * purpose, and without warranty by the university of | |
20 | * michigan of any kind, either express or implied, including | |
21 | * without limitation the implied warranties of | |
22 | * merchantability and fitness for a particular purpose. the | |
23 | * regents of the university of michigan shall not be liable | |
24 | * for any damages, including special, indirect, incidental, or | |
25 | * consequential damages, with respect to any claim arising | |
26 | * out of or in connection with the use of the software, even | |
27 | * if it has been or is hereafter advised of the possibility of | |
28 | * such damages. | |
29 | * | |
30 | * SSH / smartcard integration project, smartcard side | |
31 | * | |
32 | * Tomoko Fukuzawa, created, Feb., 2000 | |
33 | * Naomaru Itoi, modified, Apr., 2000 | |
34 | */ | |
35 | ||
36 | import javacard.framework.*; | |
37 | import javacardx.framework.*; | |
38 | import javacardx.crypto.*; | |
39 | ||
40 | public class Ssh extends javacard.framework.Applet | |
41 | { | |
42 | /* constants declaration */ | |
43 | // code of CLA byte in the command APDU header | |
44 | private final byte Ssh_CLA =(byte)0x05; | |
45 | ||
46 | // codes of INS byte in the command APDU header | |
47 | private final byte DECRYPT = (byte) 0x10; | |
48 | private final byte GET_KEYLENGTH = (byte) 0x20; | |
49 | private final byte GET_PUBKEY = (byte) 0x30; | |
50 | private final byte GET_RESPONSE = (byte) 0xc0; | |
51 | ||
52 | /* instance variables declaration */ | |
53 | private final short keysize = 1024; | |
54 | ||
55 | //RSA_CRT_PrivateKey rsakey; | |
56 | AsymKey rsakey; | |
57 | CyberflexFile file; | |
58 | CyberflexOS os; | |
59 | ||
60 | byte buffer[]; | |
61 | //byte pubkey[]; | |
62 | ||
63 | static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05}; | |
64 | ||
65 | private Ssh() | |
66 | { | |
67 | file = new CyberflexFile(); | |
68 | os = new CyberflexOS(); | |
69 | ||
70 | rsakey = new RSA_CRT_PrivateKey (keysize); | |
71 | rsakey.setKeyInstance ((short)0xc8, (short)0x10); | |
72 | ||
73 | if ( ! rsakey.isSupportedLength (keysize) ) | |
74 | ISOException.throwIt (ISO.SW_WRONG_LENGTH); | |
75 | ||
76 | /* | |
77 | pubkey = new byte[keysize/8]; | |
78 | file.selectFile((short)(0x3f<<8)); // select root | |
79 | file.selectFile((short)(('s'<<8)|'h')); // select public key file | |
80 | os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8)); | |
81 | */ | |
82 | register(); | |
83 | } // end of the constructor | |
84 | ||
85 | public static void install(APDU apdu) | |
86 | { | |
87 | new Ssh(); // create a Ssh applet instance (card) | |
88 | } // end of install method | |
89 | ||
90 | public void process(APDU apdu) | |
91 | { | |
92 | // APDU object carries a byte array (buffer) to | |
93 | // transfer incoming and outgoing APDU header | |
94 | // and data bytes between card and CAD | |
95 | buffer = apdu.getBuffer(); | |
96 | ||
97 | // verify that if the applet can accept this | |
98 | // APDU message | |
99 | // NI: change suggested by Wayne Dyksen, Purdue | |
100 | if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT) | |
101 | ISOException.throwIt(ISO.SW_NO_ERROR); | |
102 | ||
103 | switch (buffer[ISO.OFFSET_INS]) { | |
104 | case DECRYPT: | |
105 | if (buffer[ISO.OFFSET_CLA] != Ssh_CLA) | |
106 | ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED); | |
107 | //decrypt (apdu); | |
108 | short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); | |
109 | ||
110 | if (apdu.setIncomingAndReceive() != size) | |
111 | ISOException.throwIt (ISO.SW_WRONG_LENGTH); | |
112 | ||
113 | rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, | |
114 | buffer, (short) ISO.OFFSET_CDATA); | |
115 | apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size); | |
116 | return; | |
117 | case GET_PUBKEY: | |
118 | file.selectFile((short)(0x3f<<8)); // select root | |
119 | file.selectFile((short)(('s'<<8)|'h')); // select public key file | |
120 | os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8)); | |
121 | apdu.setOutgoingAndSend((short)0, (short)(keysize/8)); | |
122 | /* | |
123 | apdu.setOutgoing(); | |
124 | apdu.setOutgoingLength((short)(keysize/8)); | |
125 | apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8)); | |
126 | */ | |
127 | return; | |
128 | case GET_KEYLENGTH: | |
129 | buffer[0] = (byte)((keysize >> 8) & 0xff); | |
130 | buffer[1] = (byte)(keysize & 0xff); | |
131 | apdu.setOutgoingAndSend ((short)0, (short)2); | |
132 | return; | |
133 | case GET_RESPONSE: | |
134 | return; | |
135 | default: | |
136 | ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED); | |
137 | } | |
138 | ||
139 | } // end of process method | |
140 | ||
141 | /* | |
142 | private void decrypt (APDU apdu) | |
143 | { | |
144 | short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); | |
145 | ||
146 | if (apdu.setIncomingAndReceive() != size) | |
147 | ISOException.throwIt (ISO.SW_WRONG_LENGTH); | |
148 | ||
149 | //short offset = (short) ISO.OFFSET_CDATA; | |
150 | ||
151 | rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer, | |
152 | (short) ISO.OFFSET_CDATA); | |
153 | apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size); | |
154 | } | |
155 | */ | |
156 | } // end of class Ssh |