[openssh.git] / scard / Ssh.java

/*
 * copyright 1997, 2000
 * the regents of the university of michigan
 * all rights reserved
 *
 * permission is granted to use, copy, create derivative works 
 * and redistribute this software and such derivative works 
 * for any purpose, so long as the name of the university of 
 * michigan is not used in any advertising or publicity 
 * pertaining to the use or distribution of this software 
 * without specific, written prior authorization.  if the 
 * above copyright notice or any other identification of the 
 * university of michigan is included in any copy of any 
 * portion of this software, then the disclaimer below must 
 * also be included.
 * 
 * this software is provided as is, without representation 
 * from the university of michigan as to its fitness for any 
 * purpose, and without warranty by the university of 
 * michigan of any kind, either express or implied, including 
 * without limitation the implied warranties of 
 * merchantability and fitness for a particular purpose. the 
 * regents of the university of michigan shall not be liable 
 * for any damages, including special, indirect, incidental, or 
 * consequential damages, with respect to any claim arising 
 * out of or in connection with the use of the software, even 
 * if it has been or is hereafter advised of the possibility of 
 * such damages.
 *
 * SSH / smartcard integration project, smartcard side 
 *
 * Tomoko Fukuzawa, created, Feb., 2000
 * Naomaru Itoi, modified, Apr., 2000
 */

import javacard.framework.*;
import javacardx.framework.*;
import javacardx.crypto.*;

public class Ssh extends javacard.framework.Applet
{ 
    /* constants declaration */ 
    // code of CLA byte in the command APDU header 
    private final byte Ssh_CLA =(byte)0x05;
    
    // codes of INS byte in the command APDU header
    private final byte DECRYPT = (byte) 0x10;
    private final byte GET_KEYLENGTH = (byte) 0x20;
    private final byte GET_PUBKEY = (byte) 0x30;
    private final byte GET_RESPONSE = (byte) 0xc0;

    /* instance variables declaration */
    private final short keysize = 1024;

    //RSA_CRT_PrivateKey rsakey;
    AsymKey rsakey;
    CyberflexFile file;
    CyberflexOS os;
    
    byte buffer[];
    //byte pubkey[];

    static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};

    private Ssh()
    {
	file = new CyberflexFile();
	os = new CyberflexOS();
	
	rsakey = new RSA_CRT_PrivateKey (keysize);
	rsakey.setKeyInstance ((short)0xc8, (short)0x10);

	if ( ! rsakey.isSupportedLength (keysize) )
	    ISOException.throwIt (ISO.SW_WRONG_LENGTH);

	/*
	pubkey = new byte[keysize/8];
	file.selectFile((short)(0x3f<<8)); // select root
	file.selectFile((short)(('s'<<8)|'h')); // select public key file
	os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
	*/
	register(); 
    } // end of the constructor 

    public static void install(APDU apdu)
    {
	new Ssh();	// create a Ssh applet instance (card) 
    } // end of install method

    public void process(APDU apdu)
    { 
	// APDU object carries a byte array (buffer) to 
	// transfer incoming and outgoing APDU header 
	// and data bytes between card and CAD
	buffer = apdu.getBuffer(); 

	// verify that if the applet can accept this
	// APDU message 
	// NI: change suggested by Wayne Dyksen, Purdue
	if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
	    ISOException.throwIt(ISO.SW_NO_ERROR);
		
	switch (buffer[ISO.OFFSET_INS]) {
	case DECRYPT:
	    if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
		ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
	    //decrypt (apdu);
	    short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
	    
	    if (apdu.setIncomingAndReceive() != size)
		ISOException.throwIt (ISO.SW_WRONG_LENGTH);
	    
	    rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
				 buffer, (short) ISO.OFFSET_CDATA);
	    apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
	    return;
	case GET_PUBKEY:
	    file.selectFile((short)(0x3f<<8)); // select root
	    file.selectFile((short)(('s'<<8)|'h')); // select public key file
	    os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
	    apdu.setOutgoingAndSend((short)0, (short)(keysize/8)); 
	    /*
	    apdu.setOutgoing();
	    apdu.setOutgoingLength((short)(keysize/8)); 
	    apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
	    */
	    return;
	case GET_KEYLENGTH:
	    buffer[0] = (byte)((keysize >> 8) & 0xff);
	    buffer[1] = (byte)(keysize & 0xff);
	    apdu.setOutgoingAndSend ((short)0, (short)2);
	    return;
	case GET_RESPONSE:
	    return;
	default:
	    ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED); 
	} 

    } // end of process method

    /*
    private void decrypt (APDU apdu)
    {
 	short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);

	if (apdu.setIncomingAndReceive() != size)
	    ISOException.throwIt (ISO.SW_WRONG_LENGTH);

	//short offset = (short) ISO.OFFSET_CDATA;

	rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
			     (short) ISO.OFFSET_CDATA);
	apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
    }
    */
} // end of class Ssh
Commit	Line	Data
637b033d	1	/*
	2	* copyright 1997, 2000
	3	* the regents of the university of michigan
	4	* all rights reserved
	5	*
	6	* permission is granted to use, copy, create derivative works
	7	* and redistribute this software and such derivative works
	8	* for any purpose, so long as the name of the university of
	9	* michigan is not used in any advertising or publicity
	10	* pertaining to the use or distribution of this software
	11	* without specific, written prior authorization. if the
	12	* above copyright notice or any other identification of the
	13	* university of michigan is included in any copy of any
	14	* portion of this software, then the disclaimer below must
	15	* also be included.
	16	*
	17	* this software is provided as is, without representation
	18	* from the university of michigan as to its fitness for any
	19	* purpose, and without warranty by the university of
	20	* michigan of any kind, either express or implied, including
	21	* without limitation the implied warranties of
	22	* merchantability and fitness for a particular purpose. the
	23	* regents of the university of michigan shall not be liable
	24	* for any damages, including special, indirect, incidental, or
	25	* consequential damages, with respect to any claim arising
	26	* out of or in connection with the use of the software, even
	27	* if it has been or is hereafter advised of the possibility of
	28	* such damages.
	29	*
	30	* SSH / smartcard integration project, smartcard side
	31	*
	32	* Tomoko Fukuzawa, created, Feb., 2000
	33	* Naomaru Itoi, modified, Apr., 2000
	34	*/
	35
	36	import javacard.framework.*;
	37	import javacardx.framework.*;
	38	import javacardx.crypto.*;
	39
	40	public class Ssh extends javacard.framework.Applet
	41	{
	42	/* constants declaration */
	43	// code of CLA byte in the command APDU header
	44	private final byte Ssh_CLA =(byte)0x05;
	45
	46	// codes of INS byte in the command APDU header
	47	private final byte DECRYPT = (byte) 0x10;
	48	private final byte GET_KEYLENGTH = (byte) 0x20;
	49	private final byte GET_PUBKEY = (byte) 0x30;
	50	private final byte GET_RESPONSE = (byte) 0xc0;
	51
	52	/* instance variables declaration */
	53	private final short keysize = 1024;
	54
	55	//RSA_CRT_PrivateKey rsakey;
	56	AsymKey rsakey;
	57	CyberflexFile file;
	58	CyberflexOS os;
	59
	60	byte buffer[];
	61	//byte pubkey[];
	62
	63	static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
	64
65	private Ssh()
66	{
67	file = new CyberflexFile();
68	os = new CyberflexOS();
69
70	rsakey = new RSA_CRT_PrivateKey (keysize);
71	rsakey.setKeyInstance ((short)0xc8, (short)0x10);
72
73	if ( ! rsakey.isSupportedLength (keysize) )
74	ISOException.throwIt (ISO.SW_WRONG_LENGTH);
75
76	/*
77	pubkey = new byte[keysize/8];
78	file.selectFile((short)(0x3f<<8)); // select root
79	file.selectFile((short)(('s'<<8)\|'h')); // select public key file
80	os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
81	*/
82	register();
83	} // end of the constructor
84
85	public static void install(APDU apdu)
86	{
87	new Ssh(); // create a Ssh applet instance (card)
88	} // end of install method
89
90	public void process(APDU apdu)
91	{
92	// APDU object carries a byte array (buffer) to
93	// transfer incoming and outgoing APDU header
94	// and data bytes between card and CAD
95	buffer = apdu.getBuffer();
96
97	// verify that if the applet can accept this
98	// APDU message
99	// NI: change suggested by Wayne Dyksen, Purdue
100	if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
101	ISOException.throwIt(ISO.SW_NO_ERROR);
102
103	switch (buffer[ISO.OFFSET_INS]) {
104	case DECRYPT:
105	if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
106	ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
107	//decrypt (apdu);
108	short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
109
110	if (apdu.setIncomingAndReceive() != size)
111	ISOException.throwIt (ISO.SW_WRONG_LENGTH);
112
113	rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
114	buffer, (short) ISO.OFFSET_CDATA);
115	apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
116	return;
117	case GET_PUBKEY:
118	file.selectFile((short)(0x3f<<8)); // select root
119	file.selectFile((short)(('s'<<8)\|'h')); // select public key file
120	os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
121	apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
122	/*
123	apdu.setOutgoing();
124	apdu.setOutgoingLength((short)(keysize/8));
125	apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
126	*/
127	return;
128	case GET_KEYLENGTH:
129	buffer[0] = (byte)((keysize >> 8) & 0xff);
130	buffer[1] = (byte)(keysize & 0xff);
131	apdu.setOutgoingAndSend ((short)0, (short)2);
132	return;
133	case GET_RESPONSE:
134	return;
135	default:
136	ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
137	}
138
139	} // end of process method
140
141	/*
142	private void decrypt (APDU apdu)
143	{
144	short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
145
146	if (apdu.setIncomingAndReceive() != size)
147	ISOException.throwIt (ISO.SW_WRONG_LENGTH);
148
149	//short offset = (short) ISO.OFFSET_CDATA;
150
151	rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
152	(short) ISO.OFFSET_CDATA);
153	apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
154	}
155	*/
156	} // end of class Ssh