3 * the regents of the university of michigan
6 * permission is granted to use, copy, create derivative works
7 * and redistribute this software and such derivative works
8 * for any purpose, so long as the name of the university of
9 * michigan is not used in any advertising or publicity
10 * pertaining to the use or distribution of this software
11 * without specific, written prior authorization. if the
12 * above copyright notice or any other identification of the
13 * university of michigan is included in any copy of any
14 * portion of this software, then the disclaimer below must
17 * this software is provided as is, without representation
18 * from the university of michigan as to its fitness for any
19 * purpose, and without warranty by the university of
20 * michigan of any kind, either express or implied, including
21 * without limitation the implied warranties of
22 * merchantability and fitness for a particular purpose. the
23 * regents of the university of michigan shall not be liable
24 * for any damages, including special, indirect, incidental, or
25 * consequential damages, with respect to any claim arising
26 * out of or in connection with the use of the software, even
27 * if it has been or is hereafter advised of the possibility of
30 * SSH / smartcard integration project, smartcard side
32 * Tomoko Fukuzawa, created, Feb., 2000
33 * Naomaru Itoi, modified, Apr., 2000
36 import javacard.framework.*;
37 import javacardx.framework.*;
38 import javacardx.crypto.*;
40 public class Ssh extends javacard.framework.Applet
42 /* constants declaration */
43 // code of CLA byte in the command APDU header
44 private final byte Ssh_CLA =(byte)0x05;
46 // codes of INS byte in the command APDU header
47 private final byte DECRYPT = (byte) 0x10;
48 private final byte GET_KEYLENGTH = (byte) 0x20;
49 private final byte GET_PUBKEY = (byte) 0x30;
50 private final byte GET_RESPONSE = (byte) 0xc0;
52 /* instance variables declaration */
53 private final short keysize = 1024;
55 //RSA_CRT_PrivateKey rsakey;
63 static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
67 file = new CyberflexFile();
68 os = new CyberflexOS();
70 rsakey = new RSA_CRT_PrivateKey (keysize);
71 rsakey.setKeyInstance ((short)0xc8, (short)0x10);
73 if ( ! rsakey.isSupportedLength (keysize) )
74 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
77 pubkey = new byte[keysize/8];
78 file.selectFile((short)(0x3f<<8)); // select root
79 file.selectFile((short)(('s'<<8)|'h')); // select public key file
80 os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
83 } // end of the constructor
85 public static void install(APDU apdu)
87 new Ssh(); // create a Ssh applet instance (card)
88 } // end of install method
90 public void process(APDU apdu)
92 // APDU object carries a byte array (buffer) to
93 // transfer incoming and outgoing APDU header
94 // and data bytes between card and CAD
95 buffer = apdu.getBuffer();
97 // verify that if the applet can accept this
99 // NI: change suggested by Wayne Dyksen, Purdue
100 if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
101 ISOException.throwIt(ISO.SW_NO_ERROR);
103 switch (buffer[ISO.OFFSET_INS]) {
105 if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
106 ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
108 short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
110 if (apdu.setIncomingAndReceive() != size)
111 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
113 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
114 buffer, (short) ISO.OFFSET_CDATA);
115 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
118 file.selectFile((short)(0x3f<<8)); // select root
119 file.selectFile((short)(('s'<<8)|'h')); // select public key file
120 os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
121 apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
124 apdu.setOutgoingLength((short)(keysize/8));
125 apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
129 buffer[0] = (byte)((keysize >> 8) & 0xff);
130 buffer[1] = (byte)(keysize & 0xff);
131 apdu.setOutgoingAndSend ((short)0, (short)2);
136 ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
139 } // end of process method
142 private void decrypt (APDU apdu)
144 short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
146 if (apdu.setIncomingAndReceive() != size)
147 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
149 //short offset = (short) ISO.OFFSET_CDATA;
151 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
152 (short) ISO.OFFSET_CDATA);
153 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
156 } // end of class Ssh