summaryrefslogtreecommitdiff
path: root/scard/Ssh.java
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-05-22 14:24:01 +1000
committerDamien Miller <djm@mindrot.org>2002-05-22 14:24:01 +1000
commit8ce8296fd0c9d8b39467873952ac6c8e058d402a (patch)
tree433fba33dfd08f644d6325b43f194ff75c1b3139 /scard/Ssh.java
parent23dc10ddaca953544d24360a0ad6e3f29a685d98 (diff)
sync scard/
Diffstat (limited to 'scard/Ssh.java')
-rw-r--r--scard/Ssh.java59
1 files changed, 40 insertions, 19 deletions
diff --git a/scard/Ssh.java b/scard/Ssh.java
index 9ca6da385..6418957c2 100644
--- a/scard/Ssh.java
+++ b/scard/Ssh.java
@@ -1,4 +1,4 @@
1// $Id: Ssh.java,v 1.2 2001/09/15 10:58:47 djm Exp $ 1// $Id: Ssh.java,v 1.3 2002/05/22 04:24:02 djm Exp $
2// 2//
3// Ssh.java 3// Ssh.java
4// SSH / smartcard integration project, smartcard side 4// SSH / smartcard integration project, smartcard side
@@ -42,6 +42,9 @@ import javacardx.crypto.*;
42 42
43public class Ssh extends javacard.framework.Applet 43public class Ssh extends javacard.framework.Applet
44{ 44{
45 // Change this when the applet changes; hi byte is major, low byte is minor
46 static final short applet_version = (short)0x0102;
47
45 /* constants declaration */ 48 /* constants declaration */
46 // code of CLA byte in the command APDU header 49 // code of CLA byte in the command APDU header
47 static final byte Ssh_CLA =(byte)0x05; 50 static final byte Ssh_CLA =(byte)0x05;
@@ -50,20 +53,19 @@ public class Ssh extends javacard.framework.Applet
50 static final byte DECRYPT = (byte) 0x10; 53 static final byte DECRYPT = (byte) 0x10;
51 static final byte GET_KEYLENGTH = (byte) 0x20; 54 static final byte GET_KEYLENGTH = (byte) 0x20;
52 static final byte GET_PUBKEY = (byte) 0x30; 55 static final byte GET_PUBKEY = (byte) 0x30;
56 static final byte GET_VERSION = (byte) 0x32;
53 static final byte GET_RESPONSE = (byte) 0xc0; 57 static final byte GET_RESPONSE = (byte) 0xc0;
54 58
55 /* instance variables declaration */
56 static final short keysize = 1024; 59 static final short keysize = 1024;
60 static final short root_fid = (short)0x3f00;
61 static final short privkey_fid = (short)0x0012;
62 static final short pubkey_fid = (short)(('s'<<8)|'h');
57 63
58 //RSA_CRT_PrivateKey rsakey; 64 /* instance variables declaration */
59 AsymKey rsakey; 65 AsymKey rsakey;
60 CyberflexFile file; 66 CyberflexFile file;
61 CyberflexOS os; 67 CyberflexOS os;
62 68
63 byte buffer[];
64
65 static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
66
67 private Ssh() 69 private Ssh()
68 { 70 {
69 file = new CyberflexFile(); 71 file = new CyberflexFile();
@@ -98,7 +100,8 @@ public class Ssh extends javacard.framework.Applet
98 // APDU object carries a byte array (buffer) to 100 // APDU object carries a byte array (buffer) to
99 // transfer incoming and outgoing APDU header 101 // transfer incoming and outgoing APDU header
100 // and data bytes between card and CAD 102 // and data bytes between card and CAD
101 buffer = apdu.getBuffer(); 103 byte buffer[] = apdu.getBuffer();
104 short size, st;
102 105
103 // verify that if the applet can accept this 106 // verify that if the applet can accept this
104 // APDU message 107 // APDU message
@@ -111,29 +114,47 @@ public class Ssh extends javacard.framework.Applet
111 if (buffer[ISO.OFFSET_CLA] != Ssh_CLA) 114 if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
112 ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED); 115 ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
113 //decrypt (apdu); 116 //decrypt (apdu);
114 short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); 117 size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
115 118
116 if (apdu.setIncomingAndReceive() != size) 119 if (apdu.setIncomingAndReceive() != size)
117 ISOException.throwIt (ISO.SW_WRONG_LENGTH); 120 ISOException.throwIt (ISO.SW_WRONG_LENGTH);
118 121
122 // check access; depends on bit 2 (x/a)
123 file.selectFile(root_fid);
124 file.selectFile(privkey_fid);
125 st = os.checkAccess(ACL.EXECUTE);
126 if (st != ST.ACCESS_CLEARED) {
127 CyberflexAPDU.prepareSW1SW2(st);
128 ISOException.throwIt(CyberflexAPDU.getSW1SW2());
129 }
130
119 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, 131 rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
120 buffer, (short) ISO.OFFSET_CDATA); 132 buffer, (short) ISO.OFFSET_CDATA);
121 133
122 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size); 134 apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
123 return; 135 break;
124 case GET_PUBKEY: 136 case GET_PUBKEY:
125 file.selectFile((short)(0x3f<<8)); // select root 137 file.selectFile(root_fid); // select root
126 file.selectFile((short)(('s'<<8)|'h')); // select public key file 138 file.selectFile(pubkey_fid); // select public key file
127 os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8)); 139 size = (short)(file.getFileSize() - 16);
128 apdu.setOutgoingAndSend((short)0, (short)(keysize/8)); 140 st = os.readBinaryFile(buffer, (short)0, (short)0, size);
129 return; 141 if (st == ST.SUCCESS)
142 apdu.setOutgoingAndSend((short)0, size);
143 else {
144 CyberflexAPDU.prepareSW1SW2(st);
145 ISOException.throwIt(CyberflexAPDU.getSW1SW2());
146 }
147 break;
130 case GET_KEYLENGTH: 148 case GET_KEYLENGTH:
131 buffer[0] = (byte)((keysize >> 8) & 0xff); 149 Util.setShort(buffer, (short)0, keysize);
132 buffer[1] = (byte)(keysize & 0xff); 150 apdu.setOutgoingAndSend ((short)0, (short)2);
151 break;
152 case GET_VERSION:
153 Util.setShort(buffer, (short)0, applet_version);
133 apdu.setOutgoingAndSend ((short)0, (short)2); 154 apdu.setOutgoingAndSend ((short)0, (short)2);
134 return; 155 break;
135 case GET_RESPONSE: 156 case GET_RESPONSE:
136 return; 157 break;
137 default: 158 default:
138 ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED); 159 ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
139 } 160 }
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 08:49:02 +0000