summaryrefslogtreecommitdiff
path: root/scard/Ssh.java
blob: 9ca6da3851e93c42ae2ee5a1e1b6b5d9f01e8310 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
// $Id: Ssh.java,v 1.2 2001/09/15 10:58:47 djm Exp $
//
// Ssh.java
// SSH / smartcard integration project, smartcard side
//
// Tomoko Fukuzawa, created, Feb., 2000
//
// Naomaru Itoi, modified, Apr., 2000
//

// copyright 2000
// the regents of the university of michigan
// all rights reserved
//
// permission is granted to use, copy, create derivative works
// and redistribute this software and such derivative works
// for any purpose, so long as the name of the university of
// michigan is not used in any advertising or publicity
// pertaining to the use or distribution of this software
// without specific, written prior authorization.  if the
// above copyright notice or any other identification of the
// university of michigan is included in any copy of any
// portion of this software, then the disclaimer below must
// also be included.
//
// this software is provided as is, without representation
// from the university of michigan as to its fitness for any
// purpose, and without warranty by the university of
// michigan of any kind, either express or implied, including
// without limitation the implied warranties of
// merchantability and fitness for a particular purpose. the
// regents of the university of michigan shall not be liable
// for any damages, including special, indirect, incidental, or
// consequential damages, with respect to any claim arising
// out of or in connection with the use of the software, even
// if it has been or is hereafter advised of the possibility of
// such damages.

import javacard.framework.*;
import javacardx.framework.*;
import javacardx.crypto.*;

public class Ssh extends javacard.framework.Applet
{
    /* constants declaration */
    // code of CLA byte in the command APDU header
    static final byte Ssh_CLA =(byte)0x05;

    // codes of INS byte in the command APDU header
    static final byte DECRYPT = (byte) 0x10;
    static final byte GET_KEYLENGTH = (byte) 0x20;
    static final byte GET_PUBKEY = (byte) 0x30;
    static final byte GET_RESPONSE = (byte) 0xc0;

    /* instance variables declaration */
    static final short keysize = 1024;

    //RSA_CRT_PrivateKey rsakey;
    AsymKey rsakey;
    CyberflexFile file;
    CyberflexOS os;

    byte buffer[];

    static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};

    private Ssh()
    {
	file = new CyberflexFile();
	os = new CyberflexOS();

	rsakey = new RSA_CRT_PrivateKey (keysize);

	if ( ! rsakey.isSupportedLength (keysize) )
	    ISOException.throwIt (ISO.SW_WRONG_LENGTH);

	register();
    } // end of the constructor

    public boolean select() {
	if (!rsakey.isInitialized())
	    rsakey.setKeyInstance ((short)0xc8, (short)0x10);

	return true;
    }

    public static void install(APDU apdu)
    {
	new Ssh();	// create a Ssh applet instance (card)
    } // end of install method

    public static void main(String args[]) {
	ISOException.throwIt((short) 0x9000);
    }

    public void process(APDU apdu)
    {
	// APDU object carries a byte array (buffer) to
	// transfer incoming and outgoing APDU header
	// and data bytes between card and CAD
	buffer = apdu.getBuffer();

	// verify that if the applet can accept this
	// APDU message
	// NI: change suggested by Wayne Dyksen, Purdue
	if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
	    ISOException.throwIt(ISO.SW_NO_ERROR);

	switch (buffer[ISO.OFFSET_INS]) {
	case DECRYPT:
	    if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
		ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
	    //decrypt (apdu);
	    short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);

	    if (apdu.setIncomingAndReceive() != size)
		ISOException.throwIt (ISO.SW_WRONG_LENGTH);

	    rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
				 buffer, (short) ISO.OFFSET_CDATA);

	    apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
	    return;
	case GET_PUBKEY:
	    file.selectFile((short)(0x3f<<8)); // select root
	    file.selectFile((short)(('s'<<8)|'h')); // select public key file
	    os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
	    apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
	    return;
	case GET_KEYLENGTH:
	    buffer[0] = (byte)((keysize >> 8) & 0xff);
	    buffer[1] = (byte)(keysize & 0xff);
	    apdu.setOutgoingAndSend ((short)0, (short)2);
	    return;
	case GET_RESPONSE:
	    return;
	default:
	    ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
	}

    } // end of process method

} // end of class Ssh