mirror of git://anongit.mindrot.org/openssh.git
157 lines
5.0 KiB
Java
157 lines
5.0 KiB
Java
/*
|
|
* copyright 1997, 2000
|
|
* the regents of the university of michigan
|
|
* all rights reserved
|
|
*
|
|
* permission is granted to use, copy, create derivative works
|
|
* and redistribute this software and such derivative works
|
|
* for any purpose, so long as the name of the university of
|
|
* michigan is not used in any advertising or publicity
|
|
* pertaining to the use or distribution of this software
|
|
* without specific, written prior authorization. if the
|
|
* above copyright notice or any other identification of the
|
|
* university of michigan is included in any copy of any
|
|
* portion of this software, then the disclaimer below must
|
|
* also be included.
|
|
*
|
|
* this software is provided as is, without representation
|
|
* from the university of michigan as to its fitness for any
|
|
* purpose, and without warranty by the university of
|
|
* michigan of any kind, either express or implied, including
|
|
* without limitation the implied warranties of
|
|
* merchantability and fitness for a particular purpose. the
|
|
* regents of the university of michigan shall not be liable
|
|
* for any damages, including special, indirect, incidental, or
|
|
* consequential damages, with respect to any claim arising
|
|
* out of or in connection with the use of the software, even
|
|
* if it has been or is hereafter advised of the possibility of
|
|
* such damages.
|
|
*
|
|
* SSH / smartcard integration project, smartcard side
|
|
*
|
|
* Tomoko Fukuzawa, created, Feb., 2000
|
|
* Naomaru Itoi, modified, Apr., 2000
|
|
*/
|
|
|
|
import javacard.framework.*;
|
|
import javacardx.framework.*;
|
|
import javacardx.crypto.*;
|
|
|
|
public class Ssh extends javacard.framework.Applet
|
|
{
|
|
/* constants declaration */
|
|
// code of CLA byte in the command APDU header
|
|
private final byte Ssh_CLA =(byte)0x05;
|
|
|
|
// codes of INS byte in the command APDU header
|
|
private final byte DECRYPT = (byte) 0x10;
|
|
private final byte GET_KEYLENGTH = (byte) 0x20;
|
|
private final byte GET_PUBKEY = (byte) 0x30;
|
|
private final byte GET_RESPONSE = (byte) 0xc0;
|
|
|
|
/* instance variables declaration */
|
|
private final short keysize = 1024;
|
|
|
|
//RSA_CRT_PrivateKey rsakey;
|
|
AsymKey rsakey;
|
|
CyberflexFile file;
|
|
CyberflexOS os;
|
|
|
|
byte buffer[];
|
|
//byte pubkey[];
|
|
|
|
static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05};
|
|
|
|
private Ssh()
|
|
{
|
|
file = new CyberflexFile();
|
|
os = new CyberflexOS();
|
|
|
|
rsakey = new RSA_CRT_PrivateKey (keysize);
|
|
rsakey.setKeyInstance ((short)0xc8, (short)0x10);
|
|
|
|
if ( ! rsakey.isSupportedLength (keysize) )
|
|
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
|
|
|
|
/*
|
|
pubkey = new byte[keysize/8];
|
|
file.selectFile((short)(0x3f<<8)); // select root
|
|
file.selectFile((short)(('s'<<8)|'h')); // select public key file
|
|
os.readBinaryFile (pubkey, (short)0, (short)0, (short)(keysize/8));
|
|
*/
|
|
register();
|
|
} // end of the constructor
|
|
|
|
public static void install(APDU apdu)
|
|
{
|
|
new Ssh(); // create a Ssh applet instance (card)
|
|
} // end of install method
|
|
|
|
public void process(APDU apdu)
|
|
{
|
|
// APDU object carries a byte array (buffer) to
|
|
// transfer incoming and outgoing APDU header
|
|
// and data bytes between card and CAD
|
|
buffer = apdu.getBuffer();
|
|
|
|
// verify that if the applet can accept this
|
|
// APDU message
|
|
// NI: change suggested by Wayne Dyksen, Purdue
|
|
if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
|
|
ISOException.throwIt(ISO.SW_NO_ERROR);
|
|
|
|
switch (buffer[ISO.OFFSET_INS]) {
|
|
case DECRYPT:
|
|
if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
|
|
ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
|
|
//decrypt (apdu);
|
|
short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
|
|
|
|
if (apdu.setIncomingAndReceive() != size)
|
|
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
|
|
|
|
rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
|
|
buffer, (short) ISO.OFFSET_CDATA);
|
|
apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
|
|
return;
|
|
case GET_PUBKEY:
|
|
file.selectFile((short)(0x3f<<8)); // select root
|
|
file.selectFile((short)(('s'<<8)|'h')); // select public key file
|
|
os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8));
|
|
apdu.setOutgoingAndSend((short)0, (short)(keysize/8));
|
|
/*
|
|
apdu.setOutgoing();
|
|
apdu.setOutgoingLength((short)(keysize/8));
|
|
apdu.sendBytesLong(pubkey, (short)0, (short)(keysize/8));
|
|
*/
|
|
return;
|
|
case GET_KEYLENGTH:
|
|
buffer[0] = (byte)((keysize >> 8) & 0xff);
|
|
buffer[1] = (byte)(keysize & 0xff);
|
|
apdu.setOutgoingAndSend ((short)0, (short)2);
|
|
return;
|
|
case GET_RESPONSE:
|
|
return;
|
|
default:
|
|
ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
|
|
}
|
|
|
|
} // end of process method
|
|
|
|
/*
|
|
private void decrypt (APDU apdu)
|
|
{
|
|
short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
|
|
|
|
if (apdu.setIncomingAndReceive() != size)
|
|
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
|
|
|
|
//short offset = (short) ISO.OFFSET_CDATA;
|
|
|
|
rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer,
|
|
(short) ISO.OFFSET_CDATA);
|
|
apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
|
|
}
|
|
*/
|
|
} // end of class Ssh
|