From 8ce8296fd0c9d8b39467873952ac6c8e058d402a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 22 May 2002 14:24:01 +1000 Subject: [PATCH] sync scard/ --- ChangeLog | 3 ++- scard/Ssh.bin.uu | 27 +++++++++++----------- scard/Ssh.java | 59 ++++++++++++++++++++++++++++++++---------------- 3 files changed, 56 insertions(+), 33 deletions(-) diff --git a/ChangeLog b/ChangeLog index d1fa5de55..66b55b2ce 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 20020522 - (djm) Fix spelling mistakes, spotted by Solar Designer i + - Sync scard/ (not sure when it drifted) - (djm) OpenBSD CVS Sync: [auth.c] Fix typo/thinko. Pass in as to auth_approval(), not NULL. @@ -670,4 +671,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2140 2002/05/22 04:14:54 djm Exp $ +$Id: ChangeLog,v 1.2141 2002/05/22 04:24:01 djm Exp $ diff --git a/scard/Ssh.bin.uu b/scard/Ssh.bin.uu index 1062e21d6..ea3986a69 100644 --- a/scard/Ssh.bin.uu +++ b/scard/Ssh.bin.uu @@ -1,16 +1,17 @@ begin 644 Ssh.bin -M`P)!%P`501P`;``!`C@"`/Y@\`4`_J'P!0!!%T$;`?Z@\`4`01=!&@'^>/,! -M`4$701P!_G#S%P'^0],1`?Y@\!0`_G/S'0#^<]4``D$7L`4`_F'3``!!%T$9 -M`?YATP4`_G/5"P7^8=,'`OZAT`$!_J#0$@1!%T$8`0```$$7!`$&`/Y@`;@` -M`$$8\`H(`$$9\`H``$$:\@\``$$;\B$``$$<\A```/`&__(```0(`!8```9C -M""T#"<(H+00$*"T%""A;`&19``#P$/_R`P(&`0#(```38`!!70!&$UP`1@09 -M":1+``D*D`!@`"@37`!&!!E6`````*(````$____P````*$````0````*@`` -M`"````"-````,````&H37`!&`QD(2@`)"FX`8``H$UP`1@<9"@#_/2!@`$L1 -M2@`)"F<`8``H$UP`'A-<`$8($1-<`$8(7@!0"!%@`%59"C\`8`!:*PIS:&`` -M6BL37`!&`P,*`(!@`%\K`PH`@&``55D37`!&`P`"U9```````` +M`P)!&P`801X`>``!`E@"`/Y@\`4`_J'P!0!!&T$=`?Z@\`4`01M!'`'^>/,! +M`4$;01X!_G#S%P'^0],1`?Y@\!0`_G/S'0#^<]4``D$;L`4`_F'3``#^8=,% +M`/ZAT`$!_J#0)P'^H],*`?ZCTPD`_G/5"P7^8=,'`OZAT`H`_J#0$@3^:-,@ +M`T$;`P`%`/Y@`\A```/`0__(%`@8!`0H``&`` +M0205!!D)I$L`"0J0`&``*!4$&58``````.P````%____P````.D````0```` +M,P```"````#'````,````(T````R````V!4#&0A*``D*;@!@`"@5!QD*`/\] +M(6``1A)*``D*9P!@`"@*/P!@`$LK"1)@`$LK!6``4!P$#00#2@`.#01@`%5@ +M`%I@`"@37``>%0@2%0A>`%\($F``9%(`:`H_`&``2RL*7@`R10`/$UP`'@H`R`D07@`W!%>P!?_R`0$$`@`\```37P`` +M$V+^H2U?``5=``H38OZ@+5\`#UT`%!-B_G@M"@0`7P`970`>"@0`8``C10`) +/"F<`8``H$UX`+5D````` ` end diff --git a/scard/Ssh.java b/scard/Ssh.java index 9ca6da385..6418957c2 100644 --- a/scard/Ssh.java +++ b/scard/Ssh.java @@ -1,4 +1,4 @@ -// $Id: Ssh.java,v 1.2 2001/09/15 10:58:47 djm Exp $ +// $Id: Ssh.java,v 1.3 2002/05/22 04:24:02 djm Exp $ // // Ssh.java // SSH / smartcard integration project, smartcard side @@ -42,6 +42,9 @@ import javacardx.crypto.*; public class Ssh extends javacard.framework.Applet { + // Change this when the applet changes; hi byte is major, low byte is minor + static final short applet_version = (short)0x0102; + /* constants declaration */ // code of CLA byte in the command APDU header static final byte Ssh_CLA =(byte)0x05; @@ -50,20 +53,19 @@ public class Ssh extends javacard.framework.Applet static final byte DECRYPT = (byte) 0x10; static final byte GET_KEYLENGTH = (byte) 0x20; static final byte GET_PUBKEY = (byte) 0x30; + static final byte GET_VERSION = (byte) 0x32; static final byte GET_RESPONSE = (byte) 0xc0; - /* instance variables declaration */ static final short keysize = 1024; + static final short root_fid = (short)0x3f00; + static final short privkey_fid = (short)0x0012; + static final short pubkey_fid = (short)(('s'<<8)|'h'); - //RSA_CRT_PrivateKey rsakey; + /* instance variables declaration */ AsymKey rsakey; CyberflexFile file; CyberflexOS os; - byte buffer[]; - - static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05}; - private Ssh() { file = new CyberflexFile(); @@ -98,7 +100,8 @@ public class Ssh extends javacard.framework.Applet // APDU object carries a byte array (buffer) to // transfer incoming and outgoing APDU header // and data bytes between card and CAD - buffer = apdu.getBuffer(); + byte buffer[] = apdu.getBuffer(); + short size, st; // verify that if the applet can accept this // APDU message @@ -111,29 +114,47 @@ public class Ssh extends javacard.framework.Applet if (buffer[ISO.OFFSET_CLA] != Ssh_CLA) ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED); //decrypt (apdu); - short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); + size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); if (apdu.setIncomingAndReceive() != size) ISOException.throwIt (ISO.SW_WRONG_LENGTH); + // check access; depends on bit 2 (x/a) + file.selectFile(root_fid); + file.selectFile(privkey_fid); + st = os.checkAccess(ACL.EXECUTE); + if (st != ST.ACCESS_CLEARED) { + CyberflexAPDU.prepareSW1SW2(st); + ISOException.throwIt(CyberflexAPDU.getSW1SW2()); + } + rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, buffer, (short) ISO.OFFSET_CDATA); apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size); - return; + break; case GET_PUBKEY: - file.selectFile((short)(0x3f<<8)); // select root - file.selectFile((short)(('s'<<8)|'h')); // select public key file - os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8)); - apdu.setOutgoingAndSend((short)0, (short)(keysize/8)); - return; + file.selectFile(root_fid); // select root + file.selectFile(pubkey_fid); // select public key file + size = (short)(file.getFileSize() - 16); + st = os.readBinaryFile(buffer, (short)0, (short)0, size); + if (st == ST.SUCCESS) + apdu.setOutgoingAndSend((short)0, size); + else { + CyberflexAPDU.prepareSW1SW2(st); + ISOException.throwIt(CyberflexAPDU.getSW1SW2()); + } + break; case GET_KEYLENGTH: - buffer[0] = (byte)((keysize >> 8) & 0xff); - buffer[1] = (byte)(keysize & 0xff); + Util.setShort(buffer, (short)0, keysize); apdu.setOutgoingAndSend ((short)0, (short)2); - return; + break; + case GET_VERSION: + Util.setShort(buffer, (short)0, applet_version); + apdu.setOutgoingAndSend ((short)0, (short)2); + break; case GET_RESPONSE: - return; + break; default: ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED); }