CITI Previous | Index | Next

A non-trivial example: ssh

So far we haven't really done anything very useful with our cards. Now we will look at a real-world example of on-card encryption, a version of OpenSSH that stores the public and private keys on the card, and does its crypto operations on the card.

The applet that runs on the card is called Ssh.java. Let's take a look at it now.

The Ssh method is called the Constructor. It runs once at the time the applet is installed on the card. It allocates a key structure, rsakey, that will be used later to store the private key. It also registers the applet with the card operating system so that the applet can be selected and run later.

The select method runs at the time the applet is selected, which ssh will do via the select APDU when it wants to talk to the applet.

The main method does nothing except, in a quirk of Cyberflex programming, to determine the last two bytes of the ATR.