Assignment 3 : Applet Programming - Kerberos/Smartcard Integration

2/1/2000, Naomaru Itoi (itoi@eecs.umich.edu)
(Updated 2/12/2000)
(Updated 11/5/2000)

Problem Description

1. Write the Java Applet
   Write the Java applet which decrypts the AS_REP sent by kinit. With the -E (port_num) option, /afs/engin.umich.edu/u/i/t/itoi/sc_seminar/bin/kinit sends the encrypted AS_REP to the card.

   % ./kinit -E 1 -d ./libtodos_ag.so itoi@UMICH.EDU
   

   kinit sends the following APDU to the card:

   03 10 00 00 len
   data

   Where len is the length of the encrypted AS_REP, and the data is the encrypted AS_REP itself. Your applet should decrypt this data with key number 6 in the key file (3f00/0011), and return the plain text AS_REP to the host. kinit will then obtain the response via the get_response APDU.
   AS_REP is encrypted with the client key by DES CBC mode. It is typically 200 - 250 byte long. The initialization vector of CBC should be set to 0.

   Caution
   

   • Memory Leak
     

     Allocate all the objects in the constructor, not in process() or any methods called by process(). Applets are initialized (constructed) only when they are installed on the card. They are not initialized on card reset. Therefore, if you have new operations in process() method, they are called every time APDU is sent to the card. This leads to memory leak because there is no garbage collector in Java Cards.
     

   • DES (or lack of it)
     

     Using DES in Cyberflex Access is at least tricky. Some advices:

     Construct the DES key object with key number, e.g., deskey = new DES_Key((short)6);
     

     Always initialize the initialization vector of DES, e.g.,
     IV = new byte[64]; // This must be 64, not 8, because of a bug of the card. Some folks say this bug is already fixed, but I am not sure.
     IV[0] = (byte)0x0;
     IV[1] = (byte)0x0;
     IV[2] = (byte)0x0;
     IV[3] = (byte)0x0;
     IV[4] = (byte)0x0;
     IV[5] = (byte)0x0;
     IV[6] = (byte)0x0;
     IV[7] = (byte)0x0;
     deskey.setICV (IV, (short)0); // allocate the ICV location
     deskey.clearICV();
     
     

     Allocate the DES key in the constructor, not in process() method. Otherwise, it will leak memory (see above).
     

   • scwrite() and scread() time out
     When the card takes too much time to reply, scwrite() and scwrite() function may time out. The problem is that the functions just return -1, thus making it impossible to distinguish time out from other problems. I will address this problem when I will have time. For now, when you code in the reader side (which you do not have to in this homework), please just be careful and check the return value of scwrite() and scread() . If this happens, try using apdu.waitExtension(); to ask for more time, or make your applet faster.
     
   • packges
     Please import the following three packages:
     import javacard.framework.*;
     import javacardx.framework.*;
     import javacardx.crypto.*;
     

2. Load the Applet
   First, load the applet like we did in Assignment #1. Then, set the loaded applet as default.
   Since kinit does not select an applet, after loading your applet, you have to set your applet as "default applet" so that it is automatically selected after the card is reset. The js command of pay makes a selected applet default. You need to select an applet by its file name of its data container, instead of AID, (like jl and jp do) for this to work. Here is an example of command sequence to load and select an applet before running kinit .

   pay> 2
   pay> jq
   pay> ju
   pay> jl Krb.bin
   pay> jq
   pay> f 3f.00
   pay> f 77.78
   pay> js
   pay> q
   

   To unelect your applet (and therefore reselect the default loader), use jq command in pay .

3. Obtain and Load Keys
   kinit with -K option prints out your key when you are authenticated.

   xor% kinit -K itoi@UMICH.EDU
   Password for itoi@UMICH.EDU:
   key:
   11 22 33 44 55 66 77 88
   

   Then load the printed key into the card with "jk" command of pay.

   pay> jk 1
   class F0
   Verify key: 90 00 ok
   ca_load_key buf=jk 1
   
   key 0 : <- paste the 8 byte key here
   

4. Test it
   Use kinit and klist in sc_seminar/bin/

   xor% pwd
   /afs/engin.umich.edu/u/i/t/itoi/sc_seminar/bin
   xor% ./kinit -d ./libtodos_ag.so -E 1 itoi@UMICH.EDU
   decrypt TGS_REP (224)
   
   xor% ./klist
   Ticket cache: /tmp/tkt10698020706m.oA_
   Default principal: itoi@UMICH.EDU
   
   Valid starting Expires Service principal
   06 Nov 00 15:37:04 06 Nov 00 16:02:03 krbtgt/UMICH.EDU@UMICH.EDU
   

   If you want to try, you can use aklog to convert the K5 ticket to AFS token, and krb524init to Krb4 ticket (to use kpop, for example).

   Reference
   

   • Krb5/smartcard integration paper
   • Schluberger Cyberflex Access Programming Guide
   • /afs/engin.umich.edu/class/w00/eecs598/002/software/src/example/Wallet.java
     You may reuse it.
   • Textbook
   • ISO 7816-4 spec
   • sc7816 library API (/afs/engin.umich.edu/class/w00/eecs598/002/software/src/sc7816/README)
   • source files in /afs/engin.umich.edu/class/w00/eecs598/002/software/src/sc7816.
     You may reuse them.

   All right, another assignment is done. As always, send questions to smartcards@umich.edu. If you want to do more development / research on the project, please let us know.