CITI Previous | Index | Next

The process Method

Most of the work is done by the process method. After some preliminary work, the switch statement has a case for each of the INS bytes (APDUs) accepted by the applet.

The GET_KEYLENGTH case simply returns the length of the key stored on the card. This version of the applet only accepts 1024 bit keys but could be extended to accept other lengths.

The GET_PUBKEY case returns the public key stored on the card. This version of the applet does not use the public key for anything and just stores it in an ordinary file, named "sh".

The DECRYPT case is used by ssh to decrypt the challenge using the private key stored on the card. The key itself is never revealed.