diff --git a/src/main/java/im/status/keycard/KeycardApplet.java b/src/main/java/im/status/keycard/KeycardApplet.java index 89303a2..f89aee7 100644 --- a/src/main/java/im/status/keycard/KeycardApplet.java +++ b/src/main/java/im/status/keycard/KeycardApplet.java @@ -374,7 +374,6 @@ public class KeycardApplet extends Applet { pin.reset(); puk.reset(); secureChannel.reset(); - secureChannel.updateSecureChannelCounter(); byte[] apduBuffer = apdu.getBuffer(); diff --git a/src/main/java/im/status/keycard/SecureChannel.java b/src/main/java/im/status/keycard/SecureChannel.java index b278ce3..b70751b 100644 --- a/src/main/java/im/status/keycard/SecureChannel.java +++ b/src/main/java/im/status/keycard/SecureChannel.java @@ -13,7 +13,6 @@ public class SecureChannel { public static final short PAIRING_KEY_LENGTH = SC_SECRET_LENGTH + 1; public static final short SC_BLOCK_SIZE = Crypto.AES_BLOCK_SIZE; public static final short SC_OUT_OFFSET = ISO7816.OFFSET_CDATA + (SC_BLOCK_SIZE * 2); - public static final short SC_COUNTER_MAX = 100; public static final byte INS_OPEN_SECURE_CHANNEL = 0x10; public static final byte INS_MUTUALLY_AUTHENTICATE = 0x11; @@ -33,8 +32,6 @@ public class SecureChannel { private byte[] secret; private byte[] pairingSecret; - private short scCounter; - /* * To avoid overhead, the pairing keys are stored in a plain byte array as sequences of 33-bytes elements. The first * byte is 0 if the slot is free and 1 if used. The following 32 bytes are the actual key data. @@ -391,18 +388,6 @@ public class SecureChannel { return remainingSlots; } - /** - * Called before sending the public key to the client, gives a chance to change keys if needed. - */ - public void updateSecureChannelCounter() { - if (scCounter < SC_COUNTER_MAX) { - scCounter++; - } else { - scKeypair.genKeyPair(); - scCounter = 0; - } - } - /** * Resets the Secure Channel, invalidating the current session. If no session is opened, this does nothing. */