reduce NVM writes

This commit is contained in:
Michele Balistreri 2019-12-23 17:33:49 +01:00
parent 53fabe75c8
commit bca030f069
No known key found for this signature in database
GPG Key ID: E9567DA33A4F791A
2 changed files with 0 additions and 16 deletions

View File

@ -374,7 +374,6 @@ public class KeycardApplet extends Applet {
pin.reset(); pin.reset();
puk.reset(); puk.reset();
secureChannel.reset(); secureChannel.reset();
secureChannel.updateSecureChannelCounter();
byte[] apduBuffer = apdu.getBuffer(); byte[] apduBuffer = apdu.getBuffer();

View File

@ -13,7 +13,6 @@ public class SecureChannel {
public static final short PAIRING_KEY_LENGTH = SC_SECRET_LENGTH + 1; public static final short PAIRING_KEY_LENGTH = SC_SECRET_LENGTH + 1;
public static final short SC_BLOCK_SIZE = Crypto.AES_BLOCK_SIZE; public static final short SC_BLOCK_SIZE = Crypto.AES_BLOCK_SIZE;
public static final short SC_OUT_OFFSET = ISO7816.OFFSET_CDATA + (SC_BLOCK_SIZE * 2); public static final short SC_OUT_OFFSET = ISO7816.OFFSET_CDATA + (SC_BLOCK_SIZE * 2);
public static final short SC_COUNTER_MAX = 100;
public static final byte INS_OPEN_SECURE_CHANNEL = 0x10; public static final byte INS_OPEN_SECURE_CHANNEL = 0x10;
public static final byte INS_MUTUALLY_AUTHENTICATE = 0x11; public static final byte INS_MUTUALLY_AUTHENTICATE = 0x11;
@ -33,8 +32,6 @@ public class SecureChannel {
private byte[] secret; private byte[] secret;
private byte[] pairingSecret; private byte[] pairingSecret;
private short scCounter;
/* /*
* To avoid overhead, the pairing keys are stored in a plain byte array as sequences of 33-bytes elements. The first * To avoid overhead, the pairing keys are stored in a plain byte array as sequences of 33-bytes elements. The first
* byte is 0 if the slot is free and 1 if used. The following 32 bytes are the actual key data. * byte is 0 if the slot is free and 1 if used. The following 32 bytes are the actual key data.
@ -391,18 +388,6 @@ public class SecureChannel {
return remainingSlots; return remainingSlots;
} }
/**
* Called before sending the public key to the client, gives a chance to change keys if needed.
*/
public void updateSecureChannelCounter() {
if (scCounter < SC_COUNTER_MAX) {
scCounter++;
} else {
scKeypair.genKeyPair();
scCounter = 0;
}
}
/** /**
* Resets the Secure Channel, invalidating the current session. If no session is opened, this does nothing. * Resets the Secure Channel, invalidating the current session. If no session is opened, this does nothing.
*/ */