removed old encryption key implementation

This commit is contained in:
Danny Coates 2019-04-11 10:24:29 -07:00
parent bd58022b08
commit 29f243fdda
No known key found for this signature in database
GPG key ID: 4C442633C62E00CB
2 changed files with 2 additions and 19 deletions

View file

@ -18,23 +18,6 @@ export default class Keychain {
false, false,
['deriveKey'] ['deriveKey']
); );
this.encryptKeyPromise = this.secretKeyPromise.then(function(secretKey) {
return crypto.subtle.deriveKey(
{
name: 'HKDF',
salt: new Uint8Array(),
info: encoder.encode('encryption'),
hash: 'SHA-256'
},
secretKey,
{
name: 'AES-GCM',
length: 128
},
false,
['encrypt', 'decrypt']
);
});
this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) { this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) {
return crypto.subtle.deriveKey( return crypto.subtle.deriveKey(
{ {

View file

@ -7,8 +7,8 @@ Send use 128-bit AES-GCM encryption via the [Web Crypto API](https://developer.m
### Uploading ### Uploading
1. A new secret key is generated with `crypto.getRandomValues` 1. A new secret key is generated with `crypto.getRandomValues`
2. The secret key is used to derive 3 more keys via HKDF SHA-256 2. The secret key is used to derive more keys via HKDF SHA-256
- an encryption key for the file (AES-GCM) - a series of encryption keys for the file, via [ECE](https://tools.ietf.org/html/rfc8188) (AES-GCM)
- an encryption key for the file metadata (AES-GCM) - an encryption key for the file metadata (AES-GCM)
- a signing key for request authentication (HMAC SHA-256) - a signing key for request authentication (HMAC SHA-256)
3. The file and metadata are encrypted with their corresponding keys 3. The file and metadata are encrypted with their corresponding keys