removed old encryption key implementation

2019-04-11 10:24:29 -07:00 · 2019-04-11 10:24:29 -07:00 · 29f243fdda
parent bd58022b08
commit 29f243fdda
2 changed files with 2 additions and 19 deletions
--- a/app/keychain.js
+++ b/app/keychain.js
@ -18,23 +18,6 @@ export default class Keychain {
      false,
      ['deriveKey']
    );
-    this.encryptKeyPromise = this.secretKeyPromise.then(function(secretKey) {
-      return crypto.subtle.deriveKey(
-        {
-          name: 'HKDF',
-          salt: new Uint8Array(),
-          info: encoder.encode('encryption'),
-          hash: 'SHA-256'
-        },
-        secretKey,
-        {
-          name: 'AES-GCM',
-          length: 128
-        },
-        false,
-        ['encrypt', 'decrypt']
-      );
-    });
    this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) {
      return crypto.subtle.deriveKey(
        {
--- a/docs/encryption.md
+++ b/docs/encryption.md
@ -7,8 +7,8 @@ Send use 128-bit AES-GCM encryption via the [Web Crypto API](https://developer.m
 ### Uploading

 1. A new secret key is generated with `crypto.getRandomValues`
-2. The secret key is used to derive 3 more keys via HKDF SHA-256
-    - an encryption key for the file (AES-GCM)
+2. The secret key is used to derive more keys via HKDF SHA-256
+    - a series of encryption keys for the file, via [ECE](https://tools.ietf.org/html/rfc8188) (AES-GCM)
    - an encryption key for the file metadata (AES-GCM)
    - a signing key for request authentication (HMAC SHA-256)
 3. The file and metadata are encrypted with their corresponding keys