From 29f243fdda963d22a1dd9ee1b17b761dbdd2cf9d Mon Sep 17 00:00:00 2001
From: Danny Coates <dannycoates@gmail.com>
Date: Thu, 11 Apr 2019 10:24:29 -0700
Subject: [PATCH] removed old encryption key implementation

---
 app/keychain.js    | 17 -----------------
 docs/encryption.md |  4 ++--
 2 files changed, 2 insertions(+), 19 deletions(-)

diff --git a/app/keychain.js b/app/keychain.js
index f82dd422..37951aa7 100644
--- a/app/keychain.js
+++ b/app/keychain.js
@@ -18,23 +18,6 @@ export default class Keychain {
       false,
       ['deriveKey']
     );
-    this.encryptKeyPromise = this.secretKeyPromise.then(function(secretKey) {
-      return crypto.subtle.deriveKey(
-        {
-          name: 'HKDF',
-          salt: new Uint8Array(),
-          info: encoder.encode('encryption'),
-          hash: 'SHA-256'
-        },
-        secretKey,
-        {
-          name: 'AES-GCM',
-          length: 128
-        },
-        false,
-        ['encrypt', 'decrypt']
-      );
-    });
     this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) {
       return crypto.subtle.deriveKey(
         {
diff --git a/docs/encryption.md b/docs/encryption.md
index e71d8158..17dcc2f8 100644
--- a/docs/encryption.md
+++ b/docs/encryption.md
@@ -7,8 +7,8 @@ Send use 128-bit AES-GCM encryption via the [Web Crypto API](https://developer.m
 ### Uploading
 
 1. A new secret key is generated with `crypto.getRandomValues`
-2. The secret key is used to derive 3 more keys via HKDF SHA-256
-    - an encryption key for the file (AES-GCM)
+2. The secret key is used to derive more keys via HKDF SHA-256
+    - a series of encryption keys for the file, via [ECE](https://tools.ietf.org/html/rfc8188) (AES-GCM)
     - an encryption key for the file metadata (AES-GCM)
     - a signing key for request authentication (HMAC SHA-256)
 3. The file and metadata are encrypted with their corresponding keys