Merge pull request #470 from mozilla/remove-hash

removed the file sha256 hash
This commit is contained in:
Danny Coates 2017-08-07 14:42:53 -07:00 committed by GitHub
commit 5844a9a03c
5 changed files with 7 additions and 44 deletions

View File

@ -41,10 +41,6 @@ function download() {
document.l10n.formatValue('decryptingFile').then(progress.setText);
});
fileReceiver.on('hashing', () => {
document.l10n.formatValue('verifyingFile').then(progress.setText);
});
fileReceiver
.download()
.catch(err => {

View File

@ -45,7 +45,6 @@ class FileReceiver extends EventEmitter {
resolve([
{
data: this.result,
aad: meta.aad,
filename: meta.filename,
iv: meta.id
},
@ -69,7 +68,6 @@ class FileReceiver extends EventEmitter {
{
name: 'AES-GCM',
iv: hexToArray(fdata.iv),
additionalData: hexToArray(fdata.aad),
tagLength: 128
},
key,
@ -78,26 +76,8 @@ class FileReceiver extends EventEmitter {
.then(decrypted => {
return Promise.resolve(decrypted);
}),
fdata.filename,
hexToArray(fdata.aad)
decodeURIComponent(fdata.filename)
]);
})
.then(([decrypted, fname, proposedHash]) => {
this.emit('hashing');
return window.crypto.subtle
.digest('SHA-256', decrypted)
.then(calculatedHash => {
const integrity =
new Uint8Array(calculatedHash).toString() ===
proposedHash.toString();
if (!integrity) {
this.emit('unsafe', true);
return Promise.reject();
} else {
this.emit('safe', true);
return Promise.all([decrypted, decodeURIComponent(fname)]);
}
});
});
}
}

View File

@ -48,37 +48,30 @@ class FileSender extends EventEmitter {
const reader = new FileReader();
reader.readAsArrayBuffer(this.file);
reader.onload = function(event) {
self.emit('hashing');
const plaintext = new Uint8Array(this.result);
window.crypto.subtle.digest('SHA-256', plaintext).then(hash => {
self.emit('encrypting');
resolve({ plaintext: plaintext, hash: new Uint8Array(hash) });
});
resolve(plaintext);
};
reader.onerror = function(err) {
reject(err);
};
})
])
.then(([secretKey, file]) => {
.then(([secretKey, plaintext]) => {
self.emit('encrypting');
return Promise.all([
window.crypto.subtle.encrypt(
{
name: 'AES-GCM',
iv: this.iv,
additionalData: file.hash,
tagLength: 128
},
secretKey,
file.plaintext
plaintext
),
window.crypto.subtle.exportKey('jwk', secretKey),
new Promise((resolve, reject) => {
resolve(file.hash);
})
window.crypto.subtle.exportKey('jwk', secretKey)
]);
})
.then(([encrypted, keydata, hash]) => {
.then(([encrypted, keydata]) => {
return new Promise((resolve, reject) => {
const file = this.file;
const fileId = arrayToHex(this.iv);
@ -114,7 +107,6 @@ class FileSender extends EventEmitter {
xhr.setRequestHeader(
'X-File-Metadata',
JSON.stringify({
aad: arrayToHex(hash),
id: fileId,
filename: encodeURIComponent(file.name)
})

View File

@ -169,10 +169,6 @@ $(() => {
});
});
fileSender.on('hashing', () => {
document.l10n.formatValue('verifyingFile').then(progress.setText);
});
fileSender.on('encrypting', () => {
document.l10n.formatValue('encryptingFile').then(progress.setText);
});

View File

@ -225,7 +225,6 @@ app.post('/upload', (req, res, next) => {
}
if (
!meta.hasOwnProperty('aad') ||
!meta.hasOwnProperty('id') ||
!meta.hasOwnProperty('filename') ||
!validateIV(meta.id)