removed the file sha256 hash

2017-08-07 14:05:13 -07:00 · 2017-08-07 14:05:13 -07:00 · 9a150ddb22
commit 9a150ddb22
parent e7b90ea1b9
5 changed files with 7 additions and 44 deletions
--- a/frontend/src/download.js
+++ b/frontend/src/download.js
@ -41,10 +41,6 @@ function download() {
    document.l10n.formatValue('decryptingFile').then(progress.setText);
  });

-  fileReceiver.on('hashing', () => {
-    document.l10n.formatValue('verifyingFile').then(progress.setText);
-  });
-
  fileReceiver
    .download()
    .catch(err => {
--- a/frontend/src/fileReceiver.js
+++ b/frontend/src/fileReceiver.js
@ -45,7 +45,6 @@ class FileReceiver extends EventEmitter {
              resolve([
                {
                  data: this.result,
-                  aad: meta.aad,
                  filename: meta.filename,
                  iv: meta.id
                },
@ -69,7 +68,6 @@ class FileReceiver extends EventEmitter {
              {
                name: 'AES-GCM',
                iv: hexToArray(fdata.iv),
-                additionalData: hexToArray(fdata.aad),
                tagLength: 128
              },
              key,
@ -78,26 +76,8 @@ class FileReceiver extends EventEmitter {
            .then(decrypted => {
              return Promise.resolve(decrypted);
            }),
-          fdata.filename,
-          hexToArray(fdata.aad)
+          decodeURIComponent(fdata.filename)
        ]);
-      })
-      .then(([decrypted, fname, proposedHash]) => {
-        this.emit('hashing');
-        return window.crypto.subtle
-          .digest('SHA-256', decrypted)
-          .then(calculatedHash => {
-            const integrity =
-              new Uint8Array(calculatedHash).toString() ===
-              proposedHash.toString();
-            if (!integrity) {
-              this.emit('unsafe', true);
-              return Promise.reject();
-            } else {
-              this.emit('safe', true);
-              return Promise.all([decrypted, decodeURIComponent(fname)]);
-            }
-          });
      });
  }
 }
--- a/frontend/src/fileSender.js
+++ b/frontend/src/fileSender.js
@ -48,37 +48,30 @@ class FileSender extends EventEmitter {
        const reader = new FileReader();
        reader.readAsArrayBuffer(this.file);
        reader.onload = function(event) {
-          self.emit('hashing');
          const plaintext = new Uint8Array(this.result);
-          window.crypto.subtle.digest('SHA-256', plaintext).then(hash => {
-            self.emit('encrypting');
-            resolve({ plaintext: plaintext, hash: new Uint8Array(hash) });
-          });
+          resolve(plaintext);
        };
        reader.onerror = function(err) {
          reject(err);
        };
      })
    ])
-      .then(([secretKey, file]) => {
+      .then(([secretKey, plaintext]) => {
+        self.emit('encrypting');
        return Promise.all([
          window.crypto.subtle.encrypt(
            {
              name: 'AES-GCM',
              iv: this.iv,
-              additionalData: file.hash,
              tagLength: 128
            },
            secretKey,
-            file.plaintext
+            plaintext
          ),
-          window.crypto.subtle.exportKey('jwk', secretKey),
-          new Promise((resolve, reject) => {
-            resolve(file.hash);
-          })
+          window.crypto.subtle.exportKey('jwk', secretKey)
        ]);
      })
-      .then(([encrypted, keydata, hash]) => {
+      .then(([encrypted, keydata]) => {
        return new Promise((resolve, reject) => {
          const file = this.file;
          const fileId = arrayToHex(this.iv);
@ -114,7 +107,6 @@ class FileSender extends EventEmitter {
          xhr.setRequestHeader(
            'X-File-Metadata',
            JSON.stringify({
-              aad: arrayToHex(hash),
              id: fileId,
              filename: encodeURIComponent(file.name)
            })
--- a/frontend/src/upload.js
+++ b/frontend/src/upload.js
@ -169,10 +169,6 @@ $(() => {
          });
        });

-        fileSender.on('hashing', () => {
-          document.l10n.formatValue('verifyingFile').then(progress.setText);
-        });
-
        fileSender.on('encrypting', () => {
          document.l10n.formatValue('encryptingFile').then(progress.setText);
        });
--- a/server/server.js
+++ b/server/server.js
@ -225,7 +225,6 @@ app.post('/upload', (req, res, next) => {
  }

  if (
-    !meta.hasOwnProperty('aad') ||
    !meta.hasOwnProperty('id') ||
    !meta.hasOwnProperty('filename') ||
    !validateIV(meta.id)