removed old encryption key implementation

fanzouguo · Apr 11, 2019 · 29f243f · 29f243f
1 parent bd58022
commit 29f243f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 19 deletions.
diff --git a/app/keychain.js b/app/keychain.js
@@ -18,23 +18,6 @@ export default class Keychain {
       false,
       ['deriveKey']
     );
-    this.encryptKeyPromise = this.secretKeyPromise.then(function(secretKey) {
-      return crypto.subtle.deriveKey(
-        {
-          name: 'HKDF',
-          salt: new Uint8Array(),
-          info: encoder.encode('encryption'),
-          hash: 'SHA-256'
-        },
-        secretKey,
-        {
-          name: 'AES-GCM',
-          length: 128
-        },
-        false,
-        ['encrypt', 'decrypt']
-      );
-    });
     this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) {
       return crypto.subtle.deriveKey(
         {

diff --git a/docs/encryption.md b/docs/encryption.md
@@ -7,8 +7,8 @@ Send use 128-bit AES-GCM encryption via the [Web Crypto API](https://developer.m
 ### Uploading
 
 1. A new secret key is generated with `crypto.getRandomValues`
-2. The secret key is used to derive 3 more keys via HKDF SHA-256
-    - an encryption key for the file (AES-GCM)
+2. The secret key is used to derive more keys via HKDF SHA-256
+    - a series of encryption keys for the file, via [ECE](https://tools.ietf.org/html/rfc8188) (AES-GCM)
     - an encryption key for the file metadata (AES-GCM)
     - a signing key for request authentication (HMAC SHA-256)
 3. The file and metadata are encrypted with their corresponding keys