removed old encryption key implementation
This commit is contained in:
parent
bd58022b08
commit
29f243fdda
|
@ -18,23 +18,6 @@ export default class Keychain {
|
|||
false,
|
||||
['deriveKey']
|
||||
);
|
||||
this.encryptKeyPromise = this.secretKeyPromise.then(function(secretKey) {
|
||||
return crypto.subtle.deriveKey(
|
||||
{
|
||||
name: 'HKDF',
|
||||
salt: new Uint8Array(),
|
||||
info: encoder.encode('encryption'),
|
||||
hash: 'SHA-256'
|
||||
},
|
||||
secretKey,
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
length: 128
|
||||
},
|
||||
false,
|
||||
['encrypt', 'decrypt']
|
||||
);
|
||||
});
|
||||
this.metaKeyPromise = this.secretKeyPromise.then(function(secretKey) {
|
||||
return crypto.subtle.deriveKey(
|
||||
{
|
||||
|
|
|
@ -7,8 +7,8 @@ Send use 128-bit AES-GCM encryption via the [Web Crypto API](https://developer.m
|
|||
### Uploading
|
||||
|
||||
1. A new secret key is generated with `crypto.getRandomValues`
|
||||
2. The secret key is used to derive 3 more keys via HKDF SHA-256
|
||||
- an encryption key for the file (AES-GCM)
|
||||
2. The secret key is used to derive more keys via HKDF SHA-256
|
||||
- a series of encryption keys for the file, via [ECE](https://tools.ietf.org/html/rfc8188) (AES-GCM)
|
||||
- an encryption key for the file metadata (AES-GCM)
|
||||
- a signing key for request authentication (HMAC SHA-256)
|
||||
3. The file and metadata are encrypted with their corresponding keys
|
||||
|
|
Loading…
Reference in New Issue