The secure chat

This repository contains the server side of the end-to-end encrypted chat made by the french group composed of Guillaume Dénecé and Nicolas Chevrier for the CECS 478 class, CSULB. The secure chat is composed of a server and an iOs application.

Endpoints

Authentication ressources

Register ressources

Routes dedicated to register a new user

• POST /register/first

request:

body: {
  username: "myusername"
}

response:

{
  salt: "random salt of 32 bytes"
}

• POST /register/second

request:

body: {
  username: "myusername",
  hash_password: "hash of the user password concatenated with the salt"
}

response:

{
  success: true
}

Login ressources

Routes dedicated to login a user

• POST /login/first

request:

body: {
  username: "myusername"
}

response:

{
  salt: "random salt of 32 bytes",
  challenge: "random challenge of 32 bytes"
}

• POST /login/second

request:

body: {
  username: "myusername",
  hash_password_challenge: "hash of the challenge concatenated with the hash of the user password concatenated with the salt"
}

response:

{
  idToken: "JWT valid for an hour"
}

Messages ressources

Ressources dedicated to send / receive messages

• POST /messages/send

request:

headers: {
  idToken: "idToken received during the login phase"
},
body: {
  to_user_id: "user id of the recipient",
  message: "cipher message"
}

response:

{
  success: true
}

• GET /messages/receive

request:

headers: {
  idToken: "idToken received during the login phase"
}

response:

[
  {
    content: "cipher message",
    from_user_id: "user id of the sender"
  }
]