sam.hadow/e2ee-messaging-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e2ee-messaging-service/readme.md

49 lines
2.0 KiB
Markdown
Raw Blame History

## What is this repository?
E2EE client-server messaging app proof of concept.
+ Accounts are identified by an [Ed25519](https://ed25519.cr.yp.to/) public key.
+ Login using the private key to solve a cryptographic challenge in the browser.
+ [Ascon](https://ascon.isec.tugraz.at/specification.html) inspired AEAD using [Keccak sponge construction](https://keccak.team/sponge_duplex.html) in the browser.
+ Diffie Hellman key exchange using [X25519](https://datatracker.ietf.org/doc/html/rfc8032) to establish a new shared secret every 5 messages sent.
+ Shared secret derived in 2 secrets using Keccak sponge construction. These secrets are then used in a sending ratchet and a receiving ratchet used to derive encryption keys similar to [Signal protocol](https://signal.org/docs/specifications/doubleratchet/)
## how to build and run the app:
### using the makefile:
(add a volume in the command creating the database container if you need data persistency)
```
make
```
### manually:
##### build
```
podman build -t e2ee-messaging-service .
```
##### run
```
podman pod create --name=e2ee -p 3333:3333
podman run -d --pod=e2ee \
-e POSTGRES_PASSWORD="password" \
-e POSTGRES_DB="e2ee" \
-e POSTGRES_USER="e2ee" \
-e POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=C --lc-ctype=C" \
-v /PATH/TO/DB:/var/lib/postgresql/data:Z \
--name=e2ee-db docker.io/library/postgres:16
podman run -d --pod=e2ee \
-e POSTGRES_PASSWORD="password" \
-e POSTGRES_DB="e2ee" \
-e POSTGRES_USER="e2ee" \
-e SHARED_SECRET="change-me" \
--name=e2ee-app e2ee-messaging-service:latest
```
notes:
1) You can use docker instead of podman provided the e2ee nodejs app can communicate with the database with a network or changing the POSTGRES_HOST env variable accordingly.
2) You can use [podman secrets](https://docs.podman.io/en/latest/markdown/podman-secret.1.html) instead of writing your secrets in configuration files.
## unit tests
```
npm test
```
note:
1) The makefile automatically runs the unit tests before building the container.
Reference in New Issue View Git Blame Copy Permalink