diff options
| author | Yigit Sever | 2021-04-25 23:45:22 +0300 |
|---|---|---|
| committer | Yigit Sever | 2021-04-25 23:45:22 +0300 |
| commit | fab0654942bd610c99999a6d193e0630d0cd6f98 (patch) | |
| tree | eb3a26c25ec68dbb316a4d0cc16a0a854c42a96f /content/register_docs.md | |
| parent | 685ec6275109a9b2a1b1a6083c4b011fe8c5eeb6 (diff) | |
| download | gradecoin-site-fab0654942bd610c99999a6d193e0630d0cd6f98.tar.gz gradecoin-site-fab0654942bd610c99999a6d193e0630d0cd6f98.tar.bz2 gradecoin-site-fab0654942bd610c99999a6d193e0630d0cd6f98.zip | |
Moving to nicenet
Diffstat (limited to 'content/register_docs.md')
| -rw-r--r-- | content/register_docs.md | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/content/register_docs.md b/content/register_docs.md index 7c405b8..4fde05f 100644 --- a/content/register_docs.md +++ b/content/register_docs.md | |||
| @@ -4,15 +4,12 @@ description = "Register Documentation" | |||
| 4 | weight = 3 | 4 | weight = 3 |
| 5 | +++ | 5 | +++ |
| 6 | 6 | ||
| 7 | POST request to `/register` endpoint | 7 | Here you can authenticate yourself with the system. |
| 8 | 8 | Only people who are enrolled to the class can open Gradecoin accounts, with some exceptions for people who asked nicely. | |
| 9 | Lets a user to authenticate themselves to the system. | 9 | This is enforced with your Student ID (e123456) and a one time password you received with your complementary *Welcome to Gradecoin* email. |
| 10 | Only people who are enrolled to the class can open Gradecoin accounts. | ||
| 11 | This is enforced with your Student ID (e123456) and a one time password you will receive. | ||
| 12 | 10 | ||
| 13 | # Authentication Process | 11 | # Authentication Process |
| 14 | 12 | > The cryptographic outputs you are sending over the network are all Base64 Encoded | |
| 15 | > The bytes you are sending over the network are all Base64 Encoded | ||
| 16 | 13 | ||
| 17 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it it to your client. | 14 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it it to your client. |
| 18 | - Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) | 15 | - Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) |
| @@ -25,11 +22,10 @@ This is enforced with your Student ID (e123456) and a one time password you will | |||
| 25 | ``` | 22 | ``` |
| 26 | 23 | ||
| 27 | ## Cipher Initialization | 24 | ## Cipher Initialization |
| 28 | |||
| 29 | > Since we are working with AES-128, both key and IV should be 128 bits (or 32 hexadecimal characters) | 25 | > Since we are working with AES-128, both key and IV should be 128 bits (or 32 hexadecimal characters) |
| 30 | 26 | ||
| 31 | - Pick a short temporary key (`k_temp`) | 27 | - Pick a short temporary key (`k_temp`) |
| 32 | - Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`). | 28 | - Pick a random IV ([1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV))) ([2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`)). |
| 33 | 29 | ||
| 34 | ## Encryption | 30 | ## Encryption |
| 35 | - Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64. | 31 | - Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64. |
| @@ -51,4 +47,11 @@ The available tools and libraries might warn you about how using the primitives | |||
| 51 | ``` | 47 | ``` |
| 52 | 48 | ||
| 53 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. | 49 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. |
| 50 | Please note it down. | ||
| 54 | You can now sign [JWTs](@/JWT.md) to send authorized transaction requests. | 51 | You can now sign [JWTs](@/JWT.md) to send authorized transaction requests. |
| 52 | After all this, you might want to bask in the glory of having successfully managing your way through a home-made cryptographic system. | ||
| 53 | Maybe the Gradecoin you got given as the registration reward will help. | ||
| 54 | |||
| 55 | {% tidbit() %} | ||
| 56 | Seriously, congratulations | ||
| 57 | {% end %} | ||