From fab0654942bd610c99999a6d193e0630d0cd6f98 Mon Sep 17 00:00:00 2001 From: Yigit Sever Date: Sun, 25 Apr 2021 23:45:22 +0300 Subject: Moving to nicenet --- content/register_docs.md | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'content/register_docs.md') diff --git a/content/register_docs.md b/content/register_docs.md index 7c405b8..4fde05f 100644 --- a/content/register_docs.md +++ b/content/register_docs.md @@ -4,15 +4,12 @@ description = "Register Documentation" weight = 3 +++ -POST request to `/register` endpoint - -Lets a user to authenticate themselves to the system. -Only people who are enrolled to the class can open Gradecoin accounts. -This is enforced with your Student ID (e123456) and a one time password you will receive. +Here you can authenticate yourself with the system. +Only people who are enrolled to the class can open Gradecoin accounts, with some exceptions for people who asked nicely. +This is enforced with your Student ID (e123456) and a one time password you received with your complementary *Welcome to Gradecoin* email. # Authentication Process - -> The bytes you are sending over the network are all Base64 Encoded +> The cryptographic outputs you are sending over the network are all Base64 Encoded - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it it to your client. - Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) @@ -25,11 +22,10 @@ This is enforced with your Student ID (e123456) and a one time password you will ``` ## Cipher Initialization - > Since we are working with AES-128, both key and IV should be 128 bits (or 32 hexadecimal characters) - Pick a short temporary key (`k_temp`) -- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`). +- Pick a random IV ([1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV))) ([2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`)). ## Encryption - Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64. @@ -51,4 +47,11 @@ The available tools and libraries might warn you about how using the primitives ``` If your authentication process was valid, you will be given access and your public key fingerprint that is your address. +Please note it down. You can now sign [JWTs](@/JWT.md) to send authorized transaction requests. +After all this, you might want to bask in the glory of having successfully managing your way through a home-made cryptographic system. +Maybe the Gradecoin you got given as the registration reward will help. + +{% tidbit() %} +Seriously, congratulations +{% end %} -- cgit v1.2.3-70-g09d2