summaryrefslogtreecommitdiffstats
path: root/public/register-docs/index.html
diff options
context:
space:
mode:
authorYigit Sever2021-04-15 14:48:58 +0300
committerYigit Sever2021-04-15 14:48:58 +0300
commitf61043325cabd007cc69b70ddeb49157ca61f636 (patch)
tree8fe001a072ad856e2451eeb5210f001fde2ec53a /public/register-docs/index.html
parent237fa34e91d8c1833c2dbd0244929669c271ab5e (diff)
downloadgradecoin-f61043325cabd007cc69b70ddeb49157ca61f636.tar.gz
gradecoin-f61043325cabd007cc69b70ddeb49157ca61f636.tar.bz2
gradecoin-f61043325cabd007cc69b70ddeb49157ca61f636.zip
Just use public inside site
Diffstat (limited to 'public/register-docs/index.html')
-rw-r--r--public/register-docs/index.html188
1 files changed, 0 insertions, 188 deletions
diff --git a/public/register-docs/index.html b/public/register-docs/index.html
deleted file mode 100644
index 10a4d56..0000000
--- a/public/register-docs/index.html
+++ /dev/null
@@ -1,188 +0,0 @@
1<!DOCTYPE html>
2<html lang="en">
3
4<head>
5 <meta charset="UTF-8">
6 <title>Register | </title>
7 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
8 <style>
9 :root {
10 /* Primary theme color */
11 --primary-color: #F8D12F;
12 /* Primary theme text color */
13 --primary-text-color: #1E2329;
14 /* Primary theme link color */
15 --primary-link-color: #2F57F7;
16 /* Secondary color: the background body color */
17 --secondary-color: #FAFAFA;
18 --secondary-text-color: #303030;
19 /* Highlight text color of table of content */
20 --toc-highlight-text-color: #d46e13;
21 }
22</style>
23
24 <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
25 <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
26 <link rel="stylesheet" href="/normalize.css">
27 <link rel="stylesheet" href="http:&#x2F;&#x2F;localhost:8080&#x2F;juice.css">
28
29
30</head>
31
32<body>
33
34<header class="box-shadow">
35
36
37<a href="http:&#x2F;&#x2F;localhost:8080&#x2F;">
38 <div class="logo">
39 <img src="http:&#x2F;&#x2F;localhost:8080&#x2F;gradecoin.png" alt="logo">
40 Gradecoin
41 </div>
42</a>
43
44<nav>
45
46 <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;block-docs&#x2F;">Blocks</a>
47
48 <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;transaction-docs&#x2F;">Transactions</a>
49
50 <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;register-docs&#x2F;">Register</a>
51
52 <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;jwt&#x2F;">JWT</a>
53
54
55
56 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;github.com&#x2F;zhuowei&#x2F;nft_ptr#why">why?</a>
57
58
59</nav>
60
61</header>
62
63
64 <main>
65
66
67
68
69
70 <div class="toc">
71 <div class="toc-sticky">
72
73 <div class="toc-item">
74 <a class="subtext" href="http://localhost:8080/register-docs/#authentication-process">Authentication Process</a>
75 </div>
76
77
78 <div class="toc-item-child">
79 <a class="subtext" href="http://localhost:8080/register-docs/#gradecoin-side"><small>- Gradecoin Side</small></a>
80 </div>
81
82
83
84 </div>
85 </div>
86
87
88
89 <div class="content text">
90
91<div class="heading-text">Register Documentation</div>
92<p>POST request to /register endpoint
93Lets a [<code>User</code>] (=student) to authenticate themselves to the system
94This <code>request</code> can be rejected if the payload is malformed (=not authenticated properly) or if
95the [<code>AuthRequest.user_id</code>] of the <code>request</code> is not in the list of users that can hold a Gradecoin account</p>
96<h1 id="authentication-process">Authentication Process</h1>
97<ul>
98<li>
99<p>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on moodle.</p>
100</li>
101<li>
102<p>Gradecoin's Private Key (<code>gradecoin_private_key</code>) is loaded here</p>
103</li>
104<li>
105<p>Student picks a short temporary key (<code>k_temp</code>)</p>
106</li>
107<li>
108<p>Creates a JSON object (<code>auth_plaintext</code>) with their <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>):
109{
110student_id: &quot;e12345&quot;,
111passwd: &quot;15 char secret&quot;
112public_key: &quot;---BEGIN PUBLIC KEY...&quot;
113}</p>
114</li>
115<li>
116<p>Encrypts the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code> TODO should this be base64'd?</p>
117</li>
118<li>
119<p>The temporary key student has picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
120using sha256 with <code>gradecoin_public_key</code> (TODO base64? same as above), giving us <code>key_ciphertext</code></p>
121</li>
122<li>
123<p>The payload JSON object (<code>auth_request</code>) can be JSON serialized now:
124{
125c: &quot;auth_ciphertext&quot;
126key: &quot;key_ciphertext&quot;
127}</p>
128</li>
129</ul>
130<h2 id="gradecoin-side">Gradecoin Side</h2>
131<ul>
132<li>Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with <code>gradecoin_private_key</code> as the key and auth_request.key <code>key</code> as the ciphertext, receiving <code>temp_key</code> (this is the temporary key chosen by stu</li>
133<li>With <code>temp_key</code>, we can AES 128 Cbc Pkcs7 decrypt the <code>auth_request.c</code>, giving us
134auth_plaintext</li>
135<li>The <code>auth_plaintext</code> String can be deserialized to [<code>AuthRequest</code>]</li>
136<li>We then verify the payload and calculate the User fingerprint</li>
137<li>Finally, create the new [<code>User</code>] object, insert to users HashMap <code>&lt;fingerprint, User&gt;</code></li>
138</ul>
139
140
141 </div>
142
143
144
145 </main>
146
147
148<footer>
149
150</footer>
151
152</body>
153<script>
154 function highlightNav(heading) {
155 let pathname = location.pathname;
156 document.querySelectorAll(".toc a").forEach((item) => {
157 item.classList.remove("active");
158 });
159 document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
160 }
161
162 let currentHeading = "";
163 window.onscroll = function () {
164 let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
165 let elementArr = [];
166
167 h.forEach(item => {
168 if (item.id !== "") {
169 elementArr[item.id] = item.getBoundingClientRect().top;
170 }
171 });
172 elementArr.sort();
173 for (let key in elementArr) {
174 if (!elementArr.hasOwnProperty(key)) {
175 continue;
176 }
177 if (elementArr[key] > 0 && elementArr[key] < 300) {
178 if (currentHeading !== key) {
179 highlightNav(key);
180 currentHeading = key;
181 }
182 break;
183 }
184 }
185 }
186</script>
187
188</html>