Improve register documentation

author: Yigit Sever 2021-04-16 15:30:59 +0300
committer: Yigit Sever 2021-04-16 15:30:59 +0300
commit: 20609a19fdb7fb1a81db77233858cf229b57465c (patch)
tree: 7a02e1109f83bad6ad1c400c27b4dd682b884d81 /site/content/register_docs.md
parent: d7296597158f46fcaff0094f2b28e8bad9752909 (diff)
download: gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.tar.gz
gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.tar.bz2
gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.zip
1 files changed, 16 insertions, 5 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md
index a387838..523ed57 100644
--- a/site/content/register_docs.md
+++ b/site/content/register_docs.md
@@ -8,7 +8,7 @@ POST request to `/register` endpoint
 Lets a user to authenticate themselves to the system.
 Only people who are enrolled to the class can open Gradecoin accounts.
-This is enforced with your Student ID and a one time password you will receive.
+This is enforced with your Student ID (e123456) and a one time password you will receive.
 # Authentication Process
@@ -24,11 +24,22 @@ This is enforced with your Student ID and a one time password you will receive.
 }
 ```
+## Cipher Initialization
+> Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
 - Pick a short temporary key (`k_temp`)
- Pick a random IV (`iv`).
+- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`).
- Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
+## Encryption
+- Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
+- The temporary key you have picked `k_temp` is encrypted using RSA with [OAEP](https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding) padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
 - Base64 encode the IV (`iv`) as well.
+{% tidbit() %}
+The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard.
+{% end %}
 - The payload JSON object (`auth_request`) can be serialized now:
 ```json
@@ -40,4 +51,4 @@ This is enforced with your Student ID and a one time password you will receive.
 ```
 If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
-You can now sign JWTs to send authorized transaction requests.
+You can now sign [JWTs](@/JWT.md) to send authorized transaction requests.
author	Yigit Sever	2021-04-16 15:30:59 +0300
committer	Yigit Sever	2021-04-16 15:30:59 +0300
commit	20609a19fdb7fb1a81db77233858cf229b57465c (patch)
tree	7a02e1109f83bad6ad1c400c27b4dd682b884d81 /site/content/register_docs.md
parent	d7296597158f46fcaff0094f2b28e8bad9752909 (diff)
download	gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.tar.gz gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.tar.bz2 gradecoin-20609a19fdb7fb1a81db77233858cf229b57465c.zip

diff --git a/site/content/register_docs.md b/site/content/register_docs.md index a387838..523ed57 100644 --- a/site/content/register_docs.md +++ b/site/content/register_docs.md
@@ -8,7 +8,7 @@ POST request to `/register` endpoint
8		8
9	Lets a user to authenticate themselves to the system.	9	Lets a user to authenticate themselves to the system.
10	Only people who are enrolled to the class can open Gradecoin accounts.	10	Only people who are enrolled to the class can open Gradecoin accounts.
11	This is enforced with your Student ID and a one time password you will receive.	11	This is enforced with your Student ID (e123456) and a one time password you will receive.
12		12
13	# Authentication Process	13	# Authentication Process
14		14
@@ -24,11 +24,22 @@ This is enforced with your Student ID and a one time password you will receive.
24	}	24	}
25	```	25	```
26		26
		27	## Cipher Initialization
		28
		29	> Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
		30
27	- Pick a short temporary key (`k_temp`)	31	- Pick a short temporary key (`k_temp`)
28	- Pick a random IV (`iv`).	32	- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`).
29	- Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.	33
30	- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.	34	## Encryption
		35	- Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
		36	- The temporary key you have picked `k_temp` is encrypted using RSA with [OAEP](https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding) padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
31	- Base64 encode the IV (`iv`) as well.	37	- Base64 encode the IV (`iv`) as well.
		38
		39	{% tidbit() %}
		40	The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard.
		41	{% end %}
		42
32	- The payload JSON object (`auth_request`) can be serialized now:	43	- The payload JSON object (`auth_request`) can be serialized now:
33		44
34	```json	45	```json
@@ -40,4 +51,4 @@ This is enforced with your Student ID and a one time password you will receive.
40	```	51	```
41		52
42	If your authentication process was valid, you will be given access and your public key fingerprint that is your address.	53	If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
43	You can now sign JWTs to send authorized transaction requests.	54	You can now sign [JWTs](@/JWT.md) to send authorized transaction requests.