aboutsummaryrefslogtreecommitdiffstats
path: root/site/content/register_docs.md
diff options
context:
space:
mode:
authorYigit Sever2021-04-15 03:50:34 +0300
committerYigit Sever2021-04-15 03:50:34 +0300
commitdcc2d99140d25c5f163e425fb6ed7246fe88ea54 (patch)
tree9108ff3aa44622ff0bda4bb82d9b1fb38f168dfe /site/content/register_docs.md
parentbe037a6b35056ec8aa8f75e56becd009bc7c01f2 (diff)
parent412276f8dac075836aaa8fdf636aa068718a2bbf (diff)
downloadgradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.gz
gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.bz2
gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.zip
Merge remote-tracking branch 'origin/template' into template
Diffstat (limited to 'site/content/register_docs.md')
-rw-r--r--site/content/register_docs.md42
1 files changed, 42 insertions, 0 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md
new file mode 100644
index 0000000..45571fb
--- /dev/null
+++ b/site/content/register_docs.md
@@ -0,0 +1,42 @@
1+++
2title = "Register"
3description = "Register Documentation"
4weight = 3
5+++
6
7POST request to /register endpoint
8Lets a [`User`] (=student) to authenticate themselves to the system
9This `request` can be rejected if the payload is malformed (=not authenticated properly) or if
10the [`AuthRequest.user_id`] of the `request` is not in the list of users that can hold a Gradecoin account
11
12# Authentication Process
13- Gradecoin's Public Key (`gradecoin_public_key`) is listed on moodle.
14- Gradecoin's Private Key (`gradecoin_private_key`) is loaded here
15
16- Student picks a short temporary key (`k_temp`)
17- Creates a JSON object (`auth_plaintext`) with their `metu_id` and `public key` in base64 (PEM) format (`S_PK`):
18{
19 student_id: "e12345",
20 passwd: "15 char secret"
21 public_key: "---BEGIN PUBLIC KEY..."
22}
23
24- Encrypts the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext` TODO should this be base64'd?
25- The temporary key student has picked `k_temp` is encrypted using RSA with OAEP padding scheme
26using sha256 with `gradecoin_public_key` (TODO base64? same as above), giving us `key_ciphertext`
27- The payload JSON object (`auth_request`) can be JSON serialized now:
28{
29 c: "auth_ciphertext"
30 key: "key_ciphertext"
31}
32
33## Gradecoin Side
34
35- Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with `gradecoin_private_key` as the key and auth_request.key `key` as the ciphertext, receiving `temp_key` (this is the temporary key chosen by stu
36- With `temp_key`, we can AES 128 Cbc Pkcs7 decrypt the `auth_request.c`, giving us
37auth_plaintext
38- The `auth_plaintext` String can be deserialized to [`AuthRequest`]
39- We then verify the payload and calculate the User fingerprint
40- Finally, create the new [`User`] object, insert to users HashMap `<fingerprint, User>`
41
42