summaryrefslogtreecommitdiffstats
path: root/site/public/register-docs
diff options
context:
space:
mode:
authorYigit Sever2021-04-15 23:41:53 +0300
committerYigit Sever2021-04-15 23:41:53 +0300
commitd4533345fe1cde3e574affc32a03b4ef8e57745e (patch)
treeebd527a650c62c6348a607d502f6083cfb6bd067 /site/public/register-docs
parentef4cd7a902bea0a532832817adfbc40cedbab001 (diff)
downloadgradecoin-d4533345fe1cde3e574affc32a03b4ef8e57745e.tar.gz
gradecoin-d4533345fe1cde3e574affc32a03b4ef8e57745e.tar.bz2
gradecoin-d4533345fe1cde3e574affc32a03b4ef8e57745e.zip
Don't actually ignore the useful public
Diffstat (limited to 'site/public/register-docs')
-rw-r--r--site/public/register-docs/index.html168
1 files changed, 168 insertions, 0 deletions
diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html
new file mode 100644
index 0000000..fdc5237
--- /dev/null
+++ b/site/public/register-docs/index.html
@@ -0,0 +1,168 @@
1<!DOCTYPE html>
2<html lang="en">
3
4<head>
5 <meta charset="UTF-8">
6 <title>Register | Gradecoin </title>
7 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
8 <style>
9 :root {
10 /* Primary theme color */
11 --primary-color: #F8D12F;
12 /* Primary theme text color */
13 --primary-text-color: #1E2329;
14 /* Primary theme link color */
15 --primary-link-color: #2F57F7;
16 /* Secondary color: the background body color */
17 --secondary-color: #FAFAFA;
18 --secondary-text-color: #303030;
19 /* Highlight text color of table of content */
20 --toc-highlight-text-color: #d46e13;
21 }
22</style>
23
24 <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
25 <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
26 <link rel="stylesheet" href="/normalize.css">
27 <link rel="stylesheet" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;juice.css">
28
29<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" />
30
31</head>
32
33<body>
34
35<header class="box-shadow">
36
37
38<a href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;">
39 <div class="logo">
40 <img src="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;gradecoin.png" alt="logo">
41 Gradecoin
42 </div>
43</a>
44
45<nav>
46
47 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;register-docs&#x2F;">Register</a>
48
49 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;jwt&#x2F;">JWT</a>
50
51 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;transaction-docs&#x2F;">Transactions</a>
52
53 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;block-docs&#x2F;">Blocks</a>
54
55
56
57 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;github.com&#x2F;zhuowei&#x2F;nft_ptr#why">why?</a>
58
59
60</nav>
61
62</header>
63
64
65 <main>
66
67
68
69
70
71 <div class="toc">
72 <div class="toc-sticky">
73
74 <div class="toc-item">
75 <a class="subtext" href="https://gradecoin.xyz/register-docs/#authentication-process">Authentication Process</a>
76 </div>
77
78
79 </div>
80 </div>
81
82
83
84 <div class="content text">
85
86<div class="heading-text">Register Documentation</div>
87<p>POST request to /register endpoint</p>
88<p>Lets a user to authenticate themselves to the system.
89Only people who are enrolled to the class can open Gradecoin accounts.
90This is enforced with your Student ID and a one time password you will receive.</p>
91<h1 id="authentication-process">Authentication Process</h1>
92<ul>
93<li>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on our Moodle page.</li>
94<li>You pick a short temporary key (<code>k_temp</code>)</li>
95<li>Create a JSON object (<code>auth_plaintext</code>) with your <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>) <a href="https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem">reference</a></li>
96</ul>
97<pre style="background-color:#ffffff;">
98<code class="language-json" data-lang="json"><span style="color:#545052;">{
99 &quot;</span><span style="color:#009854;">student_id</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">e12345</span><span style="color:#545052;">&quot;,
100 &quot;</span><span style="color:#009854;">passwd</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">15 char secret</span><span style="color:#545052;">&quot;,
101 &quot;</span><span style="color:#009854;">public_key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">---BEGIN PUBLIC KEY...</span><span style="color:#545052;">&quot;
102}
103</span></code></pre>
104<ul>
105<li>Pick a random IV.</li>
106<li>Encrypt the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code>. Encode this with base64.</li>
107<li>The temporary key you have picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
108using SHA-256 with <code>gradecoin_public_key</code>, giving us <code>key_ciphertext</code>. Encode this with base 64.</li>
109<li>The payload JSON object (<code>auth_request</code>) can be serialized now:</li>
110</ul>
111<pre style="background-color:#ffffff;">
112<code class="language-json" data-lang="json"><span style="color:#545052;">{
113 &quot;</span><span style="color:#009854;">c</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">auth_ciphertext</span><span style="color:#545052;">&quot;,
114 &quot;</span><span style="color:#009854;">iv</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">hexadecimal</span><span style="color:#545052;">&quot;,
115 &quot;</span><span style="color:#009854;">key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">key_ciphertext</span><span style="color:#545052;">&quot;
116}
117</span></code></pre>
118<p>If your authentication process was valid, you will be given access and your public key fingerprint that is your address.</p>
119
120
121 </div>
122
123
124
125 </main>
126
127
128<footer>
129Built For ⁂ CENG489 ⁂ Introduction to Computer Security
130</footer>
131
132</body>
133<script>
134 function highlightNav(heading) {
135 let pathname = location.pathname;
136 document.querySelectorAll(".toc a").forEach((item) => {
137 item.classList.remove("active");
138 });
139 document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
140 }
141
142 let currentHeading = "";
143 window.onscroll = function () {
144 let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
145 let elementArr = [];
146
147 h.forEach(item => {
148 if (item.id !== "") {
149 elementArr[item.id] = item.getBoundingClientRect().top;
150 }
151 });
152 elementArr.sort();
153 for (let key in elementArr) {
154 if (!elementArr.hasOwnProperty(key)) {
155 continue;
156 }
157 if (elementArr[key] > 0 && elementArr[key] < 300) {
158 if (currentHeading !== key) {
159 highlightNav(key);
160 currentHeading = key;
161 }
162 break;
163 }
164 }
165 }
166</script>
167
168</html>