Merge remote-tracking branch 'origin/template' into template

author: Yigit Sever 2021-04-15 03:50:34 +0300
committer: Yigit Sever 2021-04-15 03:50:34 +0300
commit: dcc2d99140d25c5f163e425fb6ed7246fe88ea54 (patch)
tree: 9108ff3aa44622ff0bda4bb82d9b1fb38f168dfe /site/public/register-docs
parent: be037a6b35056ec8aa8f75e56becd009bc7c01f2 (diff)
parent: 412276f8dac075836aaa8fdf636aa068718a2bbf (diff)
download: gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.gz
gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.bz2
gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.zip
1 files changed, 188 insertions, 0 deletions
diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html
new file mode 100644
index 0000000..10a4d56
--- /dev/null
+++ b/site/public/register-docs/index.html
@@ -0,0 +1,188 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Register |  </title>
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <style>
+    :root {
+        /* Primary theme color */
+        --primary-color: #F8D12F;
+        /* Primary theme text color */
+        --primary-text-color: #1E2329;
+        /* Primary theme link color */
+        --primary-link-color: #2F57F7;
+        /* Secondary color: the background body color */
+        --secondary-color: #FAFAFA;
+        --secondary-text-color: #303030;
+        /* Highlight text color of table of content */
+        --toc-highlight-text-color: #d46e13;
+    }
+</style>
+    <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
+    <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
+    <link rel="stylesheet" href="/normalize.css">
+    <link rel="stylesheet" href="http:&#x2F;&#x2F;localhost:8080&#x2F;juice.css">
+    
+    
+</head>
+<body>
+    
+<header class="box-shadow">
+    
+<a href="http:&#x2F;&#x2F;localhost:8080&#x2F;">
+    <div class="logo">
+        <img src="http:&#x2F;&#x2F;localhost:8080&#x2F;gradecoin.png" alt="logo">
+        Gradecoin
+    </div>
+</a>
+<nav>
+    
+    <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;block-docs&#x2F;">Blocks</a>
+    
+    <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;transaction-docs&#x2F;">Transactions</a>
+    
+    <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;register-docs&#x2F;">Register</a>
+    
+    <a class="nav-item subtitle-text" href="http:&#x2F;&#x2F;localhost:8080&#x2F;jwt&#x2F;">JWT</a>
+    
+    
+        
+        <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;github.com&#x2F;zhuowei&#x2F;nft_ptr#why">why?</a>
+        
+    
+</nav>
+</header>
+    <main>
+        
+        
+        
+        
+        
+        <div class="toc">
+            <div class="toc-sticky">
+                
+                <div class="toc-item">
+                    <a class="subtext" href="http://localhost:8080/register-docs/#authentication-process">Authentication Process</a>
+                </div>
+                
+                
+                <div class="toc-item-child">
+                    <a class="subtext" href="http://localhost:8080/register-docs/#gradecoin-side"><small>- Gradecoin Side</small></a>
+                </div>
+                
+                
+                
+            </div>
+        </div>
+        
+        
+        <div class="content text">
+            
+<div class="heading-text">Register Documentation</div>
+<p>POST request to /register endpoint
+Lets a [<code>User</code>] (=student) to authenticate themselves to the system
+This <code>request</code> can be rejected if the payload is malformed (=not authenticated properly) or if
+the [<code>AuthRequest.user_id</code>] of the <code>request</code> is not in the list of users that can hold a Gradecoin account</p>
+<h1 id="authentication-process">Authentication Process</h1>
+<ul>
+<li>
+<p>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on moodle.</p>
+</li>
+<li>
+<p>Gradecoin's Private Key (<code>gradecoin_private_key</code>) is loaded here</p>
+</li>
+<li>
+<p>Student picks a short temporary key (<code>k_temp</code>)</p>
+</li>
+<li>
+<p>Creates a JSON object (<code>auth_plaintext</code>) with their <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>):
+{
+student_id: &quot;e12345&quot;,
+passwd: &quot;15 char secret&quot;
+public_key: &quot;---BEGIN PUBLIC KEY...&quot;
+}</p>
+</li>
+<li>
+<p>Encrypts the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code> TODO should this be base64'd?</p>
+</li>
+<li>
+<p>The temporary key student has picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
+using sha256 with <code>gradecoin_public_key</code> (TODO base64? same as above), giving us <code>key_ciphertext</code></p>
+</li>
+<li>
+<p>The payload JSON object (<code>auth_request</code>) can be JSON serialized now:
+{
+c: &quot;auth_ciphertext&quot;
+key: &quot;key_ciphertext&quot;
+}</p>
+</li>
+</ul>
+<h2 id="gradecoin-side">Gradecoin Side</h2>
+<ul>
+<li>Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with <code>gradecoin_private_key</code> as the key and auth_request.key <code>key</code> as the ciphertext, receiving <code>temp_key</code> (this is the temporary key chosen by stu</li>
+<li>With <code>temp_key</code>, we can AES 128 Cbc Pkcs7 decrypt the <code>auth_request.c</code>, giving us
+auth_plaintext</li>
+<li>The <code>auth_plaintext</code> String can be deserialized to [<code>AuthRequest</code>]</li>
+<li>We then verify the payload and calculate the User fingerprint</li>
+<li>Finally, create the new [<code>User</code>] object, insert to users HashMap <code>&lt;fingerprint, User&gt;</code></li>
+</ul>
+        </div>
+        
+        
+    </main>
+    
+<footer>
+    ⁂
+</footer>
+</body>
+<script>
+    function highlightNav(heading) {
+        let pathname = location.pathname;
+        document.querySelectorAll(".toc a").forEach((item) => {
+            item.classList.remove("active");
+        });
+        document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
+    }
+    let currentHeading = "";
+    window.onscroll = function () {
+        let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
+        let elementArr = [];
+        h.forEach(item => {
+            if (item.id !== "") {
+                elementArr[item.id] = item.getBoundingClientRect().top;
+            }
+        });
+        elementArr.sort();
+        for (let key in elementArr) {
+            if (!elementArr.hasOwnProperty(key)) {
+                continue;
+            }
+            if (elementArr[key] > 0 && elementArr[key] < 300) {
+                if (currentHeading !== key) {
+                    highlightNav(key);
+                    currentHeading = key;
+                }
+                break;
+            }
+        }
+    }
+</script>
+</html>
author	Yigit Sever	2021-04-15 03:50:34 +0300
committer	Yigit Sever	2021-04-15 03:50:34 +0300
commit	dcc2d99140d25c5f163e425fb6ed7246fe88ea54 (patch)
tree	9108ff3aa44622ff0bda4bb82d9b1fb38f168dfe /site/public/register-docs
parent	be037a6b35056ec8aa8f75e56becd009bc7c01f2 (diff)
parent	412276f8dac075836aaa8fdf636aa068718a2bbf (diff)
download	gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.gz gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.tar.bz2 gradecoin-dcc2d99140d25c5f163e425fb6ed7246fe88ea54.zip

diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html new file mode 100644 index 0000000..10a4d56 --- /dev/null +++ b/site/public/register-docs/index.html
@@ -0,0 +1,188 @@
	1	<!DOCTYPE html>
	2	<html lang="en">
	3
	4	<head>
	5	<meta charset="UTF-8">
	6	<title>Register \| </title>
	7	<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
	8	<style>
	9	:root {
	10	/* Primary theme color */
	11	--primary-color: #F8D12F;
	12	/* Primary theme text color */
	13	--primary-text-color: #1E2329;
	14	/* Primary theme link color */
	15	--primary-link-color: #2F57F7;
	16	/* Secondary color: the background body color */
	17	--secondary-color: #FAFAFA;
	18	--secondary-text-color: #303030;
	19	/* Highlight text color of table of content */
	20	--toc-highlight-text-color: #d46e13;
	21	}
	22	</style>
	23
	24	<link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
	25	<link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
	26	<link rel="stylesheet" href="/normalize.css">
	27	<link rel="stylesheet" href="http://localhost:8080/juice.css">
	28
	29
	30	</head>
	31
	32	<body>
	33
	34	<header class="box-shadow">
	35
	36
	37	<a href="http://localhost:8080/">
	38	<div class="logo">
	39	<img src="http://localhost:8080/gradecoin.png" alt="logo">
	40	Gradecoin
	41	</div>
	42	</a>
	43
	44	<nav>
	45
	46	<a class="nav-item subtitle-text" href="http://localhost:8080/block-docs/">Blocks</a>
	47
	48	<a class="nav-item subtitle-text" href="http://localhost:8080/transaction-docs/">Transactions</a>
	49
	50	<a class="nav-item subtitle-text" href="http://localhost:8080/register-docs/">Register</a>
	51
	52	<a class="nav-item subtitle-text" href="http://localhost:8080/jwt/">JWT</a>
	53
	54
	55
	56	<a class="nav-item subtitle-text" href="https://github.com/zhuowei/nft_ptr#why">why?</a>
	57
	58
	59	</nav>
	60
	61	</header>
	62
	63
	64	<main>
	65
	66
	67
	68
	69
	70	<div class="toc">
	71	<div class="toc-sticky">
	72
	73	<div class="toc-item">
	74	<a class="subtext" href="http://localhost:8080/register-docs/#authentication-process">Authentication Process</a>
	75	</div>
	76
	77
	78	<div class="toc-item-child">
	79	<a class="subtext" href="http://localhost:8080/register-docs/#gradecoin-side"><small>- Gradecoin Side</small></a>
	80	</div>
	81
	82
	83
	84	</div>
	85	</div>
	86
	87
	88
	89	<div class="content text">
	90
	91	<div class="heading-text">Register Documentation</div>
	92	<p>POST request to /register endpoint
	93	Lets a [<code>User</code>] (=student) to authenticate themselves to the system
	94	This <code>request</code> can be rejected if the payload is malformed (=not authenticated properly) or if
	95	the [<code>AuthRequest.user_id</code>] of the <code>request</code> is not in the list of users that can hold a Gradecoin account</p>
	96	<h1 id="authentication-process">Authentication Process</h1>
	97	<ul>
	98	<li>
	99	<p>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on moodle.</p>
	100	</li>
	101	<li>
	102	<p>Gradecoin's Private Key (<code>gradecoin_private_key</code>) is loaded here</p>
	103	</li>
	104	<li>
	105	<p>Student picks a short temporary key (<code>k_temp</code>)</p>
	106	</li>
	107	<li>
	108	<p>Creates a JSON object (<code>auth_plaintext</code>) with their <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>):
	109	{
	110	student_id: "e12345",
	111	passwd: "15 char secret"
	112	public_key: "---BEGIN PUBLIC KEY..."
	113	}</p>
	114	</li>
	115	<li>
	116	<p>Encrypts the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code> TODO should this be base64'd?</p>
	117	</li>
	118	<li>
	119	<p>The temporary key student has picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
	120	using sha256 with <code>gradecoin_public_key</code> (TODO base64? same as above), giving us <code>key_ciphertext</code></p>
	121	</li>
	122	<li>
	123	<p>The payload JSON object (<code>auth_request</code>) can be JSON serialized now:
	124	{
	125	c: "auth_ciphertext"
	126	key: "key_ciphertext"
	127	}</p>
	128	</li>
	129	</ul>
	130	<h2 id="gradecoin-side">Gradecoin Side</h2>
	131	<ul>
	132	<li>Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with <code>gradecoin_private_key</code> as the key and auth_request.key <code>key</code> as the ciphertext, receiving <code>temp_key</code> (this is the temporary key chosen by stu</li>
	133	<li>With <code>temp_key</code>, we can AES 128 Cbc Pkcs7 decrypt the <code>auth_request.c</code>, giving us
	134	auth_plaintext</li>
	135	<li>The <code>auth_plaintext</code> String can be deserialized to [<code>AuthRequest</code>]</li>
	136	<li>We then verify the payload and calculate the User fingerprint</li>
	137	<li>Finally, create the new [<code>User</code>] object, insert to users HashMap <code><fingerprint, User></code></li>
	138	</ul>
	139
	140
	141	</div>
	142
	143
	144
	145	</main>
	146
	147
	148	<footer>
	149	⁂
	150	</footer>
	151
	152	</body>
	153	<script>
	154	function highlightNav(heading) {
	155	let pathname = location.pathname;
	156	document.querySelectorAll(".toc a").forEach((item) => {
	157	item.classList.remove("active");
	158	});
	159	document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
	160	}
	161
	162	let currentHeading = "";
	163	window.onscroll = function () {
	164	let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
	165	let elementArr = [];
	166
	167	h.forEach(item => {
	168	if (item.id !== "") {
	169	elementArr[item.id] = item.getBoundingClientRect().top;
	170	}
	171	});
	172	elementArr.sort();
	173	for (let key in elementArr) {
	174	if (!elementArr.hasOwnProperty(key)) {
	175	continue;
	176	}
	177	if (elementArr[key] > 0 && elementArr[key] < 300) {
	178	if (currentHeading !== key) {
	179	highlightNav(key);
	180	currentHeading = key;
	181	}
	182	break;
	183	}
	184	}
	185	}
	186	</script>
	187
	188	</html>