diff options
author | Yigit Sever | 2021-04-19 18:21:06 +0300 |
---|---|---|
committer | Yigit Sever | 2021-04-19 18:21:06 +0300 |
commit | df6fa5f322fc972b3894e720f2c406eb2d8f5f5a (patch) | |
tree | 4864006b54c512dea971d0c50efcacca65b12c6e /site/public/register-docs | |
parent | d1b2e4bbd8f1ec5fe40c3d8c85ea4d13c8bfd755 (diff) | |
download | gradecoin-df6fa5f322fc972b3894e720f2c406eb2d8f5f5a.tar.gz gradecoin-df6fa5f322fc972b3894e720f2c406eb2d8f5f5a.tar.bz2 gradecoin-df6fa5f322fc972b3894e720f2c406eb2d8f5f5a.zip |
Moving site to separate repo
Diffstat (limited to 'site/public/register-docs')
-rw-r--r-- | site/public/register-docs/index.html | 198 |
1 files changed, 0 insertions, 198 deletions
diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html deleted file mode 100644 index 53d86dd..0000000 --- a/site/public/register-docs/index.html +++ /dev/null | |||
@@ -1,198 +0,0 @@ | |||
1 | <!DOCTYPE html> | ||
2 | <html lang="en"> | ||
3 | |||
4 | <head> | ||
5 | <meta charset="UTF-8"> | ||
6 | <title>Register | Gradecoin </title> | ||
7 | <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> | ||
8 | <style> | ||
9 | :root { | ||
10 | /* Primary theme color */ | ||
11 | --primary-color: #F8D12F; | ||
12 | /* Primary theme text color */ | ||
13 | --primary-text-color: #1E2329; | ||
14 | /* Primary theme link color */ | ||
15 | --primary-link-color: #2F57F7; | ||
16 | /* Secondary color: the background body color */ | ||
17 | --secondary-color: #FAFAFA; | ||
18 | --secondary-text-color: #303030; | ||
19 | /* Highlight text color of table of content */ | ||
20 | --toc-highlight-text-color: #d46e13; | ||
21 | } | ||
22 | </style> | ||
23 | |||
24 | <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet"> | ||
25 | <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet"> | ||
26 | <link rel="stylesheet" href="/normalize.css"> | ||
27 | <link rel="stylesheet" href="https://gradecoin.xyz/juice.css"> | ||
28 | |||
29 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" /> | ||
30 | <link rel="stylesheet" href="/site.css" /> | ||
31 | |||
32 | </head> | ||
33 | |||
34 | <body> | ||
35 | |||
36 | <header class="box-shadow"> | ||
37 | |||
38 | |||
39 | <a href="https://gradecoin.xyz/"> | ||
40 | <div class="logo"> | ||
41 | <img src="https://gradecoin.xyz/gradecoin.png" alt="logo"> | ||
42 | Gradecoin | ||
43 | </div> | ||
44 | </a> | ||
45 | |||
46 | <nav> | ||
47 | |||
48 | <a class="nav-item subtitle-text" href="https://gradecoin.xyz/register-docs/">Register</a> | ||
49 | |||
50 | <a class="nav-item subtitle-text" href="https://gradecoin.xyz/jwt/">JWT</a> | ||
51 | |||
52 | <a class="nav-item subtitle-text" href="https://gradecoin.xyz/transaction-docs/">Transactions</a> | ||
53 | |||
54 | <a class="nav-item subtitle-text" href="https://gradecoin.xyz/block-docs/">Blocks</a> | ||
55 | |||
56 | <a class="nav-item subtitle-text" href="https://gradecoin.xyz/misc-docs/">Misc</a> | ||
57 | |||
58 | |||
59 | |||
60 | <a class="nav-item subtitle-text" href="https://github.com/zhuowei/nft_ptr#why">why?</a> | ||
61 | |||
62 | |||
63 | </nav> | ||
64 | |||
65 | </header> | ||
66 | |||
67 | |||
68 | <main> | ||
69 | |||
70 | |||
71 | |||
72 | |||
73 | |||
74 | <div class="toc"> | ||
75 | <div class="toc-sticky"> | ||
76 | |||
77 | <div class="toc-item"> | ||
78 | <a class="subtext" href="https://gradecoin.xyz/register-docs/#authentication-process">Authentication Process</a> | ||
79 | </div> | ||
80 | |||
81 | |||
82 | <div class="toc-item-child"> | ||
83 | <a class="subtext" href="https://gradecoin.xyz/register-docs/#cipher-initialization"><small>- Cipher Initialization</small></a> | ||
84 | </div> | ||
85 | |||
86 | <div class="toc-item-child"> | ||
87 | <a class="subtext" href="https://gradecoin.xyz/register-docs/#encryption"><small>- Encryption</small></a> | ||
88 | </div> | ||
89 | |||
90 | |||
91 | |||
92 | </div> | ||
93 | </div> | ||
94 | |||
95 | |||
96 | |||
97 | <div class="content text"> | ||
98 | |||
99 | <div class="heading-text">Register Documentation</div> | ||
100 | <p>POST request to <code>/register</code> endpoint</p> | ||
101 | <p>Lets a user to authenticate themselves to the system. | ||
102 | Only people who are enrolled to the class can open Gradecoin accounts. | ||
103 | This is enforced with your Student ID (e123456) and a one time password you will receive.</p> | ||
104 | <h1 id="authentication-process">Authentication Process</h1> | ||
105 | <blockquote> | ||
106 | <p>The bytes you are sending over the network are all Base64 Encoded</p> | ||
107 | </blockquote> | ||
108 | <ul> | ||
109 | <li>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on our Moodle page and <a href="/gradecoin.pub">here</a>. Download and load it it to your client.</li> | ||
110 | <li>Create a JSON object (<code>P_AR</code>) with your <code>metu_id</code> ("e"+<code>6 chars</code>) and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>) <a href="https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem">reference</a></li> | ||
111 | </ul> | ||
112 | <pre style="background-color:#ffffff;"> | ||
113 | <code class="language-json" data-lang="json"><span style="color:#545052;">{ | ||
114 | "</span><span style="color:#009854;">student_id</span><span style="color:#545052;">": "</span><span style="color:#009854;">e123456</span><span style="color:#545052;">", | ||
115 | "</span><span style="color:#009854;">passwd</span><span style="color:#545052;">": "</span><span style="color:#009854;">15 char secret</span><span style="color:#545052;">", | ||
116 | "</span><span style="color:#009854;">public_key</span><span style="color:#545052;">": "</span><span style="color:#009854;">---BEGIN PUBLIC KEY...</span><span style="color:#545052;">" | ||
117 | } | ||
118 | </span></code></pre><h2 id="cipher-initialization">Cipher Initialization</h2> | ||
119 | <blockquote> | ||
120 | <p>Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)</p> | ||
121 | </blockquote> | ||
122 | <ul> | ||
123 | <li>Pick a short temporary key (<code>k_temp</code>)</li> | ||
124 | <li>Pick a random IV <a href="https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)">1</a> <a href="https://en.wikipedia.org/wiki/Initialization_vector">2</a> (<code>iv</code>).</li> | ||
125 | </ul> | ||
126 | <h2 id="encryption">Encryption</h2> | ||
127 | <ul> | ||
128 | <li>Encrypt the serialized string of <code>P_AR</code> with 128 bit block <a href="https://en.wikipedia.org/wiki/Initialization_vector">AES</a> in <a href="https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC">CBC</a> mode with <a href="https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding">Pkcs7 padding</a> using the temporary key (<code>k_temp</code>), the result is <code>C_AR</code>. Encode this with base64.</li> | ||
129 | <li>The temporary key you have picked <code>k_temp</code> is encrypted using RSA with <a href="https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding">OAEP</a> padding scheme using SHA-256 with <code>gradecoin_public_key</code>, giving us <code>key_ciphertext</code>. Encode this with base64.</li> | ||
130 | <li>Base64 encode the IV (<code>iv</code>) as well.</li> | ||
131 | </ul> | ||
132 | <blockquote class="tidbit"> | ||
133 | <p> | ||
134 | The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard. | ||
135 | </p> | ||
136 | </blockquote> | ||
137 | <ul> | ||
138 | <li>The payload JSON object (<code>auth_request</code>) can be serialized now:</li> | ||
139 | </ul> | ||
140 | <pre style="background-color:#ffffff;"> | ||
141 | <code class="language-json" data-lang="json"><span style="color:#545052;">{ | ||
142 | "</span><span style="color:#009854;">c</span><span style="color:#545052;">": "</span><span style="color:#009854;">C_AR</span><span style="color:#545052;">", | ||
143 | "</span><span style="color:#009854;">iv</span><span style="color:#545052;">": "</span><span style="color:#009854;">iv</span><span style="color:#545052;">", | ||
144 | "</span><span style="color:#009854;">key</span><span style="color:#545052;">": "</span><span style="color:#009854;">key_ciphertext</span><span style="color:#545052;">" | ||
145 | } | ||
146 | </span></code></pre> | ||
147 | <p>If your authentication process was valid, you will be given access and your public key fingerprint that is your address. | ||
148 | You can now sign <a href="https://gradecoin.xyz/jwt/">JWTs</a> to send authorized transaction requests.</p> | ||
149 | |||
150 | |||
151 | </div> | ||
152 | |||
153 | |||
154 | |||
155 | </main> | ||
156 | |||
157 | |||
158 | <footer> | ||
159 | Built For ⁂ CENG489 ⁂ Introduction to Computer Security | ||
160 | </footer> | ||
161 | |||
162 | </body> | ||
163 | <script> | ||
164 | function highlightNav(heading) { | ||
165 | let pathname = location.pathname; | ||
166 | document.querySelectorAll(".toc a").forEach((item) => { | ||
167 | item.classList.remove("active"); | ||
168 | }); | ||
169 | document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active"); | ||
170 | } | ||
171 | |||
172 | let currentHeading = ""; | ||
173 | window.onscroll = function () { | ||
174 | let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6"); | ||
175 | let elementArr = []; | ||
176 | |||
177 | h.forEach(item => { | ||
178 | if (item.id !== "") { | ||
179 | elementArr[item.id] = item.getBoundingClientRect().top; | ||
180 | } | ||
181 | }); | ||
182 | elementArr.sort(); | ||
183 | for (let key in elementArr) { | ||
184 | if (!elementArr.hasOwnProperty(key)) { | ||
185 | continue; | ||
186 | } | ||
187 | if (elementArr[key] > 0 && elementArr[key] < 300) { | ||
188 | if (currentHeading !== key) { | ||
189 | highlightNav(key); | ||
190 | currentHeading = key; | ||
191 | } | ||
192 | break; | ||
193 | } | ||
194 | } | ||
195 | } | ||
196 | </script> | ||
197 | |||
198 | </html> | ||