aboutsummaryrefslogtreecommitdiffstats
path: root/site/content/register_docs.md
diff options
context:
space:
mode:
Diffstat (limited to 'site/content/register_docs.md')
-rw-r--r--site/content/register_docs.md54
1 files changed, 0 insertions, 54 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md
deleted file mode 100644
index 974fe37..0000000
--- a/site/content/register_docs.md
+++ /dev/null
@@ -1,54 +0,0 @@
1+++
2title = "Register"
3description = "Register Documentation"
4weight = 3
5+++
6
7POST request to `/register` endpoint
8
9Lets a user to authenticate themselves to the system.
10Only people who are enrolled to the class can open Gradecoin accounts.
11This is enforced with your Student ID (e123456) and a one time password you will receive.
12
13# Authentication Process
14
15> The bytes you are sending over the network are all Base64 Encoded
16
17- Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page and [here](/gradecoin.pub). Download and load it it to your client.
18- Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem)
19```json
20{
21 "student_id": "e123456",
22 "passwd": "15 char secret",
23 "public_key": "---BEGIN PUBLIC KEY..."
24}
25```
26
27## Cipher Initialization
28
29> Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
30
31- Pick a short temporary key (`k_temp`)
32- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`).
33
34## Encryption
35- Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
36- The temporary key you have picked `k_temp` is encrypted using RSA with [OAEP](https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding) padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
37- Base64 encode the IV (`iv`) as well.
38
39{% tidbit() %}
40The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard.
41{% end %}
42
43- The payload JSON object (`auth_request`) can be serialized now:
44
45```json
46{
47 "c": "C_AR",
48 "iv": "iv",
49 "key": "key_ciphertext"
50}
51```
52
53If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
54You can now sign [JWTs](@/JWT.md) to send authorized transaction requests.