summaryrefslogtreecommitdiffstats
path: root/site/content/register_docs.md
diff options
context:
space:
mode:
Diffstat (limited to 'site/content/register_docs.md')
-rw-r--r--site/content/register_docs.md26
1 files changed, 15 insertions, 11 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md
index 83aef7f..a387838 100644
--- a/site/content/register_docs.md
+++ b/site/content/register_docs.md
@@ -4,36 +4,40 @@ description = "Register Documentation"
4weight = 3 4weight = 3
5+++ 5+++
6 6
7POST request to /register endpoint 7POST request to `/register` endpoint
8 8
9Lets a user to authenticate themselves to the system. 9Lets a user to authenticate themselves to the system.
10Only people who are enrolled to the class can open Gradecoin accounts. 10Only people who are enrolled to the class can open Gradecoin accounts.
11This is enforced with your Student ID and a one time password you will receive. 11This is enforced with your Student ID and a one time password you will receive.
12 12
13# Authentication Process 13# Authentication Process
14- Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. 14
15- You pick a short temporary key (`k_temp`) 15> The bytes you are sending over the network are all Base64 Encoded
16- Create a JSON object (`auth_plaintext`) with your `metu_id` and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) 16
17- Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. Download and load it it to your client.
18- Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem)
17```json 19```json
18{ 20{
19 "student_id": "e12345", 21 "student_id": "e123456",
20 "passwd": "15 char secret", 22 "passwd": "15 char secret",
21 "public_key": "---BEGIN PUBLIC KEY..." 23 "public_key": "---BEGIN PUBLIC KEY..."
22} 24}
23``` 25```
24 26
25- Pick a random IV. 27- Pick a short temporary key (`k_temp`)
26- Encrypt the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext`. Encode this with base64. 28- Pick a random IV (`iv`).
27- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme 29- Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
28using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base 64. 30- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
31- Base64 encode the IV (`iv`) as well.
29- The payload JSON object (`auth_request`) can be serialized now: 32- The payload JSON object (`auth_request`) can be serialized now:
30 33
31```json 34```json
32{ 35{
33 "c": "auth_ciphertext", 36 "c": "C_AR",
34 "iv": "hexadecimal", 37 "iv": "iv",
35 "key": "key_ciphertext" 38 "key": "key_ciphertext"
36} 39}
37``` 40```
38 41
39If your authentication process was valid, you will be given access and your public key fingerprint that is your address. 42If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
43You can now sign JWTs to send authorized transaction requests.