diff options
Diffstat (limited to 'site/content/register_docs.md')
-rw-r--r-- | site/content/register_docs.md | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md index 83aef7f..a387838 100644 --- a/site/content/register_docs.md +++ b/site/content/register_docs.md | |||
@@ -4,36 +4,40 @@ description = "Register Documentation" | |||
4 | weight = 3 | 4 | weight = 3 |
5 | +++ | 5 | +++ |
6 | 6 | ||
7 | POST request to /register endpoint | 7 | POST request to `/register` endpoint |
8 | 8 | ||
9 | Lets a user to authenticate themselves to the system. | 9 | Lets a user to authenticate themselves to the system. |
10 | Only people who are enrolled to the class can open Gradecoin accounts. | 10 | Only people who are enrolled to the class can open Gradecoin accounts. |
11 | This is enforced with your Student ID and a one time password you will receive. | 11 | This is enforced with your Student ID and a one time password you will receive. |
12 | 12 | ||
13 | # Authentication Process | 13 | # Authentication Process |
14 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. | 14 | |
15 | - You pick a short temporary key (`k_temp`) | 15 | > The bytes you are sending over the network are all Base64 Encoded |
16 | - Create a JSON object (`auth_plaintext`) with your `metu_id` and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) | 16 | |
17 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. Download and load it it to your client. | ||
18 | - Create a JSON object (`P_AR`) with your `metu_id` ("e"+`6 chars`) and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) | ||
17 | ```json | 19 | ```json |
18 | { | 20 | { |
19 | "student_id": "e12345", | 21 | "student_id": "e123456", |
20 | "passwd": "15 char secret", | 22 | "passwd": "15 char secret", |
21 | "public_key": "---BEGIN PUBLIC KEY..." | 23 | "public_key": "---BEGIN PUBLIC KEY..." |
22 | } | 24 | } |
23 | ``` | 25 | ``` |
24 | 26 | ||
25 | - Pick a random IV. | 27 | - Pick a short temporary key (`k_temp`) |
26 | - Encrypt the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext`. Encode this with base64. | 28 | - Pick a random IV (`iv`). |
27 | - The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme | 29 | - Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64. |
28 | using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base 64. | 30 | - The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64. |
31 | - Base64 encode the IV (`iv`) as well. | ||
29 | - The payload JSON object (`auth_request`) can be serialized now: | 32 | - The payload JSON object (`auth_request`) can be serialized now: |
30 | 33 | ||
31 | ```json | 34 | ```json |
32 | { | 35 | { |
33 | "c": "auth_ciphertext", | 36 | "c": "C_AR", |
34 | "iv": "hexadecimal", | 37 | "iv": "iv", |
35 | "key": "key_ciphertext" | 38 | "key": "key_ciphertext" |
36 | } | 39 | } |
37 | ``` | 40 | ``` |
38 | 41 | ||
39 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. | 42 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. |
43 | You can now sign JWTs to send authorized transaction requests. | ||