diff options
Diffstat (limited to 'site/content/register_docs.md')
-rw-r--r-- | site/content/register_docs.md | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md new file mode 100644 index 0000000..83aef7f --- /dev/null +++ b/site/content/register_docs.md | |||
@@ -0,0 +1,39 @@ | |||
1 | +++ | ||
2 | title = "Register" | ||
3 | description = "Register Documentation" | ||
4 | weight = 3 | ||
5 | +++ | ||
6 | |||
7 | POST request to /register endpoint | ||
8 | |||
9 | Lets a user to authenticate themselves to the system. | ||
10 | Only people who are enrolled to the class can open Gradecoin accounts. | ||
11 | This is enforced with your Student ID and a one time password you will receive. | ||
12 | |||
13 | # Authentication Process | ||
14 | - Gradecoin's Public Key (`gradecoin_public_key`) is listed on our Moodle page. | ||
15 | - You pick a short temporary key (`k_temp`) | ||
16 | - Create a JSON object (`auth_plaintext`) with your `metu_id` and `public key` in base64 (PEM) format (`S_PK`) [reference](https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem) | ||
17 | ```json | ||
18 | { | ||
19 | "student_id": "e12345", | ||
20 | "passwd": "15 char secret", | ||
21 | "public_key": "---BEGIN PUBLIC KEY..." | ||
22 | } | ||
23 | ``` | ||
24 | |||
25 | - Pick a random IV. | ||
26 | - Encrypt the serialized string of `auth_plaintext` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `auth_ciphertext`. Encode this with base64. | ||
27 | - The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme | ||
28 | using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base 64. | ||
29 | - The payload JSON object (`auth_request`) can be serialized now: | ||
30 | |||
31 | ```json | ||
32 | { | ||
33 | "c": "auth_ciphertext", | ||
34 | "iv": "hexadecimal", | ||
35 | "key": "key_ciphertext" | ||
36 | } | ||
37 | ``` | ||
38 | |||
39 | If your authentication process was valid, you will be given access and your public key fingerprint that is your address. | ||