summaryrefslogtreecommitdiffstats
path: root/site/public/register-docs
diff options
context:
space:
mode:
Diffstat (limited to 'site/public/register-docs')
-rw-r--r--site/public/register-docs/index.html28
1 files changed, 16 insertions, 12 deletions
diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html
index fdc5237..810f4ec 100644
--- a/site/public/register-docs/index.html
+++ b/site/public/register-docs/index.html
@@ -84,38 +84,42 @@
84 <div class="content text"> 84 <div class="content text">
85 85
86<div class="heading-text">Register Documentation</div> 86<div class="heading-text">Register Documentation</div>
87<p>POST request to /register endpoint</p> 87<p>POST request to <code>/register</code> endpoint</p>
88<p>Lets a user to authenticate themselves to the system. 88<p>Lets a user to authenticate themselves to the system.
89Only people who are enrolled to the class can open Gradecoin accounts. 89Only people who are enrolled to the class can open Gradecoin accounts.
90This is enforced with your Student ID and a one time password you will receive.</p> 90This is enforced with your Student ID and a one time password you will receive.</p>
91<h1 id="authentication-process">Authentication Process</h1> 91<h1 id="authentication-process">Authentication Process</h1>
92<blockquote>
93<p>The bytes you are sending over the network are all Base64 Encoded</p>
94</blockquote>
92<ul> 95<ul>
93<li>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on our Moodle page.</li> 96<li>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on our Moodle page. Download and load it it to your client.</li>
94<li>You pick a short temporary key (<code>k_temp</code>)</li> 97<li>Create a JSON object (<code>P_AR</code>) with your <code>metu_id</code> (&quot;e&quot;+<code>6 chars</code>) and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>) <a href="https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem">reference</a></li>
95<li>Create a JSON object (<code>auth_plaintext</code>) with your <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>) <a href="https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem">reference</a></li>
96</ul> 98</ul>
97<pre style="background-color:#ffffff;"> 99<pre style="background-color:#ffffff;">
98<code class="language-json" data-lang="json"><span style="color:#545052;">{ 100<code class="language-json" data-lang="json"><span style="color:#545052;">{
99 &quot;</span><span style="color:#009854;">student_id</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">e12345</span><span style="color:#545052;">&quot;, 101 &quot;</span><span style="color:#009854;">student_id</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">e123456</span><span style="color:#545052;">&quot;,
100 &quot;</span><span style="color:#009854;">passwd</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">15 char secret</span><span style="color:#545052;">&quot;, 102 &quot;</span><span style="color:#009854;">passwd</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">15 char secret</span><span style="color:#545052;">&quot;,
101 &quot;</span><span style="color:#009854;">public_key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">---BEGIN PUBLIC KEY...</span><span style="color:#545052;">&quot; 103 &quot;</span><span style="color:#009854;">public_key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">---BEGIN PUBLIC KEY...</span><span style="color:#545052;">&quot;
102} 104}
103</span></code></pre> 105</span></code></pre>
104<ul> 106<ul>
105<li>Pick a random IV.</li> 107<li>Pick a short temporary key (<code>k_temp</code>)</li>
106<li>Encrypt the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code>. Encode this with base64.</li> 108<li>Pick a random IV (<code>iv</code>).</li>
107<li>The temporary key you have picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme 109<li>Encrypt the serialized string of <code>P_AR</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>C_AR</code>. Encode this with base64.</li>
108using SHA-256 with <code>gradecoin_public_key</code>, giving us <code>key_ciphertext</code>. Encode this with base 64.</li> 110<li>The temporary key you have picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme using SHA-256 with <code>gradecoin_public_key</code>, giving us <code>key_ciphertext</code>. Encode this with base64.</li>
111<li>Base64 encode the IV (<code>iv</code>) as well.</li>
109<li>The payload JSON object (<code>auth_request</code>) can be serialized now:</li> 112<li>The payload JSON object (<code>auth_request</code>) can be serialized now:</li>
110</ul> 113</ul>
111<pre style="background-color:#ffffff;"> 114<pre style="background-color:#ffffff;">
112<code class="language-json" data-lang="json"><span style="color:#545052;">{ 115<code class="language-json" data-lang="json"><span style="color:#545052;">{
113 &quot;</span><span style="color:#009854;">c</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">auth_ciphertext</span><span style="color:#545052;">&quot;, 116 &quot;</span><span style="color:#009854;">c</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">C_AR</span><span style="color:#545052;">&quot;,
114 &quot;</span><span style="color:#009854;">iv</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">hexadecimal</span><span style="color:#545052;">&quot;, 117 &quot;</span><span style="color:#009854;">iv</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">iv</span><span style="color:#545052;">&quot;,
115 &quot;</span><span style="color:#009854;">key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">key_ciphertext</span><span style="color:#545052;">&quot; 118 &quot;</span><span style="color:#009854;">key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">key_ciphertext</span><span style="color:#545052;">&quot;
116} 119}
117</span></code></pre> 120</span></code></pre>
118<p>If your authentication process was valid, you will be given access and your public key fingerprint that is your address.</p> 121<p>If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
122You can now sign JWTs to send authorized transaction requests.</p>
119 123
120 124
121 </div> 125 </div>