- Gradecoin
-
-
-
-
-
-
-
-
-
-
-
-
- Register Documentation
-POST request to /register endpoint
Lets a user to authenticate themselves to the system. -Only people who are enrolled to the class can open Gradecoin accounts. -This is enforced with your Student ID (e123456) and a one time password you will receive.
-Authentication Process
---The bytes you are sending over the network are all Base64 Encoded
-
-
-
- Gradecoin's Public Key (
gradecoin_public_key) is listed on our Moodle page and here. Download and load it it to your client.
- - Create a JSON object (
P_AR) with yourmetu_id("e"+6 chars) andpublic keyin base64 (PEM) format (S_PK) reference
-
-{
- "student_id": "e123456",
- "passwd": "15 char secret",
- "public_key": "---BEGIN PUBLIC KEY..."
-}
-Cipher Initialization
--- -Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
-
Encryption
--
-
- Encrypt the serialized string of
P_ARwith 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (k_temp), the result isC_AR. Encode this with base64.
- - The temporary key you have picked
k_tempis encrypted using RSA with OAEP padding scheme using SHA-256 withgradecoin_public_key, giving uskey_ciphertext. Encode this with base64.
- - Base64 encode the IV (
iv) as well.
-
--- The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard. -
-
-
-
- The payload JSON object (
auth_request) can be serialized now:
-
-{
- "c": "C_AR",
- "iv": "iv",
- "key": "key_ciphertext"
-}
-
-If your authentication process was valid, you will be given access and your public key fingerprint that is your address. -You can now sign JWTs to send authorized transaction requests.
- - -