From 0f67c6c79325078ad71f666915c065d15d417814 Mon Sep 17 00:00:00 2001 From: Yigit Sever Date: Fri, 16 Apr 2021 15:30:59 +0300 Subject: Improve register documentation --- site/public/register-docs/index.html | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) (limited to 'site/public/register-docs') diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html index 810f4ec..9d9c91d 100644 --- a/site/public/register-docs/index.html +++ b/site/public/register-docs/index.html @@ -27,6 +27,7 @@ + @@ -76,6 +77,16 @@ +
+ +POST request to /register
endpoint
Lets a user to authenticate themselves to the system. Only people who are enrolled to the class can open Gradecoin accounts. -This is enforced with your Student ID and a one time password you will receive.
+This is enforced with your Student ID (e123456) and a one time password you will receive.The bytes you are sending over the network are all Base64 Encoded
@@ -102,13 +113,26 @@ This is enforced with your Student ID and a one time password you will receive.< "passwd": "15 char secret", "public_key": "---BEGIN PUBLIC KEY..." } - +Cipher Initialization
++Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
++
- Pick a short temporary key (
-k_temp
)- Pick a random IV (
-iv
).- Encrypt the serialized string of
-P_AR
with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (k_temp
), the result isC_AR
. Encode this with base64.- The temporary key you have picked
+k_temp
is encrypted using RSA with OAEP padding scheme using SHA-256 withgradecoin_public_key
, giving uskey_ciphertext
. Encode this with base64.- Pick a random IV 1 2 (
+iv
).Encryption
++
+- Encrypt the serialized string of
+P_AR
with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (k_temp
), the result isC_AR
. Encode this with base64.- The temporary key you have picked
k_temp
is encrypted using RSA with OAEP padding scheme using SHA-256 withgradecoin_public_key
, giving uskey_ciphertext
. Encode this with base64.- Base64 encode the IV (
+iv
) as well.+++ The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard. +
+
- The payload JSON object (
auth_request
) can be serialized now:@@ -119,7 +143,7 @@ This is enforced with your Student ID and a one time password you will receive.< }If your authentication process was valid, you will be given access and your public key fingerprint that is your address. -You can now sign JWTs to send authorized transaction requests.
+You can now sign JWTs to send authorized transaction requests. -- cgit v1.2.3-70-g09d2