POST request to /register endpoint
-Lets a [User] (=student) to authenticate themselves to the system
-This request can be rejected if the payload is malformed (=not authenticated properly) or if
-the [AuthRequest.user_id] of the request is not in the list of users that can hold a Gradecoin account
POST request to /register endpoint
+Lets a user to authenticate themselves to the system. +Only people who are enrolled to the class can open Gradecoin accounts. +This is enforced with your Student ID and a one time password you will receive.
Gradecoin's Public Key (gradecoin_public_key) is listed on moodle.
Gradecoin's Private Key (gradecoin_private_key) is loaded here
Student picks a short temporary key (k_temp)
Creates a JSON object (auth_plaintext) with their metu_id and public key in base64 (PEM) format (S_PK):
-{
-student_id: "e12345",
-passwd: "15 char secret"
-public_key: "---BEGIN PUBLIC KEY..."
-}
Encrypts the serialized string of auth_plaintext with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (k_temp), the result is auth_ciphertext TODO should this be base64'd?
The temporary key student has picked k_temp is encrypted using RSA with OAEP padding scheme
-using sha256 with gradecoin_public_key (TODO base64? same as above), giving us key_ciphertext
The payload JSON object (auth_request) can be JSON serialized now:
-{
-c: "auth_ciphertext"
-key: "key_ciphertext"
-}
gradecoin_public_key) is listed on our Moodle page.k_temp)auth_plaintext) with your metu_id and public key in base64 (PEM) format (S_PK) reference
+{
+ "student_id": "e12345",
+ "passwd": "15 char secret",
+ "public_key": "---BEGIN PUBLIC KEY..."
+}
+
gradecoin_private_key as the key and auth_request.key key as the ciphertext, receiving temp_key (this is the temporary key chosen by stutemp_key, we can AES 128 Cbc Pkcs7 decrypt the auth_request.c, giving us
-auth_plaintextauth_plaintext String can be deserialized to [AuthRequest]User] object, insert to users HashMap <fingerprint, User>auth_plaintext with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (k_temp), the result is auth_ciphertext. Encode this with base64.k_temp is encrypted using RSA with OAEP padding scheme
+using SHA-256 with gradecoin_public_key, giving us key_ciphertext. Encode this with base 64.auth_request) can be serialized now:
+{
+ "c": "auth_ciphertext",
+ "iv": "hexadecimal",
+ "key": "key_ciphertext"
+}
+
+If your authentication process was valid, you will be given access and your public key fingerprint that is your address.