<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Register | </title>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<style>
:root {
/* Primary theme color */
--primary-color: #F8D12F;
/* Primary theme text color */
--primary-text-color: #1E2329;
/* Primary theme link color */
--primary-link-color: #2F57F7;
/* Secondary color: the background body color */
--secondary-color: #FAFAFA;
--secondary-text-color: #303030;
/* Highlight text color of table of content */
--toc-highlight-text-color: #d46e13;
}
</style>
<link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
<link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
<link rel="stylesheet" href="/normalize.css">
<link rel="stylesheet" href="http://localhost:8080/juice.css">
</head>
<body>
<header class="box-shadow">
<a href="http://localhost:8080/">
<div class="logo">
<img src="http://localhost:8080/gradecoin.png" alt="logo">
Gradecoin
</div>
</a>
<nav>
<a class="nav-item subtitle-text" href="http://localhost:8080/block-docs/">Blocks</a>
<a class="nav-item subtitle-text" href="http://localhost:8080/transaction-docs/">Transactions</a>
<a class="nav-item subtitle-text" href="http://localhost:8080/register-docs/">Register</a>
<a class="nav-item subtitle-text" href="http://localhost:8080/jwt/">JWT</a>
<a class="nav-item subtitle-text" href="https://github.com/zhuowei/nft_ptr#why">why?</a>
</nav>
</header>
<main>
<div class="toc">
<div class="toc-sticky">
<div class="toc-item">
<a class="subtext" href="http://localhost:8080/register-docs/#authentication-process">Authentication Process</a>
</div>
<div class="toc-item-child">
<a class="subtext" href="http://localhost:8080/register-docs/#gradecoin-side"><small>- Gradecoin Side</small></a>
</div>
</div>
</div>
<div class="content text">
<div class="heading-text">Register Documentation</div>
<p>POST request to /register endpoint
Lets a [<code>User</code>] (=student) to authenticate themselves to the system
This <code>request</code> can be rejected if the payload is malformed (=not authenticated properly) or if
the [<code>AuthRequest.user_id</code>] of the <code>request</code> is not in the list of users that can hold a Gradecoin account</p>
<h1 id="authentication-process">Authentication Process</h1>
<ul>
<li>
<p>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on moodle.</p>
</li>
<li>
<p>Gradecoin's Private Key (<code>gradecoin_private_key</code>) is loaded here</p>
</li>
<li>
<p>Student picks a short temporary key (<code>k_temp</code>)</p>
</li>
<li>
<p>Creates a JSON object (<code>auth_plaintext</code>) with their <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>):
{
student_id: "e12345",
passwd: "15 char secret"
public_key: "---BEGIN PUBLIC KEY..."
}</p>
</li>
<li>
<p>Encrypts the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code> TODO should this be base64'd?</p>
</li>
<li>
<p>The temporary key student has picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
using sha256 with <code>gradecoin_public_key</code> (TODO base64? same as above), giving us <code>key_ciphertext</code></p>
</li>
<li>
<p>The payload JSON object (<code>auth_request</code>) can be JSON serialized now:
{
c: "auth_ciphertext"
key: "key_ciphertext"
}</p>
</li>
</ul>
<h2 id="gradecoin-side">Gradecoin Side</h2>
<ul>
<li>Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with <code>gradecoin_private_key</code> as the key and auth_request.key <code>key</code> as the ciphertext, receiving <code>temp_key</code> (this is the temporary key chosen by stu</li>
<li>With <code>temp_key</code>, we can AES 128 Cbc Pkcs7 decrypt the <code>auth_request.c</code>, giving us
auth_plaintext</li>
<li>The <code>auth_plaintext</code> String can be deserialized to [<code>AuthRequest</code>]</li>
<li>We then verify the payload and calculate the User fingerprint</li>
<li>Finally, create the new [<code>User</code>] object, insert to users HashMap <code><fingerprint, User></code></li>
</ul>
</div>
</main>
<footer>
⁂
</footer>
</body>
<script>
function highlightNav(heading) {
let pathname = location.pathname;
document.querySelectorAll(".toc a").forEach((item) => {
item.classList.remove("active");
});
document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
}
let currentHeading = "";
window.onscroll = function () {
let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
let elementArr = [];
h.forEach(item => {
if (item.id !== "") {
elementArr[item.id] = item.getBoundingClientRect().top;
}
});
elementArr.sort();
for (let key in elementArr) {
if (!elementArr.hasOwnProperty(key)) {
continue;
}
if (elementArr[key] > 0 && elementArr[key] < 300) {
if (currentHeading !== key) {
highlightNav(key);
currentHeading = key;
}
break;
}
}
}
</script>
</html>