Register_Operation

This section will be describing how one can register an account with the server.

API Root URL: https://mrchewitsoftware.com.my:5001/api/Register

Prerequisites:

1. You must know how to convert data into/from Base64 encoding
2. You must know how to convert data into URL encoded format
3. You must know how to read cryptography data that stores on your side through files in binary format/any other applicable format
4. You must know how to generate a random password without special characters as an ASCII ID (will be useful later)
5. You must know how to use query string in HttpGet
6. You must know how to convert data into/from JSON string

https://mrchewitsoftware.com.my:5001/api/Register/byValues?

This is the only endpoint.

This endpoint was responsible for registering an account with the server.

Here's an example on how to do it.

RegisterModel MyRegisterModel = new RegisterModel();
SecureIDGenerator secureIDGenerator = new SecureIDGenerator();
String ETLSSessionID = "";
String MySecureUserID = secureIDGenerator.GenerateUniqueString();
RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider();
//RNGCryptoServiceProvider is exactly a cryptography random number generator
Byte[] MySecureUserIDByte = new Byte[] { };
Byte[] MyETLSSignedSecureUserIDByte = new Byte[] { };
Byte[] UserLoginED25519PK = new Byte[] { };
Byte[] UserLoginSignedED25519PK = new Byte[] { };
Byte[] ETLSSignedUserLoginED25519PK = new Byte[] { };
Byte[] ETLSSignedUserLoginSignedED25519PK = new Byte[] { };
Byte[] RandomData = new Byte[128];
Byte[] CipheredRandomData = new Byte[] { };
Byte[] NonceByte = new Byte[] { };
Byte[] CombinedCipheredRandomData = new Byte[] { };
Byte[] SignedCombinedCipheredRandomData = new Byte[] { };
Byte[] ETLSSignedSignedCombinedCipheredRandomData = new Byte[] { };
Byte[] StreamCipherKeyByte = new Byte[] { };
Byte[] ClientECDSASK = new Byte[] { };
Boolean CheckServerBoolean = true;
RevampedKeyPair MyLoginKeyPair = SodiumPublicKeyAuth.GenerateRevampedKeyPair();
RevampedKeyPair MyRecoveryKeyPair = SodiumPublicKeyAuth.GenerateRevampedKeyPair();
String UserIDStoragePath = Application.StartupPath + "\\Application_Data\\User\\";
ETLSSessionID = File.ReadAllText(Application.StartupPath + "\\Temp_Session\\" + "SessionID.txt");
if (ETLSSessionID != null && ETLSSessionID.CompareTo("") != 0)
{
    ClientECDSASK = File.ReadAllBytes(Application.StartupPath + "\\Temp_Session\\" + ETLSSessionID + "\\" + "ECDSASK.txt");
    if (MySecureUserID.Length > 45)
    {
        MySecureUserID = MySecureUserID.Substring(0, 30);
    }
    MySecureUserIDByte = Encoding.UTF8.GetBytes(MySecureUserID);
    UserLoginED25519PK = MyLoginKeyPair.PublicKey;
    rngCsp.GetBytes(RandomData);
    NonceByte = SodiumSecretBox.GenerateNonce();
    StreamCipherKeyByte = SodiumSecretBox.GenerateKey();
    CipheredRandomData = SodiumSecretBox.Create(RandomData, NonceByte, StreamCipherKeyByte);
    CombinedCipheredRandomData = NonceByte.Concat(CipheredRandomData).ToArray();
    SignedCombinedCipheredRandomData = SodiumPublicKeyAuth.Sign(CombinedCipheredRandomData, MyRecoveryKeyPair.PrivateKey);
    MyETLSSignedSecureUserIDByte = SodiumPublicKeyAuth.Sign(MySecureUserIDByte, ClientECDSASK);
    UserLoginSignedED25519PK = SodiumPublicKeyAuth.Sign(UserLoginED25519PK, MyLoginKeyPair.PrivateKey);
    ETLSSignedUserLoginSignedED25519PK = SodiumPublicKeyAuth.Sign(UserLoginSignedED25519PK, ClientECDSASK);
    ETLSSignedUserLoginED25519PK = SodiumPublicKeyAuth.Sign(UserLoginED25519PK, ClientECDSASK);
    ETLSSignedSignedCombinedCipheredRandomData = SodiumPublicKeyAuth.Sign(SignedCombinedCipheredRandomData, ClientECDSASK,true);
    using (var client = new HttpClient())
    {
        client.BaseAddress = new Uri("https://mrchewitsoftware.com.my:5001/api/");
        client.DefaultRequestHeaders.Accept.Clear();
        client.DefaultRequestHeaders.Accept.Add(
            new MediaTypeWithQualityHeaderValue("application/json"));
        var response = client.GetAsync("Register/byValues?ClientPathID=" + ETLSSessionID + "&SignedUserID=" + 
            HttpUtility.UrlEncode(Convert.ToBase64String(MyETLSSignedSecureUserIDByte)) + "&SignedLoginSignedPK=" + 
            HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedUserLoginSignedED25519PK)) + "&SignedLoginPK=" + 
            HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedUserLoginED25519PK)) +  "&SignedCiphered_Recovery_Data=" + 
            HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedSignedCombinedCipheredRandomData)));
        try
        {
            response.Wait();
        }
        catch
        {
            CheckServerBoolean = false;
        }
        if (CheckServerBoolean == true)
        {
            var result = response.Result;
            if (result.IsSuccessStatusCode)
            {
                var readTask = result.Content.ReadAsStringAsync();
                readTask.Wait();

                var RegisterModelResult = readTask.Result;
                //You can try to read the JSON Data here and convert the data into suitable format
                MyRegisterModel = JsonConvert.DeserializeObject<RegisterModel>(RegisterModelResult);
                if (MyRegisterModel.Error.Contains("Error"))
                {
                    //Do something like display error
                }
                else
                {
                    //Show user their ID and other applicable data.
                    //Store the cryptography data and other applicable data on client machine..
                    SodiumSecureMemory.SecureClearBytes(StreamCipherKeyByte);
                    MyRecoveryKeyPair.Clear();
                    MyLoginKeyPair.Clear();
                }
            }
            else
            {
                //Display error as httpclient is unable to fetch values
            }
        }
        else
        {
            //Display error as server is offline.
        }
    }
}
else
{
    //ETLS session must be establish.. else it wouldn't work
    MyRecoveryKeyPair.Clear();
    MyLoginKeyPair.Clear();
}