From 637cdc1ff6fef0f20c4206b83a5dafa1a8478f3a Mon Sep 17 00:00:00 2001 From: Seokho Son Date: Mon, 26 Aug 2024 08:31:55 +0900 Subject: [PATCH] Update description for register credential api --- src/api/rest/server/common/utility.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/rest/server/common/utility.go b/src/api/rest/server/common/utility.go index b5da90130..dd049a131 100644 --- a/src/api/rest/server/common/utility.go +++ b/src/api/rest/server/common/utility.go @@ -138,7 +138,7 @@ func RestGetPublicKeyForCredentialEncryption(c echo.Context) error { // RestRegisterCredential is a REST API handler for registering credentials. // @ID RegisterCredential // @Summary Register Credential Information -// @Description This API registers credential information using hybrid encryption. 1. First, compress and encrypt sensitive data using a client generated AES with a 256-bit key. 2. Then, encrypt the AES key using an RSA public key obtained from `GET /credential/publicKey`. 3. RSA encryption uses a 4096-bit key with OAEP padding and SHA-256 as the hash function. Ensure that all values are base64 encoded before sending them in the request. The public key token ID must be included in the request to allow the server to decrypt the data. +// @Description This API registers credential information using hybrid encryption. The process involves compressing and encrypting sensitive data with AES-256, encrypting the AES key with a 4096-bit RSA public key (retrieved via `GET /credential/publicKey`), and using OAEP padding with SHA-256. All values, including the AES key, must be base64 encoded before sending, and the public key token ID must be included in the request. // @Tags [Admin] Credential Management // @Accept json // @Produce json