Solved: How can I validate a JSON message with a public ke...

StefanBode · ‎Oct 01, 2020

During the device on boarding the device generates a asymmetric key pair and send the public key to ThingWorx. The key is stored in a property. The message form the client will be signed with the private key and added to the JSON string.
the incoming JSON string just needs to be “truncated” by the hash value and now I need a method where I can check with the public key and the JSON string if this matches to the hash. How?

the signing will give the ThingWorx server the confidence that the message was send by this specific device that previously shared the public key.

nmilleson · ‎Oct 02, 2020

@StefanBode ,

You could probably write it in a Java extension using something like this:

https://github.com/auth0/java-jwt#verify-a-token

View solution in original post

nmilleson · ‎Oct 02, 2020

@StefanBode ,

You could probably write it in a Java extension using something like this:

https://github.com/auth0/java-jwt#verify-a-token

StefanBode · ‎Oct 02, 2020

Yes, an extension is always an option.

I just hoped that there is already something in the 100+ included libraries that already has this capability to use. We have all these AppKeys and password hashes, but none of them matches 100% to the problem. Maybe someone else has an idea.

Stefan

slangley · ‎Oct 26, 2020

Hi @StefanBode.

If you feel that your question has been answered, please mark the appropriate response as the Accepted Solution for the benefit of others with the same question.

Regards.

--Sharon

How can I validate a JSON message with a public key?

How can I validate a JSON message with a public key?