How can I validate a JSON message with a public key?

Forum|Forum|5 years ago
October 1, 2020
2 replies
1603 views

During the device on boarding the device generates a asymmetric key pair and send the public key to ThingWorx. The key is stored in a property. The message form the client will be signed with the private key and added to the JSON string.
the incoming JSON string just needs to be “truncated” by the hash value and now I need a method where I can check with the public key and the JSON string if this matches to the hash. How?

the signing will give the ThingWorx server the confidence that the message was send by this specific device that previously shared the public key.

Best answer by nmilleson

@StefanBode ,

You could probably write it in a Java extension using something like this:

https://github.com/auth0/java-jwt#verify-a-token

N

nmilleson

Answer

17-Peridot

@StefanBode ,

You could probably write it in a Java extension using something like this:

https://github.com/auth0/java-jwt#verify-a-token

S

StefanBode

Author

12-Amethyst

Yes, an extension is always an option.

I just hoped that there is already something in the 100+ included libraries that already has this capability to use. We have all these AppKeys and password hashes, but none of them matches 100% to the problem. Maybe someone else has an idea.

Stefan

S

slangley

Support

Hi @StefanBode.

If you feel that your question has been answered, please mark the appropriate response as the Accepted Solution for the benefit of others with the same question.

Regards.

--Sharon

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded