Go Down

Topic: Google IoT core (Read 358 times) previous topic - next topic

realcyma

I am trying to use Google IoT core to store my ioT Data.

According to what i found, Google ioT uses JWT RS256 as the authentication.  But, i cannot found any JWT Library for Arduino.  I found one "ArduinoJWT", but, i only support HS256, no RS256.

J-M-L

I've not played yet with it but where did you read that Google IoT core does not support both?

From an arduino you would probably use direct HTTP requests to the service I suppose and so embed a JWT in the header of the HTTP request ?

The JWT has its own self describing header. My basic understanding from reading the protocol doc was that google would support any valid JWT as long as the algorithm specified in the JWT header was matching one of the public keys registered for your device: RS256  for RSA keys or ES256 for Elliptic Curve keys

It's up to you to create the public-private key pair that will be used for crypto and this security page does mention both RS256 and ES256 are possible for registering the public key for a device



Please do not PM me for help,  others will benefit as well if you post your question publicly on the forums
Pas de messages privés SVP

realcyma

#2
Oct 14, 2017, 04:49 am Last Edit: Oct 14, 2017, 04:54 am by realcyma
Thanks J-M-T,

Yes. Google IoT core support both "RS256" and "ES256".

But, I can only found ArduinoJWT which only support "HS256", neither "RS256" or "ES256".   "HS256" is different form "RS256" or "ES256", it does not use public-private key pair.  it use same key in both side.

If there are any library support "ES256" or "RS256", it is also ok for me.

Thanks again.

J-M-L

Sorry indeed needed my glasses...

The base64 piece and to some extent the hash part are totally within reach of small arduino  but the  signed key part of a JWT is CPU and memory intensive. What arduino are you planing to run this on?
Please do not PM me for help,  others will benefit as well if you post your question publicly on the forums
Pas de messages privés SVP

realcyma

Sorry indeed needed my glasses...

The base64 piece and to some extent the hash part are totally within reach of small arduino  but the  signed key part of a JWT is CPU and memory intensive. What arduino are you planing to run this on?

i am using NodeMCU.

J-M-L

#5
Oct 14, 2017, 12:52 pm Last Edit: Oct 14, 2017, 01:20 pm by J-M-L
are you really using NodeMCU?

or did you take an ESP8266 that came with NodeMCU and you moved to Arduino core for ESP8266 WiFi chip on top?

you might be able to use ES256 (ECDSA using P-256 and SHA256 ) by looking at the SSL library of the ESP8266 - never tried (but would use the hardware) or possibly explore the micro-ecc library as secp256r1 curve was referred to as prime256v1 if I remember correctly (which is what google want in ES256)
Please do not PM me for help,  others will benefit as well if you post your question publicly on the forums
Pas de messages privés SVP

realcyma

are you really using NodeMCU?

or did you take an ESP8266 that came with NodeMCU and you moved to Arduino core for ESP8266 WiFi chip on top?

you might be able to use ES256 (ECDSA using P-256 and SHA256 ) by looking at the SSL library of the ESP8266 - never tried (but would use the hardware) or possibly explore the micro-ecc library as secp256r1 curve was referred to as prime256v1 if I remember correctly (which is what google want in ES256)
i am using 8266 NodeMCU 1.0. Just NodeMCU, no Arduino.

J-M-L

OK... this is the Arduino forum :)

I'm not sure this is the best place here to find NodeMCU/Embedded Lua experts here.. I'm not one.

You could look at JSON Web Token library for LUA - a quick google search shows there is some work done there (an example)
Please do not PM me for help,  others will benefit as well if you post your question publicly on the forums
Pas de messages privés SVP

Go Up