Security in the world of IoT is vitally important. At Octoblu, we want to make it easy for you to protect your data as it moves through our platform. We make it easy for you to do end-to-end message encryption by supporting Public Key Encryption.

Using our meshblu npm module is the easiest way to generate a key pair and encrypt/decrypt messages, however it is not the only way. You can register secure devices and encrypt messages easily, using simple command line tools.

To run this example you will need a few utilities:


# generate keypair for sending device
openssl genrsa -out send_device.key 2048
openssl rsa -in send_device.key -pubout >

# generate keypair for receiving device
openssl genrsa -out recv_device.key 2048
openssl rsa -in recv_device.key -pubout >

# register the sending device
curl -X POST -H 'Content-Type: application/json' -d "{\"publicKey\": \"`cat | base64`\"}" > send_device.json

# register the receiving device
curl -X POST -H 'Content-Type: application/json' -d "{\"publicKey\": \"`cat | base64`\"}" > recv_device.json

# get uuids and tokens
SEND_UUID=`cat send_device.json | jsawk 'return this.uuid'`
SEND_TOKEN=`cat send_device.json | jsawk 'return this.token'`
RECV_UUID=`cat recv_device.json | jsawk 'return this.uuid'`

# encrypt the message
ENCRYPTED_MESSAGE=`echo 'SUPER SECRET' | openssl rsautl -encrypt -pubin -inkey | base64`

# send the encrypted payload
curl -X POST -H 'Content-Type: application/json' -H "meshblu_auth_uuid: $SEND_UUID" -H "meshblu_auth_token: $SEND_TOKEN" -d "{\"devices\":\"$RECV_UUID\", \"encryptedPayload\":\"$ENCRYPTED_MESSAGE\"}"

Learn more at the Octoblu Developer site.