Use MQTT with mbedTLS in Keil uVision 5 (MDK)

Today’s post is rather short as it is the end of the series on IoT communication nears.

As per the previous blog post, a TLS connection was established. A few issues like client-side certificate verification were solved. In this post, all I sort to show was doing the MQTT communication on a secure port.

The changes done to the code are as shown in commit b85db2c9. The MQTT broker used is hosted at iot.eclipse.org:8883. I printed out the bytes sent and received using a simple hex dump function which I added in commit 82b44fec. The hex dump function gives a print of the ASCII representation where applicable. The results of the communication are shown below. Details about what each non-ASCII byte represents may be found in the MQTT-3.1.1 spec on OASIS.

 . Seeding the random number generator... ok
  . Loading the CA root certificate ... ok (0 skipped)
  . Connecting to tcp/iot.eclipse.org/8883... ok
  . Setting up the SSL/TLS structure... ok
  . Performing the SSL/TLS handshake... ok
  . Verifying peer X.509 certificate... ok . Preparing MQTT Connect packet... ok
  > Write to server: 52 bytes written
  0000: 10 32 00 04 4d 51 54 54 04 c2 00 14 00 0a 74 65 .2..MQTT......te
  0010: 73 74 63 6c 69 65 6e 74 00 0c 74 65 73 74 75 73 stclient..testus
  0020: 65 72 6e 61 6d 65 00 0c 74 65 73 74 70 61 73 73 ername..testpass
  0030: 77 6f 72 64 word
  < Read from server: 4 bytes read
  0000: 20 02 00 00 ... . Preparing MQTT Publish packet... ok
  > Write to server: 95 bytes written
  0000: 32 5d 00 26 64 65 76 69 63 65 73 2f 36 34 46 37 2].&devices/64F7
  0010: 32 39 35 45 41 38 43 2f 6d 65 73 73 61 67 65 73 295EA8C/messages
  0020: 2f 74 65 6c 65 6d 65 74 72 79 00 00 7b 22 74 65 /telemetry..{"te
  0030: 6d 70 31 22 3a 32 32 2e 33 35 34 36 2c 22 74 65 mp1":22.3546,"te
  0040: 6d 70 32 22 3a 35 34 2e 31 32 38 37 2c 22 77 65 mp2":54.1287,"we
  0050: 69 67 68 74 22 3a 34 35 37 38 2e 31 32 35 7d ight":4578.125}
  < Read from server: 4 bytes read
  0000: 40 02 00 00 @... . Preparing MQTT Disconnect packet... ok
  > Write to server: 2 bytes written
  0000: e0 00 .. . MQTT process completed!

To enable communication with iot.eclipse.org:8883, the certificate provided on their site was added to the list of known CAs (certificate authorities) as evident in commit 2b902433.

I used the MQTT paho library for embedded C and in particular the MQTT Packet because it is lightweight. I needed to see what was sent on the wire and that seemed the best way to do so. Please do not crucify me for how I did the MQTT process in the while loop because it was just for this example.

In the next post, we shall consider sending this information to a secure broker which can be connected to other solutions in the cloud. This results in delivering a complete end-to-end solution. Till then, enjoy yourself.