Use MQTT with mbedTLS in Keil uVision 5 (MDK)

Today's post is rather short as the end to the series on IoT communication nears.

As per the previous blog post, a TLS connection was established. A few issues like client-side certificate verification were solved. In this post, all I sort to show was doing the MQTT communication on a secure port.

The changes done to the code are as shown in commit b85db2c9. The MQTT broker used is hosted at iot.eclipse.org:8883. I printed out the bytes sent and received using a simple hex dump function which I added in commit 82b44fec. The hex dump function gives a print of the ASCII representation where applicable. The results of the communication are shown below. Details about what each non-ASCII byte represents may be found in the MQTT-3.1.1 spec on OASIS.

  . Seeding the random number generator... ok
  . Loading the CA root certificate ... ok (0 skipped)
  . Connecting to tcp/iot.eclipse.org/8883... ok
  . Setting up the SSL/TLS structure... ok
  . Performing the SSL/TLS handshake... ok
  . Verifying peer X.509 certificate... ok

  . Preparing MQTT Connect packet... ok
  > Write to server: 52 bytes written
  0000:  10 32 00 04 4d 51 54 54 04 c2 00 14 00 0a 74 65  .2..MQTT......te
  0010:  73 74 63 6c 69 65 6e 74 00 0c 74 65 73 74 75 73  stclient..testus
  0020:  65 72 6e 61 6d 65 00 0c 74 65 73 74 70 61 73 73  ername..testpass
  0030:  77 6f 72 64                                      word
  < Read from server: 4 bytes read
  0000:  20 02 00 00                                       ...

  . Preparing MQTT Publish packet... ok
  > Write to server: 95 bytes written
  0000:  32 5d 00 26 64 65 76 69 63 65 73 2f 36 34 46 37  2].&devices/64F7
  0010:  32 39 35 45 41 38 43 2f 6d 65 73 73 61 67 65 73  295EA8C/messages
  0020:  2f 74 65 6c 65 6d 65 74 72 79 00 00 7b 22 74 65  /telemetry..{"te
  0030:  6d 70 31 22 3a 32 32 2e 33 35 34 36 2c 22 74 65  mp1":22.3546,"te
  0040:  6d 70 32 22 3a 35 34 2e 31 32 38 37 2c 22 77 65  mp2":54.1287,"we
  0050:  69 67 68 74 22 3a 34 35 37 38 2e 31 32 35 7d     ight":4578.125}
  < Read from server: 4 bytes read
  0000:  40 02 00 00                                      @...

  . Preparing MQTT Disconnect packet... ok
  > Write to server: 2 bytes written
  0000:  e0 00                                            ..

  . MQTT process completed!

To enable communication with iot.eclipse.org:8883, the certificate provided on their site was added to the list of known CAs (certificate authorities) as evident in commit 2b902433.

I used the MQTT paho library for embedded C and in particular the MQTT Packet because it is light weight. I needed to see what was sent on the wire and that seemed the best way to do so. Please do not crucify me for how I did the MQTT process in the while loop because it was just for this example.

In the next post, we shall consider sending this information to a secure broker which can be connected to other solutions in the cloud. This results in delivering a complete end-to-end solution. Till then, enjoy yourself.