How to connect to AWS IoT Core using AWS Embedded SDK from coreMQTT library using mbedTLS

Question

I am trying to connect my IoT embedded device to connect to AWS IoT Core MQTT broker by using AWS Embedded C SDK (https://github.com/aws/aws-iot-device-sdk-embedded-C).

I can see that the SDK is using coreMQTT library. This library has dependency on the Transport layer which user need to provide. In the sample demo, the transport layer security is using openssl. Unfortunately I don't have it. I am thinking to use alternative, from online research, it seems mbedTLS is a good alternative. But I could not find online a sample using mbedTLS to connect to AWS IoT Core using coreMQTT. Could someone help me please.

Answer

Hi misterb.

The fleet provisioning demo uses mbedTLS: https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/main/demos/fleet_provisioning/fleet_provisioning_with_csr/mqtt_operations.c#L673lL692

Implementation of the transport layer here: https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/main/platform/posix/transport/src/mbedtls_pkcs11_posix.c

You can find more examples in the [FreeRTOS](https://github.com/FreeRTOS/FreeRTOS) and [amazon-freertos](https://github.com/aws/amazon-freertos) repos.

Please see here: https://www.freertos.org/network-interface.html

> The transport interface implementations included in the FreeRTOS download are split into two files - a wrapper C file specific to the TCP stack, and a supplemental C file specific to using a TLS stack with the selected TCP stack. For example, to use FreeRTOS+TCP with mbedTLS, build sockets_wrapper.c from the network_transport/freertos_plus_tcp directory in the source code distribution, then build using_mbedtls.c from the using_mbedtls subdirectory.

Available transports: https://github.com/FreeRTOS/FreeRTOS/tree/main/FreeRTOS-Plus/Source/Application-Protocols/network_transport

mbedtls in particular: https://github.com/FreeRTOS/FreeRTOS/blob/main/FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/using_mbedtls.c

And part of the demos that use it: https://github.com/FreeRTOS/FreeRTOS/blob/main/FreeRTOS-Plus/Demo/AWS/Mqtt_Demo_Helpers/mqtt_demo_helpers.c#L614-L624

The amazon-freertos repo contains embedded reference implementations for many boards. You can find a coreMQTT demo there: https://github.com/aws/amazon-freertos/blob/main/demos/coreMQTT/mqtt_demo_mutual_auth.c

An mbedtls transport implementation here: https://github.com/aws/amazon-freertos/blob/main/libraries/freertos_plus/standard/tls/src/iot_tls.c

The demo calls this through one of the secure sockets implementations:

- https://github.com/aws/amazon-freertos/blob/main/libraries/abstractions/secure_sockets/freertos_plus_tcp/iot_secure_sockets.c
- https://github.com/aws/amazon-freertos/blob/main/libraries/abstractions/secure_sockets/lwip/iot_secure_sockets.c

How to connect to AWS IoT Core using AWS Embedded SDK from coreMQTT library using mbedTLS

관련 콘텐츠