From 3eeb062b696aec4be02800880e69502191d57b1f Mon Sep 17 00:00:00 2001
From: Daniel Veilleux <inductivekickback@gmail.com>
Date: Fri, 31 Jan 2020 11:34:34 -0800
Subject: [PATCH] Add TLS support

---
 samples/nrf9160/mqtt_simple/Kconfig    | 10 ++++++++++
 samples/nrf9160/mqtt_simple/prj.conf   | 11 +++++++----
 samples/nrf9160/mqtt_simple/src/main.c | 21 +++++++++++++++++++--
 3 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/samples/nrf9160/mqtt_simple/Kconfig b/samples/nrf9160/mqtt_simple/Kconfig
index df7989f7..de53c366 100644
--- a/samples/nrf9160/mqtt_simple/Kconfig
+++ b/samples/nrf9160/mqtt_simple/Kconfig
@@ -33,6 +33,16 @@ config MQTT_PAYLOAD_BUFFER_SIZE
 	int "MQTT payload buffer size"
 	default 128
 
+config SEC_TAG
+    int "Security tag to use for the connection"
+    default 16842753
+
+config PEER_VERIFY
+	int "Peer verify parameter for mqtt_client"
+	default 1
+	help
+		Set to 0 for VERIFY_NONE, 1 for VERIFY_OPTIONAL, and 2 for VERIFY_REQUIRED.
+
 endmenu
 
 menu "Zephyr Kernel"
diff --git a/samples/nrf9160/mqtt_simple/prj.conf b/samples/nrf9160/mqtt_simple/prj.conf
index 93109d27..d8df8569 100644
--- a/samples/nrf9160/mqtt_simple/prj.conf
+++ b/samples/nrf9160/mqtt_simple/prj.conf
@@ -26,14 +26,17 @@ CONFIG_AT_HOST_LIBRARY=y
 
 # MQTT
 CONFIG_MQTT_LIB=y
-CONFIG_MQTT_LIB_TLS=n
+CONFIG_MQTT_LIB_TLS=y
 
 # Appliaction
 #CONFIG_MQTT_PUB_TOPIC="/my/publish/topic"
 #CONFIG_MQTT_SUB_TOPIC="/my/subscribe/topic"
-#CONFIG_MQTT_CLIENT_ID="my-client-id"
-#CONFIG_MQTT_BROKER_HOSTNAME="mqtt.eclipse.org"
-#CONFIG_MQTT_BROKER_PORT=1883
+CONFIG_MQTT_CLIENT_ID="training_client"
+CONFIG_MQTT_BROKER_HOSTNAME="test.mosquitto.org"
+CONFIG_MQTT_BROKER_PORT=8884
+
+CONFIG_SEC_TAG=51966
+CONFIG_PEER_VERIFY=1
 
 # Main thread
 CONFIG_MAIN_THREAD_PRIORITY=7
diff --git a/samples/nrf9160/mqtt_simple/src/main.c b/samples/nrf9160/mqtt_simple/src/main.c
index 2489dba2..5ff3e251 100644
--- a/samples/nrf9160/mqtt_simple/src/main.c
+++ b/samples/nrf9160/mqtt_simple/src/main.c
@@ -33,6 +33,10 @@ static bool connected;
 /* File descriptor */
 static struct pollfd fds;
 
+#if defined(CONFIG_MQTT_LIB_TLS)
+static sec_tag_t sec_tag_list[] = { CONFIG_SEC_TAG };
+#endif /* defined(CONFIG_MQTT_LIB_TLS) */
+
 #if defined(CONFIG_BSD_LIBRARY)
 
 /**@brief Recoverable BSD library error. */
@@ -328,8 +332,21 @@ static void client_init(struct mqtt_client *client)
 	client->tx_buf = tx_buffer;
 	client->tx_buf_size = sizeof(tx_buffer);
 
-	/* MQTT transport configuration */
-	client->transport.type = MQTT_TRANSPORT_NON_SECURE;
+    #if defined(CONFIG_MQTT_LIB_TLS)
+        struct mqtt_sec_config *tls_config = &client->transport.tls.config;
+    
+        client->transport.type = MQTT_TRANSPORT_SECURE;
+    
+        tls_config->peer_verify = CONFIG_PEER_VERIFY;
+        tls_config->cipher_count = 0;
+        tls_config->cipher_list = NULL;
+        tls_config->sec_tag_count = ARRAY_SIZE(sec_tag_list);
+        tls_config->sec_tag_list = sec_tag_list;
+        tls_config->hostname = CONFIG_MQTT_BROKER_HOSTNAME;
+    #else
+        /* MQTT transport configuration */
+        client->transport.type = MQTT_TRANSPORT_NON_SECURE;
+    #endif /* defined(CONFIG_MQTT_LIB_TLS) */
 }
 
 /**@brief Initialize the file descriptor structure used by poll.
-- 
2.24.0