• State Not Answered
  • Replies 8 replies
  • Subscribers 68 subscribers
  • Views 515 views
  • Users 0 members are here
Attachments (3) Download All
Nordic Case Info
  • Case ID: 329506
Options

publishing or subscribing to topic aws/certificates/create/json and aws/certificates/create/json/accepted fails with POLLHUP error to end up with aws iot disconnect event

Omkar Prabhu

I am trying to get provisioning by trusted user procedure of aws_iot working by making some changes in aws_iot nrf sample 

I have tested it with permanent certificates and it works fine


But Whenever I try to connect to aws iot server with these topic 


aws/certificates/create/json

aws/certificates/create/json/accepted

it fails with POLLHUP error, ending client connection be it with permanent certificates or with temp certificates (Used in provisioning by trusted device procedure)

Referring to similar issue I figured it has to do with Modem's limitation on handling big TLS buffers that are sent in response to this topic
( Issue Link: aws iot disconnect event when publishing to $aws/certificates/create/json )

Can we configure it, if not how can we develop a code where we can fetch permanent certs using temp certs with nrf platforms?

P.S. I am using the same aws_iot sample just changed the endpoint, client id and topics

Also I have made sure that AWS side things (provisioning template, policies etc.) are fine as it works for provisioning by trusted user for native ubuntu emulation of the device

Parents Reply Children
  • 0 in reply to Hakon

    Thanks for Validating the issue and pointing out to this PR, which SDK version it's compatible with?
    The reason why I asked is while trying to integrate I faced some issues compiling modem key management lib as it is, (haven't done any changes in that)

    In file included from D:/v2.6.1/nrf/samples/net/aws_iot/src/main.c:19:
    D:/v2.6.1/nrf/include/modem/modem_key_mgmt.h:13:10: fatal error: nrf_socket.h: No such file or directory
    13 | #include <nrf_socket.h>
    | ^~~~~~~~~~~~~~

    The file exists at given path but this blog post suggests it has to do with CMake changes related to board

    I am trying to build it for 7002dk ns would that be a problem?

  • 0 in reply to Hakon

    Update: Sorry to bother you on this one, so I am able to atleast compile it for nrf7002DK with v2.6.1 after replacing aws iot libs and disabling aws_fota, facing 
    [00:00:00.297,760] <err> aws_iot: getaddrinfo, error -11
    [00:00:00.305,847] <err> aws_iot: client_broker_init, error: -10

  • 0 in reply to Hakon

    Have been following same PR, just adapted it to wifi instead of LTE, rest, remain same, including configs, except I have been compiling it for nrf7002DK
    It fails at the stage where it tries to connect to aws over mqtt 

    have been facing error  aws_iot: mqtt_connect, error: -123 which I suppose stands for protocol not supported 
    Could this  be a reason (Kindly refer to the link)

    Kindly find the logs below

    *** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
[00:00:00.239,898] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
[00:00:00.250,183] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
[00:00:01.934,448] <inf> wifi_mgmt_ext: Connection requested
[00:00:01.943,115] <wrn> aws_iot: Subscribed to custom topic: $aws/things/Alarm_Hub/shadow/update/documents
[00:00:06.857,330] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x2006010c, st=0, user_data=(nil)
[00:00:06.882,690] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x20060150, st=0, user_data=(nil)
[00:00:06.942,535] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x2006010c, st=0, user_data=(nil)
[00:00:07.611,175] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x20060150, st=0, user_data=(nil)
[00:00:07.625,396] <inf> net_dhcpv4: Received: 192.168.0.101
[00:00:07.634,063] <inf> aws_iot_sample: Network connectivity established
[00:00:09.246,124] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x2006010c, st=0, user_data=(nil)
[00:00:12.643,432] <inf> aws_iot_sample: Connecting to AWS IoT
[00:00:12.651,855] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:12.688,598] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e258, pkt=0x20060150, st=0, user_data=(nil)
[00:00:12.702,911] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.713,104] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.723,266] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.733,459] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.744,659] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.754,852] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.766,052] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.776,245] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.787,475] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.797,637] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.808,868] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.819,030] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.830,261] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.840,423] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.851,684] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
[00:00:12.863,189] <dbg> aws_iot: broker_init: IPv4 Address found 54.164.62.249
[00:00:12.875,915] <dbg> aws_iot: client_broker_init: Using security tag: 43
[00:00:21.121,398] <dbg> aws_iot: client_broker_init: Credentials provisioned to security tag 43
[00:00:21.132,720] <err> aws_iot: mqtt_connect, error: -123
[00:00:21.141,082] <err> aws_iot: AWS broker connect failed -123
[00:00:21.149,871] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING


  • 0 in reply to Hakon

    I am uploading main.c so that you can refer to changes I have done to connect it over wifi, as of now it starts wifi and as soon as it connects it initiates and tries to connect to aws iot, rest things are commented out as I am stuck at aws_connect part itself. Pasting those logs here ( I have kept debug logs on for aws lib and mqtt lib (zephyr one) as well)
    Also inserting nrf7002 conf and prj.conf, rest thing(overlay.conf and aws iot library files are used as what used in the commit you have referred to)

    [00:00:00.013,671] <inf> spi_nor: mx25r6435f@0: 8 MiBy flash
*** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
[00:00:00.225,402] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
[00:00:00.235,656] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
[00:00:01.817,321] <inf> wifi_mgmt_ext: Connection requested
[00:00:06.729,125] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:00:06.756,500] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:00:06.812,225] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:00:07.495,239] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:00:07.509,521] <inf> net_dhcpv4: Received: 192.168.0.103
[00:00:07.518,127] <inf> aws_iot_sample: Network connectivity established
[00:00:12.527,496] <inf> aws_iot_sample: Connecting to AWS IoT
[00:00:12.536,010] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:00:12.574,310] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:00:12.588,592] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.598,785] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.608,947] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.619,140] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.630,340] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.640,502] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.651,733] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.661,895] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.673,095] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.683,288] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.694,488] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.704,650] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.715,881] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -100
[00:00:12.726,043] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): getaddrinfo entries overflow
[00:00:12.737,274] <dbg> net_sock_addr: dns_resolve_cb: (rx_q[0]): dns status: -103
[00:00:12.748,535] <dbg> aws_iot: broker_init: IPv4 Address found 54.197.54.72
[00:00:12.760,650] <dbg> aws_iot: client_broker_init: Using security tag: 43
[00:00:20.977,691] <dbg> aws_iot: client_broker_init: Credentials provisioned to security tag 43
[00:00:20.989,013] <err> aws_iot: mqtt_connect, error: -123
[00:00:20.997,344] <err> aws_iot: AWS broker connect failed -123
[00:00:21.006,134] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING
[00:01:01.352,844] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:01.370,697] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:02.376,861] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:02.394,714] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:03.400,817] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:03.418,640] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:04.424,865] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:04.442,718] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:22.037,658] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:23.471,252] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:29.512,847] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:31.048,889] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:32.482,604] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:32.503,997] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:32.520,996] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:32.538,055] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:32.555,084] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:32.572,021] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:32.589,080] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:32.608,917] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:01:32.626,861] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:01:32.643,920] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:01.366,333] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:01.384,185] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:03.413,726] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:03.431,579] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:04.438,049] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:04.455,902] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:13.449,127] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:13.470,550] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:13.487,548] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:13.504,577] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:13.521,575] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:13.538,543] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:13.555,633] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:13.576,019] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:13.593,933] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:13.610,992] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:27.068,145] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:31.471,313] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:31.983,184] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:35.058,410] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:41.917,205] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
[00:03:41.934,082] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x2005699c, st=0, user_data=(nil)
[00:03:41.951,873] <dbg> net_sock_packet: zpacket_received_cb: (rx_q[0]): ctx=0x2000e220, pkt=0x200569e0, st=0, user_data=(nil)
    Fullscreen 4375.main.c Download 
    /*
 * Copyright (c) 2020 Nordic Semiconductor ASA
 *
 * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
 */

#include <zephyr/kernel.h>
#include <zephyr/sys/reboot.h>
#include <zephyr/dfu/mcuboot.h>
#include <zephyr/logging/log.h>
#include <zephyr/logging/log_ctrl.h>
#include <zephyr/net/conn_mgr_connectivity.h>
#include <zephyr/net/conn_mgr_monitor.h>
#include <net/aws_iot.h>
#include <stdio.h>
#include <stdlib.h>
#include <hw_id.h>
#include <modem/modem_info.h>


#include "json_payload.h"

/* Register log module */
LOG_MODULE_REGISTER(aws_iot_sample, CONFIG_AWS_IOT_SAMPLE_LOG_LEVEL);

/* Macros used to subscribe to specific Zephyr NET management events. */
#define L4_EVENT_MASK (NET_EVENT_L4_CONNECTED | NET_EVENT_L4_DISCONNECTED)
#define CONN_LAYER_EVENT_MASK (NET_EVENT_CONN_IF_FATAL_ERROR)

#define MODEM_FIRMWARE_VERSION_SIZE_MAX 50


/* Macro called upon a fatal error, reboots the device. */
#define FATAL_ERROR()					\
	LOG_ERR("Fatal error! Rebooting the device.");	\
	LOG_PANIC();					\
	IF_ENABLED(CONFIG_REBOOT, (sys_reboot(0)))

/* Variable used to store the device's hardware ID. */
static char hw_id[HW_ID_LEN];

static void aws_iot_event_handler(const struct aws_iot_evt *const evt);

/* Connect work called after provisioning. */
static struct k_work_delayable connect_after_provisioning_work;

/* Application specific topics. */
//#define MY_CUSTOM_TOPIC_1 "$aws/things/Alarm_Hub/shadow/name/Alarm_Hub"
#define MY_CUSTOM_TOPIC_1 "$aws/certificates/created/json/accepted"

/* Zephyr NET management event callback structures. */
static struct net_mgmt_event_callback l4_cb;
static struct net_mgmt_event_callback conn_cb;

/* Variable used to store the device's hardware ID. */
static char hw_id[HW_ID_LEN];

/* Forward declarations. */
static void shadow_update_work_fn(struct k_work *work);
static void connect_work_fn(struct k_work *work);
static void aws_iot_event_handler(const struct aws_iot_evt *const evt);

/* Work items used to control some aspects of the sample. */
static K_WORK_DELAYABLE_DEFINE(shadow_update_work, shadow_update_work_fn);
static K_WORK_DELAYABLE_DEFINE(connect_work, connect_work_fn);



/* Flag set when device has received and provisioned all its credentials. */
static bool device_provisioned;

/* Semaphore used to postpone getting credentials until connected to AWS IoT. */
static K_SEM_DEFINE(cloud_connected, 0, 1);

/* Security tag used to write new credentials. */
int sec_tag = 50;

/* CA, needed in addition to the private key and client certificate. */
#define CA								\
"-----BEGIN CERTIFICATE-----\n"						\
"MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\n"	\
"ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n"	\
"b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\n"	\
"MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\n"	\
"b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\n"	\
"ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n"	\
"9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\n"	\
"IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\n"	\
"VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n"	\
"93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\n"	\
"jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\n"	\
"AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\n"	\
"A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\n"	\
"U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\n"	\
"N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\n"	\
"o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n"	\
"5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\n"	\
"rqXRfboQnoZsG4q5WTP468SQvvG5\n"					\
"-----END CERTIFICATE-----\n"

/* Strings used to filter data on incoming topics. */
#define KEY_TOPIC_FILTER "/accepted/key"
#define CERT_TOPIC_FILTER "/accepted/cert"

/* Topic subscribed to to get credentials on:
 * certificate/${deviceId}/create/accepted/key
 * certificate/${deviceId}/create/accepted/cert
 */
static char key_cert_topic[75] = "$aws/certificates/created/json/accepted";

/* Topic that is published to in order to get new credentials on response topics. */
static char key_cert_topic_get[75] = "$aws/certificates/create/json";

/* Topic types used for filtering. */
enum topic_type {
	KEY_TOPIC,
	CERT_TOPIC,
	UNKNOWN
};

/* Intermediate credential buffers. */

/* Client certificate */
static char client_certificate[2048];
static size_t client_certificate_len;

/* Private key */
static char private_key[2048];
static size_t private_key_len;

/* Static functions */

static int app_topics_subscribe(void)
{
	int err;
	const struct aws_iot_topic_data topic_list[] = {
		{ AWS_IOT_SHADOW_TOPIC_NONE, key_cert_topic, strlen(key_cert_topic) }
	};

	err = aws_iot_subscription_topics_add(topic_list, ARRAY_SIZE(topic_list));
	if (err) {
		LOG_INF("aws_iot_subscription_topics_add, error: %d", err);
	}

	return err;
}

static int aws_iot_client_init(void)
{
	int err;

	err = aws_iot_init(NULL, aws_iot_event_handler);
	if (err) {
		LOG_ERR("AWS IoT library could not be initialized, error: %d", err);
		FATAL_ERROR();
		return err;
	}

	/* Add application specific non-shadow topics to the AWS IoT library.
	 * These topics will be subscribed to when connecting to the broker.
	 */
	/*err = app_topics_subscribe();
	if (err) {
		LOG_ERR("Adding application specific topics failed, error: %d", err);
		FATAL_ERROR();
		return err;
	}*/
	
	
	return 0;
}

static void connect_work_fn(struct k_work *work)
{
	int err;
	LOG_INF("Connecting to AWS IoT");

	err = aws_iot_init(NULL, aws_iot_event_handler);
	if (err) {
		LOG_ERR("AWS IoT library could not be initialized, error: %d", err);
		FATAL_ERROR();
		return err;
	}


	err = aws_iot_connect(NULL);
	if (err == -EAGAIN) {
		LOG_INF("Connection attempt timed out, "
			"Next connection retry in %d seconds",
			CONFIG_AWS_IOT_SAMPLE_CONNECTION_RETRY_TIMEOUT_SECONDS);

		(void)k_work_reschedule(&connect_work,
				K_SECONDS(CONFIG_AWS_IOT_SAMPLE_CONNECTION_RETRY_TIMEOUT_SECONDS));
	} else if (err) {
		LOG_ERR("aws_iot_connect, error: %d", err);
		FATAL_ERROR();
	}
}

/* Functions that are executed on specific connection-related events. */

static void on_aws_iot_evt_connected(const struct aws_iot_evt *const evt)
{
	LOG_INF("Publishing message3: : to AWS IoT shadow");
	(void)k_work_cancel_delayable(&connect_work);

	/* If persistent session is enabled, the AWS IoT library will not subscribe to any topics.
	 * Topics from the last session will be used.
	 */
	if (evt->data.persistent_session) {
		LOG_WRN("Persistent session is enabled, using subscriptions "
			"from the previous session");
	}

	/* Mark image as working to avoid reverting to the former image after a reboot. */
#if defined(CONFIG_BOOTLOADER_MCUBOOT)
	boot_write_img_confirmed();
#endif

	/* Start sequential updates to AWS IoT. */
	//(void)k_work_reschedule(&shadow_update_work, K_NO_WAIT);
}

static void on_aws_iot_evt_disconnected(void)
{
	//(void)k_work_cancel_delayable(&shadow_update_work);
	(void)k_work_reschedule(&connect_work, K_SECONDS(5));
}
static void on_net_event_l4_connected(void)
{
	(void)k_work_reschedule(&connect_work, K_SECONDS(5));
}

static void on_net_event_l4_disconnected(void)
{
	(void)aws_iot_disconnect();
	(void)k_work_cancel_delayable(&connect_work);
	//(void)k_work_cancel_delayable(&shadow_update_work);
}

static void l4_event_handler(struct net_mgmt_event_callback *cb,
			     uint32_t event,
			     struct net_if *iface)
{
	switch (event) {
	case NET_EVENT_L4_CONNECTED:
		LOG_INF("Network connectivity established");
		on_net_event_l4_connected();
		break;
	case NET_EVENT_L4_DISCONNECTED:
		LOG_INF("Network connectivity lost");
		on_net_event_l4_disconnected();
		break;
	default:
		/* Don't care */
		return;
	}
}

static enum topic_type topic_filter(const char *topic, size_t topic_len)
{
	if (strstr(topic, KEY_TOPIC_FILTER) != NULL) {
		return KEY_TOPIC;
	} else if (strstr(topic, CERT_TOPIC_FILTER) != NULL) {
		return CERT_TOPIC;
	}

	return UNKNOWN;
}

static void incoming_data_handle(const char *buf,
				 size_t buf_len,
				 const char *topic,
				 size_t topic_len)
{
	int err;

	LOG_INF("%d bytes received from AWS IoT console: Topic: %.*s:", buf_len, topic_len, topic);
	LOG_INF("\n\n%.*s", buf_len, buf);

	if (device_provisioned) {
		LOG_WRN("device already provisioned");
		return;
	}

	enum topic_type type = topic_filter(topic, topic_len);

	switch (type) {
	case KEY_TOPIC:
		LOG_INF("KEY_TOPIC");
		__ASSERT_NO_MSG(sizeof(private_key) > buf_len);
		memcpy(&private_key, buf, buf_len);
		private_key_len = buf_len;
		LOG_INF("Private key copied");
		break;
	case CERT_TOPIC:
		LOG_INF("CERT_TOPIC");
		__ASSERT_NO_MSG(sizeof(client_certificate) > buf_len);
		memcpy(&client_certificate, buf, buf_len);
		client_certificate_len = buf_len;
		LOG_INF("Certificate copied");
		break;
	default:
		LOG_ERR("Unknown incoming topic!");
		return;
	}

	if (client_certificate_len == 0 || private_key_len == 0) {
		LOG_INF("Not all credentials has been received, abort provisioning");
		return;
	}

	LOG_INF("Provision credentials");

	/* Disconnect client before shutting down the modem. */
	(void)aws_iot_disconnect();

	LOG_INF("AWS IoT Client disconnected");

	/* Go offline in order to provision credentials. */

	LOG_INF("Modem set in offline mode");

	/* Write Private key */
	/*err = modem_key_mgmt_write(sec_tag,
				   MODEM_KEY_MGMT_CRED_TYPE_PRIVATE_CERT,
				   &private_key,
				   private_key_len);
	if (err) {
		LOG_ERR("Failed writing private key to the modem");
	}

	* Write client certificate 
	err = modem_key_mgmt_write(sec_tag,
				   MODEM_KEY_MGMT_CRED_TYPE_PUBLIC_CERT,
				   &client_certificate,
				   client_certificate_len);
	if (err) {
		LOG_ERR("Failed writing client certificate to the modem");
	}

	 Write CA certificate 
	err = modem_key_mgmt_write(sec_tag,
				   MODEM_KEY_MGMT_CRED_TYPE_CA_CHAIN,
				   CA,
				   sizeof(CA));
	if (err) {
		LOG_ERR("Failed writing client certificate to the modem");
	}

	LOG_INF("Credentials written to the modem!");*/

	/* Connect to LTE.*/

	/* Schedule a new connection. */
	k_work_schedule(&connect_after_provisioning_work, K_SECONDS(1));

	device_provisioned = true;
}



/* Event handlers */

static void aws_iot_event_handler(const struct aws_iot_evt *const evt)
{
	switch (evt->type) {
	case AWS_IOT_EVT_CONNECTING:
		LOG_INF("AWS_IOT_EVT_CONNECTING");
		break;
	case AWS_IOT_EVT_CONNECTED:
		LOG_INF("AWS_IOT_EVT_CONNECTED");
		break;
	case AWS_IOT_EVT_DISCONNECTED:
		LOG_INF("AWS_IOT_EVT_DISCONNECTED");
		break;
	case AWS_IOT_EVT_READY:
		LOG_INF("AWS_IOT_EVT_READY");
		k_sem_give(&cloud_connected);
		break;
	case AWS_IOT_EVT_DATA_RECEIVED:
		LOG_INF("AWS_IOT_EVT_DATA_RECEIVED");
		incoming_data_handle(evt->data.msg.ptr,
				     evt->data.msg.len,
				     evt->data.msg.topic.str,
				     evt->data.msg.topic.len);
		break;
	case AWS_IOT_EVT_PUBACK:
		LOG_INF("AWS_IOT_EVT_PUBACK, message ID: %d", evt->data.message_id);
		break;
	case AWS_IOT_EVT_PINGRESP:
		LOG_INF("AWS_IOT_EVT_PINGRESP");
		break;
	case AWS_IOT_EVT_ERROR:
		LOG_INF("AWS_IOT_EVT_ERROR, %d", evt->data.err);
		FATAL_ERROR();
		break;
	default:
		LOG_WRN("Unknown AWS IoT event type: %d", evt->type);
		break;
	}
}

static void connectivity_event_handler(struct net_mgmt_event_callback *cb,
				       uint32_t event,
				       struct net_if *iface)
{
	if (event == NET_EVENT_CONN_IF_FATAL_ERROR) {
		LOG_ERR("NET_EVENT_CONN_IF_FATAL_ERROR");
		FATAL_ERROR();
		return;
	}
}

static void connect_after_provisioning_work_fn(struct k_work *work)
{
	/* Clear custom subscriptions to avoid subscribing to the provisioning topics
	 * in the new connection.
	 */
	aws_iot_subscription_topics_clear();

	int err = aws_iot_connect(NULL);
	if (err) {
		printk("aws_iot_connect, error: %d\n", err);
	}
}


static void credentials_get()
{
	/* Publish blank message to certificate/${deviceId}/create to get credentials. */
	struct aws_iot_data tx_data = {
		.qos = MQTT_QOS_0_AT_MOST_ONCE,
		.topic.type = AWS_IOT_SHADOW_TOPIC_NONE,
		.topic.str = key_cert_topic_get,
		.topic.len = strlen(key_cert_topic_get),
		.ptr = "",
		.len = strlen("")
	};

	LOG_INF("Publishing blanc message to AWS IoT broker");

	int err = aws_iot_send(&tx_data);
	if (err) {
		LOG_INF("aws_iot_send, error: %d", err);
	}
}



int main(void)
{
	LOG_INF("The AWS IoT sample started, version: %s", CONFIG_AWS_IOT_SAMPLE_APP_VERSION);

	int err;

	/* Setup handler for Zephyr NET Connection Manager events. */
	net_mgmt_init_event_callback(&l4_cb, l4_event_handler, L4_EVENT_MASK);
	net_mgmt_add_event_callback(&l4_cb);

	/* Setup handler for Zephyr NET Connection Manager Connectivity layer. */
	net_mgmt_init_event_callback(&conn_cb, connectivity_event_handler, CONN_LAYER_EVENT_MASK);
	net_mgmt_add_event_callback(&conn_cb);

	k_work_init_delayable(&connect_after_provisioning_work, connect_after_provisioning_work_fn);
	
	/* Connecting to the configured connectivity layer.
	 * Wi-Fi or LTE depending on the board that the sample was built for.
	 */
	LOG_INF("Bringing network interface up and connecting to the network");

	err = conn_mgr_all_if_up(true);
	if (err) {
		LOG_ERR("conn_mgr_all_if_up, error: %d", err);
		FATAL_ERROR();
		return err;
	}

	err = conn_mgr_all_if_connect(true);
	if (err) {
		LOG_ERR("conn_mgr_all_if_connect, error: %d", err);
		FATAL_ERROR();
		return err;
	}

#if defined(CONFIG_AWS_IOT_SAMPLE_DEVICE_ID_USE_HW_ID)
	/* Get unique hardware ID, can be used as AWS IoT MQTT broker device/client ID. */
	err = hw_id_get(hw_id, ARRAY_SIZE(hw_id));
	if (err) {
		LOG_ERR("Failed to retrieve hardware ID, error: %d", err);
		FATAL_ERROR();
		return err;
	}

	LOG_INF("Hardware ID: %s", hw_id);
#endif /* CONFIG_AWS_IOT_SAMPLE_DEVICE_ID_USE_HW_ID */

	/* Wait for the connection to AWS IoT to be established. */
	k_sem_take(&cloud_connected, K_FOREVER);

	/* Request credentials */
	credentials_get();
	
	/* Resend connection status if the sample is built for QEMU x86.
	 * This is necessary because the network interface is automatically brought up
	 * at SYS_INIT() before main() is called.
	 * This means that NET_EVENT_L4_CONNECTED fires before the
	 * appropriate handler l4_event_handler() is registered.
	 */
	if (IS_ENABLED(CONFIG_BOARD_QEMU_X86) || IS_ENABLED(CONFIG_BOARD_NATIVE_SIM)) {
		conn_mgr_mon_resend_status();
	}

	return 0;
}
    6318.prj.conf8475.nrf7002dk_nrf5340_cpuapp_ns.conf

  • 0 in reply to Hakon

    What zephyr repo version it is compatible with? Could that be an issue? Because I am facing error while calling mqtt_connect which belongs to zephyr repo. I guess it could be v3.1.99-ncs1 as the provisioning code was committed around that period, 2 years ago. Trying it out

Related