Implement mqtt client with TLS 1.2

Question

Hi all, 
 Hi I am implementing MQTT client on the Nrf52 MCU, as to the MQTT broker, I am going to use the amazon AWS IoT , where the broker adopts the TLS 1.2. 
 I read through the nordic infocenter , find mbedtls is available. My question is, can I write my MQTT client on the basis of the one provided by Nordic to communicate with the broker with TLS 1.2? 
 According to nordic infocenter, the TLS Cipher Suites supported by the client are: 
 
 TLS_PSK_WITH_AES_128_CBC_SHA 
 
 
 TLS_PSK_WITH_AES_256_CBC_SHA 
 
 
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 
 
 
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
 
 AWS IoT supports the following cipher suites: 
 
 ECDHE-ECDSA-AES128-GCM-SHA256
(recommended) 
 
 
 ECDHE-RSA-AES128-GCM-SHA256
(recommended) 
 
 
 ECDHE-ECDSA-AES128-SHA256 
 
 
 ECDHE-RSA-AES128-SHA256 
 
 
 ECDHE-ECDSA-AES128-SHA 
 
 
 ECDHE-RSA-AES128-SHA 
 
 
 ECDHE-ECDSA-AES256-GCM-SHA384 
 
 
 ECDHE-RSA-AES256-GCM-SHA384 
 
 
 ECDHE-ECDSA-AES256-SHA384 
 
 
 ECDHE-RSA-AES256-SHA384 
 
 
 ECDHE-RSA-AES256-SHA 
 
 
 ECDHE-ECDSA-AES256-SHA 
 
 
 AES128-GCM-SHA256 AES128-SHA256 
 
 
 AES128-SHA AES256-GCM-SHA384 
 
 
 AES256-SHA2 
 
 Thanks! 
 Di

bjorn-spockeli · Accepted Answer

Yes, the IoT SDK uses the mBed TLS library, which uses the NIST naming of the ciphersuites. You can find a list with the OpenSSL equivialent naming here and if you compare the list of the supported ciphersuites you'll see that 
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA corresponds to ECDHE-RSA-AES128-SHA 
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA corresponds to ECDHE-RSA-AES256-SHA 
 -Bjørn

Implement mqtt client with TLS 1.2

Top Replies