You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: PortingGuide.md
+14-14Lines changed: 14 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,9 +1,9 @@
1
-
#Porting Guide
1
+
#Porting Guide
2
2
3
-
##Scope
3
+
##Scope
4
4
The scope of this document is to provide instructions to modify the provided source files and functions in this SDK to run in a variety of embedded C–based environments (e.g. real-time OS, embedded Linux) and to be adjusted to use a specific TLS implementation as available with specific hardware platforms.
5
5
6
-
##Contents of the SDK
6
+
##Contents of the SDK
7
7
8
8
The C-code files of this SDK are delivered via the following directory structure (see comment behind folder name for an explanation of its content).
9
9
@@ -20,7 +20,7 @@ Current SDK Directory Layout (mbedTLS)
20
20
21
21
All makefiles in this SDK were configured using the documented folder structure above, so moving or renaming folders will require modifications to makefiles.
22
22
23
-
##Explanation of folders and their content
23
+
##Explanation of folders and their content
24
24
25
25
*`certs` : This directory is initially empty and will need to contain the private key, the client certificate and the root CA. The client certificate and private key can be downloaded from the AWS IoT console or be created using the AWS CLI commands. The root CA can be downloaded from [Symantec](https://www.symantec.com/content/en/us/enterprise/verisign/roots/VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem).
26
26
@@ -38,11 +38,11 @@ All makefiles in this SDK were configured using the documented folder structure
38
38
39
39
*`tests` : Contains tests for verifying SDK functionality. For further details please check the readme file included with the tests [here](https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/master/tests/README.md/).
40
40
41
-
##Integrating the SDK into your environment
41
+
##Integrating the SDK into your environment
42
42
43
43
This section explains the API calls that need to be implemented in order for the Device SDK to run on your platform. The SDK interfaces follow the driver model where only prototypes are defined by the Device SDK itself while the implementation is delegated to the user of the SDK to adjust it to the platform in use. The following sections list the needed functionality for the device SDK to run successfully on any given platform.
44
44
45
-
###Timer Functions
45
+
###Timer Functions
46
46
47
47
A timer implementation is necessary to handle request timeouts (sending MQTT connect, subscribe, etc. commands) as well as connection maintenance (MQTT keep-alive pings). Timers need millisecond resolution and are polled for expiration so these can be implemented using a "milliseconds since startup" free-running counter if desired. In the synchronous sample provided with this SDK only one command will be "in flight" at one point in time plus the client's ping timer.
48
48
@@ -64,7 +64,7 @@ countdown_sec - set the timer to expire in x seconds and start the timer.
64
64
left_ms - query time in milliseconds left on the timer.
65
65
66
66
67
-
###Network Functions
67
+
###Network Functions
68
68
69
69
In order for the MQTT client stack to be able to communicate via the TCP/IP network protocol stack using a mutually authenticated TLS connection, the following API calls need to be implemented for your platform.
70
70
@@ -100,7 +100,7 @@ Check if the TLS layer is still connected
100
100
The TLS library generally provides the API for the underlying TCP socket.
101
101
102
102
103
-
###Threading Functions
103
+
###Threading Functions
104
104
105
105
The MQTT client uses a state machine to control operations in multi-threaded situations. However it requires a mutex implementation to guarantee thread safety. This is not required in situations where thread safety is not important and it is disabled by default. The _ENABLE_THREAD_SUPPORT_ macro needs to be defined in aws_iot_config.h to enable this layer. You will also need to add the -lpthread linker flag for the compiler if you are using the provided reference implementation.
106
106
@@ -123,25 +123,25 @@ Destroy the mutex provided as argument.
123
123
124
124
The threading layer provides the implementation of mutexes used for thread-safe operations.
125
125
126
-
###Sample Porting:
126
+
###Sample Porting:
127
127
128
128
Marvell has ported the SDK for their development boards. [These](https://github.com/marvell-iot/aws_starter_sdk/tree/master/sdk/external/aws_iot/platform/wmsdk) files are example implementations of the above mentioned functions.
129
129
This provides a port of the timer and network layer. The threading layer is not a part of this port.
130
130
131
-
##Time source for certificate validation
131
+
##Time source for certificate validation
132
132
133
133
As part of the TLS handshake the device (client) needs to validate the server certificate which includes validation of the certificate lifetime requiring that the device is aware of the actual time. Devices should be equipped with a real time clock or should be able to obtain the current time via NTP. Bypassing validation of the lifetime of a certificate is not recommended as it exposes the device to a security vulnerability, as it will still accept server certificates even when they have already has_timer_expired.
134
134
135
-
##Integration into operating system
136
-
###Single-Threaded implementation
135
+
##Integration into operating system
136
+
###Single-Threaded implementation
137
137
138
138
The single threaded implementation implies that the sample application code (SDK + MQTT client) is called periodically by the firmware application running on the main thread. This is done by calling the function `aws_iot_mqtt_yield` (in the simple pub-sub example) and by calling `aws_iot_shadow_yield()` (in the device shadow example). In both cases the keep-alive time is set to 10 seconds. This means that the yield functions need to be called at a minimum frequency of once every 10 seconds. Note however that the `iot_mqtt_yield()` function takes care of reading incoming MQTT messages from the IoT service as well and hence should be called more frequently depending on the timing requirements of an application. All incoming messages can only be processed at the frequency at which `yield` is called.
139
139
140
-
###Multi-Threaded implementation
140
+
###Multi-Threaded implementation
141
141
142
142
In the simple multi-threaded case the `yield` function can be moved to a background thread. Ensure this task runs at the frequency described above. In this case, depending on the OS mechanism, a message queue or mailbox could be used to proxy incoming MQTT messages from the callback to the worker task responsible for responding to or dispatching messages. A similar mechanism could be employed to queue publish messages from threads into a publish queue that are processed by a publishing task. Ensure the threading layer is enabled as the library is not thread safe otherwise.
143
143
There is a validation test for the multi-threaded implementation that can be found with the integration tests. You can find further details in the Readme for the integration tests [here](https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/master/tests/integration/README.md). We have run the validation test with 10 threads sending 500 messages each and verified to be working fine. It can be used as a reference testing application to validate whether your use case will work with multi-threading enabled.
144
144
145
-
##Sample applications
145
+
##Sample applications
146
146
147
147
The sample apps in this SDK provide a working implementation for mbedTLS. They use a reference implementation for linux provided with the SDK. Threading layer is enabled in the subscribe publish sample.
0 commit comments