Skip to main content

NanoMQTT

NanoMQTT is the MQTT client included in TrustCore SDK (beginning with the U6 release). It supports MQTT 3.1.1 and MQTT 5, allowing your application to publish and subscribe over plain TCP (port 1883) or TLS (port 8883) by re-using TrustCore SDK NanoSSL transport.

Note

NanoMQTT is a client. You still need an MQTT broker (for example, DigiCert® Device Trust Manager) for testing and production.

Key features

  • QoS 0, 1, 2 publish/subscribe with retain flag, wildcard topics, and last-will messages.

  • MQTT 5 properties on CONNECT, PUBLISH, SUBSCRIBE, UNSUBSCRIBE, WILL, and DISCONNECT packets.

  • Session control using clean start or a session-expiry interval (0 - 4 294 967 295 s).

  • Transport flexibility by using plain TCP or TLS through NanoSSL.

  • Proxy support via the --proxy flag (HTTP or HTTPS forward proxies).

Configurable limits

Table 1. Configurable limits notes

Item

Default

Notes

Topic length

65 535 bytes

MQTT spec limit

Publish QoS level (0 / 1 / 2)

0

Select per message via --mqtt_pub_qos

Maximum packet size accepted

Unlimited

Limit with MQTT 5 CONNECT property max_packet_size

Receive-maximum (parallel QoS 1/2)

Unlimited

Limit with MQTT 5 CONNECT property receive_maximum


Protocol compliance

Table 2. Protocol compliance breakdown

Control-packet family

MQTT 3.1.1

MQTT 5 (extensions)

CONNECT / CONNACK

✔ (reason codes, user properties)

PUBLISH flow (ACK, REC, REL, COMP)

SUBSCRIBE / SUBACK

✔ (retain-handling, retain-as-published, no-local)

UNSUBSCRIBE / UNSUBACK

DISCONNECT

✔ (reason codes, session-expiry)

AUTH


Using with other TrustCore SDK modules

Table 3. TrustCore SDK module usage

Component

Usage in NanoMQTT

NanoSSL

Provides TLS record protection. Call MQTT_setTransportSSL() with an active NanoSSL connection to secure the session.

NanoCrypto

Supplies hashing and cipher routines — no duplicate crypto code.

Common socket layer

NanoMQTT uses the same non-blocking socket helpers as other TrustCore modules, enabling a single event loop.


Quick start

# Build the sample client (adds TLS support)
./scripts/nanomqtt/mqtt_client/build_mqtt_client.sh --ssl

# Terminal 1 — subscribe (plain TCP, port 1883)
./bin/mqtt_client_sample \
--mqtt_servername broker.hivemq.com \
--mqtt_port 1883 \
--mqtt_sub_topic demo/led \
--mqtt_clean_start

# Terminal 2 — publish (TLS, port 8883)
./bin/mqtt_client_sample \
--mqtt_servername broker.hivemq.com \
--mqtt_port 8883 \
--mqtt_transport SSL \
--ssl_ca_file /etc/ssl/certs/ca-bundle.crt \
--mqtt_pub_topic demo/led \
--mqtt_pub_message "ON" \
--mqtt_clean_start

The subscriber prints:

demo/led  ON

Tip

During early tests you can add --ssl_allow_untrusted to skip certificate validation. Do not use this flag in production.

In this section: