add ssl/tls support

Author: tuanpmt

README.md

@@ -6,13 +6,12 @@
 
 ## MQTT Features (inherit from native MQTT framework)
 * Use [MQTT Framework](https://github.com/ckrey/MQTT-Client-Framework) for IOS, [Paho MQTT Client](https://eclipse.org/paho/clients/android/) for Android
-* Support both IOS and Android (now only support IOS)
-* SSL/TSL with 3 mode
-* Native library, support mqtt over tcp and mqtt over websocket
-* Auto reconnect
+* Support both IOS and Android
+* SSL/TLS 
+* Native library, support mqtt over tcp 
 
 ## Warning
-This library in progress developing, api may change, and not support android now
+This library in progress developing, api may change, SSL/TLS non verify 
 
 ## Getting started
 ### Mostly automatic install
@@ -76,7 +75,7 @@ var mqtt    = require('react-native-mqtt');
 
 /* create mqtt client */
 mqtt.createClient({
-  uri: 'mqtt://test.mosquitto.org:1883',
+  uri: 'mqtt://test.mosquitto.org:1883', 
   clientId: 'your_client_id'
 }).then(function(client) {
 
@@ -96,8 +95,8 @@ mqtt.createClient({
 
   client.on('connect', function() {
     console.log('connected');
-    client.subscribe('/device_00059E18/data', 1);
-    client.publish('/device_00059E18/data', "test", 1, false);
+    client.subscribe('/data', 0);
+    client.publish('/data', "test", 0, false);
   });
 
   client.connect();
@@ -106,13 +105,27 @@ mqtt.createClient({
 ```
 
 ## API
-* `mqtt.Client(options)` with
-  - `uri`: `protocol://host:port`, protocol is [mqtt | mqtts | ws | wss]
-  - `host`: ipaddress or host name (overide by uri if set)
-  - `port`: port number (overide by uri if set)
-  - `tls`: true/false (overide by uri if set to mqtts or wss)
-
-...
+* `mqtt.createClient(options)`  create new client instance with `options`, async operation
+  - `uri`: `protocol://host:port`, protocol is [mqtt | mqtts]
+  - `host`: ipaddress or host name (override by uri if set)
+  - `port`: port number (override by uri if set)
+  - `tls`: true/false (override by uri if set to mqtts or wss)
+  - `user`: string username
+  - `pass`: string password
+  - `auth`: true/false - override = true if `user` or `pass` exist
+  - `clientId`: string client id
+  - `keepalive`
+
+* `client`
+  - `on(event, callback)`: add event listener for
+    + event: `connect` - client connected
+    + event: `closed` - client disconnected
+    + event: `error` - error
+    + event: `message` - data received with format {topic, data, retain}
+  - `connect`: begin connection
+  - `disconnect`: disconnect
+  - `subscribe(topic, qos)`
+  - `publish(topic, payload, qos, retain)`
 
 ## Todo
 

android/src/main/java/com/tuanpm/RCTMqtt/RCTMqtt.java

@@ -20,7 +20,6 @@
 import java.util.Map;
 import java.util.List;
 import javax.net.ssl.*;
-import java.security.KeyStore;
 import java.security.SecureRandom;
 
 import org.eclipse.paho.client.mqttv3.IMqttActionListener;
@@ -37,6 +36,18 @@
 
 import com.facebook.react.modules.core.DeviceEventManagerModule;
 
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 
 public class RCTMqtt implements MqttCallback{
 	private static final String TAG = "RCTMqttModule";
@@ -128,6 +139,32 @@ private void createClient(final ReadableMap _options) {
     String uri = "tcp://";
     if(options.getBoolean("tls")) {
       uri = "ssl://";
+      try {
+        /* 
+        http://stackoverflow.com/questions/3761737/https-get-ssl-with-android-and-self-signed-server-certificate
+        
+        WARNING: for anybody else arriving at this answer, this is a dirty, 
+        horrible hack and you must not use it for anything that matters. 
+        SSL/TLS without authentication is worse than no encryption at all - 
+        reading and modifying your "encrypted" data is trivial for an attacker and you wouldn't even know it was happening
+        */
+        
+        SSLContext sslContext = SSLContext.getInstance("TLS");
+        sslContext.init(null, new X509TrustManager[]{new X509TrustManager(){
+            public void checkClientTrusted(X509Certificate[] chain,
+                    String authType) throws CertificateException {}
+            public void checkServerTrusted(X509Certificate[] chain,
+                    String authType) throws CertificateException {}
+            public X509Certificate[] getAcceptedIssuers() {
+                return new X509Certificate[0];
+            }}}, new SecureRandom());
+
+        mqttoptions.setSocketFactory(sslContext.getSocketFactory());
+      } catch(Exception e) {
+
+      }
+      
+
     }
     uri += options.getString("host") + ":";
     uri += options.getInt("port");

ios/RCTMqtt/Mqtt.m

@@ -68,9 +68,12 @@ - (void) connect {
 
             self.manager = [[MQTTSessionManager alloc] init];
             self.manager.delegate = self;
+            MQTTSSLSecurityPolicy *securityPolicy = nil;
+            if(self.options[@"tls"]) {
+                securityPolicy = [MQTTSSLSecurityPolicy policyWithPinningMode:MQTTSSLPinningModeNone];
+                securityPolicy.allowInvalidCertificates = YES;
+            }
 
-            //            MQTTSSLSecurityPolicy *securityPolicy = [MQTTSSLSecurityPolicy policyWithPinningMode:MQTTSSLPinningModeNone];
-            //            securityPolicy.allowInvalidCertificates = YES;
 
             NSData *willMsg = nil;
             if(self.options[@"willMsg"] != [NSNull null]) {
@@ -90,7 +93,7 @@ - (void) connect {
                             willQos:(MQTTQosLevel)[self.options[@"willQos"] intValue]
                      willRetainFlag:[self.options[@"willRetainFlag"] boolValue]
                        withClientId:[self.options valueForKey:@"clientId"]
-                     securityPolicy:nil
+                     securityPolicy:securityPolicy
                        certificates:nil
              ];
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "react-native-mqtt",
-  "version": "0.1.0-beta2",
+  "version": "0.1.0-beta3",
   "description": "MQTT client for react-native",
   "main": "index.js",
   "scripts": {