Skip to content

Commit

Permalink
Securing MQTT and testing
Browse files Browse the repository at this point in the history
  • Loading branch information
@sarachehab
sarachehab committed Jun 18, 2024
1 parent df2cab0 commit 3db3c9d
Show file tree
Hide file tree
Showing 5 changed files with 288 additions and 0 deletions.
Binary file added server/mqtt/Mqtt Response Time Testing.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
221 changes: 221 additions & 0 deletions server/mqtt/Test MQTT.jmx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,221 @@
<?xml version="1.0" encoding="UTF-8"?>
<jmeterTestPlan version="1.2" properties="5.0" jmeter="5.6.3">
<hashTree>
<TestPlan guiclass="TestPlanGui" testclass="TestPlan" testname="Test MQTT">
<elementProp name="TestPlan.user_defined_variables" elementType="Arguments" guiclass="ArgumentsPanel" testclass="Arguments" testname="User Defined Variables">
<collectionProp name="Arguments.arguments"/>
</elementProp>
<boolProp name="TestPlan.functional_mode">false</boolProp>
<boolProp name="TestPlan.serialize_threadgroups">false</boolProp>
</TestPlan>
<hashTree>
<ThreadGroup guiclass="ThreadGroupGui" testclass="ThreadGroup" testname="Thread Group">
<boolProp name="ThreadGroup.delayedStart">true</boolProp>
<intProp name="ThreadGroup.num_threads">20</intProp>
<intProp name="ThreadGroup.ramp_time">100</intProp>
<longProp name="ThreadGroup.duration">10</longProp>
<boolProp name="ThreadGroup.same_user_on_next_iteration">false</boolProp>
<stringProp name="ThreadGroup.on_sample_error">continue</stringProp>
<elementProp name="ThreadGroup.main_controller" elementType="LoopController" guiclass="LoopControlPanel" testclass="LoopController" testname="Loop Controller">
<stringProp name="LoopController.loops">1</stringProp>
<boolProp name="LoopController.continue_forever">false</boolProp>
</elementProp>
</ThreadGroup>
<hashTree>
<net.xmeter.samplers.ConnectSampler guiclass="net.xmeter.gui.ConnectSamplerUI" testclass="net.xmeter.samplers.ConnectSampler" testname="MQTT Connect" enabled="true">
<stringProp name="mqtt.server">18.130.87.186</stringProp>
<stringProp name="mqtt.port">1883</stringProp>
<stringProp name="mqtt.version">3.1</stringProp>
<stringProp name="mqtt.conn_timeout">10</stringProp>
<stringProp name="mqtt.protocol">TCP</stringProp>
<stringProp name="mqtt.ws_path"></stringProp>
<boolProp name="mqtt.dual_ssl_authentication">false</boolProp>
<stringProp name="mqtt.clientcert_file_path"></stringProp>
<stringProp name="mqtt.clientcert_password"></stringProp>
<stringProp name="mqtt.user_name"></stringProp>
<stringProp name="mqtt.password"></stringProp>
<stringProp name="mqtt.client_id_prefix">conn_</stringProp>
<boolProp name="mqtt.client_id_suffix">true</boolProp>
<stringProp name="mqtt.conn_keep_alive">300</stringProp>
<stringProp name="mqtt.conn_attampt_max">0</stringProp>
<stringProp name="mqtt.reconn_attampt_max">0</stringProp>
<stringProp name="mqtt.conn_clean_session">true</stringProp>
</net.xmeter.samplers.ConnectSampler>
<hashTree/>
<net.xmeter.samplers.PubSampler guiclass="net.xmeter.gui.PubSamplerUI" testclass="net.xmeter.samplers.PubSampler" testname="MQTT Pub Sampler" enabled="true">
<stringProp name="mqtt.topic_name">test_topic</stringProp>
<stringProp name="mqtt.qos_level">0</stringProp>
<boolProp name="mqtt.add_timestamp">false</boolProp>
<stringProp name="mqtt.message_type">String</stringProp>
<stringProp name="mqtt.message_type_fixed_length">1024</stringProp>
<stringProp name="mqtt.message_to_sent">{&quot;ad&quot;: 1}</stringProp>
<boolProp name="mqtt.retained_message">false</boolProp>
</net.xmeter.samplers.PubSampler>
<hashTree/>
<net.xmeter.samplers.SubSampler guiclass="net.xmeter.gui.SubSamplerUI" testclass="net.xmeter.samplers.SubSampler" testname="MQTT Sub Sampler" enabled="true">
<stringProp name="mqtt.topic_name">test_topic</stringProp>
<stringProp name="mqtt.qos_level">0</stringProp>
<boolProp name="mqtt.add_timestamp">false</boolProp>
<boolProp name="mqtt.debug_response">false</boolProp>
<stringProp name="mqtt.sample_condition">specified elapsed time (ms)</stringProp>
<stringProp name="mqtt.sample_condition_value">1000</stringProp>
</net.xmeter.samplers.SubSampler>
<hashTree/>
<ResultCollector guiclass="SummaryReport" testclass="ResultCollector" testname="Summary Report">
<boolProp name="ResultCollector.error_logging">false</boolProp>
<objProp>
<name>saveConfig</name>
<value class="SampleSaveConfiguration">
<time>true</time>
<latency>true</latency>
<timestamp>true</timestamp>
<success>true</success>
<label>true</label>
<code>true</code>
<message>true</message>
<threadName>true</threadName>
<dataType>true</dataType>
<encoding>false</encoding>
<assertions>true</assertions>
<subresults>true</subresults>
<responseData>false</responseData>
<samplerData>false</samplerData>
<xml>false</xml>
<fieldNames>true</fieldNames>
<responseHeaders>false</responseHeaders>
<requestHeaders>false</requestHeaders>
<responseDataOnError>false</responseDataOnError>
<saveAssertionResultsFailureMessage>true</saveAssertionResultsFailureMessage>
<assertionsResultsToSave>0</assertionsResultsToSave>
<bytes>true</bytes>
<sentBytes>true</sentBytes>
<url>true</url>
<threadCounts>true</threadCounts>
<idleTime>true</idleTime>
<connectTime>true</connectTime>
</value>
</objProp>
<stringProp name="filename"></stringProp>
</ResultCollector>
<hashTree/>
<ResultCollector guiclass="StatVisualizer" testclass="ResultCollector" testname="Aggregate Report">
<boolProp name="ResultCollector.error_logging">false</boolProp>
<objProp>
<name>saveConfig</name>
<value class="SampleSaveConfiguration">
<time>true</time>
<latency>true</latency>
<timestamp>true</timestamp>
<success>true</success>
<label>true</label>
<code>true</code>
<message>true</message>
<threadName>true</threadName>
<dataType>true</dataType>
<encoding>false</encoding>
<assertions>true</assertions>
<subresults>true</subresults>
<responseData>false</responseData>
<samplerData>false</samplerData>
<xml>false</xml>
<fieldNames>true</fieldNames>
<responseHeaders>false</responseHeaders>
<requestHeaders>false</requestHeaders>
<responseDataOnError>false</responseDataOnError>
<saveAssertionResultsFailureMessage>true</saveAssertionResultsFailureMessage>
<assertionsResultsToSave>0</assertionsResultsToSave>
<bytes>true</bytes>
<sentBytes>true</sentBytes>
<url>true</url>
<threadCounts>true</threadCounts>
<idleTime>true</idleTime>
<connectTime>true</connectTime>
</value>
</objProp>
<stringProp name="filename"></stringProp>
</ResultCollector>
<hashTree/>
<ResultCollector guiclass="ViewResultsFullVisualizer" testclass="ResultCollector" testname="View Results Tree">
<boolProp name="ResultCollector.error_logging">false</boolProp>
<objProp>
<name>saveConfig</name>
<value class="SampleSaveConfiguration">
<time>true</time>
<latency>true</latency>
<timestamp>true</timestamp>
<success>true</success>
<label>true</label>
<code>true</code>
<message>true</message>
<threadName>true</threadName>
<dataType>true</dataType>
<encoding>false</encoding>
<assertions>true</assertions>
<subresults>true</subresults>
<responseData>false</responseData>
<samplerData>false</samplerData>
<xml>false</xml>
<fieldNames>true</fieldNames>
<responseHeaders>false</responseHeaders>
<requestHeaders>false</requestHeaders>
<responseDataOnError>false</responseDataOnError>
<saveAssertionResultsFailureMessage>true</saveAssertionResultsFailureMessage>
<assertionsResultsToSave>0</assertionsResultsToSave>
<bytes>true</bytes>
<sentBytes>true</sentBytes>
<url>true</url>
<threadCounts>true</threadCounts>
<idleTime>true</idleTime>
<connectTime>true</connectTime>
</value>
</objProp>
<stringProp name="filename"></stringProp>
</ResultCollector>
<hashTree/>
<ResultCollector guiclass="RespTimeGraphVisualizer" testclass="ResultCollector" testname="Response Time Graph">
<boolProp name="ResultCollector.error_logging">false</boolProp>
<objProp>
<name>saveConfig</name>
<value class="SampleSaveConfiguration">
<time>true</time>
<latency>true</latency>
<timestamp>true</timestamp>
<success>true</success>
<label>true</label>
<code>true</code>
<message>true</message>
<threadName>true</threadName>
<dataType>true</dataType>
<encoding>false</encoding>
<assertions>true</assertions>
<subresults>true</subresults>
<responseData>false</responseData>
<samplerData>false</samplerData>
<xml>false</xml>
<fieldNames>true</fieldNames>
<responseHeaders>false</responseHeaders>
<requestHeaders>false</requestHeaders>
<responseDataOnError>false</responseDataOnError>
<saveAssertionResultsFailureMessage>true</saveAssertionResultsFailureMessage>
<assertionsResultsToSave>0</assertionsResultsToSave>
<bytes>true</bytes>
<sentBytes>true</sentBytes>
<url>true</url>
<threadCounts>true</threadCounts>
<idleTime>true</idleTime>
<connectTime>true</connectTime>
</value>
</objProp>
<stringProp name="filename"></stringProp>
<stringProp name="RespTimeGraph.graphtitle">MQTT Response Time Testing</stringProp>
</ResultCollector>
<hashTree/>
<SyncTimer guiclass="TestBeanGUI" testclass="SyncTimer" testname="Synchronizing Timer">
<intProp name="groupSize">10</intProp>
<longProp name="timeoutInMs">1000</longProp>
</SyncTimer>
<hashTree/>
</hashTree>
</hashTree>
</hashTree>
</jmeterTestPlan>
Binary file added server/mqtt/rtt_mqtt.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
63 changes: 63 additions & 0 deletions server/mqtt/security/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
## SETTING UP

To add a password:
``` bash
sudo mosquitto_passwd -c /etc/mosquitto/passwd username
```
Or:
``` bash
sudo mosquitto_passwd -b /etc/mosquitto/passwd username password
```

## SECURING WITH CLIENT CERTIFICATED

```bash
sudo apt-get install openssl -y
mkdir ~/certs
cd ~/certs
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
```

Entered:
``` bash
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:London
Locality Name (eg, city) []:London
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Imperial
Organizational Unit Name (eg, section) []:EEE
Common Name (e.g. server FQDN or YOUR name) []:Sara
Email Address []:[email protected]
```

```bash
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:London
Locality Name (eg, city) []:London
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Imperial
Organizational Unit Name (eg, section) []:EEE
Common Name (e.g. server FQDN or YOUR name) []:18-171-187-186
Email Address []:[email protected]
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:tedted
An optional company name []:ted
```

Also run
```bash
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650
openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr
```



## TESTING

To test the new secured MQTT server, use the command

``` bash
mosquitto_pub -h {IP} -t test -m "hello world" -u "bot{nb}" -P "esp32"
mosquitto_sub -h {IP} -t test -u "website{nb}" -P "ted"
```
4 changes: 4 additions & 0 deletions server/mqtt/security/create_password_file.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
for i in {1..10}; do
sudo mosquitto_passwd -b /etc/mosquitto/passwd bot${i} esp32
sudo mosquitto_passwd -b /etc/mosquitto/passwd website${i} ted
done

0 comments on commit 3db3c9d

Please sign in to comment.