Fetching contributors…
Cannot retrieve contributors at this time
69 lines (43 sloc) 4.3 KB

Mbed TLS Examples on Mbed OS

This repository contains a collection of Mbed TLS example applications based on Mbed OS. Each subdirectory contains a separate example meant for building as an executable.

Getting started

Required hardware

  • An FRDM-K64F development board.
  • A micro-USB cable.

Other hardware

Although the only board supported by these examples is K64F, they should work on any Mbed enabled hardware, if it has a hardware entropy source, and this entropy source is integrated with Mbed TLS. The single example that does not need an entropy source is hashing.

If your board has no hardware entropy source or its entropy source is not integrated with Mbed TLS, but you want to try these examples anyway, then you may want to consider compiling Mbed TLS without real entropy sources.

Warning! Without entropy sources Mbed TLS does not provide any security whatsoever. If you still want to compile Mbed TLS without entropy sources, then consult the section "How to test without entropy sources" in the Mbed TLS Porting Guide.

Required software

An alternative to Mbed CLI is to use the Mbed Online Compiler. In this case, you need to import the example projects from Mbed developer to your Mbed Online Compiler session using the links below:

Building and running the examples

  1. Clone the repository containing the collection of examples:

    $ git clone
  2. Open a command line tool and navigate to one of the project’s subdirectories.

  3. Update mbed-os sources using the mbed deploy command.

  4. Build the application by selecting the board and build toolchain using the command mbed compile -m K64F -t GCC_ARM. mbed-cli builds a binary file under the project’s BUILD directory.

  5. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the OpenSDA connector on the target board. The board is listed as a mass-storage device.

  6. Drag the binary BUILD/K64F/GCC_ARM/<EXAMPLE>.bin to the board to flash the application.

  7. The board is automatically programmed with the new binary. A flashing LED on it indicates that it is still working. When the LED stops blinking, the board is ready to work.

  8. Press the RESET button on the board to run the program.

Monitoring the application

Please browse the subdirectories for specific documentation.

  • authcrypt: performs authenticated encryption and authenticated decryption of a buffer.
  • benchmark: benchmarks the various cryptographic primitives offered by Mbed TLS.
  • hashing: performs hashing of a buffer with SHA-256 using various APIs.
  • tls-client: downloads a file from an HTTPS server ( and looks for a specific string in that file.

The application prints debug messages over the serial port, so you can monitor its activity with a serial terminal emulator. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. Use the following settings:

  • 9600 baud.
  • 8N1.
  • No flow control.

After pressing the RESET button on the board, you should be able to observe the application's output.

Debugging Mbed TLS

To optionally print out more debug information, edit the main.cpp for the sample and change the definition of DEBUG_LEVEL (near the top of the file) from 0 to a positive number between 1 and 4.