What is the philosophy behind mbed TLS

mbed TLS aims for the lean-and-mean approach of software development! We have designed mbed TLS to be easy to use by being readable, documented, tested, loosely coupled and portable.


mbed TLS has a lot of documentation online, including full doxygen API documentation, Design Documentation for security evaluations, example applications and more.


The automatic test suites contain over 6000 unit tests for cryptographic validation, regression testing, and code coverage, plus over 200 functional tests and over 2000 interoperability tests. See our quality assurance page for more details.

Loosely coupled

The mbed TLS modules are as loosely coupled as possible. If you want to use AES, just copy aes.c and aes.h and you are set. No other files required! This is valid for all symmetric and hash algorithms. Other modules are either as simple, or also require the modules they are dependent on (Sounds logical, doesn't it?). All portability code is also present in the modules themselves. Doesn't this create duplicate defines? Yes, in some cases it does. But putting it in a central header file would defeat the entire loose coupling we hold so dear!


mbed TLS is written in portable C code.

Did this help?