Showing results for 
Search instead for 
Did you mean: 

Adding STSAFE with mbedTLS client for IoT work

Associate III

Hello all,

I am working on creating a secure IoT device. The device is configured as MQTT client which will be sending sensors data to the sever over MQTT. I have implemented encryption using mbed-TLS where I confirm server's authenticity with server CA certificate. 

Now I wish to implement 2 way authentication where I need to send client certificate to the server for verifying client authenticity by server.

I see it is possible with the help of mbed-TLS but we need to provide private key of the client to mbedTLS which is not possible since we cannot extract private key out of STSAFE. 

I have been searching on this from almost a month and I have not been able to find a direct example on implementing this.

Also, the STSAFE examples are not clear about implementing this with mbedTLS.

I am in search of something that links stsfae with mbedTLS for client authentication.

Can anyone please guide me how to implement this?

Benjamin BARATTE
ST Employee

Hi @Community member​ 

Please find some code example for using STSAFE-A with MbedTLS.

This has been tested with MbedTLS 3.1.0. I don't have a full setup for end to end TLS testing but you have the certificate and key configuration to use with mbedtls_ssl_conf_own_cert()

This will redirect all signature needs for TLS handshake to STSAFE-A private key.

I have also added example of key generation and CSR generation.

Let me know if this answer to your request.

Best Regards,


Benjamin BARATTE
ST Employee

Hi @Community member

​ I have updated the mbedtls_example.c with ECDH alt function and a test with MbedTLS 2.28.2 and MbedTLS 3.1.0

Best Regards,


Dear Benjamin,

Thanks for sharing the examples.
I somehow missed notification for your first reply.
I'll check your files and will let you know the outcome soon.

Thanks for taking time to work on this.

Associate III

Hello Benjamin,

I am trying to compile this, I am using latest STSAFE library downloaded from website.

It seems that you have built the code using older library because now StSafeA_Read needs 10 parameters, but your code is passing only 9 parameters. Could you please update the example or share your stsafe library, because I can't find old version for this library.


Benjamin BARATTE
ST Employee

Hi @Community member​ 

Sorry for the mistake, I have updated my example to align with the current package.

please find the file below.


Best Regards,


Associate III

Hello @Benjamin BARATTE​ ,

Thanks for the updated file.

This is now compiling and I could also run your provided "mbedtls_example()" successfully.

Now first I want stsafe to negotiate encryption with mosquitto server. (2nd step will be to add client certificate authentication)

So we enabled MBEDTLS_ECDH_GEN_PUBLIC_ALT and MBEDTLS_ECDH_COMPUTE_SHARED_ALT in our mbedtls_config.h file and tried to connect our server, however the handshake with server is failing.

It seems that the two alternate functions "mbedtls_ecdh_gen_public" and "mbedtls_ecdh_compute_shared" aren't getting called during handshake.

I think we have missed defining the ciphersuits or other settings properly in mbedtls_config.h.

Could you please share what should be enabled in "mbedtls_config.h" file in order to get this working.

Thank You.

Associate III

Hello @Benjamin BARATTE​ ,

Thank you for your support so far.

I have been trying to use stsafe somehow to authenticate client from last 2 months.

Client authentication is very much necessary when IoT device is trying to send data to server and server wants to check authenticity of the device.

I accept, I am novice to this security and related stuff, but I have very good knowledge about ST controllers and using them as per my need.

I would like to point out, There is no example which tells how to use stsafe and mbedTLS together for client authentication. I have found such example for other security chips.

Also, I am not been able to use use your provided example file to authenticate client.

Could you please at least confirm if it is possible to use stsafe to authenticate client with mbedTLS or not? Also, If it is possible then it is my humble request to ST to provide a working example to integrate stsafe with mbedTLS for client authentication.

I hope to get a positive reply, as I desperately want to get it working.

Thank You.

Benjamin BARATTE
ST Employee

HI @Community member​ ,

I understand your point and I agree this is not a simple subject.

I confirm that STSAFE-A is fully usable with MbedTLS and we do have more complex example using AWS or Azure connectivity using STSAFE-A for authentication.

In order to have a mutually authenticated setup, you need both server and client setup with the correct CAs.

Today, the handshake does not work with your MQTT server, therefore we need to go a bit more in detail of the TLS handshake failure.

How did you configure your Mosquitto server ? does it support the following ciphersuite : ECDHE-ECDSA-AES256-GCM-SHA384 ?

When I do testing with STSAFE-A and TLS, I'm using this ciphersuite (ECDHE-ECDSA-AES256-GCM-SHA384) on server side which is generally an OpenSSL test server with the ST CA certificate.

One more point, using ECDH with STSAFE-A is optional but as this is not called in your case, I guess the issue araise before the ECDH and most probably around the ciphersuite selection or the client certificate verification on server side.

In the MbedTLS config file, please check the following parameters (I'm sorry I don't have a recent mbedtls config file to provide) :









at least to be sure to have ECDSA cipher suite presented by the client to the server.

Generally, when using STSAFE-A, I deactivate the RSA support.

To activate the traces in the TLS handshake, I'm using the following code :


static void my_debug( void *ctx, int level,

           const char *file, int line,

           const char *str )


  ((void) level);

uint32_t file_size = strlen(file);

int32_t i = file_size;

while ((file[i] != '/') && (i != 0))



  async_printf(CLIENT_PRINTF "%s:%04d: %s", &file[i], line, str );


in your client code add :

mbedtls_debug_set_threshold( 4 );

mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );

This will provide more information regarding the handshake issue.

I'll try to get a full MbedTLS example working. could share on which STM32 you are working on ?


Best Regards,


Associate III

Hello @Benjamin BARATTE​ ,

Thank You so much for your prompt reply.

We are using STM32F427VG.

Regarding server side ciphersuite, we are using online mosquitto server, I confirmed it supports ciphersuite: ECDHE-ECDSA-AES256-GCM-SHA384.

Now I enabled following in my mbedTLS config file:










I ran the code again and I have prepared some data for you.

  1. GenerateCSRFromPublicKey is not able to generate CSR for slot1. I see we are trying to generate STSAFEA_NIST_P_384 (KEY_1_CURVE = STSAFEA_NIST_P_384). I get following at debug output.

Generate CSR with public key generated previously on STSAFE-A private key slot 1 : DebugPrintf: failed! GenerateCSRFromPublicKey returned -0x5100.

However, when I defined KEY_1_CURVE = STSAFEA_NIST_P_256, it works and can successfully generate CSR for slot1.

I tried looking into function GenerateCSRFromPublicKey() which uses md = MBEDTLS_MD_SHA256, I tried by changing it to MBEDTLS_MD_SHA384 and keeping KEY_1_CURVE = STSAFEA_NIST_P_384, but I still get the same error and CSR is not generated.

  • Next observation is that we are still not able to pass through the server handshake, it returns error -0x7280 . I have attached its debug output in the attachment.

I would like to mention that handshake goes through well when I enable only BEDTLS_KEY_EXCHANGE_RSA_ENABLED, and disable others.

Please let me know if you need anymore inputs from my side.

Thanks !