Maclain Lobdell

Now Available: CyaSSL for MQX RTCS

Discussion created by Maclain Lobdell Employee on Jan 9, 2015
Latest reply on Jan 26, 2016 by Denis Shimizu

Now Available: CyaSSL for MQX RTCS – Enabling Secure Network Connections for Kinetis MCUs


We are pleased to announce the availability of the popular CyaSSL SSL / TLS software library in a pre-configured commercial-evaluation add-on package for Kinetis SDK v1.1.0 (and later).


In just a few extra steps, you can enable secure network connectivity with CyaSSL in MQX Real-Time TCP/IP Communication Suite (RTCS) examples.

Installers for Windows and Linux are available. CyaSSL version 3.2.0 (or later) included.



The CyaSSL embedded SSL library is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments - primarily because of its small size, speed, and feature set.   CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, NTRU, and SHA-3. User benchmarking and feedback indicates dramatically better performance when using CyaSSL over OpenSSL. 


Key Features


  • Support for securing both Client and Server applications


  • Compliant to the latest industry standard SSL, TLS, and DTS protocols (SSL 3.0, TLS 1.0/1.1/1.2, DTLS 1.0/1.2)

  • Up to 20x smaller than OpenSSL


  • Lightweight and configurable memory footprint (FLASH 20-100 kB, RAM 1-36 kB)
  • Hashing Functions Supported:  MD2, MD4, MD5*, SHA-1*, SHA-2, SHA-256*, SHA-384, SHA-512, BLAKE2b, RIPEMD-160, Poly1305


* - Accelerated throughput available via the Memory-Mapped Cryptographic Acceleration Unit (MMCAU) on select Kinetis MCUs.


  • Block, Stream, and Authenticated Ciphers Supported: AES* (CBC, CTR, GCM, CCM), Camellia, DES*, 3DES*, ARC4, RABBIT, HC-128, ChaCha20

* - Accelerated throughput available via the Memory-Mapped Cryptographic Acceleration Unit (MMCAU) on select Kinetis MCUs.


  • Public Key Options Supported: RSA, DSS, DH, EDH, NTRU

  • Numerous Other Key Features Provided:

Key Derivation (HMAC, PBKDF2, PKCS#5), Key Generation (RSA), Signed Certificate Generation (x509 v3 RSA and ECC), PEM and DER certificates, Private Key Encryption (PKCS #8, #5, #12), Elliptic Curve Cryptography (ECDH-ECDSA, ECDHE-ECDSA, ECDH-RSA, ECDHE-RSA), Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), IPv4, IPv6, and more.


More details at CyaSSL Embedded SSL Library Product Details



Through our partnership with WolfSSL, Freescale is providing a free commercial evaluation version of CyaSSL for Freescale customers to use for internal development, testing, and evaluation purposes.  Customers who wish to incorporate CyaSSL into proprietary appliances must obtain a commercial license from WolfSSL, which is available at a very reasonable cost.  

For additional information on licensing, see WolfSLL License Information.


Hardware Supported

Project build files are provided for the following Freescale evaluation boards:





Example Projects Provided

HTTP Web Server - Access the board with a web browser using an authenticated and encrypted connection. 


How to Get Started


1. Download Kinetis SDK v1.1.0 (or later) at


Click Download.

Choose the appropriate Kinetis SDK installer for your operating system, then download and install it.


2. Now install CyaSSL for Kinetis SDK with MQX RTOS

On the left side of the same download page, click Updates and Patches


3. Choose the appropriate CyaSSL installer for your operating system, download and install it.


CyaSSL source files will be installed within the <Kinetis SDK>\tcpip\rtcs\source\ssl\ folder in the Kinetis SDK directory tree.


On Windows, this path is typically: C:\Freescale\KSDK_1.1.0\tcpip\rtcs\source\ssl


4. Check out the _readme.txt file at <Kinetis SDK>\tcpip\rtcs\source\ssl to see how to run the example projects provided and to see how to add CyaSSL to your projects. 


More tutorials to come.


Best of luck with your connected embedded projects! 


Mac Lobdell

Freescale Software Technical Marketer