TrustCore SDK is a cross-platform security toolkit built for developers. It is entirely written in C and includes a quantum-safe cryptographic (PQC) library, TLS 1.3 stack, and clients for MQTT, EST, SCEP, SSH, RADIUS, EAP and others. TrustCore SDK is compact, performant and modular, designed for secure connected devices. We’ve open-sourced the code under the AGPL v3 license to support transparency, collaboration, and developer accessibility, while maintaining commercial licensing for commercial and proprietary use.
📢 Update: NanoSSH is now open-source under the AGPL license.
All TrustCore SDK components are on track to be open-sourced progressively.
TrustCore SDK is a powerful suite of security tools hardend over 15 years of usage, designed to simplify and enhance certificate-based authentication, encryption, and secure communications. Previously a closed-source solution, it is now being open-sourced to empower developers with greater flexibility in integrating robust security mechanisms into their applications.
- Certificate Lifecycle Management – Supports enrollment, renewal, revocation, and validation.
- PKI Integration – Seamless interaction with public key infrastructure for secure identity verification.
- Broad Cryptographic Algorithm Support – From message digests to symmetric and asymmetric algorithms, TrustCore NanoCrypto has you covered.
- Trusted Platform Integration – Enables integration with TPMs and hardware security modules (HSMs).
- EST & CMP Protocol Support – Implements industry-standard protocols for certificate provisioning and management.
- Secure Device Communications - Delivers MQTT (MQTTs) over TLS 1.3 for securing device communications.
- PQC-ready - Utilize the latest post-quantum cryptographic algorithms including: ML-KEM, ML-DSA and SLH-DSA, ensuring your devices are quantum-safe.
- Modular and compact - Each module is implemented in lightweight C code. Build only the required modules to minimize the device footprint.
- FIPS 140-3 ready - Need FIPS 140-3 certification? No problem! Contact us to learn more how we can help you certify your product.
- OpenSSL Interop - Provides a compatibility layer for applications using OpenSSL APIs, enabling seamless integration.
TrustCore SDK provides comprehensive support for various security and communication protocols, ensuring secure interactions across different applications and environments:
-
NanoSSH – Secure Shell (SSH) client and server implementation optimized for lightweight environments, learn to compile here.
-
NanoMQTT - Secure MQTT (Message Queuing Telemetry Transport) client for IoT and cloud communications.
-
NanoSSL - Implementation for SSL/TLS 1.3, providing secure transport layer encryption.
-
NanoSec – Strong encryption and security for network layer communications using IPSec/IKE..
-
NanoEAP – Extensible Authentication Protocol (EAP) for secure network authentication and RADIUS support.
-
NanoCert – EST and SCEP Protocols for automated certificate enrollment and management.
All the TrustCore documentation is available at TrustCore SDK documentation.
This project is available under a dual-license model:
-
Open Source License:
GNU Affero General Public License v3 (AGPL v3) This license allows you to use, modify, and distribute the code for free in accordance with AGPL terms. -
Commercial License:
If you wish to use TrustCore SDK in a proprietary or commercial product (e.g., embedded in closed-source firmware or commercial SaaS applications), a commercial license is available under DigiCert’s Master Services Agreement (MSA). Contact us at [email protected] for commercial licensing details.
We welcome contributions that improve TrustCore SDK! Please follow these steps:
- Fork the repository
- Create a feature branch
- Make your changes with clear commits
- Submit a pull request
- Review and accept the Contributor License Agreement (CLA)
All contributors must agree to a Contributor License Agreement (CLA) before we can accept your pull request. By submitting a pull request, you agree to the terms of the CLA.
By contributing, you agree that DigiCert may license your contributions under both:
- AGPL v3 (open source), and
- DigiCert’s commercial licensing terms
To learn more, see CONTRIBUTING.md. We may use an integrated tool to enforce CLA acceptance during the pull request process.
- This project uses a copyleft license (AGPL v3). If you include this code in a larger application, you may be required to release the source of that application under AGPL.
- If you are unsure whether your intended use triggers AGPL obligations, please reach out to [email protected] for clarification or [email protected] for commercial options.
We encourage responsible disclosure of security vulnerabilities. If you find something suspicious, we encourage and appreciate your report! To learn more, see SECURITY.md.
- Commercial licensing: [email protected]
- General inquiries: [email protected]
(c) 2025 DigiCert, Inc. All rights reserved.
