DigiCert TrustCore SDK is a lightweight, open-source cryptographic engine purpose-built for embedding trust directly into connected devices. It delivers hardware-rooted identity, attestation readiness, and cryptographic agility, giving developers the tools to design security into their products from the start or as part of a security-driven evolution. With open access for evaluation and a clear path to commercial licensing and enterprise support, TrustCore SDK scales confidently from prototype to production.
When an IoT device ships, it carries more than code—it carries your reputation. One vulnerability, one rogue update, one counterfeit board in the supply chain, and that promise breaks.
Security is hard—and most solutions haven’t been designed for how you actually build. TrustCore SDK changes that. It meets you at the hardware level, fits inside your constraints, and adapts as your products and requirements evolve, letting you design, ship, and update with confidence. Available under AGPL v3 for evaluation and development, with predictable commercial licensing for production deployments.
Provision unique, immutable identity during manufacturing—cryptographically rooted to a TPM or secure elements.
Embed support for global standards like FIPS 140-3, NIST 800-193, EU CRA, and FDA cybersecurity mandates.
Evaluate, integrate, and test with full access to the SDK’s source—free for non-commercial use.
Enable secure updates, SBOMs, and event logging by connecting with TrustEdge and Device Trust Manager.
Transition to post-quantum algorithms and maintain long-term trust with a crypto-agile architecture.
Trusted to secure identity and firmware in billions of embedded systems worldwide.
Designed for portability across MCUs, secure elements, chipsets, and RTOS environments.
Freely available for development and evaluation, with licensing for commercial deployment.
Start building today using the TrustCore SDK open-source codebase, platform documentation, and integration guides. When you’re ready to deploy at scale, DigiCert and our partner ecosystem provide commercial licensing, validation, and integration support—enabling lifecycle trust from factory to field.
DigiCert TrustCore SDK delivers FIPS-aligned cryptographic operations, TLS/DTLS 1.3 protocol support, and built-in crypto agility—including readiness for post-quantum algorithms such as ML-KEM, SLH-DSA and ML-DSA.
Establish immutable identity during manufacturing using on-chip or hardware-backed cryptography. TrustCore SDK provides the foundation for verifiable provenance, signed updates, and long-term lifecycle validation.
TrustCore SDK delivers FIPS-Compliant cryptographic operations with built-in support for crypto-agility and PQC migration paths, giving you flexibility without rewriting your security model.
Modular, portable C codebase
Cryptographic encryption, signing, hashing, and key generation
Crypto-agility for future-ready implementations
Secure provisioning and lifecycle logging
Protocol support for EST, SCEP, MQTT, TLS 1.3, and more
Integrates with Device Trust Manager for certificate lifecycle automation and policy enforcement
“These APIs work seamlessly with the rest of the security infrastructure that TrustCore SDK provides, which reduces development time and resource needs. We can keep the private keys in our TPMs secure—and the customer data being stored encrypted—without having to be PhDs in cryptography. Our devices are now equipped to handle the challenges of the modern digital landscape, thanks to TrustCore SDK.”
TrustCore SDK is released under AGPL v3, giving you full source code access for evaluation, customization, and non-commercial use. We believe transparency is essential—so you can audit and adapt the code without hidden dependencies.
When you’re ready for production, DigiCert offers clear commercial licensing with enterprise support, compliance documentation, and long-term maintenance. This dual model lets you innovate openly and scale securely on your terms.
How It Works: View our TrustCore SDK GitHub Page.
Why Open Source: Learn why we made TrustCore SDK publicly available. (video explainer by Kevin, will share URL when available)
Get Commercial Licensing: Contact our team to discuss enterprise deployments.
Building IoT solutions is a "team sport" and using the right partners can accelerate time to market. We have partnered with leading companies who can help you design, build, secure and operate your connected product solution. Learn More >
TrustCore SDK
TrustCore SDK GitHub Page
TrustCore SDK Developer Page
Device Trust Manager Docs
Ready-to-Build Security—TrustCore SDK Is Open Source