Skip to content

Releases: cryptnox/cryptnox-sdk-cpp

1.0.0 - Initial release

Choose a tag to compare

@embarquech embarquech released this 01 Jun 18:11

First public release of cryptnox-sdk-cpp — the platform-independent C++
core SDK for managing the Cryptnox Hardware Wallet smart card. Implements
the card-side protocol so platform SDKs only have to wire up their NFC reader,
crypto backend, and logger.

Features

  • Secure channel establishment (SELECT → certificate → ECDH → mutual auth)
  • APDU framing and encrypted command/response exchange
  • PIN verification
  • Transaction signing (deterministic ECDSA, low-s)
  • User-data write API
  • Strict C++17, zero platform dependencies, no allocations in the steady state

Reference integrations

Integration Repository
ESP32-S3 (ESP-IDF v5.5) cryptnox/cryptnox-sdk-esp32
Arduino UNO R4 (Renesas RA4M1) cryptnox/cryptnox-sdk-arduino

Adapter interfaces

CW_NfcTransport · CW_CryptoProvider · CW_Logger

Dependencies

None at the SDK level — only a C++17 toolchain. SHA-256/512, AES-CBC, ECDH,
EC key generation, and RNG are pulled in via the host's CW_CryptoProvider
implementation (mbedTLS, BearSSL, hardware peripheral, …).

Important

This SDK is not usable on its own. It exposes three abstract interfaces
(CW_NfcTransport, CW_CryptoProvider, CW_Logger) that must be
implemented by a host integration. It ships no transport driver, no crypto
backend, and no logging output. To talk to a real card, start from one of
the reference integrations above, or port to a new platform by providing
concrete implementations of the three adapters.

Notes

  • Consumed as a git submodule by the platform SDKs — see each integration's
    README for the recommended pin.
  • Includes a fuzz/ harness for the DER signature parser, exercised
    by the static-analysis workflow.
  • All sensitive copies inside the SDK go through CW_Utils::safe_memcpy with
    bounds + overlap validation.
  • Responsible-disclosure policy in SECURITY.md.

Licensing

LGPL-3.0-or-later for open-source use; a commercial license is
available — see COMMERCIAL.md. Third-party
components retain their upstream licenses, see NOTICES.md.