There are many c++ libraries that support REST calls. You could just use one of those and call the Algorand specific REST APIs - Algorand Developer Docs
For that, you would first need to find a crypto library that supports the required operations (essentially SHA512/256 - not just SHA256 -, and ED25519 signatures).
If libsodium is too large, you may consider using TweetNACL (TweetNaCl: Software) / uNACL (μNaCl – FAQ) for ED25519 operations.
I don’t know a good very small library for SHA512/256 however.
I’m not sure they support SHA-512/256.
SHA-512/256 is SHA-512 with a difference initialization vector and truncated to 256 bits.
It might not be too difficult to tweak the code of SHA-512 to get SHA-512/256
You don’t need SHA-512/256 for normal signing/key generation.
But you need it to:
compute the transaction ID
compute multikey addresses
compute smart contract account addresses from TEAL bytecode
in general, any time a hash is used (except the hashed used by ED25519)
If you want to be able to send transaction, you’ll also need crypto_sign.
Regarding randomness generation, this is usually a vert complex operation especially on IoT.
One issue is that it’s almost impossible to test it is done properly and errors can be catastrophic (see e.g., Debian -- Security Information -- DSA-1571-1 openssl).
What source of randomness and algorithms for randomness generation are you using?
Just for the purpose of people stumbling on this post, I want to stress that rand from stdlib.h is completely insecure and should never be used for randomness generation for crypto-related operations.