exceet Secure Solutions
Tungsten
OpenKeychain
Try Hardware Security SDK in your app today.

All Protocols and Hardware Supported

Due to the vast amount of different protocols involved, it is difficult to support security hardware in your app. With the Hardware Security SDK, you can focus on your scenario at hand and leave the rest to us. If you are missing a use case, contact us and we provide the necessary customizations.
class MyActivity:Activity(), SecurityKeyManager.SecurityKeyManagerCallback {

    // called when security key is detected over NFC or attached to USB
    override fun onSecurityKeyDiscovered(keyInteractor: SecurityKeyInteractor, pinProvider: PinProvider): Boolean {
        val clientCertificateAuthenticator = SecurityKeyClientCertificateAuthenticator
                .createFromAuthenticationCertificate(keyInteractor, pinProvider)
        val sslContext = clientCertificateAuthenticator.buildInitializedSslContext()
        
        // connection with OkHttp library
        val httpClient = OkHttpClient.Builder()
                .sslSocketFactory(sslContext.socketFactory)
                .build()
        val request = Request.Builder()
                .url("https://example.com")
                .build()
        val response = httpClient.newCall(request).execute()

        return true
    }
}
Supported Hardware:
YubiKey NEO, YubiKey 4/5 series, Nitrokey Start/Pro, compatible smart cards, …
Hardware Standards:
PIV (NIST SP 800-73), ISO 7816-4, OpenPGP Card Specification
Complete Guide Full List of Supported Hardware
class MyActivity:Activity(), SecurityKeyManager.SecurityKeyManagerCallback {

    // called when security key is detected over NFC or attached to USB
    override fun onSecurityKeyDiscovered(keyInteractor: SecurityKeyInteractor, pinProvider: PinProvider): Boolean {
        val loginName = "username"
        val loginHost = "localhost"

        val securityKeyAuthenticator = SecurityKeySshAuthenticator.createFromCertificate(keyInteractor, pinProvider)
        // works automatically with OpenSSH public keys and OpenSSH certificates.
        val sshIdentity = SecurityKeySshIdentity(loginName, securityKeyAuthenticator)
        
        // connection with JSch library
        val jsch = JSch()
        JSch.setConfig("StrictHostKeyChecking", "no")
        jsch.addIdentity(sshIdentity, null)
        val sshSession = jsch.getSession(sshIdentity.loginName, loginHost)

        sshSession.connect(10000)

        val channel = sshSession.openChannel("shell")
        val baos = ByteArrayOutputStream()
        channel.outputStream = baos
        channel.connect(10000)

        return true
    }
}
Supported Hardware:
YubiKey NEO, YubiKey 4/5 series, Nitrokey Start/Pro, compatible smart cards, …
Hardware Standards:
PIV (NIST SP 800-73), ISO 7816-4, OpenPGP Card Specification
Complete Guide Full List of Supported Hardware
class MyActivity:Activity(), SecurityKeyManager.SecurityKeyManagerCallback {

    // called when security key is detected over NFC or attached to USB
    override fun onSecurityKeyDiscovered(keyInteractor: SecurityKeyInteractor, pinProvider: PinProvider): Boolean {
        // security key has been paired in a setup procedure before
        val pairedSecurityKey = pairedSecurityKeyStorage.getPairedSecurityKey(keyInteractor.getSecurityKeyAid())
        val encryptedSecret = encryptedSessionStorage.getEncryptedSessionSecret(pairedSecurityKey.getSecurityKeyAid())
        val decryptor = PairedDecryptor(keyInteractor, pairedPinProvider, pairedSecurityKey)
        val secret = decryptor.decryptSessionSecret(encryptedSecret)
        
        // use decrypted secret to open SQLCipher
        val database = SQLiteDatabase.openOrCreateDatabase(databaseFile.getPath(), secret.getCharCopyAndClear(), null)

        return true
    }
}
Supported Hardware:
YubiKey NEO, YubiKey 4/5 series, Nitrokey Start/Pro, compatible smart cards, …
Hardware Standards:
PIV (NIST SP 800-73), ISO 7816-4, OpenPGP Card Specification
Complete Guide Full List of Supported Hardware

Ready-to-Use User Interfaces

Smartcard setup process
Smartcard setup process
Decypting an SQLCipher database
Decypting an SQLCipher database
SSH login with keypad
SSH login with keypad

Technical Support

If you ever need help, you get direct access to the developers and cryptographers who built the product. Whether you have questions getting started or you want to know how to best integrate SDK features into your app, we’re here to help you find a solution.
  • Direct line to the SDK developers
  • Fast response time
  • Comprehensive example projects
  • Flexible licensing options