Alphabetical List of Security Developer's Kits

Timberline Technologies Logo
HOME SECURITY PRODUCT LINKS SECURITY RESOURCES

SECURITY WORKSHOPS SECURITY ADVISORY LINKS CONTACT INFORMATION

CONSULTING SERVICES SECURITY NEWS LINKS SITE MAP

New from Timberline Technologies:

Online Cryptography Course

with Lab Exercises

Tell me more ...

Alphabetical List of Security Developer's Kits

Disclaimer:

These links are provided as a free service to those seeking commercial information security products or shareware tools. The fact that a product is listed here is not an indication that Timberline Technologies LLC has evaluated it nor that we recommend it. The descriptive text is generally taken from the vendor's own product literature. The buyer has the ultimate responsibility to ensure that the information security product is suitable for its intended use. Please follow the links to the vendor pages to obtain more detailed information on a particular product. Additional guidance on product selection can be found in the On-Site Security Workshops.

Vendors Please Note: If your product does not appear in this index or if you feel that it has been incorrectly categorized please contact webmaster@timberlinetechnologies.com and the error will be corrected.

Important Note to Surfers: Timberline Technologies takes strict precautions to provide "safe" links. We will not knowingly provide a link to a site with dangerous active content or questionable privacy policies. Nevertheless, we can not guarantee the safety of all links provided. Those who are concerned about browsing securely are advised to use the facilities of BeHidden, safeWeb, Anonymizer or similar service.

Product Name Description

Centuris PKI Toolkit (Oracle Phaos Technologies) Toolkit for developing Public Key Infrastructure applications for the Java platform. With the Centuris PKI Toolkit, developers can rapidly develop and deploy Internet applications - from standalone Java applications to downloaded applets - that conform to PKIX standards. Centuris PKI Toolkit is fully compatible with the rest of Phaos’s industry leading product line - so you can integrate SSL and industrial-strength cryptography into your PKI applications as well. Using the Centuris PKI Toolkit, you can build code into your application to request and install certificates from leading Certificate Authorities - or you can instantiate a full-fledged certificate server.

Cryptoki (Oracle Phaos Technologies) Provides 'universal access' to cryptographic hardware such as smartcards and Hardware Security Modules (HSMs) from Java applications and applets. Phaos Cryptoki can be used as a Java layer to develop applications for crypto hardware, and used with other Phaos products including for developing Java/hardware applications that use protocols such as SSL and S/MIME.
Supported hardware products include: Rainbow, Chrysalis, Safenet, nCipher, Schlumberger, Gemplus, and much more.

CRYPTOKit (CryptoCard) Strong user authentication development kit.

CypherCalc (EPS/Solutions) A full-featured, programmable calculator designed for multi precision integer arithmetic. You can use CypherCalc to perform "big number" math operations such as exponentiation, modular multiplication, and Montgomery products. A great time-saver for those who work in the fields of Cryptography and Cryptanalysis. It is intended for use in the design, testing, and analysis of cryptographic algorithms involving key exchanges, modular exponentiation, modular inverses, and Montgomery Math. Can also assist in the design of math routines for crypto algorithms and methods such as RSA, Diffie-Hellman, Elliptic Curves, and Block Ciphers like DES and 3DES, including operational modes such as ECB (Electronic Code Book), CBC (Cipher Block Chain), CFB (Cipher Feed Back), and OFB (Output Feed Back). It even has a built-in CRC design tool that can generate CRC tables for your applications. Saves countless hours of program development time by providing a reliable source of known answers. You can check your algorithms against CypherCalc's results in seconds. Also included is a simple scripting program language that allows you to automate repetitive calculations and algorithms.

DeviceSSL (Spyrus) With DeviceSSL, software developers can now obtain high-performance SSL channel security for their embedded applications. Built with DeviceSSL, these applications can perform effectively without the use of file systems and hard disks, which are usually absent from embedded platforms.

DevSuite (SECUDE) SECUDE DevSuite is a combination of SECUDE SDK for Crypto/PKI (C/C++) and SECUDE SDK for Crypto/PKI (Java). The library contains publicly known and established symmetrical and asymmetrical cryptography for common hardware and operating system platforms. The functions enable you to insert security functions into practically any application. A set of tools additionally enables you to apply security functions directly.

Enterprise Security Suite (Oracle Phaos Technologies) Delivers a powerful set of tools for security for the Java platform. Includes the following components: Core cryptography. Secure Transport with the SSL (Secure Sockets Layer) protocol. Certificate tools, including X.509 v3 certificate generation for use with protocols such as SSL. Public Key Infrastructure (PKI) management, including storage, validation and revocation of certificates. Designed to meet the security needs for a wide range of applications, ESS components are easily integrated into any development effort.

Entrust/DevNet (Entrust Technologies) Comprehensive technical Web site for developers who need open, powerful security toolkits and a public-key infrastructure. Free membership, no charge to download software. Optional technical support package for developers who download the Entrust/Alliance™ Developer Suite. News on upcoming developer events, telebriefings, sessions that will educate developers on adding security to their applications. Links to technical product information, whitepapers, developer guides, toolkit documentation.

IAIK Java Crypto Toolkits (IAIK) IAIK provides a number of different crypto SDKs suited to various applications. Among their offerings are: IAIK-JCE CC Core 3.1 (evaluated at Common Criteria level EAL 3+); IAIK-iSaSiLk (a Java implementation of TLS, SSLv3 and SSLv2 protocols); IAIK-CMS with S/MIMEv3 (a Java implementation of the IETF approved Cryptographic Message Synatx, Secure/Multipurpose Internet Mail Extensions Version 3, and Enhanced Security Services for S/MIME protocols); and IXSIL (a toolkit which enables Java developers to easily integrate the creation and verification of XML based digital signatures into their applications). In addition, there are special editions for use in applets and in Java 2 Micro Edition environments. IAIK offers an elliptic curve JCE provider and a JCE provider to integrate smart cards, crypto tokens and HSMs via the PKCS#11 API. The IAIK libraries support many standards and algorithms: RSA (PKCS#1 v1.5, v2.0, v2.1 OAEP and PSS), DES, DESede (TripleDES), AES, Rijndael, Md2, Md5, SHA-1, SHA-256, SHA-384, SHA-512, RipeMd128, RipeMd160, RawDSA, DSA, DH, SSL/RSA, MD2/RSA, MD5/RSA, SHA/RSA, ECDSA, ECDH, PBE, X.509 Public Key Certificates, X.509 Attribute Certificates, Qualified Certificates, CRLs, Delta CRLs, OCSP, TSP, PKCS#1, PKCS#5, PKCS#7, CMS, PKCS#8, PKCS#10, PKCS#11, PKCS#12, ASN.1 classes, HMAC/MD5, HMAC/SHA, IDEA, Blowfish, GOST, CAST128, RC2, RC4, RC5, RC6, MARS, Twofish, Serpent, etc.

ITS4 (Cigtal) Automatically identifies over 130 of the most common security problems during the software development and auditing process. ITS4 codifies security expertise into rules used to identify potential security problems in source code.

J/CA Certification Toolkit (Oracle Phaos Technologies) Provides the tools needed to create a Certifying Authority (CA) in Java. With the J/CA Toolkit, you can quickly deliver a custom certificate server for your Web and electronic commerce applications. The J/CA Toolkit is built for versions of the Java platform from JDK 1.1 to Java 2, and supports certificates based on the X.509 Version 3 standard. The J/CA Toolkit also includes technology for revoking certificates which have expired or have been stolen. The J/CA Certification Toolkit is suitable for a wide variety of protocols, such as SSL (Secure Sockets Layer), SET (Secure Electronic Transactions) and OPS (Open Profiling Standard). With the J/CA Toolkit, you can quickly develop and deploy any certificate-based or PKI application.

Lasso (Entr'ouvert) Lasso is a free software C library aiming to implement the Liberty Alliance standards; it defines processes for federated identities, single sign-on and related protocols. Lasso is currently focused on implementing the Liberty Alliance ID-FF 1.2 protocols. It is built on top of libxml2, XMLSec and OpenSSL and is licensed under the GNU General Public License (with an OpenSSL exception). SWIG is used to provide high-level bindings for other languages. Currently tested and distributed bindings are Python, Java and PHP as well as .NET assemblies (for C# and the .NET runtime environment). It is primarly developed on GNU/Linux and works on many UNIX environments (including Apple Mac OS X) and on Microsoft Windows.

Libdes (CERIAS) Free DES encryption software.

Password Recovery Toolkit (AccessData) Tools for recovering lost or forgotten passwords and unlocking files.

PGP Software Development Kit (PGP) Includes everything you need to quickly and easily build security into new or existing electronic commerce, health care, legal, financial, and other applications. Developers can add key server integration capabilities to their code with very little knowledge of networking. The PGPsdk also supports PGP/MIME, which enables users of different email packages to exchange secure messages effortlessly.

Phaos Base Crypto Toolkit (Oracle Phaos Technologies) Provides Java developers with a lightweight, extensible framework for integrating cryptography into Java applications. Furthermore, Base Crypto provides implementations of commonly-needed algorithms for encryption, key exchange, message digests, and random number generation. Base Crypto is written in 100% Java and compatible with all versions of Java, from 1.0.2, 1.1.x, and Java 2. The 1.2 release of the Base Crypto Toolkit includes features such as the Blowfish cipher, and the El-Gamal public key cryptosystem.

Phaos Financial Engine (Oracle Phaos Technologies) Enables developers to easily create applications that comply with the Identrus system with a simple to use API that implements Identrus DSMS (Digital Signature Messaging System).Based on Java, the PFE provides a Enterprise Java Bean container for Identrus Relying Customers that can be deployed seamlessly in popular Web application servers.

Phaos S/MIME Toolkit (Oracle Phaos Technologies) Complete S/MIME 2.0 package in pure Java. With the Phaos S/MIME Toolkit, you can quickly build S/MIME secure messaging applications and applets. The Phaos S/MIME Toolkit is platform-independent, and executes on versions of the Java platform from JDK 1.1.x to Java 2.
With the Phaos S/MIME Toolkit, you don’t have to be a security expert to incorporate the S/MIME secure messaging protocol into your Java applications. Best of all, the Phaos S/MIME APIs are JavaMail compliant, so you can develop with APIs that comply to the latest Java standards.

RSA BSAFE Cert-C (RSA Security) Certificate handling software developer kit (SDK) for creating applications that integrate into a public key infrastructure (PKI). Based on open standards and thoroughly tested for multi-vendor interoperability, RSA BSAFE Cert-C provides in one package all the certificate processing and cryptographic software that developers need for building PKI-enabled applications.

RSA BSAFE Cert-J (RSA Security) Certificate handling software developer kit (SDK) for creating applications that integrate into a public key infrastructure (PKI). Based on open standards and thoroughly tested for multi-vendor interoperability, RSA BSAFE Cert-J provides in one package all the certificate processing and cryptographic software that developers need for building PKI-enabled applications in Java.

RSA BSAFE Crypto-C (RSA Security) Easy-to-use C program security tools and encryption engine in RSA BSAFE Crypto-C allows developers to integrate state-of-the-art privacy and authentication features into virtually any application. With Crypto-C, any programmer can develop secure applications — without a background in cryptography, mathematics or number theory. Best of all, by using security solutions from the most trusted and experienced company in the cryptography business, you won’t be troubled by the risk of embarrassing and costly software recalls that often result from failed "homegrown" security techniques.

RSA BSAFE Crypto-Ci (RSA Security) Full-strength international version of its general purpose cryptographic SDK. Designed to be flexible and broad in its applicability, Crypto-Ci provides cryptographic primitives for the following security services: privacy, client authentication, and data integrity. Crypto-Ci is your "one-stop-shop" for all of your cryptographic services. From fast secret-key ciphers, to digital signatures and data integrity routines, to a wide range of public-key algorithms, Crypto-Ci provides all the tools a developer needs.

RSA BSAFE Crypto-J (RSA Security) Provides developers with a state-of-the-art implementation of the most important privacy, authentication, and data integrity routines — all in Java. Crypto-J also includes source code for sample applications and easy-to-use self-test modules, ensuring security and shorter time-to-market for new projects. Crypto-J contains a full palette of popular cryptographic algorithms — a streamlined implementation of the RSA Public Key Cryptosystem, as well as several symmetric encryption algorithms — all contained in one provider class. So all you need is one piece of software for a range of applications, including electronic commerce, home banking, webcasting, and enterprise security. The RC2®, RC4®, and RC5™ algorithms are especially important for those companies needing scalable key sizes for either export or increased strength.

RSA BSAFE S/MIME-C (RSA Security) Builds on RSA Security’s trusted cryptographic enveloping and signing algorithms, and adds the infrastructure required for building an S/MIME secure messaging subsystem into nearly any messaging product. Developers save time (an estimated 8-12 work months) by using the high-level API in the RSA BSAFE S/MIME-C software developer kit (SDK) as a complete solution for quickly adding S/MIME functionality to products.

RSA BSAFE SSL-C (RSA Security) Provides developers a high-quality, supported product that includes everything needed for delivering SSL-enabled applications.

RSA BSAFE SSL-J (RSA Security) Provides developers an expert product that includes everything needed for delivering SSL-enabled Java applications. This means corporations can make their deadlines without having to become cryptographic experts.

Security Builder SDK (Certicom) Contains the primitives required to create fast, strong, and compact information security for any application. Available for all important operating systems, Security Builder's ANSI "C" libraries are delivered in both static and dynamic object modules, providing the flexibility demanded by today's developers. Security Builder's easy-to-use API allows direct access to all of the toolkit's functions -- developers are amazed at how quickly security can be integrated into any application.

Security Development Platform (Entegrity Solutions) Enables enterprises to rapidly and cost-effectively deploy public key infrastructure-based (PKI-based) secured applications for business-to-business (B2B) e-commerce. Entegrity SDP users can rapidly create new security-enhanced applications or quickly add a variety of security capabilities to existing client/server applications. This comprehensive platform allows Entegrity SDP users to respond to the rapidly growing demand for information security, fueled by the exploding use of intranet, extranet, and Internet for B2B e-commerce.

SmartToolz (CardLogix) A comprehensive suite of software and hardware that includes everything you need to develop PC-based smart card applications. The kit makes possible advanced card development for both the computer literate non-programmer and the professional programmer.

Software Developer IDs (VeriSign) You can sign your software with a VeriSign Developer ID in conjunction with Marimba Channel Signing, Microsoft Authenticode or Netscape Object Signing. Allows you to digitally "shrinkwrap" your code or content to let your customers know that your Active X control, Java applet, dynamic link library, .cab file, .jar file, HTML page or channel content is safe and hasn't been altered or corrupted.
Class 3 Developer IDs, this Developer ID is designed to meet the needs of commercial software publishers who distribute software electronically.

SSL Plus for Embedded Systems (Certicom) Security Protocol Toolkit.

SSL Plus for Java (Certicom) Security Protocol Toolkit.

SSL Plus Toolkit (Certicom) Security Protocol Toolkit.

SSLava (Oracle Phaos Technologies) Allows you to create SSL and TLS enabled applications and applets for both clients and servers. In commercial production since 1996, the SSLava Toolkit is platform-independent, and executes on all versions of the Java platform, from JDK 1.0.2, 1.1.x, and Java 2, to Netscape Communicator and Microsoft Internet Explorer 5. The latest release of the SSLava Toolkit - SSLava 2000TM - provides the TLS (Transport Layer Security), SSL (Secure Sockets Layer) version 2 and 3 protocols, powerful bundled cryptography, PKCS11 hardware and smartcard support, and Thin SSLavaTM - a full fledged SSL implementation in less than 50k.

U.are.U Software Development Kit (digitalPersona) Allows developers to add fingerprint authentication functionality to applications running under Windows 98/95 (OSR2). Enables integration of fingerprint recognition with Internet/Intranet applications, SmartCards, point-of-sale terminals, time and attendance products, and physical access control products. Individual sensors are available for system integrators.

U-Prove SDK (Credentica) Using the U-Prove™ SDK, organizations can protect identity-related assertions with unprecedented security, thereby opening up new data-flow capabilities. At the same time, the SDK enables critical privacy and user control functions that are particularly relevant to cross-domain identity management. For example, users can strongly authenticate to any number of parties without real-time involvement of a central identity provider, prove unanticipated properties of protected identity assertions, and transfer data between unlinked accounts. The SDK is ideally suited for creating the electronic equivalent of the cards in one’s wallet and for protecting identity-related information in frameworks such as SAML, Liberty ID-WSF, and Windows CardSpace.

VACMAN Programmer (Vasco Data Security) A full toolkit that allows resellers and/or system owners to support Vasco Digipass™ technology on their networks themselves. It contains everything needed to get acquainted with programming their Digipass™. Whether it is a Digipass™ 300 or 700, they all fit the same Digilink that comes with the software. System owners who want to support Digipass™ in their system can do so without any problem. Or resellers can support their customers by providing them with a full programming service.

Veridicom Software Development Kit (Veridicom) Fingerprint recognition SDK.

VeriSign Channel Signing ID for Marimba Castanet (VeriSign) Allows publishers to digitally "sign" the content which they distribute. Publishers can also digitally "sign" their entire Castanet Channel. In this way, consumers (and network administrators) will know that the content that they are receiving comes from an authentic source, and has not been altered or corrupted in any way since it was signed.

HOME	SECURITY PRODUCT LINKS	SECURITY RESOURCES
SECURITY WORKSHOPS	SECURITY ADVISORY LINKS	CONTACT INFORMATION
CONSULTING SERVICES	SECURITY NEWS LINKS	SITE MAP

Product Name	Description
Centuris PKI Toolkit (Oracle Phaos Technologies)	Toolkit for developing Public Key Infrastructure applications for the Java platform. With the Centuris PKI Toolkit, developers can rapidly develop and deploy Internet applications - from standalone Java applications to downloaded applets - that conform to PKIX standards. Centuris PKI Toolkit is fully compatible with the rest of Phaos’s industry leading product line - so you can integrate SSL and industrial-strength cryptography into your PKI applications as well. Using the Centuris PKI Toolkit, you can build code into your application to request and install certificates from leading Certificate Authorities - or you can instantiate a full-fledged certificate server.
Cryptoki (Oracle Phaos Technologies)	Provides 'universal access' to cryptographic hardware such as smartcards and Hardware Security Modules (HSMs) from Java applications and applets. Phaos Cryptoki can be used as a Java layer to develop applications for crypto hardware, and used with other Phaos products including for developing Java/hardware applications that use protocols such as SSL and S/MIME. Supported hardware products include: Rainbow, Chrysalis, Safenet, nCipher, Schlumberger, Gemplus, and much more.
CRYPTOKit (CryptoCard)	Strong user authentication development kit.
CypherCalc (EPS/Solutions)	A full-featured, programmable calculator designed for multi precision integer arithmetic. You can use CypherCalc to perform "big number" math operations such as exponentiation, modular multiplication, and Montgomery products. A great time-saver for those who work in the fields of Cryptography and Cryptanalysis. It is intended for use in the design, testing, and analysis of cryptographic algorithms involving key exchanges, modular exponentiation, modular inverses, and Montgomery Math. Can also assist in the design of math routines for crypto algorithms and methods such as RSA, Diffie-Hellman, Elliptic Curves, and Block Ciphers like DES and 3DES, including operational modes such as ECB (Electronic Code Book), CBC (Cipher Block Chain), CFB (Cipher Feed Back), and OFB (Output Feed Back). It even has a built-in CRC design tool that can generate CRC tables for your applications. Saves countless hours of program development time by providing a reliable source of known answers. You can check your algorithms against CypherCalc's results in seconds. Also included is a simple scripting program language that allows you to automate repetitive calculations and algorithms.
DeviceSSL (Spyrus)	With DeviceSSL, software developers can now obtain high-performance SSL channel security for their embedded applications. Built with DeviceSSL, these applications can perform effectively without the use of file systems and hard disks, which are usually absent from embedded platforms.
DevSuite (SECUDE)	SECUDE DevSuite is a combination of SECUDE SDK for Crypto/PKI (C/C++) and SECUDE SDK for Crypto/PKI (Java). The library contains publicly known and established symmetrical and asymmetrical cryptography for common hardware and operating system platforms. The functions enable you to insert security functions into practically any application. A set of tools additionally enables you to apply security functions directly.
Enterprise Security Suite (Oracle Phaos Technologies)	Delivers a powerful set of tools for security for the Java platform. Includes the following components: Core cryptography. Secure Transport with the SSL (Secure Sockets Layer) protocol. Certificate tools, including X.509 v3 certificate generation for use with protocols such as SSL. Public Key Infrastructure (PKI) management, including storage, validation and revocation of certificates. Designed to meet the security needs for a wide range of applications, ESS components are easily integrated into any development effort.
Entrust/DevNet (Entrust Technologies)	Comprehensive technical Web site for developers who need open, powerful security toolkits and a public-key infrastructure. Free membership, no charge to download software. Optional technical support package for developers who download the Entrust/Alliance™ Developer Suite. News on upcoming developer events, telebriefings, sessions that will educate developers on adding security to their applications. Links to technical product information, whitepapers, developer guides, toolkit documentation.
IAIK Java Crypto Toolkits (IAIK)	IAIK provides a number of different crypto SDKs suited to various applications. Among their offerings are: IAIK-JCE CC Core 3.1 (evaluated at Common Criteria level EAL 3+); IAIK-iSaSiLk (a Java implementation of TLS, SSLv3 and SSLv2 protocols); IAIK-CMS with S/MIMEv3 (a Java implementation of the IETF approved Cryptographic Message Synatx, Secure/Multipurpose Internet Mail Extensions Version 3, and Enhanced Security Services for S/MIME protocols); and IXSIL (a toolkit which enables Java developers to easily integrate the creation and verification of XML based digital signatures into their applications). In addition, there are special editions for use in applets and in Java 2 Micro Edition environments. IAIK offers an elliptic curve JCE provider and a JCE provider to integrate smart cards, crypto tokens and HSMs via the PKCS#11 API. The IAIK libraries support many standards and algorithms: RSA (PKCS#1 v1.5, v2.0, v2.1 OAEP and PSS), DES, DESede (TripleDES), AES, Rijndael, Md2, Md5, SHA-1, SHA-256, SHA-384, SHA-512, RipeMd128, RipeMd160, RawDSA, DSA, DH, SSL/RSA, MD2/RSA, MD5/RSA, SHA/RSA, ECDSA, ECDH, PBE, X.509 Public Key Certificates, X.509 Attribute Certificates, Qualified Certificates, CRLs, Delta CRLs, OCSP, TSP, PKCS#1, PKCS#5, PKCS#7, CMS, PKCS#8, PKCS#10, PKCS#11, PKCS#12, ASN.1 classes, HMAC/MD5, HMAC/SHA, IDEA, Blowfish, GOST, CAST128, RC2, RC4, RC5, RC6, MARS, Twofish, Serpent, etc.
ITS4 (Cigtal)	Automatically identifies over 130 of the most common security problems during the software development and auditing process. ITS4 codifies security expertise into rules used to identify potential security problems in source code.
J/CA Certification Toolkit (Oracle Phaos Technologies)	Provides the tools needed to create a Certifying Authority (CA) in Java. With the J/CA Toolkit, you can quickly deliver a custom certificate server for your Web and electronic commerce applications. The J/CA Toolkit is built for versions of the Java platform from JDK 1.1 to Java 2, and supports certificates based on the X.509 Version 3 standard. The J/CA Toolkit also includes technology for revoking certificates which have expired or have been stolen. The J/CA Certification Toolkit is suitable for a wide variety of protocols, such as SSL (Secure Sockets Layer), SET (Secure Electronic Transactions) and OPS (Open Profiling Standard). With the J/CA Toolkit, you can quickly develop and deploy any certificate-based or PKI application.
Lasso (Entr'ouvert)	Lasso is a free software C library aiming to implement the Liberty Alliance standards; it defines processes for federated identities, single sign-on and related protocols. Lasso is currently focused on implementing the Liberty Alliance ID-FF 1.2 protocols. It is built on top of libxml2, XMLSec and OpenSSL and is licensed under the GNU General Public License (with an OpenSSL exception). SWIG is used to provide high-level bindings for other languages. Currently tested and distributed bindings are Python, Java and PHP as well as .NET assemblies (for C# and the .NET runtime environment). It is primarly developed on GNU/Linux and works on many UNIX environments (including Apple Mac OS X) and on Microsoft Windows.
Libdes (CERIAS)	Free DES encryption software.
Password Recovery Toolkit (AccessData)	Tools for recovering lost or forgotten passwords and unlocking files.
PGP Software Development Kit (PGP)	Includes everything you need to quickly and easily build security into new or existing electronic commerce, health care, legal, financial, and other applications. Developers can add key server integration capabilities to their code with very little knowledge of networking. The PGPsdk also supports PGP/MIME, which enables users of different email packages to exchange secure messages effortlessly.
Phaos Base Crypto Toolkit (Oracle Phaos Technologies)	Provides Java developers with a lightweight, extensible framework for integrating cryptography into Java applications. Furthermore, Base Crypto provides implementations of commonly-needed algorithms for encryption, key exchange, message digests, and random number generation. Base Crypto is written in 100% Java and compatible with all versions of Java, from 1.0.2, 1.1.x, and Java 2. The 1.2 release of the Base Crypto Toolkit includes features such as the Blowfish cipher, and the El-Gamal public key cryptosystem.
Phaos Financial Engine (Oracle Phaos Technologies)	Enables developers to easily create applications that comply with the Identrus system with a simple to use API that implements Identrus DSMS (Digital Signature Messaging System).Based on Java, the PFE provides a Enterprise Java Bean container for Identrus Relying Customers that can be deployed seamlessly in popular Web application servers.
Phaos S/MIME Toolkit (Oracle Phaos Technologies)	Complete S/MIME 2.0 package in pure Java. With the Phaos S/MIME Toolkit, you can quickly build S/MIME secure messaging applications and applets. The Phaos S/MIME Toolkit is platform-independent, and executes on versions of the Java platform from JDK 1.1.x to Java 2. With the Phaos S/MIME Toolkit, you don’t have to be a security expert to incorporate the S/MIME secure messaging protocol into your Java applications. Best of all, the Phaos S/MIME APIs are JavaMail compliant, so you can develop with APIs that comply to the latest Java standards.
RSA BSAFE Cert-C (RSA Security)	Certificate handling software developer kit (SDK) for creating applications that integrate into a public key infrastructure (PKI). Based on open standards and thoroughly tested for multi-vendor interoperability, RSA BSAFE Cert-C provides in one package all the certificate processing and cryptographic software that developers need for building PKI-enabled applications.
RSA BSAFE Cert-J (RSA Security)	Certificate handling software developer kit (SDK) for creating applications that integrate into a public key infrastructure (PKI). Based on open standards and thoroughly tested for multi-vendor interoperability, RSA BSAFE Cert-J provides in one package all the certificate processing and cryptographic software that developers need for building PKI-enabled applications in Java.
RSA BSAFE Crypto-C (RSA Security)	Easy-to-use C program security tools and encryption engine in RSA BSAFE Crypto-C allows developers to integrate state-of-the-art privacy and authentication features into virtually any application. With Crypto-C, any programmer can develop secure applications — without a background in cryptography, mathematics or number theory. Best of all, by using security solutions from the most trusted and experienced company in the cryptography business, you won’t be troubled by the risk of embarrassing and costly software recalls that often result from failed "homegrown" security techniques.
RSA BSAFE Crypto-Ci (RSA Security)	Full-strength international version of its general purpose cryptographic SDK. Designed to be flexible and broad in its applicability, Crypto-Ci provides cryptographic primitives for the following security services: privacy, client authentication, and data integrity. Crypto-Ci is your "one-stop-shop" for all of your cryptographic services. From fast secret-key ciphers, to digital signatures and data integrity routines, to a wide range of public-key algorithms, Crypto-Ci provides all the tools a developer needs.
RSA BSAFE Crypto-J (RSA Security)	Provides developers with a state-of-the-art implementation of the most important privacy, authentication, and data integrity routines — all in Java. Crypto-J also includes source code for sample applications and easy-to-use self-test modules, ensuring security and shorter time-to-market for new projects. Crypto-J contains a full palette of popular cryptographic algorithms — a streamlined implementation of the RSA Public Key Cryptosystem, as well as several symmetric encryption algorithms — all contained in one provider class. So all you need is one piece of software for a range of applications, including electronic commerce, home banking, webcasting, and enterprise security. The RC2®, RC4®, and RC5™ algorithms are especially important for those companies needing scalable key sizes for either export or increased strength.
RSA BSAFE S/MIME-C (RSA Security)	Builds on RSA Security’s trusted cryptographic enveloping and signing algorithms, and adds the infrastructure required for building an S/MIME secure messaging subsystem into nearly any messaging product. Developers save time (an estimated 8-12 work months) by using the high-level API in the RSA BSAFE S/MIME-C software developer kit (SDK) as a complete solution for quickly adding S/MIME functionality to products.
RSA BSAFE SSL-C (RSA Security)	Provides developers a high-quality, supported product that includes everything needed for delivering SSL-enabled applications.
RSA BSAFE SSL-J (RSA Security)	Provides developers an expert product that includes everything needed for delivering SSL-enabled Java applications. This means corporations can make their deadlines without having to become cryptographic experts.
Security Builder SDK (Certicom)	Contains the primitives required to create fast, strong, and compact information security for any application. Available for all important operating systems, Security Builder's ANSI "C" libraries are delivered in both static and dynamic object modules, providing the flexibility demanded by today's developers. Security Builder's easy-to-use API allows direct access to all of the toolkit's functions -- developers are amazed at how quickly security can be integrated into any application.
Security Development Platform (Entegrity Solutions)	Enables enterprises to rapidly and cost-effectively deploy public key infrastructure-based (PKI-based) secured applications for business-to-business (B2B) e-commerce. Entegrity SDP users can rapidly create new security-enhanced applications or quickly add a variety of security capabilities to existing client/server applications. This comprehensive platform allows Entegrity SDP users to respond to the rapidly growing demand for information security, fueled by the exploding use of intranet, extranet, and Internet for B2B e-commerce.
SmartToolz (CardLogix)	A comprehensive suite of software and hardware that includes everything you need to develop PC-based smart card applications. The kit makes possible advanced card development for both the computer literate non-programmer and the professional programmer.
Software Developer IDs (VeriSign)	You can sign your software with a VeriSign Developer ID in conjunction with Marimba Channel Signing, Microsoft Authenticode or Netscape Object Signing. Allows you to digitally "shrinkwrap" your code or content to let your customers know that your Active X control, Java applet, dynamic link library, .cab file, .jar file, HTML page or channel content is safe and hasn't been altered or corrupted. Class 3 Developer IDs, this Developer ID is designed to meet the needs of commercial software publishers who distribute software electronically.
SSL Plus for Embedded Systems (Certicom)	Security Protocol Toolkit.
SSL Plus for Java (Certicom)	Security Protocol Toolkit.
SSL Plus Toolkit (Certicom)	Security Protocol Toolkit.
SSLava (Oracle Phaos Technologies)	Allows you to create SSL and TLS enabled applications and applets for both clients and servers. In commercial production since 1996, the SSLava Toolkit is platform-independent, and executes on all versions of the Java platform, from JDK 1.0.2, 1.1.x, and Java 2, to Netscape Communicator and Microsoft Internet Explorer 5. The latest release of the SSLava Toolkit - SSLava 2000TM - provides the TLS (Transport Layer Security), SSL (Secure Sockets Layer) version 2 and 3 protocols, powerful bundled cryptography, PKCS11 hardware and smartcard support, and Thin SSLavaTM - a full fledged SSL implementation in less than 50k.
U.are.U Software Development Kit (digitalPersona)	Allows developers to add fingerprint authentication functionality to applications running under Windows 98/95 (OSR2). Enables integration of fingerprint recognition with Internet/Intranet applications, SmartCards, point-of-sale terminals, time and attendance products, and physical access control products. Individual sensors are available for system integrators.
U-Prove SDK (Credentica)	Using the U-Prove™ SDK, organizations can protect identity-related assertions with unprecedented security, thereby opening up new data-flow capabilities. At the same time, the SDK enables critical privacy and user control functions that are particularly relevant to cross-domain identity management. For example, users can strongly authenticate to any number of parties without real-time involvement of a central identity provider, prove unanticipated properties of protected identity assertions, and transfer data between unlinked accounts. The SDK is ideally suited for creating the electronic equivalent of the cards in one’s wallet and for protecting identity-related information in frameworks such as SAML, Liberty ID-WSF, and Windows CardSpace.
VACMAN Programmer (Vasco Data Security)	A full toolkit that allows resellers and/or system owners to support Vasco Digipass™ technology on their networks themselves. It contains everything needed to get acquainted with programming their Digipass™. Whether it is a Digipass™ 300 or 700, they all fit the same Digilink that comes with the software. System owners who want to support Digipass™ in their system can do so without any problem. Or resellers can support their customers by providing them with a full programming service.
Veridicom Software Development Kit (Veridicom)	Fingerprint recognition SDK.
VeriSign Channel Signing ID for Marimba Castanet (VeriSign)	Allows publishers to digitally "sign" the content which they distribute. Publishers can also digitally "sign" their entire Castanet Channel. In this way, consumers (and network administrators) will know that the content that they are receiving comes from an authentic source, and has not been altered or corrupted in any way since it was signed.