A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).

A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.

LizardFS is an Open Source Distributed File System licensed under GPLv3.

Block's Bitcoin Cold Storage solution.

Hierarchical state machines for designing event-driven systems

XiPKI: Compact open source PKI (CA, OCSP responder, certificate protocols ACME, CMP, EST).

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

Go implementation of the keyless protocol

Protecting cryptographic signing keys and seed secrets with Multi-Party Computation.

pkcs11 wrapper for Go

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.

Powerful Kotlin Multiplatform library with clean DSL syntax for creating complex state machines and statecharts driven by Kotlin Coroutines.

Fluent API for creating state machines in C#

Managed .NET wrapper for unmanaged PKCS#11 libraries

Hardware Security Module (HSM) for Raspberry Pico and ESP32

A minimalist UML State machine framework for finite state machine and hierarchical state machine in C

An End-to-End Distributed and Scalable Cloud KMS (Key Management System) built on top of Intel SGX enclave-based HSM (Hardware Security Module), aka eHSM.

PKCS#11/Cryptoki support for Python

HSM documentation

PKCS#11 library and tools for Linux and AIX. Includes tokens supporting IBM crypto hardware as well as a software token.