CryptoServer SDK
Software Development Kits (SDK)

CryptoServer SDK

The professional development kit for HSM solutions

CryptoScript SDK PCI Cards
  • A professional development kit for Utimaco SecurityServer and PaymentServer HSMs
  • Full customizability ensuring complete flexibility
  • Complete control of development
Key Benefits

Key Benefits

Icon

Powerful Development Kit

Create custom applications such as new or proprietary algorithms, key derivation functions or complex protocols that run within the tamper-proof environment of the Utimaco Hardware Security Module.

Icon

Full Control

Develop custom firmware that remains under the developers full control, without the requirement for Utimaco’s review and approval.

Icon

Efficient Development

Benefit from a thorough description of internal programming interfaces (APIs) as well as full access to the HSM base firmware to implement a custom firmware module in minimal time.

Details

Details

The professional development kit for customized HSM solutions

CryptoScript SDK PCI Cards

 

Utimaco’s CryptoServer SDK provides a professional development environment for the purpose of implementing firmware extensions for SecurityServer and PaymentServer built on CryptoServer Se Gen2- and CryptoServer CSe-series.

Although widely used cryptographic APIs such as PKCS #11 or JCE support a wide range of cryptographic algorithms and mechanisms, their use may be limited or not possible in certain use cases. For example, chip personalization and key injection often involves multiple cryptographic operations. Starting with the generation of unique keys or derivation of such keys from a secret master key using device-specific information which includes assembling these keys and additional information into a well-defined personalization record to finally encrypting this record under a transport key.

Implementing such a sequence of operations using industry-standard cryptographic APIs results in multiple function calls may return intermediate and sensitive results outside the HSM, and in the worst-case scenario, failure due to  the required key derivation function not being supported by the standardized cryptographic API.

Similar challenges often arise with processing payment transactions because standardized cryptographic APIs do not provide all operations required for PIN verification or re-encryption of transaction data (like decryption with one key and encryption with another key as atomic operation). All operations, from key generation to transport encryption, can be implemented as a custom atomic operation inside the HSM, which solves these issues,ensuring the highest possible performance at all times.

CryptoServer SDK enables creation of customized applications, such as proprietary algorithms, key derivation functions or complex protocols as firmware modules that run within the tamper-proof environment of SecurityServer and PaymentServer HSMs. Standard programming languages and integration with common development environments and tool chains are supported. Beginning with sample code, project files, make files and comprehensive documentation of HSM base firmware  that can be invoked,  increased efficiency and can be expected.

Features:
 

Full Control

  • Allows full control over firmware functionality with manufacturer-independent development
  • No review or approval by Utimaco required
  • Provides a choice of either proprietary interface or PKCS #11 Vendor Defined Mechanism for application integration     

Easy to use

  • The CryptoServer SDK uses standard programming languages and popular development environments
  • Provides sample code for firmware modules and host-side applications, including project files and make files
  • Provides an HSM simulator for testing and debugging of new firmware in Windows or Linux development environment    

Qualified Support

  • Developer training available
  • Support provided on developer level via phone and email

Full Support of CryptoServer HSM Models

  • CryptoServer Se-Series Gen 2
  • CryptoServer CSe-Series
  • Support of hardware acceleration     

Attractive Price

  • Reduced price for HSMs in development environments
  • No additional license fees for runtime environments
  • No additional costs for each delivered application
  • All supported cryptographic algorithms are included
     

Technical Specifications:
 

Supported Cryptographic Algorithms

  • RSA, DSA, ECDSA with NIST and Brainpool curves, EdDSA
  • DH, ECDH with NIST, Brainpool and Montgomery curves
  • AES, Triple-DES, DES
  • MAC, CMAC, HMAC
  • SHA-1, SHA-2, SHA-3, RIPEMD
  • Hash-based deterministic random number generator
  • True random number generator     

SecurityServer

Utimaco’s general purpose HSM utilizes tamper-responsive technology to secure cryptographic key infrastructures, making it ideally suited for applications and market segments with high physical security requirements.

Find more details

Payment Server

The Utimaco PaymentServer is a Payment Card Industry (PCI), PIN translation, card personalization and issuance, for various payment card schemes programs.

Find more details

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail

       

      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.