How can you trust an external device unless you build it yourself?
That’s the idea.
For even an average engineer such a thing is simple to devise.
If you produced them in quantity for others the product would need to be open-source, both hardware and software and be professionally audited, both hardware and software.
To prevent in transit interdiction you would need to protect the circuitry from tampering (possible) and verify it using encryption once the end-user has it. (also possible)
I would suggest capabilities for both public-key crypto (implementing perfect forward secrecy of course) and a hardware based true random number generator to produce one-time-pad capability based on a matched set of SD cards filled with random bits...Depending on the users paranoia level they could use the easier to handle public key or the one-time-pad method which is incredibly secure but more cumbersome to use.
This would make an excellent kick starter campaign for the capable engineer needing something to do.
It could be implemented as a Bluetooth device or as a snap on case utilizing a simple mic and speaker for I/O. The case based device would be easier to audit for security.