KeyStore

The TSM KeyStore can be used to persist keys generated using the KeyGenerator and KeyPairGenerator. Note that loading the keystore does not require any credentials as these should already be written to the environment before starting the application.

Also storing a key does not support certificates or passwords for individual keys. Below is an example showing how to store and retrieve an EC key.

final KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDH", SepiorProvider.PROVIDER_NAME);
kpg.initialize(256);
final KeyPair kp1 = kpg.generateKeyPair();

final KeyStore ks = KeyStore.getInstance("TSM", SepiorProvider.PROVIDER_NAME);
ks.load(null, null);

final String alias = "derivationKey";
ks.setKeyEntry(alias, kp1.getPrivate(), null, new Certificate[1]);

final Key k = ks.getKey(alias, null);