Java hwkeytool
The hwkeytool application enables you
to use the cryptography capabilities of the model 4764 Cryptographic
Coprocessor with the Java™ Cryptography
Extension (JCE) and Java Cryptography
Architecture (JCA).
The hwkeytool application for hardware uses the
same syntax and commands as the keytool application
with the exception of two commands and the default keystore. The hardware
keytool provides additional parameters to the -genkey and delete commands.
On the -genkey command, the following additional parameters
are available:
- -KeyLabel
- Allows you to set a specific label for the hardware key.
- -hardwaretype
- Determine the type of key pair: Public key data set (PKDS) or RETAINED.
- -hardwareusage
- Set the usage of the key pair being generated, either a signature-only key or a signature and key management key.
On the delete command, an additional parameter of -hardwarekey , which deletes the key pair from the keystore and from the hardware, is available.
The default keystore name is .HWkeystore. You can change this using the -keystore parameter.