Primus JCE API Provider
The Primus JCE API Provider integrates with the Java Cryptography Extension (JCE) to allow applications written in Java (or another JVM-compatible language) to use a Primus HSM as a security provider for cryptographic operations. The JCE is part of the Java Cryptography Architecture (JCA).
Key Features
- Security: Perform cryptographic operations such as signing and decryption on a tamper-protected Primus HSM.
- Performance: In a multi-threaded application, every thread can maintain a connection to one HSM from an HSM cluster. Scale by adding more worker threads to your application and more HSMs to your cluster.
- Easy integration: Use the familiar Java cryptography API to perform basic operations. Use the custom Primus Java API for advanced features such as Smart Key Attributes.
Use Cases
This documentation provides code samples for the following use cases:
- Key generation
- Signing/verifying, encrypting/decrypting
- Certificate creation
- Integrated Encryption Scheme
- Crypto currencies
- Smart Key Attributes
- Key management: list keys, change key attributes, export wrapped keys.
- Fetch key attestations.
Architecture
The following diagram gives an overview of the deployment architecture. It shows a Java application connecting to both an on-premise Primus HSM cluster and a CloudHSM cluster.
Getting Started
- Install the JCE provider on your machine.
- Follow the tutorials to learn how to use the Primus JCE Provider from your Java application.