How to sign data using the Windows KeyStore?
If there is a key stored in Windows KeyStore, using KeyStore keyStore = KeyStore.getInstance("Windows-MY"); I can get access to Windows KeyStore and then obtain the key reference for given alias. Or I can use reflection on the keyStoreSpi object to get access to its entries, X509Certificate objects and PrivateKey objects and use it to sign some data.
This method just enables to get the key reference and then use it when signing.
Behind the certificates in Windows KeyStore there are Key Storage Providers (KSPs). What I'm using is custom key storage provider (not made by me, don't know how it works, what it does or doesn't).
Now, is it possible to sign using a key whose certificate is referenced in Windows KeyStore but which is provided to Windows KeyStore through the KSP? (the key itself is stored in HSM)
EDIT: Corrected the terminology so the text makes sense.
Ok, I found out that the Java SunMSCAPI provider in Java 8 (which I didn't mention in the question..) doesn't support KSP (also known as CNG and CAPI2). It only supports Crypto API (CAPI). The key which I want to sign with is provided by CNG provider. So it is not supported in Java 8 but should be supported by Java 13 (https://bugs.openjdk.java.net/browse/JDK-8026953)