What is the purpose of the CryptoKeyStore in AuthorizationServer?

[Jeff Hansen]

Having ripped the MemoryCryptoKeyStore from the source, I debugged around to see if I could find out

what exactly the CryptoKeyStore is doing. From what I see, the purpose is to expire refresh tokens, but

I probably got that wrong.

What is the purpose of the CryptoKeyStore?

And another question: Do refresh tokens actually expire?