0

I need to encrypt and sign data using PKCS7(CMS). I am using bouncy castle provided api to achieve this using java . Till now what i understood is i need to follow these steps

  1. Need to generate a key pair private & public key using some algorithm say RSA
  2. Certify it with X509 certificate
  3. Convert it into PKCS7 key format like p7b
  4. Generate java key store using keytool some *.jks file
  5. Generate the Certificate Signing Request (CSR) using keytool command *.crt
  6. Become self CA(Certificate Autority) and certify
  7. Import key from keystore created in previous stem and encrypt sign and decrypt data

I still need to figure out what steps i need to follow to sign,encrypt,decrypt data.
My question is

  1. Is my steps are correct ?
  2. How do i certify key pair generated by RSA algorithm and convert into PKCS7 key format
  3. How do i become self CA and certify
  4. I got this to encrypt and sign, still i am confused with steps to follow and also most of them are deprecated.
Improve this question

1 Answer 1

Reset to default
1

What you need is not BouncyCastle.

You need OpenSSL and a guide.

  1. OpenSSL

  2. How to set up your own certificate authority

  3. How to create a self-signed certificate

  4. How to use a certificate in Java

Alternatively, to generate and store an RSA key using Java:

Generate RSA key pair and encode private as string

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.