How to generate a PGP Certificate in Java

Question

I am currently using Bouncy Castle library (1.45) for the generation of X509 Certificate (i.e. X509V1CertificateGenerator), and now I need to be able to create and import/export a PGP Certificate into/from the keystore. However, I am not seeing any support for the generation of a PGP Certificate in their "openpgp" package.

All I am seeing is PGPKeyRingGenerator, PGPSignatureGenerator. I am open to using another Java library. Thank you very much.

Answer 1

Bouncy Castle can do that, you're just mixing up certificates vs. keys, as Eugene suggested.

It's X509 Certificate, and an OpenPGP keypair. Certificates are stored in a certificate store, and OpenPGP keys are stored in a keyring.

If you want to create such a PGP Keypair, see BouncyCastle Example of generating an OpenPGP Keypair.

If you want to import the OpenPGP keypair you generated, you need to deal with a public keyring and a secret keyring (optional, if you have the private part of the key).

To import a foreign key, use PGPPublicKeyRing.insertPublicKey. To import a private key, use PGPSecretKeyRing.insertSecretKey.

Those methods are static, be sure to generate a keyring beforhand (i.e. a certificate-store alike). Furthermore you should read about PGP's or gnupgs basic concecpt, before using these classes.