Create Hybrid Certificates through BC Kotlin
Create hybrid certificates with Bouncy Castle Kotlin API. The Bouncy Castle Crypto package for Kotlin is a set of Kotlin classes designed to go on top of the Bouncy Castle Crypto Java APIs.
Hybrid certificates with Bouncy Castle Kotlin API
Hybrid certificates combine both classical and post-quantum algorithms, providing a transitional solution during the migration process.
While hybrid certificates can offer compatibility with existing systems and provide some level of security against quantum attacks, they may also introduce additional complexities and potential vulnerabilities. As always it is our recommendation to consider the overall system architecture and carefully assess whether the benefits outweigh the risks.
How to get started
Create a post-quantum hybrid certificate using the Bouncy Castle Kotlin project.
Here are the steps:
- Start by generating your post-quantum cryptography keys
- Create a post-quantum cryptography hybrid certificate
Prerequisites
Please note this example does not include EJBCA. You can use it as a starting point and try out quantum-safe hybrid certificates.
- The Bouncy Castle Crypto package for Kotlin can be run with either the general BC APIs or the BC-FJA FIPS version.
Tutorials/documentation
Documentation
Check out the supplementary documentation that goes hand-in-hand with our tutorial video.
GitHub
Check out the supplementary documentation and examples on GitHub.
YouTube
Take a peek at our YouTube playlist, and browse through some of our other videos as well.
Discuss
You can ask your questions and learn from PKI specialists in the EJBCA and forum on GitHub Discussions.
Related open-source projects
Open-source PKI Software
EJBCA is a robust, reliable open-source Certificate Authority software that can be tailored to meet your PKI requirements. Whether you're managing an internal PKI or setting up a PKI for your business application or product, EJBCA has the flexibility and scalability to support your needs.
Open-source signing software
Try SignServer for digital signing for code, documents, timestamps, and more. SignServer is a digital signing engine, making it easy for teams to automate signing workflows and support all of their signing formats and use cases.