I'm looking to protect zip files that I will be regularly sending to a 3rd party.
I need to ensure strong confidentiality and non-repudation. I would like signing/encryption to be based on asymmetric keys to simplify key management.
Is PKCS#7 suitable for the use case described above?
Updated:
The zip file can be signed and the result can be encrypted using PKCS#7 Cryptographic Message Syntax.
PKCS#7, now known as CMS, is a generic format for message with some content which is signed and/or encrypted. The content is any sequence of bytes so you can fit any kind of file in it, including Zip archives.
Of course CMS is just a tool. Using it won't magically sprinkle security everywhere. You will need to use it with some public-key infrastructure which will take care of distributing the public keys (as X.509 certificates). 95% of PKI is management procedures, not software.
