Some general resources, which you may, or may not, find helpful. If you have an article, book, or project you would like to see added below send a message to

Complimentary Packages

EJBCA is a fully functional Certificate Authority using J2EE technology. EJBCA builds on the J2EE platform to create a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in any J2EE app.

Novosec Extensions
This package provides the following pure Java extensions to the Bouncy Castle framework and has been made freely available by

  1. OCSP (RFC 2560) server and client
  2. CMP (RFC 2510, RFC 2511) generator and parser.

JCE taglib
A JSP tag library with cryptographic funtions and X.509 certificate generation based on BouncyCastle JCE. There is also a refactoring of JCE taglib CryptoLib on the main JCE taglib project page. CryptoLib can also be used with non-JSP projects.

A library of cryptographic functions based on the lightweight API, including some functions for use with HSQLDB embeddable database.

Portecle is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.

Commercial Support

If you are reporting a bug, or would simply like to suggest something to add to the library let us know at and your request will be dealt with, if you need something else read on.

The Legion of the Bouncy Castle is a strictly non-profit, no financial interest organisation, however we do get requests for commercial support or project work from time to time. To deal with this and help fund further work on the APIs we have set up Crypto Workshop If you need a support agreement or have an issue that might need a solution requiring consulting, mentoring, or education, please contact us



Cryptographie avec Bouncy Castle
Ce tutoriel constitue une première approche pour l'utilisation de la bibliothèque Bouncy Castle.

Utiliser PGP avec Java et Bouncy Castle
Graham Jenkins (Traduction française par Simon Depiets, relecture de la traduction française par Joëlle Cornavin).


Data Encryption for J2ME Profiles
Eric Giguere
Includes a simple example program using the lightweight API.

MIDP Application Security 3: Authentication in MIDP
Jonathan Knudsen
Examples of using the lightweight API, brief discussion about obfuscation.

MIDP Application Security 4: Encryption in MIDP
Jonathan Knudsen
More examples of using the lightweight API.

Data security in mobile Java applications
Michael Juntao Yuan
Includes examples of the lighweight API as well as general discussion of other alternatives.

Master the basics of Java Cryptography Extension (JCE)
Jim Birchfield
A discussion on installing the Sun JCE, the same instructions apply to BC, useful especially if you are dealing with pre-JDK 1.4.



In association with Any proceeds received from this are used to support the running of this web site.

Beginning Cryptography with Java
David Hook - Wrox
The book covers the recent features introduced in the cryptography APIs in JDK 1.5 as well as dealing with earlier versions of the JDK. In addition to the standard cryptography APIs the book also deals with X.509 certificate generation, CRL generation and usage, certificate validation and path processing, using OCSP, creation and processing of PKCS #10 certification requests, using PKCS #12, CMS, S/MIME and SSL, as well as giving an introduction as to how to use the ASN.1 library.

Practical Cryptography
Niels Ferguson, Bruce Schneier - John Wiley & Sons
Not so much a book about algorithms, but a book about how to use them. If you are looking at implementing a secure system, rather than just implementing basic cryptography this is a great book to read.

"Wireless Java: Developing with Java 2, Micro Edition"
Jonathan Knudsen - Apress
Includes a section on developing with the Bouncy Castle Lightweight APIs.

"J2EE Security for Servlets, EJBs, and Web Services"
Pankaj Kumar - Prentice Hall PTR
Includes sections on the JCE, JCA and implementing PKI systems with Java and a discussion of what goes on under the covers when you install the Bouncy Castle provider.

"Applied Cryptography: Protocols, Algorithms, and Source Code in C", Second Edition
Bruce Schneier - John Wiley & Sons
A general introduction to Cryptography, if you are new to this area it is well worth the effort to read a copy to gain some understanding of how cryptographic algorithms work.

"Handbook of Applied Cryptography"
Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone - CRC Press
Considerably more academic than Bruce Schneier's book, really intended for people with a good background in mathematics and computer science. Very solid, covering both algorithms and basic number theory. Chapters for this book are also available on the web at with some restrictions.



Free monthly e-mail newsletter on computer security and cryptography from Bruce Schneier.

Web Links


RSA Lab's Cryptography FAQ
Frequently asked questions about today's cryptography from RSA Laboratories.

The Object Identifier Registry
Online registry of ASN.1 Object Identifiers and what they are.

The X.509 Style Guide
Peter Gutmann's implementation notes for developers of X.509 certificates. Humourous as well as very useful, also contains references to other introductory material covering PKI and cryptography.