Follow us on:  Google+   

Latest Java Releases

Release 1.56 is now available for download.

This release concentrates in 2 areas. The first is a new feature: a new API for DTLS/TLS and a JSSE provider (sponsored by the Core Infrastructure Initiative) suitable for Java 5 and later. The second is that particular effort has been made on security and robustness. More validation code done as part of the FIPS project has been migrated into the code base and we have also received feedback both from Google's Project Wycheproof and the Intel Security Team which has allowed us to further improve the robustness of the APIs in general as well as fix some possible security issues. Support for RFC 7539 ChaCha20 and Poly1305 has also been added and general support for SHA-3 in the PKIX APIs has been improved. A potential null pointer exception in the WNafUtil class has been removed and issues with escaping exceptions in PGPUtil.getDecoderStream() have been addressed.

Further details on other additions, bug fixes, and the CVEs dealt with in the release can be found in the release notes file accompanying the release. Please check the release notes to check whether any of the CVEs dealt with may affect your use of the APIs. If you are affected we strongly recommend upgrading.

Change Warning (users of 1.52 or earlier): The PEM Parser now returns an X509TrustedCertificate block when parsing an openssl trusted certificate, the new object was required to allow the proper return of the trusted certificate's attribute block. Please also see the porting guide for advice on porting to this release from much earlier ones (release 1.45 or earlier).

Others have contributed to this release, both with code and/or financially. You can find them listed in the contributors file. We would also like to thank holders of Crypto Workshop support contracts for additional time that was contributed back to this release through left over consulting time provided as part of their support agreements. Thank you, one and all!

If you're interested in grabbing the lot in one hit (includes JCE, JCE provider, light weight API, J2ME, range of JDK compatibility classes, signed jars, fries, and king prawns...) download crypto-156.tar.gz or crypto-156.zip, otherwise if you are only interested in one version in particular, see below. Early access to our FIPS hardened version of the Java APIs is now available as well, contact us at office@bouncycastle.org for further information.

Help Keep Bouncy Castle Free and Open Source.

The full Bouncy Castle Java project is now over half a million lines of API, tools, and tests. It has gone well past being a hobby project.

That said, we are trying to make sure the Bouncy Castle project stays free and open source, and in order to do that the project is now funded by a mixture of donations and support contracts through Crypto Workshop. The money raised through these efforts funds certification, lab testing, and developer time that's needed to review contributions, implement new algorithms and standards, as well as maintain the existing set of APIs.

So, if you want this API to continue to be updated, and want have a free and open source cryptography API you can call on when you need, get a support contract, consider sponsoring some work, or if you don't have the resources for that consider a visit to our donations page. If you do get a support contract or sponsor some major work, your organisation will also benefit from a closer working relationship with the Bouncy Castle developers and our FIPS early access program.

Signed JAR files

From release 1.40 some implementations of encryption algorithms were removed from the regular jar files at the request of a number of users. Jars with names of the form *-ext-* still include these (at the moment the list is: NTRU).

  Provider Clean room JCE
and provider
PKIX/CMS/EAC/PKCS
OCSP/TSP/OPENSSL
SMIME OpenPGP/BCPG DTLS/TLS API/JSSE Provider Test Classes
JDK 1.5 - JDK 1.8 bcprov-jdk15on-156.jar
bcprov-ext-jdk15on-156.jar
  bcpkix-jdk15on-156.jar bcmail-jdk15on-156.jar bcpg-jdk15on-156.jar bctls-jdk15on-156.jar bctest-jdk15on-156.jar
JDK 1.4 bcprov-jdk14-156.jar
bcprov-ext-jdk14-156.jar
  bcpkix-jdk14-156.jar bcmail-jdk14-156.jar bcpg-jdk14-156.jar   bctest-jdk14-156.jar
JDK 1.3 bcprov-jdk13-156.jar
bcprov-ext-jdk13-156.jar
jce-jdk13-156.jar
jce-ext-jdk13-156.jar
bcpkix-jdk13-156.jar bcmail-jdk13-156.jar bcpg-jdk13-156.jar   bctest-jdk13-156.jar
JDK 1.2 bcprov-jdk12-156.jar
bcprov-ext-jdk12-156.jar
jce-jdk12-156.jar
jce-ext-jdk12-156.jar
bcpkix-jdk12-156.jar   bcpg-jdk12-156.jar   bctest-jdk12-156.jar

The following signed provider jars are provided so that you can make use of the debug information in them. In the case of the non-provider jars (bcpkix, bcpg, and bcmail), the jar files do not need to be signed to work. You can rebuild them with debug turned on, or operate directly from the source, if you need.

  Providers with debug
JDK 1.5 - JDK 1.8 bcprov-debug-jdk15on-156.jar bcprov-ext-debug-jdk15on-156.jar
JDK 1.4 bcprov-debug-jdk14-156.jar bcprov-ext-debug-jdk14-156.jar

Sources and JavaDoc

  DTLS/TLS API/JSSE Provider
JDK 1.5 - JDK 1.8 bctls-jdk15on-156.tar.gz bctls-jdk15on-156.zip

  PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL
JDK 1.5 - JDK 1.8 bcpkix-jdk15on-156.tar.gz bcpkix-jdk15on-156.zip
JDK 1.4 bcpkix-jdk14-156.tar.gz bcpkix-jdk14-156.zip
JDK 1.3 bcpkix-jdk13-156.tar.gz bcpkix-jdk13-156.zip
JDK 1.2 bcpkix-jdk12-156.tar.gz bcpkix-jdk12-156.zip
JDK 1.1 bcpkix-jdk11-156.tar.gz bcpkix-jdk11-156.zip

  OpenPGP/BCPG
JDK 1.5 - JDK 1.8 bcpg-jdk15on-156.tar.gz bcpg-jdk15on-156.zip
JDK 1.4 bcpg-jdk14-156.tar.gz bcpg-jdk14-156.zip
JDK 1.3 bcpg-jdk13-156.tar.gz bcpg-jdk13-156.zip
JDK 1.2 bcpg-jdk12-156.tar.gz bcpg-jdk12-156.zip
JDK 1.1 bcpg-jdk11-156.tar.gz bcpg-jdk11-156.zip

  SMIME
JDK 1.5 - JDK 1.8 bcmail-jdk15on-156.tar.gz bcmail-jdk15on-156.zip
JDK 1.4 bcmail-jdk14-156.tar.gz bcmail-jdk14-156.zip
JDK 1.3 bcmail-jdk13-156.tar.gz bcmail-jdk13-156.zip

  JCE with provider and lightweight API Lightweight API  
JDK 1.5 - JDK 1.8 bcprov-jdk15on-156.tar.gz bcprov-jdk15on-156.zip lcrypto-jdk15on-156.tar.gz lcrypto-jdk15on-156.zip
JDK 1.4 bcprov-jdk14-156.tar.gz bcprov-jdk14-156.zip lcrypto-jdk14-156.tar.gz lcrypto-jdk14-156.zip
JDK 1.3 jce-jdk13-156.tar.gz jce-jdk13-156.zip lcrypto-jdk13-156.tar.gz lcrypto-jdk13-156.zip
JDK 1.2 jce-jdk12-156.tar.gz jce-jdk12-156.zip lcrypto-jdk12-156.tar.gz lcrypto-jdk12-156.zip
JDK 1.1 jce-jdk11-156.tar.gz jce-jdk11-156.zip lcrypto-jdk11-156.tar.gz lcrypto-jdk11-156.zip
J2ME     lcrypto-j2me-156.tar.gz lcrypto-j2me-156.zip

  Releases no longer maintained
JDK 1.0 lcrypto-jdk10-133.tar.gz lcrypto-jdk10-133.zip

NOTE:

  1. The tar archives were created using GNU tar (some versions of Solaris tar will have problems extracting them)
  2. The J2ME source distribution includes zips for the class files

You can find the release notes, documentation, and specifications here.

You can find checksums for confirming the integrity of the distributions here

Mirrors
Too slow? You can also find the latest versions on one of our mirrors:

Beta Access
The current working betas, when available, for the next release for JDK 1.5 to JDK 1.8 can be found at https://www.bouncycastle.org/betas. If you need a beta to be made available for another version of Java please ask by emailing feedback-crypto@bouncycastle.org.

Maven Access
The BC jars are now mirrored on the Maven central repository. You can find them at http://repo2.maven.org/maven2/org/bouncycastle.

GIT Access
Just want to look at the source? The source code repository is now mirrored on GitHub and accessible from here. The repository can be cloned using either
https:

git clone https://github.com/bcgit/bc-java.git
or git protocol
git clone git://github.com/bcgit/bc-java.git

CVS Access
Just want to look at the source? The source code repository is accessible via ViewVC from here

FTP Access
Previous releases, as well as the latest ones, can be downloaded from our ftp server ftp.bouncycastle.org. Please note the FTP server does not support passive mode.