Follow us on:  Google+   


Welcome to the home of the Legion of the Bouncy Castle. A fun place to stay, if you've got some time to kill.

The Legion of the Bouncy Castle

Here at the Bouncy Castle, we believe in encryption. That's something that's near and dear to our hearts. We believe so strongly in encryption, that we've gone to the effort to provide some for everybody, and we've now been doing it for over 15 years!

The Bouncy Castle Crypto APIs are looked after by an Australian Charity, the Legion of the Bouncy Castle Inc., which looks after the care and feeding of the Bouncy Castle APIs. If you would like to help support this effort please see our donations page or purchase a support contract through Crypto Workshop. Requests to sponsor specific work on the APIs are also most welcome.

The Bouncy Castle APIs currently consist of the following:

  • A lightweight cryptography API for Java and C#.

  • A provider for the Java Cryptography Extension and the Java Cryptography Architecture.

  • A clean room implementation of the JCE 1.2.1.

  • A library for reading and writing encoded ASN.1 objects.

  • Lightweight APIs for TLS (RFC 2246, RFC 4346) and DTLS (RFC 4347).

  • Generators for Version 1 and Version 3 X.509 certificates, Version 2 CRLs, and PKCS12 files.

  • Generators for Version 2 X.509 attribute certificates.

  • Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).

  • Generators/Processors for OCSP (RFC 2560).

  • Generators/Processors for TSP (RFC 3161 & RFC 5544).

  • Generators/Processors for CMP and CRMF (RFC 4210 & RFC 4211).

  • Generators/Processors for OpenPGP (RFC 4880).

  • Generators/Processors for Extended Access Control (EAC).

  • Generators/Processors for Data Validation and Certification Server (DVCS) - RFC 3029.

  • A signed jar version suitable for JDK 1.4-1.7 and the Sun JCE.

The lightweight API works with everything from the J2ME to the JDK 1.7 and there is also an API in C# providing equivalent functionality for most of the above.

For further details have a look in either our Java project pages or our C# project pages where you can find downloads, mailing lists, and other resources.

If you want to provide feedback directly to the members of The Legion then please use

If you need a support agreement or have issues with the Bouncy Castle APIs that may require consulting, mentoring, or education, please contact us at Crypto Workshop



Java Release 1.55 is now available for download.

Friday 19th August 2016

This release adds the post-quantum algorithms NewHope and SPHINCS to the post-quantum provider, as well as adding the GOST R34.11-2012 message digest, and SHA-3 support for HMAC, signing, and RSA OAEP padding. The TSP API now supports milli-second resolution in time-stamps and CMS passwords can now use PRFs other than SHA-1. In terms of bug fixes, an occasional error in Poly1305 has been fixed as well as issues with cloning BLAKE digests.

For more details go to our latest releases page to download the new version and see the release notes

You can also find the latest versions on one of our mirrors:

Java FIPS API passes NIST review and is now in co-ordination.

Friday 8th July 2016

The BC FIPS Java API has now passed NIST review and we are in the co-ordination phase with the CMVP. If you are interested in seeing the algorithm set this is built around, the User Guide for BC FIPS Java and the Draft Security Policy are now available. Please contact us at for further details.

C# Release 1.8.1 is now available for download.

Monday 28th December 2015

This release is largely a security release for (D)TLS 1.2, with extra validation now added to the (D)TLS 1.2 implementation to assure the signature algorithm in DigitallySigned structures. The release also fixes issues with DTLS record-layer version handling and adds support for ASN.1 GraphicString and VideotexString.

For more details go to our C# pages for downloads and releasenotes.

Sponsored Links