Welcome

Welcome to the home of the Legion of the Bouncy Castle. A fun place to stay, if you've got some time to kill.

The Legion of the Bouncy Castle

Here at the Bouncy Castle, we believe in encryption. That's something that's near and dear to our hearts. We believe so strongly in encryption, that we've gone to the effort to provide some for everybody, and we've now been doing it for over 20 years!

The Bouncy Castle Crypto APIs are looked after by an Australian Charity, the Legion of the Bouncy Castle Inc., which looks after the care and feeding of the Bouncy Castle APIs. Help us keep this effort Free, Open Source, and Maintained! Please see our donations page or purchase a support contract through Keyfactor. Requests to sponsor specific work on the APIs are also most welcome.

The Bouncy Castle APIs currently consist of the following:

  • A lightweight cryptography API for Java and C#.

  • A provider for the Java Cryptography Extension (JCE) and the Java Cryptography Architecture (JCA).

  • A provider for the Java Secure Socket Extension (JSSE).

  • A clean room implementation of the JCE 1.2.1.

  • A library for reading and writing encoded ASN.1 objects.

  • Lightweight APIs for TLS (RFC 2246, RFC 4346) and DTLS (RFC 6347/ RFC 4347).

  • Generators for Version 1 and Version 3 X.509 certificates, Version 2 CRLs, and PKCS12 files.

  • Generators for Version 2 X.509 attribute certificates.

  • Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).

  • Generators/Processors for OCSP (RFC 2560).

  • Generators/Processors for TSP (RFC 3161 & RFC 5544).

  • Generators/Processors for CMP and CRMF (RFC 4210 & RFC 4211).

  • Generators/Processors for OpenPGP (RFC 4880).

  • Generators/Processors for Extended Access Control (EAC).

  • Generators/Processors for Data Validation and Certification Server (DVCS) - RFC 3029.

  • Generators/Processors for DNS-based Authentication of Named Entities (DANE).

  • Generators/Processors for RFC 7030 Enrollment over Secure Transport (EST).

  • A signed jar version suitable for JDK 1.4-1.15 and the Sun JCE.

The lightweight API works with everything from the J2ME to the JDK 1.15 and there is also an API in C# providing equivalent functionality for most of the above.

For further details have a look in either our Java project pages or our C# project pages where you can find downloads, mailing lists, and other resources.

If you want to provide feedback directly to the members of The Legion or report something you believe to be a security issue then please use feedback-crypto@bouncycastle.org. We can provide a PGP key if required.

If you need a support agreement or have issues with the Bouncy Castle APIs that may require consulting, mentoring, or education, please contact us at Crypto Workshop


 
 
 
 
Follow us on:   

News

C# Release 2.3.0 is now available for download.

Monday 5th February 2024

This release is primarily a bug-fix release with a couple of enhancemensts. A buffering bug in Ascon has been fixed, SM2Signer now supports re-use, several handshake/retransmission related issues in DTLS have been fixed. In addition the DtlsVerifier in DTLS has seen a significant performance improvement, RFC 5649 key wrap has been added, and PBE HMAC SHA-384 and PBE HMAC SHA-512 are now supported by the PKCS#12 key store.

Please see the release notes for further details.

Java Release 1.77 is now available for download.

Tuesday 13th November 2023

Primarily this release updates the NIST PQC finalists to the drafts published as FIPS PUB 203, 204, and 205. Some issues in DTLS have also been fixed and some additional control properties have been added to the BCJSSE. Support has also been added for PKCS#10 requests with altSignature/altPublicKey extensions and for DeltaCertificate requests. A final note: the TLS/JSSE APIs now disable RSA encryption based cipher-suites by default.

For more details go to our latest releases page to download the new version and see the release notes

Java FIPS Release 1.0.2.4 is now available for download.

Thursday 28th September 2023

A performance/utility patch to our fourth Java FIPS release, certified for Java 1.7, Java 1.8, Java 11, and Java 17 is now available at our Java FIPS page.. In addition to being certified for 1.7/1.8/11/17 the jar is also compatible with Java 1.5 and Java 1.6.

Java Release 1.76 is now available for download.

Saturday 29th July 2023

1.76 is a mixed release. The main changes are around DTLS/TLS and include support for a "jdk.tls.client.useCompatibilityMode" property, DTLS server support for client_certificate_type, and a fix for a regression causing null pointer exceptions on negotiating TLSv1.1 or earlier sessions. In addition, a bug in the high level Cipher.unwrap() method for HQC has been fixed, SPHINCS+ simple parameters are now fully supported by the BCPQC provider, and Kyber plus the Round 4 KEMs are now supported by the CRMF/CMS/CMP APIs. Further work has been done on updating the PGP APIs in line with the upcoming revision to the standard.

For more details go to our latest releases page to download the new version and see the release notes

Java Release 1.75 is now available for download.

Wednesday 21st June 2023

1.75 is a minor release. Unfortunately some Java 8 usages managed to "sneak" into the Java 5 to Java 8 jars making them less than ideal for anything other than Java 8. The 1.75 release fixes that and also a TLS issue and removes some deprecated methods and dead classes from the core ASN.1 library.

For more details go to our latest releases page to download the new version and see the release notes

Java LTS 2.73.0 is now available for download.

Wednesday 24th May 2023

Our first LTS release for Java. Designed for as a long term stable release based on BC Java 1.73, the release also features JNI support for Intel hardware. Download it now from the Java LTS Page.

C# Release 2.2.1 is now available for download.

Friday 21st April 2023

Due to a build error 2.2.0 was not optimised, this updated build fixes the issue as well as fixing a gap in the RFC 9146 connection ID in DTLS support and a regression in GcmBlockCipher which reduced the number of blocks it could encrypto (~2^31 blocks instead of ~2^32).

Please see the release notes for further details.

C# Release 2.2.0 is now available for download.

Monday 17th April 2023

This release features support for X.509 Section 9.8 alt signatures and public keys, rethrow syntax has been improved which should ease debugging, RFC 9146 connection ID in DTLS has been added, support has been added for OpenSSH public and private key formats as well as fixes for some reported issues.

Please see the release notes for further details.

Java Release 1.73 is now available for download.

Saturday 8th April 2023

This release is both targeting features and security. Review of the PQC work has been done and significant issues found have been addressed in the implementations. Several candidate algorithms from the NIST lightweight cryptography competition have been added including the finalist Ascon. Performance has been improved in existing PQC implementations, EdDSA, PEM parsing, and CRC24 and implementations of Blake2bp, Blake2sp, and HPKE (RFC 9180) have been added to the light-weight APIs.

For more details go to our latest releases page to download the new version and see the release notes

C# .NET FIPS Release 1.0.2 is now available for download.

Tuesday 28th February 2023

The latest C# .NET FIPS release, certified for CLR 4 is now available at our C# .NET FIPS page.. The new release features SHA-3 HMAC, the XOF hash and mac functions, HKDF, format preserving encryption, FFC Diffie-Hellman, and EdDSA. The APIs have been tested on .NET 4.5.2.

C# .NET Release 2.1.1 is now available for download.

Saturday 18th February 2023

This release has updates to BIKE and HQC bringing the implementations in line for the NIST PQC Round 4 modifications. The Lightweight Cryptography Finalist Ascon AEAD, Hash and XOF algorithms have been added to the algorithm set. Aria key wrapping (RFC 3394 style) has also been added. Additional performance improvements have been made to Koblitz Curves and GCM bulk processing (when intrinsics available) and a several issues have been fixed in FF1 FPE, the CertPath API, and the base engine for RFC 3394.

Please see the release notes for further details.

Java Release 1.72 is now available for download.

Sunday 25th September 2022

This is release is primarily a feature release, the post-quantum algorithm set has been further expanded and now includes the NIST finalists Kyber, Dilithium, and Falcon. The finalist SPHINCS+ has also been updated to version 3.1. The Round 3/Round 4 algorithms BIKE, HQC, NTRU, NTRU Prime, and Picnic have also been added to the BCPQC provider. Other changes include the addition of Argon2 support for OpenPGP, performance improvements for OpenPGP CRC24 calculator, support for TLS raw public keys (RFC 7250). Bug fixes multi-document evidence records now construct multiple records correctly and an occasional error in GCMSIV tag calculation has also been fixed. The latest version of the Grain128AEAD has also been added to the lightweight API in addition to several other improvements and bug fixes.

For more details go to our latest releases page to download the new version and see the release notes

You can also find the latest versions on one of our mirrors:

New Tutorials Section on Resources Page

Saturday 12th February 2022

Following the release of our first Keyfactor workshop video on using Bouncy Castle Java/Kotlin for PKI, we now have a tutorials section on our resources page. If this material is useful, let us know and we will try to organise more.

Java FIPS Release 1.0.2.3 is now available for download.

Wednesday 9th February 2022

A performance/utility patch to our third Java FIPS release, certified for Java 1.7, Java 1.8, and Java 11, is now available at our Java FIPS page.. In addition to being certified for 1.7/1.8/11 the jar is also compatible with Java 1.5 and Java 1.6.

Java Release 1.70 is now available for download.

Monday 29th November 2021

This release contains considerable improvements to the ASN.1 library and adds the NIST PQC alternate candidate SPHINCS+ together with the LEA block cipher algorithm. The PGP API can now read the newer S-Expression based keys produced by GPG 2.2.X, support is now in place for ETSI TS 103 097 ITS certificates and TLS includes support for external PSK handshakes as well as several other improvements and bug fixes.

For more details go to our latest releases page to download the new version and see the release notes

C# .NET Release 1.9.0 is now available for download.

Sunday 17th October 2021

This release sees a major update with a new TLS API, support for format preserving encryption, ParallelHash, TupleHash, and the ARIA cipher. Several bugs, including some related to PGP message parsing have also been fixed.

Please see the release notes for further details.

C# .NET FIPS Release 1.0.1.1 is now available for download.

Wednesday 5th May 2021

A CVE update to our first C# .NET FIPS release, certified for CLR 4 is now available at our C# .NET FIPS page.. The APIs have been tested on .NET 4.5.2.

C# .NET Release 1.8.10 is now available for download.

Tuesday 16th February 2021

Fixed CMS signature verification for RSASSA-PSS when signed attributes are not present. SHAKE/cSHAKE default output sizes now match the standard OID definitions.

Please see the release notes for further details.