Welcome to the home of the Legion of the Bouncy Castle. A fun place to stay, if you've got some time to kill.

The Legion of the Bouncy Castle

Here at the Bouncy Castle, we believe in encryption. That's something that's near and dear to our hearts. We believe so strongly in encryption, that we've gone to the effort to provide some for everybody, and we've now been doing it for almost 20 years!

The Bouncy Castle Crypto APIs are looked after by an Australian Charity, the Legion of the Bouncy Castle Inc., which looks after the care and feeding of the Bouncy Castle APIs. Help us keep this effort Free, Open Source, and Maintained! Please see our donations page or purchase a support contract through Crypto Workshop. Requests to sponsor specific work on the APIs are also most welcome.

The Bouncy Castle APIs currently consist of the following:

  • A lightweight cryptography API for Java and C#.

  • A provider for the Java Cryptography Extension (JCE) and the Java Cryptography Architecture (JCA).

  • A provider for the Java Secure Socket Extension (JSSE).

  • A clean room implementation of the JCE 1.2.1.

  • A library for reading and writing encoded ASN.1 objects.

  • Lightweight APIs for TLS (RFC 2246, RFC 4346) and DTLS (RFC 6347/ RFC 4347).

  • Generators for Version 1 and Version 3 X.509 certificates, Version 2 CRLs, and PKCS12 files.

  • Generators for Version 2 X.509 attribute certificates.

  • Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).

  • Generators/Processors for OCSP (RFC 2560).

  • Generators/Processors for TSP (RFC 3161 & RFC 5544).

  • Generators/Processors for CMP and CRMF (RFC 4210 & RFC 4211).

  • Generators/Processors for OpenPGP (RFC 4880).

  • Generators/Processors for Extended Access Control (EAC).

  • Generators/Processors for Data Validation and Certification Server (DVCS) - RFC 3029.

  • Generators/Processors for DNS-based Authentication of Named Entities (DANE).

  • Generators/Processors for RFC 7030 Enrollment over Secure Transport (EST).

  • A signed jar version suitable for JDK 1.4-1.7 and the Sun JCE.

The lightweight API works with everything from the J2ME to the JDK 1.7 and there is also an API in C# providing equivalent functionality for most of the above.

For further details have a look in either our Java project pages or our C# project pages where you can find downloads, mailing lists, and other resources.

If you want to provide feedback directly to the members of The Legion or report something you believe to be a security issue then please use feedback-crypto@bouncycastle.org. We can provide a PGP key if required.

If you need a support agreement or have issues with the Bouncy Castle APIs that may require consulting, mentoring, or education, please contact us at Crypto Workshop

Follow us on:  Google+   


Java Release 1.61 is now available for download.

Saturday 9th February 2019

This release adds qTESLA and Argon2 support. Provider support has been added for Ed448, Ed25519, X448, and X25519 as well. Further work has been done on the TLS APIs and support for endpoint ID validation has been added to the BCJSSE. Issues related to long messages with RFC3211WrapEngine and long parameters for cSHAKE have been fixed as well as incorrect co-factors for 2 GOST-2012 curves. A reloading issue that could occur with XMSS/XMSS^MT keys has also been fixed and further work has been done on making sure EC keys preserve named curve parameters on encoding.

For more details go to our latest releases page to download the new version and see the release notes

You can also find the latest versions on one of our mirrors:

C# .NET Release 1.8.5 is now available for download.

Thursday 31st January 2019

This release adds support for the encoding and parsing of ECGOST-2012 Keys, as well as support for the certificate management/request protocols defined in CMP (RFC 4210) and CRMF (RFC 4211).

Please see the release notes for further details.

C# .NET Release 1.8.4 is now available for download.

Saturday 27th October 2018

Full support has been added for RFC 7748 (X25519 and X448) as well as RFC 8032 (Ed25519 and Ed448). Support for Plain ECDSA and the SM4 block cipher has also been added. Restrictions on sizing of Blake2b/s digests have been removed, and an issue preventing handling of messages longer than 127 bytes in the Rfc3211WrapEngine has been fixed.

Please see the download page for further details.

Java FIPS Release 1.0.1 is now available for download.

Thursday 15th March 2018

Our second Java FIPS release, certified for Java 1.7 and Java 1.8 is now available at our Java FIPS page.. In addition to being certified for 1.7/1.8 the jar is also compatible with Java 1.5 and Java 1.6.

C# .NET FIPS Release 1.0.1 is now available for download.

Thursday 24th November 2016

Our first C# .NET FIPS release, certified for CLR 4 is now available at our C# .NET FIPS page.. The APIs have been tested on .NET 4.6.1, and .NET 4.5.2.