Projects / Legion of the Bouncy Castle Java Cryptography API

Legion of the Bouncy Castle Java Cryptography API

The Legion of the Bouncy Castle Java Cryptography API provides a lightweight cryptography API in Java, a provider for the JCE and JCA, a clean-room implementation of the JCE 1.2.1, generators for Version 1 and Version 3 X.509 certificates, generators for Version 2 X.509 attribute certificates, PKCS12 support, and APIs for dealing with S/MIME, CMS, OCSP, TSP, CMP, CRMF, EAC, DVCS, OpenPGP, DTLS, and TLS. Versions are provided for the J2ME, and JDK 1.0-1.7.

Tags
Operating Systems
Implementation

Recent releases

  •  03 Dec 2013 12:20

    Release Notes: This release adds support for client side TLS 1.2 and client side DTLS 1.2, and the OpenPGP API now supports ECDH and ECDSA (RFC 6637). New algorithms include XSalsa20, ChaCha, SM3, Threefish, and Skein. GOST PKCS#12 keyfiles now parse correctly, and Crypto Pro CFB mode key meshing and RFC 6979 deterministic ECDSA are supported. A simplified cert path API has been added to provide another option for certificate path validation. A number of other features have been added, and a number of bugs have been fixed.

    •  02 Jun 2013 05:25

      Release Notes: This release adds support for server/client side TLS 1.1 and server/client side DTLS 1.0, the SipHash MAC algorithm, the 4 DRBGs specified in NIST SP 800-90A, OCB mode, and the GMAC algorithm (NIST SP 800-38D). In addition, it is now possible to store OCSP objects in CMS SignedData, parameter and key generation is now fully supported for the keys sizes specified in DSA 2, and support has been added for the SHA-512/t digest varients. A number of bugs and an encoding regression with T61 Strings have also been fixed.

      •  10 Feb 2013 23:20

        Release Notes: This release includes further cleanup, and the PEM API is now usable via operator interfaces (use PEMParser for reading). The SHA3 family of digests and the DSTU-4145-2002 signature algorithm have been added. A new provider (BCPQ) has been added with support for the Rainbow signatures and McEliece-style encryption. Also added is support for auto-generation of ephemeral keys in IES. A number of bugs have been fixed, and the TLS/SSL API has been updated to avoid the issues raised by the "Lucky Thirteen" attack. If you are using the BC TLS/SSL API, the authors strongly recommend updating to this release.

        •  23 Mar 2012 04:14

          Release Notes: This release includes further cleanup and the OpenPGP API is now usable via operator interfaces similar to what were added for CMS in 1.46. The number of lightweight operator implementations has been expanded and certificate generation, OpenPGP, CMS, CRMF, CMP, PKCS, and OCSP are now supported across all JDK releases including the J2ME (except compression). Support has been added for EAC (Extended Access Control) and a lightweight version of NTRU. Classes involved in CRL manipulation have been rewritten so as to support extremely large CRLs. A number of bugs have also been fixed.

          •  24 Feb 2011 02:51

            Release Notes: This release adds support for client side SSL to the TLS API, and support for CMP (RFC 4210), CRMF (RFC 4211), and CMS TimeStampedData (RFC 5544). The CMS and TSP APIs have been rewritten and new APIs have been added for certificate generation and OCSP, which allow the use of interface based operators to provide cryptographic services. This means it is now possible to use the lightweight API, or any another small factor API, in addition to the JCE/JCA to provide cryptographic operations required to support all these standards.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.