The Bouncy Castle Crypto Package

The Legion also gratefully acknowledges the contributions made to this package by others (see here for the current list).

The package is organised so that it contains a light-weight API suitable for use in any environment (including the newly released J2ME) with the additional infrastructure to conform the algorithms to the JCE framework.

Except where otherwise stated, this software is distributed under a license based on the MIT X Consortium license. To view the license, see here. The OpenPGP library also includes a modified BZIP2 library which is licensed under the Apache Software License, Version 1.1.

The current release notes for this package are here.

The current specifications for this package are here.

The current api documentation for this package is here.

Examples and Tests

To view some examples, look at the test programs in the packages:

• org.bouncycastle.crypto.test

• org.bouncycastle.jce.provider.test

• org.bouncycastle.cms.test

• org.bouncycastle.mail.smime.test

• org.bouncycastle.openpgp.test

• org.bouncycastle.tsp.test

There are also some specific example programs for dealing with Attribute Certificates, PKCS12, SMIME and OpenPGP. They can be found in:

• org.bouncycastle.jce.examples

• org.bouncycastle.mail.smime.examples

• org.bouncycastle.openpgp.examples

• org.bouncycastle.x509.examples

Finally there are also code examples from Beginning Cryptography with Java which demonstrate both the use of the JCE/JCA and also some of the Bouncy Castle APIs.

Note 1:The JCE classes are only distributed with the JDK 1.1, JDK 1.2, and JDK 1.3 JCE releases. The JDK 1.0, J2ME, and the JDK 1.1, JDK 1.2, JDK 1.3, JDK 1.4, and JDK 1.5 lightweight releases only include the Bouncy Castle lightweight cryptography API.
Note 2:The regression test for Diffie-Hellman is quite slow.

Building From CVS

The src and test/src directory are for JDK 1.5.

Compatibility classes for other VMs are as follows:

• JDK 1.4 - jdk1.4, test/jdk1.4
• JDK 1.3 - jdk1.3, test/jdk1.3
• JDK 1.2 - jdk1.2
• JDK 1.1 - jdk1.1
• JDK 1.0 - jdk1.0
• J2ME - j2me

The clean room JCE, which will compile with everything from JDK 1.1 and up is in the jce/src directory.

The build scripts that come with the full distribution allow creation of the different releases by using the tree under src and test/src, excluding classes that are not appropriate and copying in the required compatibility classes from the directories containing compatibility classes appropriate for the distribution.

If you want to try create a build for yourself, using your own environment, the best way to do it is to start with the build for the distribution you are interested in, make sure that builds, and then modify your build scripts to do the required exclusions and file copies for your setup, otherwise you are likely to get class not found exceptions. The final caveat to this is that as the j2me distribution includes some compatibility classes starting in the java package, you need to use an obfuscator to change the package names before attempting to import a midlet using the BC API.

Mailing Lists

For those who are interested, there are 2 mailing lists for participation in this project. To subscribe use the links below and include the word subscribe in the message body. (To unsubscribe, replace subscribe with unsubscribe in the message body)

• announce-crypto-request@bouncycastle.org
  This mailing list is for new release announcements only, general subscribers cannot post to it.

• dev-crypto-request@bouncycastle.org
  This mailing list is for discussion of development of the package. This includes bugs, comments, requests for enhancements, questions about use or operation.

If you want to provide feedback, offers of jobs (or more importantly beer) directly to the members of The Legion then please use feedback-crypto@bouncycastle.org

Enjoy!