1. Home
  2. /
  3. Download
  4. /
  5. Download Bouncy Castle Java FIPS

Download Bouncy Castle for Java FIPS

Welcome to the download page for the FIPS-certified editions of Bouncy Castle Java. In addition to the available access options, including Maven Central and direct download, you will find searchable release notes and links to API and other documentation.

Bouncy Castle Java
hero-sub-2

Documentation

Check out the Bouncy Castle for Java documentation, including the Java FIPS documentation for clear guidance and examples.

View the Documentation

Join the Discussion

You can ask questions and learn from specialists in the Bouncy Castle Java forum on GitHub Discussions. We highly appreciate and value your input.

Go to GitHub Discussions

Report an issue

If you encounter any issues that require attention, feel free to report them in our GitHub repository. 

Report an Issue

Release notes

Find out detailed information about the latest release and search in older release notes.

Go to Release notes

Roadmap

Details about our current plans and versions in progress for Java FIPS can be found on the Java FIPS Roadmap.

View Roadmap

Donate to support the Bouncy Castle APIs

Supporting Bouncy Castle is now a substantial effort, the Java API is now over 300,000 lines, the C# one well past 140,000.

Donate

Bouncy Castle Java FIPS Downloads

Except where otherwise stated, this software is distributed under the regular Bouncy Castle license. For full details of other licenses involved, see Third party licenses

Distribution Files (JAR format)

The 2.0.0 release, BC-FJA 2.0.0 (Certificate #4743) , is certified for use on Java 8, Java 11, Java 17 and Java 21.

Note: as with the regular Java BC release, this distribution now has a bcutil jar containing classes that do not need to be in the certified provider jar. For most purposes you will need to include the bcutil jar in your application though. Other details on differences between the 1.0.2 series and the 2.0.0 can be found in the porting guide.

Provider bc-fips-2.0.0.jar bc-fips-2.0.0-sources.jar bc-fips-2.0.0-javadoc.jar
ASN.1 Utility Classes bcutil-fips-2.0.3.jar bcutil-fips-2.0.3-sources.jar bcutil-fips-2.0.3-javadoc.jar
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-fips-2.0.7.jar bcpkix-fips-2.0.7-sources.jar bcpkix-fips-2.0.7-javadoc.jar
SMIME bcmail-fips-2.0.5.jar bcmail-fips-2.0.5-sources.jar bcmail-fips-2.0.5-javadoc.jar
Jakarta SMIME bcjmail-fips-2.0.5.jar bcjmail-fips-2.0.5-sources.jar bcjmail-fips-2.0.5-javadoc.jar
OpenPGP/BCPG bcpg-fips-2.0.9.jar bcpg-fips-2.0.9-sources.jar bcpg-fips-2.0.9-javadoc.jar
DTLS/TLS API/JSSE Provider bctls-fips-2.0.19.jar bctls-fips-2.0.19-sources.jar bctls-fips-2.0.19-javadoc.jar

The 1.0.2.4 release, BC-FJA 1.0.2.4, is certified for use on Java 7, Java 8, Java 11, and Java 17.

Provider bc-fips-1.0.2.4.jar bc-fips-1.0.2.4-sources.jar bc-fips-1.0.2.4-javadoc.jar
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-fips-1.0.7.jar bcpkix-fips-1.0.7-sources.jar bcpkix-fips-1.0.7-javadoc.jar
SMIME bcmail-fips-1.0.4.jar bcmail-fips-1.0.4-sources.jar bcmail-fips-1.0.4-javadoc.jar
Jakarta SMIME bcjmail-fips-1.0.4.jar bcjmail-fips-1.0.4-sources.jar bcjmail-fips-1.0.4-javadoc.jar
OpenPGP/BCPG bcpg-fips-1.0.7.1.jar bcpg-fips-1.0.7.1-sources.jar bcpg-fips-1.0.7.1-javadoc.jar
DTLS/TLS API/JSSE Provider bctls-fips-1.0.19.jar bctls-fips-1.0.19-sources.jar bctls-fips-1.0.19-javadoc.jar
Checksums

To confirm the integrity of the distributions, checksums are available:

Download BC-FJA 1.0.2.4 ChecksumsDownload BC-FJA 2.0.0 Checksums

Release notes

Find out detailed information about the latest Bouncy Castle Java FIPS releases and search in older release notes.  

Latest release Release BC-FJA 2.0.0 Release BC-FJA 1.0.2.4 Release BC-FJA 1.0.2.3 Release BC-FJA 1.0.2.2 Release BC-FJA 1.0.2.1 Release BC-FJA 1.0.2 Release BC-FJA 1.0.1 Release BC-FJA 1.0.0
Release BC-FJA 2.0.0
30 July, 2024
Name: bc-fips-2.0.0.jar The initial 2.0.0 release forked from BC-FJA 1.0.2.1, any changes and fixes should be viewed as relative to that release. Please see...

Name: bc-fips-2.0.0.jar

The initial 2.0.0 release forked from BC-FJA 1.0.2.1, any changes and fixes should be viewed as relative to that release. Please see BC-FJA-KnownIssues-2.0.0.csv for the list of known issues with this release.

Notes

  • This release removes support for the internal Sun TLS KDF classes as they have become inaccessible and the experimental FIPS mode is no longer supported by the Oracle JSSE provider. We recommend the BCJSSE (FIPS edition) where a FIPS mode TLS implementation is required.
  • While 2.0.0 was under certification the auxillary APIs were updated on a “by request” basis so the releases are not contiguous, but reflect the version numbers that were used in the BC-FJA 1.0 stream. As such, defects and additions listed under each release give full details of the changes made between the 1.0 releases that the 2.0 releases are based on.
  • Certificate Number: 4743

Additions and Enhancements

  • Support has been added for "SP 800-38G: Methods for format preserving encryption (FF1 and FF3-1)".
  • Support has been added for "SP 800-185: SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash".
  • One-step KDFs with salts and Two-Step KDFs as specified in "SP 800-56C Rev 2: Recommendation for Key-Derivation Methods in Key-Establishment Schemes" are now supported (includes HKDF).
  • Two-Step KDFs and Salt support have been added to ECC and FFC key agreement algorithms.
  • Salt support has been added for One-Step KDF in RSA-KEMS.
  • Additional OID support for SHA-512/224 and SHA-512/256 based algorithms has been added.
  • Support for SHA-3 based PBKDFs have been added.
  • Base32 (RFC 4684) encoding support has been added.
  • Support for LMS (RFC 8554) has been added.
  • Support for ARIA has been added.
  • Support for ChaCha20, Poly1305, and ChaCha20-Poly1305 has been added.
  • Support has been added for GOST R 34.11-2012 and GOST R 34.10-2012 (256 and 512).
  • Multi-release support for Java 11 XDH keys.
  • Multi-release support for Java 11 SecureRandom changes.
  • Multi-release support for Java 15 EdDSA keys.
  • Context is now support for Ed448 signatures.
  • Support for PKIXRevocationChecker and the properties "ocsp.enable", "ocsp.responderURL" and "org.bouncycastle.x509.enableCRLDP" has been added.
  • Caching has been added for X.509 CRL encodings and X.509 Certificate encodings to reduce overheads related to sharing certificates between providers and TLS.
  • A disableAlgorithms propery has been added to make it possible to disable MD5 in the provider in all circumstances.
  • Additional aliases have been added to better support the latest JVM algorithm naming conventions.
  • Performance overheads associated with zeroisation and finalisation of secret keys has been greatly reduced.
  • The newly accepted FFC groups from RFC 7919 and RFC 3526 are now built into the module.
  • Performance of ECC, EdDSA, and XDH calculations has been improved.
  • Module system properties can now be set in the java.security file.
  • End of 2023 transition for Triple-DES encryption in approved mode. The provider blocks Triple-DES encryption. The following properties can be used to override the default behaviour:
    - org.bouncycastle.tripledes.allow_drbg (allow use with DRBGs)
    - org.bouncycastle.tripledes.allow_prf (allow use in KDFs)
    - org.bouncycastle.tripledes.allow_wrap (allow use with key wrapping)
    - org.bouncycastle.tripledes.allow_enc (allow Triple-DES encryption)
  • End of 2023 transition for RSA PKCS1.5 encryption in approved mode. The provider blocks RSA with PKCS1.5 encryption. The following property can be used to override the default behaviour:
    - org.bouncycastle.rsa.allow_pkcs15_enc (allow use of PKCS1.5)
  • MD5 is now explicitly disabled in approved mode unless the property org.bouncycastle.jsse.enable_md5 is set to true.

Defects Fixed

  • In some places default JCA/JCE initialisers would still introduce a non-FIPS secure random in FIPS mode. This has been fixed.
  • Default GCM IV is 12 bytes to avoid compatibility issues with some other providers.
  • Nesting BER data in constructed OCTET STRING could result in an exception been thrown. This has been fixed.
  • Some byte[] to BigInteger methods would fail for a zero input. This has been fixed.
  • PKIXNameConstraintValidator had a bad cast preventing use of multiple OtherName constraints. This has been fixed.
  • Undersized signatures could cause on exception in X509Certificate and X509CRL toString() methods. This has been fixed.
  • Simple end constraints can now be used to match a target certificate in a CertPath, rather than using the end-entity of interest.
  • DESEDE SecretKeyFactory was missing from approved mode. This has been fixed.
Close