The Bouncy Castle project offers open-source APIs for Java, C# and Kotlin that support cryptography and cryptographic protocols. They cover many security areas, such as public key infrastructure, digital signatures, authentication, and secure communication. Additionally, FIPS certified versions are available for both Java and C#.
Bouncy Castle was designed for developers by developers. Bouncy Castle offers open-source code with well-trodden paths of implementation throughout its supporting APIs. Being able to work with cryptography and secure protocols such as CMS, S/MIME, PGP, and TLS are fundamental to today’s connected applications and business processes. Bouncy Castle provides APIs which help reduce the effort and complexity behind implementing and maintaining security services, helping reduce costs and improving long-term trust.
How you use the Bouncy Castle APIs is really only limited by your imagination. In addition to fundamental algorithm support for ciphers like AES, Elliptic Curve, RSA, the NIST quantum ready algorithms, and a range of message digest and MAC algorithms, the Bouncy Castle APIs also support protocols like ASN.1 and OpenPGP. Building on core protocols and algorithms has enabled support for a range of standards, including Time Stamp Protocol (TSP), Cryptographic Message Syntax (CMS), Certificate Management Protocol (CMP), Transport Layer Security (TLS) and a variety of protocols for requesting and generating X.509 certificates.
The versatile Bouncy Castle library offers a range of editions, catering to various platforms such as JAVA, C#, and Kotlin. Additionally, it includes FIPS-certified releases for enhanced security measures, and LTS (Long Term Stable) releases for extended support and stability.
Bouncy Castle APIs: A wide variety of core standards, protocols, algorithms, and platforms are supported.
Get the complete list of supported features, Bouncy Castle Specification & Interoperability. For further details, have a look at either our Java project or our C# .NET project documentation pages.
The team behind Bouncy Castle has over 20 years of experience in cryptography solutions, and they are all Keyfactor employees working full-time on the development of Bouncy Castle in close contact with the BC user community. You can download and use the Bouncy Castle cryptographic APIs under the MIT license.
The Bouncy Castle Crypto APIs are looked after by an Australian Charity, the Legion of the Bouncy Castle Inc., which looks after the care and feeding of the Bouncy Castle APIs.
Years of history
Years FIPS certified
Downloads per month
Bouncy Castle is mainly supported on Java and C#, with availability in Kotlin. A Rust implementation is in the pipeline.
The Bouncy Castle APIs are available as FIPS releases, and they are certified across all supported platforms. We also offer LTS releases for extended support and stability.
Bouncy Castle APIs support a diverse range of cryptography standards algorithms, message formats, and protocols.
Dive into the realm of quantum readiness, where our library already supports the latest algorithms standardized by NIST.
Keyfactor offers first-class support directly from the developers of Bouncy Castle.
Originally, in the late 1990s, the Legion of the Bouncy Castle was simply a number of individuals united both in their interests of Cryptography and Open Source. The first official release of the Bouncy Castle APIs appeared in May 2000 and was about 27,000 lines long. The project grew steadily with a C# version of the Java APIs being added in 2006. By 2012 with the Java code base well past 300,000 lines and the C# one over 140,000 it started becoming obvious that a bit more organisation was required to maintain both progress and the quality of the APIs.
Part of this lead to a rewrite of some of the Java APIs, and subsequently the C# ones, to deal with some of the decisions that were made earlier which, in hindsight, were not so good. This slowed down the expansion of the code base a bit by capturing important operations used throughout the higher level protocols such as CMS, TSP, CRMF, and PGP into a set of interfaces. Simplifying the code in itself however was clearly not enough and a not-for-profit association was established in order to provide a more grounded approach to the group's efforts and officially registered in October 2013. In November 2013 the association, officially Legion of the Bouncy Castle Inc., was granted Charity status by the Australian Charities and Not-for-profits Commission (ACNC) on the basis of its work contributing to advancement in education and on the basis that its work was beneficial to the community at large. Further to this the charity was also registered as a fundraiser by Consumer Affairs Victoria allowing it to accept donations to further the charity's work in improving the APIs and their usability by being able to raise funds for certifications such as FIPS.
That, of course, brings us to the present day, and, as you have probably guessed, the story is not over!
*As of June 2021, Crypto Workshop is a part of Keyfactor.
David Hook is the co-founder and developer of the Bouncy Castle project.
As the Legion of the Bouncy Castle Inc. (ABN 84 166 338 567) operates as a Registered Charity in the State of Victoria, Australia, we come under both the jurisdiction of the ACNC and the Department of Justice, Victoria, more specifically one of Justice's portfolio groups: Consumer Affairs Victoria.
You can find full details about our activities, including our current financial reports at the ACNC registration details page for Bouncy Castle. Sometimes they revise the website, if the link fails the page is also accessible by going to the ACNC website and searching for "Legion of the Bouncy Castle Inc." under the "Find a Charity" tab.
If you have any questions regarding our operations, you are most welcome to contact us at office@bouncycastle.org