1. Home
  2. /
  3. Download
  4. /
  5. Download Bouncy Castle Java

Download Bouncy Castle for Java

Welcome to the download page for the general edition of Bouncy Castle Java. In addition to the available access options, including GitHub, Maven Central, and direct download, you will find searchable release notes and links to API and other documentation.

 

Bouncy Castle Java
hero-sub-2

GitHub

Access the Bouncy Castle APIs Java package on GitHub, where you can also report issues, join discussions, and contribute to the software.

Download from GitHub

Documentation 

Explore the Bouncy Castle for Java documentation online for concise guidance and examples.

View the Documentation

Join the discussion

You can ask questions and learn from specialists in the Bouncy Castle Java forum on GitHub Discussions. We highly appreciate and value your input.

Go to GitHub Discussions

Report an issue

If you encounter any issues that require attention, feel free to report them in our GitHub repository. 

Go to GitHub to Report an issue

Release notes

Find out detailed information about the latest release and search in older release notes.

Go to Release notes

Beta releases

The current working betas, when available, for the next release for JDK 1.8 and later can be found here. If you need a beta to be made available for another version of Java please ask by emailing: feedback-crypto@bouncycastle.org.

Download the latest Beta release

Donate to support the Bouncy Castle APIs

Supporting Bouncy Castle is now a substantial effort, the Java API is now over 300,000 lines, the C# one well past 140,000.

Donate

Bouncy Castle Java Downloads

The latest Bouncy Castle Java release is 1.79.

Except where otherwise stated, this software is distributed under the regular Bouncy Castle license. For full details of other licenses involved, see Third party licenses

Distribution Files (JAR and ZIP format)

Compiled classes, sources and JavaDoc for Java 1.8 and later.

Provider bcprov-jdk18on-1.79.jar bcprov-jdk18on-1.79-sources.jar bcprov-jdk18on-1.79-javadoc.jar
ASN.1 Utility Classes bcutil-jdk18on-1.79.jar bcutil-jdk18on-1.79-sources.jar bcutil-jdk18on-1.79-javadoc.jar
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk18on-1.79.jar bcpkix-jdk18on-1.79-sources.jar bcpkix-jdk18on-1.79-javadoc.jar
SMIME bcmail-jdk18on-1.79.jar bcmail-jdk18on-1.79-sources.jar bcmail-jdk18on-1.79-javadoc.jar
Jakarta SMIME bcjmail-jdk18on-1.79.jar bcjmail-jdk18on-1.79-sources.jar bcjmail-jdk18on-1.79-javadoc.jar
OpenPGP/BCPG bcpg-jdk18on-1.79.jar bcpg-jdk18on-1.79-sources.jar bcpg-jdk18on-1.79-javadoc.jar
DTLS/TLS API/JSSE Provider bctls-jdk18on-1.79.jar bctls-jdk18on-1.79-sources.jar bctls-jdk18on-1.79-javadoc.jar
MLS API bcmls-jdk18on-1.79.jar bcmls-jdk18on-1.79-sources.jar bcmls-jdk18on-1.79-javadoc.jar
Test Classes bctest-jdk18on-1.79.jar    
Core Crypto   lcrypto-jdk18on-1.79.tar.gz lcrypto-jdk18on-1.79.zip 

Note: the compiled jar files in this distribution are all multi-release, if you need a version specific to Java 1.8, we recommend using the JDK 1.5 to JDK 1.8 release.

Compiled classes, sources and JavaDoc for Java 1.5 to Java 1.8.

Provider bcprov-jdk15to18-1.79.jar bcprov-jdk15to18-1.79-sources.jar bcprov-jdk15to18-1.79-javadoc.jar
ASN.1 Utility Classes bcutil-jdk15to18-1.79.jar bcutil-jdk15to18-1.79-sources.jar bcutil-jdk15to18-1.79-javadoc.jar
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk15to18-1.79.jar bcpkix-jdk15to18-1.79-sources.jar bcpkix-jdk15to18-1.79-javadoc.jar
SMIME bcmail-jdk15to18-1.79.jar bcmail-jdk15to18-1.79-sources.jar bcmail-jdk15to18-1.79-javadoc.jar
Jakarta SMIME bcjmail-jdk15to18-1.79.jar bcjmail-jdk15to18-1.79-sources.jar bcjmail-jdk15to18-1.79-javadoc.jar
OpenPGP/BCPG bcpg-jdk15to18-1.79.jar bcpg-jdk15to18-1.79-sources.jar bcpg-jdk15to18-1.79-javadoc.jar
DTLS/TLS API/JSSE Provider bctls-jdk15to18-1.79.jar bctls-jdk15to18-1.79-sources.jar bctls-jdk15to18-1.79-javadoc.jar
Test Classes bctest-jdk15to18-1.79.jar    
Core Crypto   lcrypto-jdk15to18-1.79.tar.gz lcrypto-jdk15to18-1.79.zip 

Compiled classes, sources and JavaDoc for Java 1.4.

Provider bcprov-jdk14-1.79.jar bcprov-jdk14-1.79-sources.jar bcprov-jdk14-1.79-javadoc.jar
ASN.1 Utility Classes bcutil-jdk14-1.79.jar bcutil-jdk15to18-1.79-sources.jar bcutil-jdk15to18-1.79-javadoc.jar
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk14-1.79.jar bcpkix-jdk14-1.79-sources.jar bcpkix-jdk14-1.79-javadoc.jar
SMIME bcmail-jdk14-1.79.jar bcmail-jdk14-1.79-sources.jar bcmail-jdk14-1.79-javadoc.jar
OpenPGP/BCPG bcpg-jdk14-1.79.jar bcpg-jdk14-1.79-sources.jar bcpg-jdk14-1.79-javadoc.jar
DTLS/TLS API/JSSE Provider bctls-jdk14-1.79.jar bctls-jdk14-1.79-sources.jar bctls-jdk14-1.79-javadoc.jar
Test Classes bctest-jdk14-1.79.jar    
Core Crypto   lcrypto-jdk14-1.79.tar.gz lcrypto-jdk14-1.79.zip 

Compiled classes, sources and JavaDoc for Java 1.3.

Clean Room JCE jce-jdk13-1.79.jar jce-jdk13-1.79.tar.gz jce-jdk13-1.79.zip
Provider bcprov-jdk13-1.79.jar bcprov-jdk13-1.79.tar.gz bcprov-jdk13-1.79.zip
ASN.1 Utility Classes bcutil-jdk13-1.79.jar bcutil-jdk13-1.79.tar.gz bcutil-jdk13-1.79.zip
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk13-1.79.jar bcpkix-jdk13-1.79.tar.gz bcpkix-jdk13-1.79.zip
SMIME bcmail-jdk13-1.79.jar bcmail-jdk13-1.79.tar.gz bcmail-jdk13-1.79.zip
OpenPGP/BCPG bcpg-jdk13-1.79.jar bcpg-jdk13-1.79.tar.gz bcpg-jdk13-1.79.zip
Test Classes bctest-jdk13-1.79.jar    
Core Crypto   lcrypto-jdk13-1.79.tar.gz lcrypto-jdk13-1.79.zip

Compiled classes, sources and JavaDoc for Java 1.2.

Clean Room JCE jce-jdk12-1.79.jar jce-jdk12-1.79.tar.gz jce-jdk12-1.79.zip
Provider bcprov-jdk12-1.79.jar    
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk12-1.79.jar bcpkix-jdk12-1.79.tar.gz bcpkix-jdk12-1.79.zip
OpenPGP/BCPG bcpg-jdk12-1.79.jar bcpg-jdk12-1.79.tar.gz bcpg-jdk12-1.79.zip
Test Classes bctest-jdk12-1.79.jar    
Core Crypto   lcrypto-jdk12-1.79.tar.gz lcrypto-jdk12-1.79.zip 

Compiled classes, sources and JavaDoc for Java 1.1.

Clean Room JCE jce-jdk11-1.79.tar.gz jce-jdk11-1.79.zip
PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL bcpkix-jdk11-1.79.tar.gz bcpkix-jdk11-1.79.zip
OpenPGP/BCPG bcpg-jdk11-1.79.tar.gz bcpg-jdk11-1.79.zip
Core Crypto   lcrypto-jdk11-1.79.tar.gz lcrypto-jdk11-1.79.zip 
Checksums

To confirm the integrity of the distributions, checksums are available:

Download Checksums

Maven Central Signing Key

If you are trying to confirm the signatures for artifacts from Maven Central, you can use the public key linked below.

Download bc_maven_public_key.asc

Release notes

Find out detailed information about the latest Bouncy Castle Java releases and search in older release notes.  

Latest release Release 1.79 Release 1.78.1 Release 1.78 Release 1.77 Release 1.76 Release 1.75 Release 1.74 Release 1.73 Release 1.72.2 Release 1.72.1 Release 1.72 Release 1.71 Release 1.70 Release 1.69 Release 1.68 Release 1.67 Release 1.66 Release 1.65 Release 1.64 Release 1.63 Release 1.62 Release 1.61 Release 1.60 Release 1.59 Release 1.58 Release 1.57 Release 1.56 Release 1.55 Release 1.54 Release 1.53 Release 1.52 Release 1.51 Release 1.50 Release 1.49 Release 1.48 Release 1.47 Release 1.46 Release 1.45 Release 1.44 Release 1.43 Release 1.42 Release 1.41 Release 1.40 Release 1.39 Release 1.38 Release 1.37 Release 1.36 Release 1.35 Release 1.34 Release 1.33 Release 1.32 Release 1.31 Release 1.30 Release 1.29 Release 1.28 Release 1.27 Release 1.26 Release 1.25 Release 1.24 Release 1.23 Release 1.22 Release 1.21 Release 1.20 Release 1.19 Release 1.18 Release 1.17 Release 1.16 Release 1.15 Release 1.14 Release 1.13 Release 1.12 Release 1.11 Release 1.10 Release 1.09 Release 1.08 Release 1.07 Release 1.06 Release 1.05 Release 1.04 Release 1.03 Release 1.02 Release 1.01 Release 1.00
Release 1.79
30 October, 2024
Defects Fixed Leading zeroes were sometimes dropped from Ed25519 signatures leading to verification errors in the PGP API. This has been fixed. Default ver...

Defects Fixed

  • Leading zeroes were sometimes dropped from Ed25519 signatures leading to verification errors in the PGP API. This has been fixed.
  • Default version string for Armored Output is now set correctly in 18on build.
  • The Elephant cipher would fail on large messages. This has been fixed.
  • CMSSignedData.replaceSigners() would re-encode the digest algorithms block, occasionally dropping ones where NULL had been previously added as an algorithm parameter. The method now attempts to only use the original digest algorithm identifiers.
  • ERSInputStreamData would fail to generate the correct hash if called a second time with a different hash algorithm. This has been fixed.
  • A downcast in the CrlCache which would cause FTP-based CRLs to fail to load has been removed.
  • ECUtil.getNamedCurveOid() now trims curve names of excess space before lookup.
  • The PhotonBeetle and Xoodyak digests did not reset properly after a doFinal() call. This has been fixed.
  • Malformed AlgorithmIdentifiers in CertIDs could cause caching issues in the OCSP cache. This has been fixed.
  • With Java 21 a provider service class will now be returned with a null class name where previously a null would have been returned for a service. This can cause a NullPointerException to be thrown by the BC provider if a non-existent service is requested. This issue has now been worked around.
  • CMS: OtherKeyAttribute.keyAttr is now treated as optional.
  • CMS: EnvelopedData and AuthEnvelopedData could calculate the wrong versions. This has been fixed.
  • The default version header for PGP armored output did not carry the correct version string. This has been fixed.
  • In some situations, the algorithm lookup for creating PGPDigestCalculators would fail due to truncation of the algorithm name. This has been fixed.

Additional Features and Functionality

  • Object Identifiers have been added for ML-KEM, ML-DSA, and SLH-DSA.
  • The PQC algorithms, ML-KEM, ML-DSA (including pre-hash), and SLH-DSA (including pre-hash) have been added to the BC provider and the lightweight API.
  • A new spec, ContextParameterSpec, has been added to support signature contexts for ML-DSA and SLH-DSA.
  • BCJSSE: Added support for security property "jdk.tls.server.defaultDHEParameters" (disabled in FIPS mode).
  • BCJSSE: Added support for signature_algorithms_cert configuration via "org.bouncycastle.jsse.client.SignatureSchemesCert" and "org.bouncycastle.jsse.server.SignatureSchemesCert" system properties or BCSSLParameters property "SignatureSchemesCert".
  • BCJSSE: Added support for boolean system property "org.bouncycastle.jsse.fips.allowGCMCiphersIn12" (false by default).
  • (D)TLS: Remove redundant verification of self-generated RSA signatures.
  • CompositePrivateKeys now support the latest revision of the composite signature draft.
  • Delta Certificates now support the latest revision of the delta certificate extension draft.
  • A general KeyIdentifier class, encapsulating both PGP KeyID and the PGP key fingerprint has been added to the PGP API.
  • Support for the LibrePGP PreferredEncryptionModes signature subpacket has been added to the PGP API.
  • Support for Version 6 signatures, including salts, has been added to the PGP API.
  • Support for the PreferredKeyServer signature subpacket has been added to the PGP API.
  • Support for RFC 9269, "Using KEMs in Cryptographic Message Syntax (CMS)", has been added to the CMS API.
  • Support for the Argon2 S2K has been added to the PGP API.
  • The system property "org.bouncycastle.pemreader.lax" has been introduced for situations where the BC PEM parsing is now too strict.
  • The system property "org.bouncycastle.ec.disable_f2m" has been introduced to allow F2m EC support to be disabled.
Close