BouncyCastle : Java Glossary

* 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)

Legion of the Bouncy Castle is a JCE (Java Cryptography Extension) -compatible library that also handles PGP (Pretty Good Privacy). It is well regarded. The source is not well formatted or commented. The Javadoc in version 1.22 was sparse and inaccurate. version 1.41 is reputedly better. I don’t know how they do it, but everything is free. The specifications give a bird’s eye view of all the encryption algorithms supported.

BouncyCastle has the big advantage of being Australian and hence immune to the silly American laws about exporting strong encryption. If Canadians use BouncyCastle they need not worry about that law, since the code is not American. If Americans use it, they can still get in trouble just for incorporating Australian encryption code even though it did not originate in America. If you are an American and have a product then implements or uses encryption, best talk to a lawyer. The laws are idiotic since encryption algorithms are public domain and widely disseminated. All the laws do is cripple American software company exports.

You will want to download the BouncyCastle jars for:

Put the jars in your ext directories:

ext directories :

in C:\Program Files\java\jre1.8.0_131\lib\ext\ in JRE 1.8.0_131 on your local Windows C: drive.
in J:\Program Files\java\jdk1.8.0_131\jre\lib\ext\ in JDK 1.8.0_131 on your local Windows J: drive.
in X:\Program Files (x86)\jet12.0-pro-x86\profile1.8.0_131\jre\lib\ext\ in Jet jet12.0-pro-x86/1.8.0_131 on your local Windows X: drive.
in X:\Program Files\JetBrains\IntelliJ IDEA 2017.3\jre\jre\lib\ext\ in IntelliJ Idea IntelliJ IDEA 2017.3 on your local Windows X: drive.

Generating Keys

Generate The public and private keys will appear as pub.bpg and secret.bpg. You can generate ascii *.asc ascii armoured file instead by using To generate variants look at the source code in bcpg-jdk14-122/src/org/bouncycastleopenpgp/examples/RSAKeyPairGenerator.java

Signing A Binary File

Resulting signed file will appear in anyfile.dat.bpg signed, but not encrypted.

Verifying a Signed Binary File

I’m told BouncyCastle does not support Oracle’s proprietary JKS (Java Key Store) store format, but even that can be got around with Metastatic’s reverse engineered version.

With BouncyCastle you have the sources to look at. With keytool, all you have is -J-verbose:class to find out what classes it is using.

encryption
JCE
security

standard footer
	This page is posted on the web at:	http://mindprod.com/jgloss/bouncycastle.html
	Optional Replicator mirror of mindprod.com on local hard disk J:	J:\mindprod\jgloss\bouncycastle.html
	Please read the feedback from other visitors, or send your own feedback about the site. Contact Roedy. Please feel free to link to this page without explicit permission.
	Canadian Mind Products IP:[65.110.21.43] Your face IP:[3.143.237.89]
Feedback	You are visitor number