BouncyCastle : Java Glossary

Legion of the Bouncy Castle is a JCE (Java Cryptography Extension) -compatible library that also handles PGP (Pretty Good Privacy). It is well regarded. The source is not well formatted or commented. The Javadoc in version 1.22 was sparse and inaccurate. version 1.41 is reputedly better. I don’t know how they do it, but everything is free. The specifications give a bird’s eye view of all the encryption algorithms supported.

BouncyCastle has the big advantage of being Australian, and hence immune to the silly American laws about exporting strong encryption. If Canadians use BouncyCastle they need not worry about that law, since the code is not American. If Americans use it, they can still get in trouble just for incorporating Australian encryption code even though it did not originate in America. If you are an American and have a product then implements or uses encryption, best talk to a lawyer. The laws are idiotic since encryption algorithms are public domain and widely disseminated. All the laws do is cripple American software company exports.

You will want to download the BouncyCastle jars for:

Put the jars in your ext directories:
ext directories :

Generating Keys

Generate The public and private keys will appear as pub.bpg, and secret.bpg. You can generate ascii *.asc ascii armoured file instead by using To generate variants look at the source code in bcpg-jdk14-122/src/org/bouncycastleopenpgp/examples/

Signing A Binary File

Resulting signed file will appear in anyfile.dat.bpg signed, but not encrypted.

Verifying a Signed Binary File

I’m told BouncyCastle does not support Oracle’s proprietary JKS (Java Key Store) store format, but even that can be got around with Metastatic’s reverse engineered version.

With BouncyCastle you have the sources to look at. With keytool, all you have is -J-verbose:class to find out what classes it is using.

This page is posted
on the web at:

Optional Replicator mirror
on local hard disk J:

Please the feedback from other visitors, or your own feedback about the site.
Contact Roedy. Please feel free to link to this page without explicit permission.
Your face IP:[]
You are visitor number