Interoperability
The following provides an overview of Bouncy Castle's capabilities and support, with relevant links to external standards and documentation.
Packages and Standards
Bouncy Castle Java supports the following formats and standards.
Certifications
The following lists certifications with relevant links to certificates and documentation.
Type | Language | Version | External Reference | Documentation |
---|---|---|---|---|
FIPS 140-2 | Java | 1.0.2.4 | Cryptographic Module Validation Program (CMVP) Certificate #4616 | BC-FJA 1.0.2 (Bouncy Castle FIPS Java API) User Guide |
FIPS 140-2 | Java | 1.0.2.3 | Cryptographic Module Validation Program (CMVP) Certificate #3514 | BC-FJA 1.0.2 (Bouncy Castle FIPS Java API) User Guide |
FIPS 140-2 | Java | 1.0.1 | Cryptographic Module Validation Program (CMVP) Certificate #3152 (Historical) | BC-FJA (Bouncy Castle FIPS Java API) User Guide |
FIPS 140-2 | Java | 1.0.0 | Cryptographic Module Validation Program (CMVP) Certificate #2768 (Historical) | BC-FJA (Bouncy Castle FIPS Java API) User Guide |
FIPS 140-2 | C# | 1.0.2 | Cryptographic Module Validation Program (CMVP) Certificate #4416 | BC-FNA 1.0.2 (Bouncy Castle FIPS .NET API) User Guide |
FIPS 140-2 | C# | 1.0.1 | Cryptographic Module Validation Program (CMVP) Certificate #2792 (Historical) | BC-FNA (Bouncy Castle FIPS .NET API) User Guide |
For more information about the Bouncy Castle FIPS Java API and how it presents cryptography, refer to The Bouncy Castle FIPS Java API in 100 Examples and sample code at https://www.bouncycastle.org/fips-java/bc-fips-100-java.tar.gz and https://www.bouncycastle.org/fips-java/bc-fips-100-java.zip.
Algorithms and Key Types
Bouncy Castle supports the following public key algorithm types and key size/curves.
Algorithm | External Reference | Java | C# | FIPS Java | FIPS C# |
---|---|---|---|---|---|
Diffie-Hellman | SP 800-56A | ![]() | ![]() | ![]() | ![]() |
DSA | FIPS PUB 186-4, RFC 6979 | ![]() | ![]() | ![]() | ![]() |
DSTU | DSTU 4145-2002 | ![]() | ![]() | ![]() | |
ECDSA/ECDH | X9.62, FIPS PUB 186-4, RFC 5639, RFC 6979, SP 800-56A | ![]() | ![]() | ![]() | ![]() |
EdDSA/XDH | RFC 7748, RFC 8032, RFC 8410 | ![]() | ![]() | ![]() | ![]() |
ElGamal | RFC 4880 | ![]() | ![]() | ![]() | ![]() |
GOST | RFC 4490, RFC 7836 | ![]() | ![]() | ![]() | |
LMS/HSS | RFC 8554, RFC 8708 | ![]() | ![]() | ![]() | |
SM2 | RFC 8998 | ![]() | ![]() | ![]() | |
RSA | RFC 8017, FIPS PUB 186-4, SP 800-56B | ![]() | ![]() | ![]() | ![]() |
XMSS | RFC 8391 | ![]() | ![]() |
Symmetric Key Algorithms
Bouncy Castle supports the following symmetric key block based algorithms.
Algorithm | External Reference | Key Sizes (bits) | Block Size (bits) | Java | C# | FIPS Java | FIPS C# | Notes |
---|---|---|---|---|---|---|---|---|
AES | FIPS PUB 197, RFC 3394, RFC 5649 | 128, 192, 256 | 128 | ![]() | ![]() | ![]() | ![]() | |
ARIA | RFC 5794, RFC 5649 | 128, 192, 256 | 128 | ![]() | ![]() | ![]() | ||
Camellia | RFC 3713, RFC 3657 | 128, 192, 256 | 128 | ![]() | ![]() | ![]() | ![]() | |
CAST 5 | RFC 2144 | 0...128 | 64 | ![]() | ![]() | ![]() | ||
CAST 6 | RFC 2612 | 0...256 | 128 | ![]() | ![]() | |||
DSTU 7624 | DSTU 7624:2014 | 128, 256, 512 | 128, 256, 512 | ![]() | ![]() | ![]() | ||
GOST 28147 | RFC 5830 | 256 | 64 | ![]() | ![]() | ![]() | ||
GOST 3412-2015 | RFC 7801 | 256 | 128 | ![]() | ![]() | |||
LEA | ISO/IEC 29192-2:2019 | 128 | 128, 192, 256 | ![]() | ||||
RC2 | RFC 2268, RFC 3217 | 0...1024 | 64 | ![]() | ![]() | ![]() | ||
RC5 | RFC 2040 | 128 | 64, 128 | ![]() | ![]() | |||
SEED | RFC 4269 | 128 | 128 | ![]() | ![]() | ![]() | ![]() | |
SM4 | RFC 8998 | 128 | 128 | ![]() | ![]() | |||
TripleDES | FIPS PUB 46-3, RFC 3217 | 112, 168 | 64 | ![]() | ![]() | ![]() |
Bouncy Castle supports the following symmetric key stream based algorithms.
Algorithm | External Reference | Key Sizes (bits) | Java | C# | FIPS Java | FIPS C# | Notes |
---|---|---|---|---|---|---|---|
Ascon | CAESAR, NIST Lightweight Competition Finalist | 128, 160 | ![]() | ![]() | |||
CHACHA-7359 | RFC 7359 | 128, 256 | ![]() | ![]() | ![]() | ||
GRAIN | eSTREAM Project | 128 | ![]() | ![]() | |||
HC | eSTREAM Project | 128, 256 | ![]() | ![]() | |||
RC4 | RFC 4345 | 40...2048 | ![]() | ![]() | ![]() | ![]() | Unsafe - legacy use only. |
Salsa20 | eSTREAM Project | 128, 256 | ![]() | ![]() |
Message Digests and Expandable Output Functions
Bouncy Castle supports the following Message Digests and Expandable Output Functions (XOFs).
Algorithm | External Reference | Java | C# | FIPS Java | FIPS C# |
---|---|---|---|---|---|
Ascon (Hash, XOF) | NIST Lightweight Competition Finalist | ![]() | ![]() | ||
Blake2 | RFC 7693 | ![]() | ![]() | ||
Blake3 | ![]() | ![]() | |||
cSHAKE-128, cSHAKE-256 | SP 800-185 | ![]() | ![]() | ![]() | ![]() |
Kangaroo | ![]() | ||||
KMAC-128, KMAC-256 | SP 800-185 | ![]() | ![]() | ![]() | ![]() |
MD5 | RFC 1321 | ![]() | ![]() | ![]() | ![]() |
ParallelHash-128, ParallelHash-256 | SP 800-185 | ![]() | ![]() | ![]() | ![]() |
RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320 | ![]() | ![]() | ![]() | ||
SHA-1 | FIPS PUB 180-4 | ![]() | ![]() | ![]() | ![]() |
SHA224, SHA256, SHA384, SHA512, SHA512/224, SHA512/256 | FIPS PUB 180-4 | ![]() | ![]() | ![]() | ![]() |
SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS PUB 202 | ![]() | ![]() | ![]() | ![]() |
SHAKE-128, SHAKE-256 | FIPS PUB 202, RFC 8702 | ![]() | ![]() | ![]() | ![]() |
SM3 | RFC 8998 | ![]() | ![]() | ||
Tiger | Project NESSIE | ![]() | ![]() | ![]() | |
TupleHash-128, TupleHash-256 | SP 800-185 | ![]() | ![]() | ![]() | ![]() |
Whirlpool | Project NESSIE, ISO/IEC 10118-3 | ![]() | ![]() | ![]() |
Post Quantum Algorithm Support
The following stateful hash-based signature algorithms are standardized and implemented.
Signature Algorithm | External Reference |
---|---|
LMS | |
XMSS | SP 800-208, RFC 8391 |
NIST PQC Competition Algorithms
For further details on these algorithms, refer to NIST Post-Quantum Cryptography.
The Post-Quantum Cryptography (PQC) algorithms below are still under development. Published standards are unlikely to appear before mid-2024 and the algorithms may still change. You can start experimenting, but note that while the Key Encapsulation Algorithms (KEMs) are suitable for use with hybrid cryptography using short-term keys, the PQC algorithms below are still not suitable for use with anything long-term.
Key Encapsulation Algorithms (KEMs)
Key Encapsulation Algorithm | Status |
---|---|
Crystals-Kyber | Finalist, for standardization, FIPS PUB 203 (Draft) |
BIKE | Round 4 Candidate |
HQC | Round 4 Candidate |
Classic McEliece | Round 4 Candidate, used by BIS |
SABER | Round 3 Candidate |
FrodoKEM | Round 3 Alternate Candidate, used by BIS |
NTRU | Round 3 Candidate |
NTRU Prime | Round 3 Alternate Candidate |
Signature Algorithms
Signature Algorithm | Status |
---|---|
Crystals-Dilithium | Finalist, for standardization, FIPS PUB 204 (Draft) |
SPHINCS+ | Finalist, for standardization, FIPS PUB 205 (Draft) |
Falcon | Finalist, for standardization |
Picnic | Round 3 Candidate |
Rainbow | Round 3 Candidate (cat III and cat V submission only) |
GeMSS | Round 3 Candidate |
CRL, OCSP and Certificate Distribution
Bouncy Castle supports the following CRL formats and standards.
Supported Standard | External Reference |
---|---|
CRL creation and URL based CRL Distribution Points. | RFC 5280 |
Online Certificate Status Protocol (OCSP), including AIA-extension and must-staple extension. | RFC 2560, RFC 6960, RFC 5019 and RFC 8964 |
The German Common PKI SigG CertHash OCSP extension. |
Certificate Enrollment Protocols
The following lists Certificate Enrollment Protocols and/or interfaces.
Protocol / Interface | External Reference | Documentation |
---|---|---|
Simple Certificate Enrollment Protocol (SCEP). | SCEP draft 23 | /wiki/spaces/EJBCADS/pages/238900784 |
Certificate Management Protocol (CMP). | RFC 4210 | /wiki/spaces/EJBCADS/pages/238900794 |
Enrollment over Secure Transport (EST). | RFC 7030 | /wiki/spaces/EJBCADS/pages/238925166 |