Interoperability
The following provides an overview of Bouncy Castle's capabilities and support, with relevant links to external standards and documentation.
Packages and Standards
Bouncy Castle Java supports the following formats and standards.
| Supported Standard | External Reference |
|---|---|
| X.509 and PKIX. | RFC 5280 |
CMP | RFC 4210 |
CMS/PKCS#7: Cryptographic Message Syntax | RFC 5652 |
| CRMF | RFC 4211 |
| DANE: DNS-Based Authentication of Named Entities | |
| DVCS: Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols | RFC 3029 |
| DTLS: Datagram Transport Layer Security | RFC 6347 |
EAC: Extended Access Control (EAC) Certificates | BSI TR-03110 |
| ERS: Evidence Record Syntax | RFC 4998 |
| EST: Enrollment over Secure Transport | RFC 7030 |
| ITS: Intelligent Transportation Systems | ETSI ITS |
| MLS: The Messaging Layer Security (MLS) Protocol | RFC 9420 |
| OpenPGP: OpenPGP Message Format | RFC 4880, RFC 6637 |
| PKCS#10: Certification Request Syntax | RFC 2986 |
| PKCS#12: Personal Information Exchange Syntax | RFC 7292 |
| TLS: Transport Layer Security | RFC 5246, RFC 5932, RFC 6209, RFC 8446, NIST SP 800-52 Rev. 2 |
| TSP: Time-Stamp Protocol | RFC 3161, RFC 5544 |
Certifications
The following lists certifications with relevant links to certificates and documentation.
| Type | Language | Version | External Reference | Documentation |
|---|---|---|---|---|
| FIPS 140-2 | Java | 1.0.2.4 | Cryptographic Module Validation Program (CMVP) Certificate #4616 | BC-FJA 1.0.2 (Bouncy Castle FIPS Java API) User Guide |
| FIPS 140-2 | Java | 1.0.2.3 | Cryptographic Module Validation Program (CMVP) Certificate #3514 | BC-FJA 1.0.2 (Bouncy Castle FIPS Java API) User Guide |
| FIPS 140-2 | Java | 1.0.1 | Cryptographic Module Validation Program (CMVP) Certificate #3152 (Historical) | BC-FJA (Bouncy Castle FIPS Java API) User Guide |
| FIPS 140-2 | Java | 1.0.0 | Cryptographic Module Validation Program (CMVP) Certificate #2768 (Historical) | BC-FJA (Bouncy Castle FIPS Java API) User Guide |
| FIPS 140-2 | C# | 1.0.2 | Cryptographic Module Validation Program (CMVP) Certificate #4416 | BC-FNA 1.0.2 (Bouncy Castle FIPS .NET API) User Guide |
| FIPS 140-2 | C# | 1.0.1 | Cryptographic Module Validation Program (CMVP) Certificate #2792 (Historical) | BC-FNA (Bouncy Castle FIPS .NET API) User Guide |
For more information about the Bouncy Castle FIPS Java API and how it presents cryptography, refer to The Bouncy Castle FIPS Java API in 100 Examples and sample code at https://www.bouncycastle.org/fips-java/bc-fips-100-java.tar.gz and https://www.bouncycastle.org/fips-java/bc-fips-100-java.zip.
Algorithms and Key Types
Bouncy Castle supports the following public key algorithm types and key size/curves.
| Algorithm | External Reference |
|---|---|
| Diffie-Hellman | SP 800-56A |
| DSA | FIPS PUB 186-4, RFC 6979 |
| DSTU | DSTU 4145-2002 |
| ECDSA/ECDH | X9.62, FIPS PUB 186-4, RFC 5639, RFC 6979, SP 800-56A |
| EdDSA/XDH | RFC 7748, RFC 8032 |
| RFC 8410 | |
| ElGamal | RFC 4880 |
| GOST | RFC 4490, RFC 7836 |
| LMS/HSS | RFC 8554, RFC 8708 |
| SM2 | RFC 8998 |
| RSA | RFC 8017, FIPS PUB 186-4, SP 800-56B |
| XMSS | RFC 8391 |
Symmetric Key Algorithms
Bouncy Castle supports the following symmetric key algorithms.
| Algorithm | External Reference |
|---|---|
| AES | FIPS PUB 197, RFC 3394, RFC 5649 |
| ARIA | RFC 5794, RFC 5649 |
| Ascon | CAESAR, NIST Lightweight Competition Finalist |
| Camellia | RFC 3713, RFC 3657 |
| CAST 5 | RFC 2144 |
| CAST 6 | RFC 2612 |
| CHACHA-7359 | RFC 7359 |
| DSTU 7624 | DSTU 7624:2014 |
| GOST 28147 | RFC 5830 |
| GOST 3412-2015 | RFC 7801 |
| GRAIN | eSTREAM Project |
| HC | eSTREAM Project |
| LEA | ISO/IEC 29192-2:2019 |
| RC2 | RFC 2268, RFC 3217 |
| RC5 | RFC 2040 |
| Salsa20 | eSTREAM Project |
| SEED | RFC 4269 |
| SM4 | RFC 8998 |
| TripleDES | FIPS PUB 46-3, RFC 3217 |
Message Digests and Expandable Output Functions
Bouncy Castle supports the following Message Digests and Expandable Output Functions (XOFs).
| Algorithm | External Reference |
|---|---|
| Ascon (Hash, XOF) | NIST Lightweight Competition Finalist |
| Blake2 | RFC 7693 |
| Blake3 | |
| cSHAKE-128, cSHAKE-256 | SP 800-185 |
| Kangaroo | |
| KMAC-128, KMAC-256 | SP 800-185 |
| MD5 | RFC 1321 |
| ParallelHash-128, ParallelHash-256 | SP 800-185 |
| RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320 | |
| SHA-1 | FIPS PUB 180-4 |
| SHA224, SHA256, SHA384, SHA512, SHA512/224, SHA512/256 | FIPS PUB 180-4 |
| SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS PUB 202 |
| SHAKE-128, SHAKE-256 | FIPS PUB 202, RFC 8702 |
| SM3 | RFC 8998 |
| Tiger | Project NESSIE |
| TupleHash-128, TupleHash-256 | SP 800-185 |
| Whirlpool | Project NESSIE, ISO/IEC 10118-3 |
Post Quantum Algorithm Support
The following stateful hash-based signature algorithms are standardized and implemented.
| Signature Algorithm | External Reference |
|---|---|
| LMS | |
| XMSS | SP 800-208, RFC 8391 |
NIST PQC Competition Algorithms
For further details on these algorithms, refer to NIST Post-Quantum Cryptography.
The Post-Quantum Cryptography (PQC) algorithms below are still under development. Published standards are unlikely to appear before mid-2024 and the algorithms may still change. You can start experimenting, but note that while the Key Encapsulation Algorithms (KEMs) are suitable for use with hybrid cryptography using short-term keys, the PQC algorithms below are still not suitable for use with anything long-term.
Key Encapsulation Algorithms (KEMs)
| Key Encapsulation Algorithm | Status |
|---|---|
Crystals-Kyber | Finalist, for standardization, FIPS PUB 203 (Draft) |
BIKE | Round 4 Candidate |
HQC | Round 4 Candidate |
Classic McEliece | Round 4 Candidate, used by BIS |
SABER | Round 3 Candidate |
FrodoKEM | Round 3 Alternate Candidate, used by BIS |
NTRU | Round 3 Candidate |
NTRU Prime | Round 3 Alternate Candidate |
Signature Algorithms
| Signature Algorithm | Status |
|---|---|
Crystals-Dilithium | Finalist, for standardization, FIPS PUB 204 (Draft) |
SPHINCS+ | Finalist, for standardization, FIPS PUB 205 (Draft) |
Falcon | Finalist, for standardization |
Picnic | Round 3 Candidate |
Rainbow | Round 3 Candidate (cat III and cat V submission only) |
GeMSS | Round 3 Candidate |
CRL, OCSP and Certificate Distribution
Bouncy Castle supports the following CRL formats and standards.
| Supported Standard | External Reference |
|---|---|
| CRL creation and URL based CRL Distribution Points. | RFC 5280 |
| Online Certificate Status Protocol (OCSP), including AIA-extension and must-staple extension. | RFC 2560, RFC 6960, RFC 5019 and RFC 8964 |
The German Common PKI SigG CertHash OCSP extension. |
Certificate Enrollment Protocols
The following lists Certificate Enrollment Protocols and/or interfaces.