All Classes and Interfaces
Class
Description
This class provides some default behavior and common implementation for a
X500NameStyle.
The AccessDescription object.
Implements a certificate only JKS key store.
RFC 5116
An
AEADCipher based on a BlockCipher.A cipher mode that includes authenticated encryption with a streaming mode and optional associated data.
ParameterSpec for AEAD modes which allows associated data to be added via an algorithm parameter spec.In normal
circumstances you would only want to use this if you had to work with the pre-JDK1.7 Cipher class as associated
data is ignored for the purposes of returning a Cipher's parameters.
PBEWithAES-CBC
PBEWithMD5And128BitAES-OpenSSL
PBEWithMD5And192BitAES-OpenSSL
PBEWithMD5And256BitAES-OpenSSL
PBEWithSHA1AES-CBC
PBEWithSHA256AES-CBC
PBEWithSHA256And128BitAES-BC
PBEWithSHA256And192BitAES-BC
PBEWithSHA256And256BitAES-BC
PBEWithSHA1And128BitAES-BC
PBEWithSHA1And192BitAES-BC
PBEWithSHA1And256BitAES-BC
an implementation of the AES (Rijndael), from FIPS-197.
Deprecated.
unfortunately this class is has a few side channel issues.
an implementation of the AES (Rijndael), from FIPS-197.
an implementation of the AES Key Wrapper from the NIST Key Wrap
Specification.
Factory methods for common AlgorithmIdentifiers.
General JCA/JCE utility methods.
Base interface for mapping from an alphabet to a set of indexes
suitable for use with FPE.
X.509 Section 9.8.3.
X.509 Section 9.8.4.
Wrapper for a private key that carries annotations that can be used
for tracking or debugging.
ANSSI Elliptic curve table.
Object Identifiers belong to the French Agency, ANSSI.
PBEWithSHAAnd128BitRC4
PBEWithSHAAnd128BitRC4
PBEWithSHAAnd40BitRC4
PBEWithSHAAnd40BitRC4
Argon2 PBKDF - Based on the results of https://password-hashing.net/ and https://www.ietf.org/archive/id/draft-irtf-cfrg-argon2-03.txt
RFC 5794.
an implementation of the ARIA Key Wrapper from the NIST Key Wrap
Specification.
Converts a coefficient array to a compact byte array and vice versa.
General array utilities.
Iterator backed by a specific array.
ASCON AEAD v1.2, https://ascon.iaik.tugraz.at/
https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/ascon-spec-final.pdf
An ASN1 class that encodes to nothing, used in the OER library to deal with the Optional type.
Base class for BIT STRING objects
A basic parser for a BIT STRING object
ASN.1 BMPString object encodes BMP (Basic Multilingual Plane) subset
(aka UCS-2) of UNICODE (ISO 10646) characters in codepoints 0 to 65535.
Public facade of ASN.1 Boolean data.
Marker interface for CHOICE objects - if you implement this in a role your
own object any attempt to tag the object implicitly will convert the tag to
an explicit one as the encoding rules require.
Utility class for dumping ASN.1 objects as (hopefully) human friendly strings.
Basic interface to produce serialisers for ASN.1 encodings.
Mutable class for building ASN.1 constructed objects such as SETs or SEQUENCEs.
Supported encoding formats.
Class representing the ASN.1 ENUMERATED type.
Exception thrown in cases of corrupted or unexpected data in a stream.
Class representing the DER-type External
Parser DER EXTERNAL tagged objects.
Base class representing the ASN.1 GeneralizedTime type.
ASN.1 GENERAL-STRING data type.
Basic class for streaming generators.
ASN.1 IA5String object - this is a ISO 646 (ASCII) string encoding code points 0 to 127.
A general purpose ASN.1 decoder - note: this class differs from the
others in that it returns null after it has read the last object in
the stream.
Class representing the ASN.1 INTEGER type.
A NULL object - use DERNull.INSTANCE for populating structures.
NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
Base class for defining an ASN.1 object.
Class representing the ASN.1 OBJECT IDENTIFIER type.
Abstract base for the ASN.1 OCTET STRING data type
A basic parser for an OCTET STRING object
Stream that produces output based on the default encoding for the passed in objects.
Exception thrown when correctly encoded, but unexpected data is found in a stream while building an object.
Base class for ASN.1 primitive objects.
ASN.1 PrintableString object.
ASN.1
SEQUENCE and SEQUENCE OF constructs.A basic parser for a SEQUENCE object
ASN.1
SET and SET OF constructs.A basic parser for a SET object
A parser for ASN.1 streams which also returns, where possible, parsers for the objects it encounters.
General interface implemented by ASN.1 STRING objects for extracting the content String.
ASN.1 T61String (also the teletex string), try not to use this if you don't need to.
ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
Interface for the parsing of a generic tagged ASN.1 object.
ASN.1 UniversalString object - encodes UNICODE (ISO 10646) characters using 32-bit format.
- * UTC time object.
ASN.1 VisibleString object encoding ISO 646 (ASCII) character code points 32 to 126.
base interface that a public/private key block cipher needs
to conform to.
The AsymmetricBlockCipher class extends CipherSpiExt.
a holding class for public/private parameter pairs.
interface that a public/private key pair generator should conform to.
The AsymmetricHybridCipher class extends CipherSpiExt.
Deprecated.
use org.bouncycastle.cert.AttributeCertificateHolder
Deprecated.
use org.bouncycastle.cert.AttributeCertificateIssuer
Holding class for the AttributeTypeAndValue structures that make up an RDN.
The AuthorityInformationAccess object.
The AuthorityKeyIdentifier object.
Deprecated.
use JcaX509ExtensionUtils and AuthorityKeyIdentifier.getInstance()
Utility class for converting Base32 data to bytes and back again.
A streaming Base32 encoder.
Utility class for converting Base64 data to bytes and back again.
A streaming Base64 encoder.
Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO
18033
This implementation is based on ISO 18033/P1363a.
This implementation is based on ISO 18033/P1363a.
The basic interface that basic Diffie-Hellman implementations
conforms to.
A basic alphabet mapper that just creates a mapper based on the
passed in array of characters.
An EntropySourceProvider where entropy generation is based on a SecureRandom output using SecureRandom.generateSeed().
OCSP RFC 2560, RFC 6960
Represent two kind of GOST34.10 2012 PrivateKeys: with 256 and 512 size
Represent two kind of GOST34.10 2012 PublicKeys: with 256 and 512 size
LoadStoreParameter to allow configuring of the PBKDF used to generate encryption keys for
use in the keystore.
Deprecated.
This class does not support configuration on creation, use BCFKSLoadStoreParameter for best results.
This class implements the GMSS public key and is usually initiated by the GMSSKeyPairGenerator.
A JCA/JCE helper that refers to the BC provider for all it's needs.
all BC provider keystores implement this interface.
the BouncyCastle store.
This class implements a McEliece CCA2 private key and is usually instantiated
by the
McElieceCCA2KeyPairGenerator or McElieceCCA2KeyFactorySpi.This class implements a McEliece CCA2 public key and is usually instantiated
by the
McElieceCCA2KeyPairGenerator or McElieceCCA2KeyFactorySpi.This class implements a McEliece private key and is usually instantiated by
the
McElieceKeyPairGenerator or McElieceKeyFactorySpi.This class implements a McEliece public key and is usually instantiated by
the
McElieceKeyPairGenerator or McElieceKeyFactorySpi.Object Identifiers belonging to iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle (1.3.6.1.4.1.22554)
A provider representation for a RSA private key, with CRT factors included.
Core of password hashing scheme Bcrypt,
designed by Niels Provos and David Mazières,
corresponds to the C reference implementation.
Variation of BCStyle that insists on strict ordering for equality
and hashCode comparisons
Interface exposing some additional methods on a BC native certificate object.
BDS.
Deprecated.
Check for 'ASN1BitStringParser' instead
Base class for generators for indefinite-length structures.
ASN.1 OctetStrings, with indefinite length rules, and constructed form support.
A generator for indefinite-length OCTET STRINGs
Deprecated.
Check for 'ASN1OctetStringParser' instead
Indefinite length SEQUENCE of objects.
A stream generator for DER SEQUENCEs
Deprecated.
Check for 'ASN1SequenceParser' instead
Indefinite length
SET and SET OF constructs.Deprecated.
Check for 'ASN1SetParser' instead
BER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
A polynomial with
BigDecimal coefficients.This is a utility class containing data type conversions using big-endian
byte order.
BigInteger utilities.
Extended Euclidean Algorithm in
BigIntegersA polynomial with
Some methods (like
BigInteger coefficients.Some methods (like
add) change the polynomial, others (like mult) do
not but return the result as a new polynomial.FIXME: is this really necessary?!
The BiometricData object.
Basic bits of security constraint.
Implementation of the cryptographic hash function Blakbe2b.
Implementation of the cryptographic hash function BLAKE2s.
Implementation of the eXtendable Output Function (XOF) BLAKE2xs.
Blake3 implementation.
Bouncy implementation of Blake3Mac.
Blake3 Parameters.
Block cipher engines are expected to conform to this interface.
Block cipher padders are expected to conform to this interface
A class that provides Blowfish key encryption operations,
such as encoding data and generating keys.
To add the provider at runtime use:
PBEWithMD5AndDES
PBEWithSHA1AndDES
PBEWithSHAAnd2-KeyTripleDES-CBC
PBEWithSHAAnd3-KeyTripleDES-CBC
OldPBEWithSHAAnd3-KeyTripleDES-CBC
OldPBEWithSHAAndTwofish-CBC
Generator for PBE derived keys and ivs as defined by IEEE P1363a
This implementation is based on draft 9 of IEEE P1363a.
This implementation is based on draft 9 of IEEE P1363a.
uses the appropriate mixer to generate the key and IV if neccessary.
See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf
a buffer wrapper for an asymmetric block cipher, allowing input
to be accumulated in a piecemeal fashion until final processing.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion.
A buffering class to allow translation from one format to another to
be done in discrete chunks.
A buffering class to allow translation from one format to another to
be done in discrete chunks.
An output stream that buffers data to be feed into an encapsulated output stream.
Utility methods and constants for bytes.
Deprecated.
use org.bouncycastle.util.Arrays.
Camellia - based on RFC 3713.
Camellia - based on RFC 3713, smaller implementation, about half the size of CamelliaEngine.
An implementation of the Camellia key wrapper based on RFC 3657/RFC 3394.
A class that provides CAST key encryption operations,
such as encoding data and generating keys.
A class that provides CAST6 key encryption operations,
such as encoding data and generating keys.
implements Cipher-Block-Chaining (CBC) mode on top of a simple cipher.
standard CBC Block Cipher MAC - if no padding is specified the default of
pad of zeroes is used.
Implements the Counter with Cipher Block Chaining mode (CCM) detailed in
NIST Special Publication 800-38C.
Deprecated.
use AEADParameters
RFC 5084: CCMParameters object.
an X509Certificate structure.
class for dealing with X509 certificates.
PKIX RFC-2459
The X.509 v2 CRL syntax is as follows.
This class helps to support crossCerfificatePairs in a LDAP directory
according RFC 2587
PKCS10 Certification request object.
PKCS10 CertificationRequestInfo object.
CertPolicyId, used in the CertificatePolicies and PolicyMappings
X509V3 Extensions.
implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
Implementation of Daniel J.
Implementation of Daniel J.
Interface for a converter that produces a byte encoding for a char array.
Factory methods for creating Cipher objects and CipherOutputStreams.
A CipherInputStream is composed of an InputStream and a cipher so that read() methods return data
that are read in from the underlying InputStream but have been additionally processed by the
Cipher.
A CipherInputStream is composed of an InputStream and a cipher so that read() methods return data
that are read in from the underlying InputStream but have been additionally processed by the
Cipher.
IOException wrapper around an exception indicating a problem with the use of a cipher.The base class for symmetric, or secret, cipher key generators.
Factory methods for generating secret key generators for symmetric ciphers.
A CipherOutputStream is composed of an OutputStream and a cipher so that write() methods process
the written data with the cipher, and the output of the cipher is in turn written to the
underlying OutputStream.
A CipherOutputStream is composed of an OutputStream and a cipher so that write() methods process
the written data with the cipher, and the output of the cipher is in turn written to the
underlying OutputStream.
all parameter classes implement this.
classes that inherit from us.
classes that inherit from us.
The CipherSpiExt class extends CipherSpi.
CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html
A non-NIST variant which allows passing of an IV to the underlying CBC cipher.
ASN.1 Encoding for a
Classic McEliece private key for fully populated:
Classic McEliece Public Key Format.
A simple collection backed store.
General holding class for a commitment.
General interface fdr classes that produce and validate commitments.
Type to assist in build LMS messages.
A composite private key class.
A composite key class.
Experimental implementation of composite signatures according to https://www.ietf.org/archive/id/draft-ounsworth-pq-composite-sigs-13.
Helper class containing constants/mappings for composite signatures.
Enum of supported composited signature schemes.
This class offers different operations on matrices in field GF2^8.
Generator for Concatenation Key Derivation Function defined in NIST SP 800-56A, Sect 5.8.1
Implemented by the BC provider.
Class, holding Cramer Shoup ciphertexts (u1, u2, e, v)
Essentially the Cramer-Shoup encryption / decryption algorithms according to
"A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack." (Crypto 1998)
CS exception for wrong cipher-texts
a Cramer Shoup key pair generator
CRL Bag for PKCS#12
The CRLNumber object.
The CRLReason enumeration.
the foundation class for the hard exceptions thrown by the crypto packages.
GOST Algorithms OBJECT IDENTIFIERS :
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2)}
Permissions that need to be configured if a SecurityManager is used.
Basic registrar class for providing defaults for cryptography services in this module.
Available properties that can be set.
Customizable SHAKE function.
A SP800-90A CTR DRBG.
A Cipher Text Stealing (CTS) mode cipher.
this exception is thrown if a buffer that is meant to have output
copied into it turns out to be too short, or if we've been given
insufficient input.
Exception thrown if an attempt is made to decode invalid data, or some other failure occurs.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion.
JcaJceHelper that obtains all algorithms using the default JCA/JCE mechanism (i.e.XMSSOid^MT class.
XMSSOid class.
DeltaCertificateDescriptor ::= SEQUENCE {
serialNumber CertificateSerialNumber,
signature [0] IMPLICIT AlgorithmIdentifier
{SIGNATURE_ALGORITHM, {...}} OPTIONAL,
issuer [1] IMPLICIT Name OPTIONAL,
validity [2] IMPLICIT Validity OPTIONAL,
subject [3] IMPLICIT Name OPTIONAL,
subjectPublicKeyInfo SubjectPublicKeyInfo,
extensions [4] IMPLICIT Extensions{CertExtensions}
OPTIONAL,
signatureValue BIT STRING
}
A
TernaryPolynomial with a "high" number of nonzero coefficients.A BIT STRING with DER encoding - the first byte contains the count of padding bits included in the byte array's last byte.
DER BMPString object encodes BMP (Basic Multilingual Plane) subset
(aka UCS-2) of UNICODE (ISO 10646) characters in codepoints 0 to 65535.
Deprecated.
use ASN1Dump.
Class representing the DER-type External
Parser DER EXTERNAL tagged objects.
DER Generalized time object.
ASN.1 GENERAL-STRING data type.
Basic class for streaming DER encoding generators.
DER IA5String object - this is a ISO 646 (ASCII) string encoding code points 0 to 127.
base interface for general purpose byte derivation functions.
Parameters for key/byte stream derivation classes
Builder and holder class for preparing SP 800-56A compliant MacData.
Builder to create OtherInfo
An ASN.1 DER NULL object.
DER NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
Carrier class for a DER encoding OCTET STRING
Deprecated.
Check for 'ASN1OctetStringParser' instead
Builder and holder class for preparing SP 800-56A compliant OtherInfo.
Builder to create OtherInfo
DER PrintableString object.
Definite length SEQUENCE, encoding tells explicit number of bytes
that the content of this sequence occupies.
A stream generator for DER SEQUENCEs
A DER encoded SET object
DER T61String (also the teletex string), try not to use this if you don't need to.
DER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
DER UniversalString object - encodes UNICODE (ISO 10646) characters using 32-bit format.
DER UTC time object.
DER UTF8String object.
DER VisibleString object encoding ISO 646 (ASCII) character code points 32 to 126.
DES64
DES64with7816-4Padding
DES9797Alg3
DES9797Alg3with7816-4Padding
DES CFB8
DES - the default for this is to generate a key in
a-b-a format that's 24 bytes long but has 16 bytes of
key material (the first 8 bytes is repeated as the last
8 bytes).
PBEWithMD2AndDES
PBEWithMD2AndDES
PBEWithMD5AndDES
PBEWithMD5AndDES
PBEWithSHA1AndDES
PBEWithSHA1AndDES
DESede64
DESede64with7816-4Padding
DESede CFB8
DESede - the default for this is to generate a key in
a-b-a format that's 24 bytes long but has 16 bytes of
key material (the first 8 bytes is repeated as the last
8 bytes).
generate a desEDE key in the a-b-c format.
PBEWithSHAAnd2-KeyTripleDES-CBC
PBEWithSHAAnd2-KeyTripleDES-CBC
PBEWithSHAAnd3-KeyTripleDES-CBC
PBEWithSHAAnd3-KeyTripleDES-CBC
a class that provides a basic DESede (or Triple DES) engine.
Wrap keys according to
RFC 3217.
a class that provides a basic DES engine.
DESExample is a simple DES based encryptor/decryptor.
a Diffie-Hellman key exchange engine.
a Diffie-Hellman key agreement class.
a basic Diffie-Hellman key pair generator.
Deprecated.
use DomainParameters
Extension class for DHParameterSpec that wraps a DHDomainParameters object and provides the q domain parameter.
A DHPrivateKeySpec that also carries a set of DH domain parameters.
A DHPublicKeySpec that also carries a set of DH domain parameters.
RFC 2631 Diffie-hellman KEK derivation function.
a Diffie-Hellman key pair generator.
X9.42 definition of a DHPublicKey
Standard Diffie-Hellman groups from various IETF specifications.
FFC Unified static/ephemeral agreement as described in NIST SP 800-56A.
Parameter spec to provide Diffie-Hellman Unified model keys and user keying material.
Parameters holder for private unified static/ephemeral agreement as described in NIST SP 800-56A.
Parameters holder for static/ephemeral agreement as described in NIST SP 800-56A.
utility class for converting jce/jca DH objects
objects into their org.bouncycastle.crypto counterparts.
utility class for converting jce/jca DH objects
objects into their org.bouncycastle.crypto counterparts.
Deprecated.
use ValidationParams
interface that a message digest conforms to.
base interface for general purpose Digest based byte derivation functions.
Basic factory class for message digests.
The DigestInfo object.
Implements the sign and verify functions for a Signature Scheme using a hash function to allow processing of large messages.
Implements the sign and verify functions for a Signature Scheme using a hash function to allow processing of large messages.
Random generation based on the digest with counter.
The DirectoryString CHOICE object.
DisplayText class, used in
CertificatePolicies X509 V3 extensions (in policy qualifiers).The DistributionPoint object.
The DistributionPointName object.
A Definite length BIT STRING
Deprecated.
Check for 'ASN1BitStringParser' instead
Class representing the Definite-Length-type External
The DLSequence encodes a SEQUENCE using definite length form.
Deprecated.
Check for 'ASN1SequenceParser' instead
The DLSet encodes ASN.1 SET value without element ordering,
and always using definite length form.
Deprecated.
Check for 'ASN1SetParser' instead
Definite Length TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
X9.44 Diffie-Hellman domain parameters.
DRBG Configuration
interface for classes implementing algorithms modeled similar to the Digital Signature Alorithm.
Deprecated.
No longer used
An interface for different encoding formats for DSA signatures.
An "extended" interface for classes implementing DSA-style algorithms, that provides access to
the group order.
Interface define calculators of K values for DSA/ECDSA.
a DSA key pair generator.
Generate suitable parameters for DSA, in line with FIPS 186-2, or FIPS 186-3.
The Digital Signature Algorithm - as described in "Handbook of Applied
Cryptography", pages 452 - 453.
utility class for converting jce/jca DSA objects
objects into their org.bouncycastle.crypto counterparts.
ParameterSpec for a DSTU4145 key.
DSTU4145 encodes points somewhat differently than X9.62
It compresses the point to the size of the field element
DSTU 4145-2002
Reference implementation of national ukrainian standard of hashing transformation DSTU7564.
Implementation of DSTU7564 MAC mode
Implementation of DSTU7624 MAC mode
Implementation of DSTU7624 KEY WRAP mode
General class for providing point pairs for use with DualEC DRBG.
A SP800-90A Dual EC DRBG.
German Federal Office for Information Security
(Bundesamt für Sicherheit in der Informationstechnik)
https://www.bsi.bund.de/
A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and
Efficiency - by M.
base class for an elliptic curve
Elliptic curves over F2m.
Elliptic curve over Fp
P1363 7.2.1 ECSVDP-DH
ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
Diffie-Hellman version.
P1363 7.2.2 ECSVDP-DHC
ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive,
Diffie-Hellman version with cofactor multiplication.
EC Unified static/ephemeral agreement as described in NIST SP 800-56A using EC co-factor Diffie-Hellman.
X9.63 based key derivation function for ECDH CMS.
Parameters holder for private unified static/ephemeral agreement as described in NIST SP 800-56A.
Parameters holder for public unified static/ephemeral agreement as described in NIST SP 800-56A using EC DH/CDH.
EC-DSA as described in X9.62
this does your basic decryption ElGamal style using EC
this does your basic ElGamal encryption algorithm using EC
Class representing the Elements of the finite field
F2m in polynomial basis (PB)
representation.this transforms the original randomness used for an ElGamal encryption by a fixed value.
Signature for GOST34.10 2012 256.
Signature for GOST34.10 2012 512.
Deprecated.
Use
ECGOST3410Signer instead.table of the available named parameters for GOST 3410-2001 / 2012.
a table of locally supported named curves.
GOST R 34.10-2001 and GOST R 34.10-2012 Signature Algorithm
The ECIES Key Encapsulation Mechanism (ECIES-KEM) from ISO 18033-2.
The ECIES Key Encapsulation Mechanism (ECIES-KEM) from ISO 18033-2.
Deprecated.
use ECIESKEMGenerator, ECIESKEMExtractor
generic interface for an Elliptic Curve Key.
base class for an Elliptic Curve Key Spec
Utility class for EC Keys.
Utility class to allow conversion of EC key parameters to explicit from named
curves and back (where possible).
Interface for classes encapsulating a point multiplication algorithm
for
ECPoints.Named curve generation spec
specification signifying that the curve parameters can also be
referred to by name.
specification signifying that the curve parameters can also be
referred to by name.
A general class that reads all X9.62 style EC curve tables.
a table of locally supported named curves.
this does your basic Elgamal encryption algorithm using EC
this transforms the original randomness used for an ElGamal encryption.
EC-NR as described in IEEE 1363-2000 - a signature algorithm for Elliptic Curve which
also offers message recovery.
basic domain parameters for an Elliptic Curve public or private key.
base class for points on elliptic curves.
Elliptic curve points over F2m
Elliptic curve points over Fp
All BC elliptic curve keys implement this interface.
Utility class for handling EC point decoding.
the elliptic curve private key object from SEC 1
interface for Elliptic Curve Private keys.
Elliptic Curve private key specification.
Deprecated.
use ECPrivateKey
interface for elliptic curve public keys.
Elliptic Curve public key specification
utility class for converting jce/jca ECDSA, ECDH, and ECDHC
objects into their org.bouncycastle.crypto counterparts.
GOST VKO key agreement class - RFC 7836 Section 4.3
A low-level implementation of the Ed25519, Ed25519ctx, and Ed25519ph instantiations of the Edwards-Curve
Digital Signature Algorithm specified in RFC 8032.
A low-level implementation of the Ed448 and Ed448ph instantiations of the Edwards-Curve Digital Signature
Algorithm specified in RFC 8032.
ParameterSpec for EdDSA signature algorithms.
Edwards Elliptic Curve Object Identifiers (RFC 8410)
Elephant AEAD v2, based on the current round 3 submission, https://www.esat.kuleuven.be/cosic/elephant/
Reference C implementation: https://github.com/TimBeyne/Elephant
Specification: https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/elephant-spec-final.pdf
this does your basic ElGamal algorithm.
a ElGamal key pair generator.
This class specifies an ElGamal private key with its associated parameters.
Deprecated.
just use DHPublicKey.
This class specifies an ElGamal public key with its associated parameters.
utility class for converting jce/jca ElGamal objects
objects into their org.bouncycastle.crypto counterparts.
Interface implemented by objects that can be converted into byte arrays.
Encodable digests allow you to download an encoded copy of their internal state.
Encode and decode byte arrays (typically from binary to 7-bit ASCII
encodings).
Exception thrown if an attempt is made to encode invalid data, or some other failure occurs.
The EncryptedData object.
EncryptedObjectStoreData ::= SEQUENCE {
encryptionAlgorithm AlgorithmIdentifier
encryptedContent OCTET STRING
}
EncryptedPrivateKeyObjectData ::= SEQUENCE {
encryptedPrivateKeyInfo EncryptedPrivateKeyInfo,
certificates SEQUENCE OF Certificate
}
EncryptedSecretKeyData ::= SEQUENCE {
keyEncryptionAlgorithm AlgorithmIdentifier,
encryptedKeyData OCTET STRING
}
Base interface describing an entropy source for a DRBG.
Utility methods for making use of EntropySources.
Support class for constructing integrated encryption ciphers for doing basic message exchanges on top of key
agreement ciphers.
Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on ISO 18033/P1363a.
This implementation is based on ISO 18033/P1363a.
Pair for a value exchange algorithm where the responding party has no private key, such as NewHope.
Interface for NewHope style key material exchange generators.
Exception thrown by a stateful signature algorithm when the private key counter is exhausted.
The extendedKeyUsage object.
Deprecated.
use PKIXExtendedBuilderParameters
Deprecated.
use PKIXExtendedParameters
an object for the elements in the X.509 V3 extension block.
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE {
extnId EXTENSION.&id ({ExtensionSet}),
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING }
Generator for X.509 extensions
Wrapper class which returns an "ExternalValue" for the public key encoding.
Based on External Keys And Signatures For Use In Internet PKI
draft-ounsworth-pq-external-pubkeys-00
This is an extended exception.
ASN.1 Encoding for a
FALCON private key for fully populated:
Classic McEliece Public Key Format.
Basic 20 byte finger print class.
Class holding precomputation data for fixed-point multiplications.
A secure random that returns pre-seeded data to calls of nextBytes() or generateSeed().
A secure random that returns pre-seeded data to calls of nextBytes() or generateSeed().
BigInteger Source - in this case we expect requests for data that will be used
for BigIntegers.
Data Source - in this case we just expect requests for byte arrays.
Base class for sources of fixed "Randomness"
Base class for format-preserving encryption.
NIST SP 800-38G, FF1 format preserving encryption.
NIST SP 800-38G, FF3-1 format preserving encryption.
An implementation of the CBC mode for GOST 3412 2015 cipher.
An implementation of the CFB mode for GOST 3412 2015 cipher.
implements the GOST 3412 2015 CTR counter mode (GCTR).
An implementation of the OFB mode for GOST 3412 2015 cipher.
An implementation of the GOST CFB mode with CryptoPro key meshing as described in RFC 4357.
Implements the Galois/Counter mode (GCM) detailed in
NIST Special Publication 800-38D.
RFC 5084: GCMParameters object.
GCM-SIV Mode.
base implementation of MD4 family style digest as outlined in
"Handbook of Applied Cryptography", pages 344 - 347.
A basic hash-committer based on the one described in "Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking",
by Jakobsson, Juels, and Rivest (11th Usenix Security Symposium, 2002).
The GeneralName object.
Class for containing a restriction object subtrees in NameConstraints.
This class provides the basic operations like addition, multiplication and
finding the multiplicative inverse of an element in GF2^8.
This class describes some operations with matrices over finite field GF(2)
and is used in ecc and MQ-PKC (also has some specific methods and
implementation)
This class describes operations with elements from the finite field F =
GF(2^m).
This class describes some operations with matrices over finite field GF(2m)
with small m (1< m <32).
This class implements vectors over the finite field
GF(2m) for small m (i.e.,
1<m<32).
This abstract class implements an element of the finite field GF(2)n
in either optimal normal basis representation (ONB)
or in polynomial representation.
This abstract class defines the finite field GF(2n).
This class implements an element of the finite field GF(2n ).
This class implements the abstract class GF2nField for ONB
representation.
This class implements polynomials over GF2nElements.
This class implements elements of finite binary fields GF(2n)
using polynomial representation.
This class implements the abstract class GF2nField for polynomial
representation.
This class stores very long strings of bits and does some basic arithmetics.
This class implements the abstract class Vector for the case of
vectors over the finite field GF(2).
This interface defines a finite field element.
The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
800-38D.
Classes that inherit from us
Chinese standard GM named curves.
This class implements key pair generation of the generalized Merkle signature
scheme (GMSS).
This class implements the distributed computation of the public key of the
Winternitz one-time signature scheme (OTSS).
This class provides a specification for the GMSS parameters that are used by
the GMSSKeyPairGenerator and GMSSSignature classes.
This class provides a specification for a GMSS private key.
This class implements an ASN.1 encoded GMSS public key.
This class provides a PRNG for GMSS
This class computes a whole Merkle tree and saves the needed values for
AuthPath computation.
This class implements the distributed signature generation of the Winternitz
one-time signature scheme (OTSS), described in C.Dods, N.P.
This class implements the GMSS signature scheme.
This class implements the GMSS signature scheme, but allows multiple signatures to be generated.
This class provides several methods that are required by the GMSS classes.
GNU project OID collection
implements the GOST 28147 OFB counter mode (GCTR).
This class describes decoding operations of an irreducible binary Goppa code.
This class is a container for two instances of
GF2Matrix and one
instance of Permutation.This class is a container for an instance of
GF2Matrix and one
int[].GOST28147
Gost28147-89-EncryptedKey ::= SEQUENCE {
encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key
OPTIONAL,
macKey Gost28147-89-MAC
}
implementation of GOST 28147-89
implementation of GOST 28147-89 MAC
ASN.1 algorithm identifier parameters for GOST-28147
A parameter spec for the GOST-28147 cipher.
Deprecated.
use org.bouncycastle.jcajce.spec.GOST28147ParameterSpec
A parameter spec for the GOST-28147 cipher.
Main interface for a GOST 3410-94 key.
a GOST3410 key pair generator.
table of the available named parameters for GOST 3410-94.
generate suitable parameters for GOST3410.
ParameterSpec for a GOST 3410-1994/2001/2012 algorithm parameters.
ParameterSpec for a GOST 3410-94 key.
This class specifies a GOST3410-94 private key with its associated parameters.
ParameterSpec for a GOST 3410-94 key parameters.
This class specifies a GOST3410-94 public key with its associated parameters.
GOST R 34.10-94 Signature Algorithm
utility class for converting jce/jca GOST3410-94 objects
objects into their org.bouncycastle.crypto counterparts.
implementation of GOST R 34.11-2012 256-bit
implementation of GOST R 34.11-2012 512-bit
Base class for GOST3411-2012 256-bit and GOST3411-2012 512-bit digests.
GOST3411 HMac
PBEWithHmacGOST3411
implementation of GOST R 34.11-94
GOST3412 2015 CMAC( OMAC1)
Implementation of GOST 3412 2015 (aka "Kuznyechik") RFC 7801, GOST 3412
GostR3410-KeyTransport ::= SEQUENCE {
sessionEncryptedKey Gost28147-89-EncryptedKey,
transportParameters
[0] IMPLICIT GostR3410-TransportParameters OPTIONAL
}
GostR3410-TransportParameters ::= SEQUENCE {
encryptionParamSet OBJECT IDENTIFIER,
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING
}
Grain-128 AEAD, based on the current round 3 submission, https://grain-128aead.github.io/
Implementation of Martin Hell's, Thomas Johansson's and Willi Meier's stream
cipher, Grain-128.
Implementation of Martin Hell's, Thomas Johansson's and Willi Meier's stream
cipher, Grain v1.
BSI Key Derivation Function Parameters for Session Keys (see BSI-TR-03111 Section 4.3.3)
BSI Key Derivation Function for Session Keys (see BSI-TR-03111 Section 4.3.3)
Haraka-256 v2, https://eprint.iacr.org/2016/098.pdf
Haraka-512 v2, https://eprint.iacr.org/2016/098.pdf
Base class for Haraka v2, https://eprint.iacr.org/2016/098.pdf
A basic hash-committer as described in "Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking",
by Jakobsson, Juels, and Rivest (11th Usenix Security Symposium, 2002).
SLH-DA signer.
A SP800-90A Hash DRBG.
HC-128 is a software-efficient stream cipher created by Hongjun Wu.
HC-256 is a software-efficient stream cipher created by Hongjun Wu.
Utility class for converting hex data to bytes and back again.
A streaming Hex encoder.
Converters for going from hex to binary and back.
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) implemented
according to IETF RFC 5869, May 2010 as specified by H.
Parameter class for the HKDFBytesGenerator class.
HMAC implementation based on RFC2104
H(K XOR opad, H(K XOR ipad, text))
A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979.
A SP800-90A HMAC DRBG.
The Holder object.
Polynomial class for HPS parameters with q = 4096
HTML Filter
SP 800-56C Hybrid Value spec, by default to allow the secret in a key agreement to be
created as "Z | T" where T is some other secret value as described in Section 2.
IANA:
{ iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things
A class that provides a basic International Data Encryption Algorithm (IDEA) engine.
key pair for use with an integrated encryptor - together
they provide what's required to generate the message.
Classes that inherit from us
Classes that inherit from us
Classes that inherit from us
Support class for constructing integrated encryption ciphers
for doing basic message exchanges on top of key agreement ciphers.
Classes that inherit from us
Parameter spec for an integrated encryptor KEM, as in IEEE_Std_1609_2
key pair for use with an integrated encryptor
parameters for using an integrated cipher in stream mode.
Parameter spec for an integrated encryptor, as in IEEE P1363a
Implementation of
IetfAttrSyntax as specified by RFC3281.An implementation of the Index Generation Function in IEEE P1363.1.
Represents a string of bits and supports appending, reading the head, and reading the tail.
Interface implemented by objects that can be converted from streaming to in-memory objects.
Class of number-theory related functions for use with integers represented as
int's or BigInteger objects.
A polynomial with
Some methods (like
int coefficients.Some methods (like
add) change the polynomial, others (like mult) do
not but return the result as a new polynomial.Utility methods and constants for ints.
Extended Euclidean Algorithm in
intsthis exception is thrown whenever we find something we don't expect in a
message.
IOException wrapper around an exception indicating an invalid ciphertext, such as in
authentication failure during finalisation of an AEAD cipher.Utility methods for processing String objects containing IP addresses.
Implementation of Bob Jenkin's ISAAC (Indirection Shift Accumulate Add and Count).
ISAP Hash v2, https://isap.iaik.tugraz.at/
https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/isap-spec-final.pdf
ISAP AEAD v2, https://isap.iaik.tugraz.at/
https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/isap-spec-final.pdf
ISISMT -- Industrial Signature Interoperability Specification
A padder that adds ISO10126-2 padding to a block.
parameters for Key derivation functions for ISO-18033
The Iso4217CurrencyCode object.
A padder that adds the padding according to the scheme referenced in
ISO 7814-4 - scheme 2 from ISO 9797-1.
ISO 9796-1 padding.
ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3).
ISO9796-2 - mechanism using a hash function with recovery (scheme 1)
DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC)
This could as well be derived from CBCBlockCipherMac, but then the property mac in the base
class must be changed to protected
OIDS from ISO/IEC 10118-3:2004
IssuingDistributionPoint ::= SEQUENCE {
distributionPoint [0] DistributionPointName OPTIONAL,
onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
onlySomeReasons [3] ReasonFlags OPTIONAL,
indirectCRL [4] BOOLEAN DEFAULT FALSE,
onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
Utility class to allow use of Iterable feature in JDK 1.5+
Factory interface for instantiating JCA/JCE primitives.
General JCA/JCE utility methods.
A provider representation for a RSA private key, with CRT factors included.
Deprecated.
use org.bouncycastle.jcajce.config.PKCS12StoreParameter
Implements a certificate only JKS key store.
JournaledAlgorithm keeps state of the JournalingSecureRandom and the
AlgorithmIdentifier necessary to fully resume an encryption session.
A SecureRandom that maintains a journal of its output.
An example of a J-PAKE exchange.
A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange.
A pre-computed prime order group for use during a J-PAKE exchange.
Standard pre-computed prime order groups for use by J-PAKE.
The payload sent/received during the first round of a J-PAKE exchange.
The payload sent/received during the second round of a J-PAKE exchange.
The payload sent/received during the optional third round of a J-PAKE exchange,
which is for explicit key confirmation.
Primitives needed for a J-PAKE exchange.
Kangaroo.
Kangaroo Parameters.
Parameter Builder.
KangarooTwelve.
MarsupilamiFourteen.
Implementation of DSTU7624 CCM mode
Implementation of DSTU7624 CTR mode
KDF1 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on ISO 18033/IEEE P1363a.
This implementation is based on ISO 18033/IEEE P1363a.
KDF2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on IEEE P1363/ISO 18033.
This implementation is based on IEEE P1363/ISO 18033.
This KDF has been defined by the publicly available NIST SP 800-108 specification.
This KDF has been defined by the publicly available NIST SP 800-108 specification.
This KDF has been defined by the publicly available NIST SP 800-108 specification.
Note that counter is only supported at the location presented in the
NIST SP 800-108 specification, not in the additional locations present
in the CAVP test vectors.
This KDF has been defined by the publicly available NIST SP 800-108 specification.
Note that counter is only supported at the location presented in the
NIST SP 800-108 specification, not in the additional locations present
in the CAVP test vectors.
parameters for Key derivation functions for IEEE P1363a
implementation of Keccak based on following KeccakNISTInterface.c from https://keccak.noekeon.org/
base class for HPKE KEM
Builder class for creating a KEMExtractSpec.
Builder class for creating a KEMGenerateSpec.
Deprecated.
use KTSParameterSpec
Diffie-Hellman key agreement.
Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363
both the simple one, and the simple one with cofactors are supported.
KeyAgreement according to BSI TR-03111 chapter 4.3.1
KeyAgreement according to BSI TR-03111 chapter 4.3.1
KeyAgreement according to BSI TR-03111 chapter 4.3.1
KeyAgreement according to BSI TR-03111 chapter 4.3.1
KeyAgreement according to BSI TR-03111 chapter 4.3.1
KeyAgreement according to BSI TR-03111 chapter 4.3.1
Deprecated.
KeyFactory for composite signatures.
The base class for parameters to key generators.
KeyPairGenerator class for composite signatures.
KeyPairGenerator for GOST34.10 2012.
The KeyPurposeId object.
ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure.
The KeyUsage object.
Implementation of DSTU7624 GCM mode
Utilities for the GF(2^m) field with corresponding extension polynomial:
Utilities for the GF(2^m) field with corresponding extension polynomial:
Utilities for the GF(2^m) field with corresponding extension polynomial:
The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
800-38D as adapted for the Kalyna version of GCM.
Korea Information Security Agency (KISA)
({iso(1) member-body(2) kr(410) kisa(200004)})
KMAC - MAC with optional XOF mode.
KMACwithSHAKE128-params ::= SEQUENCE {
kMACOutputLength INTEGER DEFAULT 256, -- Output length in bits
customizationString OCTET STRING DEFAULT ''H
}
KMACwithSHAKE256-params ::= SEQUENCE {
kMACOutputLength INTEGER DEFAULT 512, -- Output length in bits
customizationString OCTET STRING DEFAULT ''H
}
Parameter spec for doing KTS based wrapping via the Cipher API.
Builder class for creating a KTSParameterSpec.
Implementation of DSTU7624 XTS mode
Crystal Kyber Private Key Format.
Crystal Kyber Public Key Format.
This class represents a layer of the Rainbow Oil- and Vinegar Map.
This is a general purpose implementation to get X.509 certificates, CRLs,
attribute certificates and cross certificates from a LDAP location.
LEA Cipher engine.
Legacy bits of security constraint.
The Bouncy Castle License
Copyright (c) 2000-2023 The Legion Of The Bouncy Castle Inc.
Extension to tie an alternate certificate to the containing certificate.
This is a utility class containing data type conversions using little-endian
byte order.
ParameterSpec for keys using the LMS Hierarchical Signature System (HSS).
Deprecated.
use LMSKeyGenParameterSpec
Base interface for Leighton-Micali Hash-Based Signatures (LMS) keys.
ParameterSpec for the Leighton-Micali Hash-Based Signature (LMS) scheme.
Deprecated.
use LMSKeyGenParameterSpec
Base interface for an LMS private key
ASN.1 uses an EN locale for its internal formatting.
Base class for all Exceptions with localized messages.
Base class for SHA-384 and SHA-512.
A polynomial class that combines two coefficients into one
Coefficients can be between 0 and 2047 and are stored in pairs in the bits 0..10 and 24..34 of a
long value for
faster multiplication in 64 bit environments.Coefficients can be between 0 and 2047 and are stored in pairs in the bits 0..10 and 24..34 of a
long number.A polynomial class that combines five coefficients into one
Coefficients can be between 0 and 2047 and are stored in bits 0..11, 12..23, ..., 48..59 of a
long value for
faster multiplication by a ternary polynomial.Coefficients can be between 0 and 2047 and are stored in bits 0..11, 12..23, ..., 48..59 of a
long number.Utility methods and constants for longs.
The base interface for implementations of message authentication codes (MACs).
base interface for general purpose Mac based byte derivation functions.
An output stream which calculates a MAC based on the data that is written to it.
This abstract class defines matrices.
this exception is thrown whenever a cipher requires a change of key, iv
or similar after x amount of bytes enciphered
This class is used to translate between McEliece CCA2 keys and key
specifications.
This class provides a specification for the parameters that are used by the
McEliece, McElieceCCA2, and Niederreiter key pair generators.
This class implements key pair generation of the McEliece Public Key
Cryptosystem (McEliecePKC).
utility class for converting jce/jca McElieceCCA2 objects
objects into their org.bouncycastle.crypto counterparts.
Core operations for the CCA-secure variants of McEliece.
Return the keyData to encode in the PrivateKeyInfo structure.
This class implements the McEliece Public Key cryptosystem (McEliecePKCS).
This class implements the Fujisaki/Okamoto conversion of the McEliecePKCS.
This class is used to translate between McEliece keys and key specifications.
This class provides a specification for the parameters that are used by the
McEliece, McElieceCCA2, and Niederreiter key pair generators.
This class implements key pair generation of the McEliece Public Key
Cryptosystem (McEliecePKC).
utility class for converting jce/jca McEliece objects
objects into their org.bouncycastle.crypto counterparts.
This class implements the Kobara/Imai conversion of the McEliecePKCS.
This class implements the Pointcheval conversion of the McEliecePKCS.
MD2 HMac
implementation of MD2
as outlined in RFC1319 by B.Kaliski from RSA Laboratories April 1992
MD4 HashMac
implementation of MD4 as RFC 1320 by R.
MD5 HashMac
implementation of MD5 as outlined in "Handbook of Applied Cryptography", pages 346 - 347.
Interface for Memoable objects.
Exception to be thrown on a failure to reset an object implementing Memoable.
Base interface for a PQC encryption algorithm.
Base interface for a PQC signing algorithm.
Generator for MGF1 as defined in PKCS 1v2
parameters for mask derivation functions.
Microsoft
AlgorithmSpec for ML-DSA
AlgorithmSpec for ML-KEM
Modular inversion as implemented in this class is based on the paper "Fast constant-time gcd
computation and modular inversion" by Daniel J.
A resultant modulo a
BigIntegerThe MonetaryValue object.
Parameter spec to provide MQV ephemeral keys and user keying material.
Deprecated.
use MQVParameterSpec for passing the ephemeral key.
Deprecated.
use MQVParameterSpec for passing the ephemeral key.
Base interface for a cipher engine capable of processing multiple blocks at a time.
NaccacheStern Engine.
Parameters for NaccacheStern public private key generation.
Key generation parameters for NaccacheStern cipher.
Public key parameters for NaccacheStern cipher.
Private key parameters for NaccacheStern cipher.
JcaJceHelper that obtains all algorithms using a specific named provider.Structure for a name or pseudonym.
Handles NetScape certificate request (KEYGEN), these are constructed as:
The NetscapeCertType object.
OtherInfo Generator for which can be used for populating the SuppPrivInfo field used to provide shared
secret data used with NIST SP 800-56A agreement algorithms.
Party U (initiator) generation.
Party V (responder) generation.
A processor with associated builders for doing secret key transformation using
the New Hope algorithm.
Party U (initiator) processor builder.
Party V (responder) processor builder.
A Cipher Text Stealing (CTS) mode cipher.
Utility class for fetching curves using their NIST names as published in FIPS-PUB 186-3
NIST:
iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3)
A Noekeon engine, using direct-key mode.
Wrapper removes exposure to the Memoable interface on an ExtendedDigest implementation.
NoticeReference class, used in
CertificatePolicies X509 V3 extensions
(in policy qualifiers).A set of parameters for NtruEncrypt.
Generates key pairs.
The parameter p is hardcoded to 3.
The parameter p is hardcoded to 3.
A set of parameters for NtruEncrypt.
A NtruEncrypt private key is essentially a polynomial named
The inverse of
f
which takes different forms depending on whether product-form polynomials are used,
and on fastPThe inverse of
f modulo p is precomputed on initialization.A NtruEncrypt public key is essentially a polynomial named
h.Encrypts, decrypts data and generates key pairs.
The parameter p is hardcoded to 3.
The parameter p is hardcoded to 3.
NTRU-HPS parameter set with n = 509 and q = 2048.
NTRU-HPS parameter set with n = 677 and q = 2048.
NTRU-HPS parameter set with n = 1229 and q = 4096.
NTRU-HPS parameter set with n = 821 and q = 4096.
Abstract class for NTRU-HPS parameter classes.
NTRU-HRSS parameter set with n = 701.
NTRU-HRSS parameter set with n = 701.
Abstract class for NTRU-HRSS parameter classes.
NTRU secret encapsulation extractor.
Encapsulate a secret using NTRU.
Key generation parameters for NTRU.
Key generator for NTRU.
Abstract class for NTRU key pair.
NTRU LPRime Parameter Specs
NTRU cipher parameter sets
Abstract class for all NTRU parameter sets.
NTRU private key parameter class.
NTRU public key parameter class.
Deprecated.
the NTRUSigner algorithm was broken in 2012 by Ducas and Nguyen.
An implementation of the deterministic pseudo-random generator in EESS section 3.7.3.1
A set of parameters for NtruSign.
A subclass of Basis that additionally contains the polynomials
F and G.A set of parameters for NtruSign.
A NtruSign private key comprises one or more
NTRUSigningPrivateKeyParameters.Basis of three polynomials each,
except the zeroth basis for which h is undefined.A NtruSign basis.
A NtruSign public key is essentially a polynomial named
h.From RFC 3657
Use of the Camellia Encryption Algorithm
in Cryptographic Message Syntax (CMS)
The no-op engine that just copies bytes through, irrespective of whether encrypting and decrypting.
Parsing
Optimal Asymmetric Encryption Padding (OAEP) - see PKCS 1 V 2.
ObjectData ::= SEQUENCE {
type INTEGER,
identifier UTF8String,
creationDate GeneralizedTime,
lastModifiedDate GeneralizedTime,
data OCTET STRING,
comment UTF8String OPTIONAL
}
ObjectDataSequence ::= SEQUENCE OF ObjectData
ObjectDigestInfo ASN.1 structure used in v2 attribute certificates.
ObjectStore ::= SEQUENCE {
CHOICE {
encryptedObjectStoreData EncryptedObjectStoreData,
objectStoreData ObjectStoreData
}
integrityCheck ObjectStoreIntegrityCheck
}
ObjectStoreData ::= SEQUENCE {
version INTEGER.
ObjectStoreIntegrityCheck ::= CHOICE {
PbkdMacIntegrityCheck
[0] EXPLICIT SignatureCheck
}
An implementation of RFC 7253 on The OCB
Authenticated-Encryption Algorithm.
OCSP RFC 2560, RFC 6960
OCSP RFC 2560, RFC 6960
implements a Output-FeedBack (OFB) mode on top of a simple cipher.
Class for breaking up an OID into it's component tokens, ala
java.util.StringTokenizer.
OIW organization's OIDs:
A Cipher Text Stealing (CTS) mode cipher.
HMAC implementation based on RFC2104
H(K XOR opad, H(K XOR ipad, text))
Support class for constructing integrated encryption ciphers
for doing basic message exchanges on top of key agreement ciphers.
Password hashing scheme BCrypt,
designed by Niels Provos and David Mazières, using the
String format and the Base64 encoding
of the reference implementation on OpenBSD
Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode
on top of a simple cipher.
OpenSSHPrivateKeySpec holds and encoded OpenSSH private key.
A collection of utility methods for parsing OpenSSH private keys.
Holds an OpenSSH encoded public key.
OpenSSHPublicKeyUtil utility classes for parsing OpenSSH public keys.
Generator for PBE derived keys and ivs as usd by OpenSSL.
ASN.1 def for Diffie-Hellman key exchange OtherInfo structure.
The OtherName object.
Utility class for creating OutputStreams from different JCA/JCE operators.
Deprecated.
use org.bouncycastle.util.pack
Utility methods for converting byte arrays into ints and longs, and back again.
Deprecated.
use org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher instead.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion with padding.
ParallelHash - a hash designed to support the efficient hashing of very long strings, by taking advantage
of the parallelism available in modern processors with an optional XOF mode.
Cipher parameters with a fixed salt value associated with them.
ParSet ::= SEQUENCE {
T INTEGER
h SEQUENCE OF INTEGER
w SEQUENCE OF INTEGER
K SEQUENCE OF INTEGER
}
Standard char[] to byte[] converters for password based derivation algorithms.
uses the appropriate mixer to generate the key and IV if necessary.
super class for all Password Based Encryption (PBE) parameter generator classes.
A password based key for use with PBKDF1 as defined in PKCS#5.
A password based key for use with PBKDF1 as defined in PKCS#5 with full PBE parameters.
Configuration class for a PBKDF using PKCS#5 Scheme 2.
A password based key for use with PBKDF2 as defined in PKCS#5.
Extension of PBEKeySpec which takes into account the PRF algorithm setting available in PKCS#5 PBKDF2.
A password based key for use with PBKDF2 as defined in PKCS#5 with full PBE parameters.
PBKDF2-params ::= SEQUENCE {
salt CHOICE {
specified OCTET STRING,
otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
},
iterationCount INTEGER (1..MAX),
keyLength INTEGER (1..MAX) OPTIONAL,
prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
Base class for PBKDF configs.
Base interface for keys associated with various password based key derivation functions (PBKDF).
PbkdMacIntegrityCheck ::= SEQUENCE {
macAlgorithm AlgorithmIdentifier,
pbkdAlgorithm KeyDerivationFunc,
mac OCTET STRING
}
From https://datatracker.ietf.org/doc/html/rfc8018
Exception thrown on failure to generate a PEM object.
Class representing a PEM header (name, value) pair.
A generic PEM object - type, header properties, and byte content.
Base interface for generators of PEM objects.
Base interface for parsers to convert PEM objects into specific objects.
A generic PEM reader, based on the format outlined in RFC 1421
A generic PEM writer, based on RFC 1421
This class implements permutations of the set {0,1,...,n-1} for some given n
> 0, i.e., ordered sequences containing each number m (0 <=
m < n)
once and only once.
Contains personal data for the otherName field in the subjectAltNames
extension.
the infamous Pfx from PKCS12
Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode on top of a simple cipher.
Photon-Beetle, https://www.isical.ac.in/~lightweight/beetle/
https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/photon-beetle-spec-final.pdf
Photon-Beetle, https://www.isical.ac.in/~lightweight/beetle/
https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/photon-beetle-spec-final.pdf
Deprecated.
use classes in org.bouncycastle.pkcs.
allow us to set attributes on objects that can go into a PKCS12 store.
A password based key for use with PKCS#12.
A password based key for use with PKCS#12 with full PBE parameters.
Generator for PBE derived keys and ivs as defined by PKCS 12 V1.0.
LoadStoreParameter to allow for additional config with PKCS12 files.
Deprecated.
use org.bouncycastle.jcajce.PKCS12StoreParameter
Utility class for reencoding PKCS#12 files to definite length.
this does your basic PKCS 1 v1.5 padding - whether or not you should be using this
depends on your application - see PKCS1 Version 2 for details.
Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 1.
Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 2.
A padder that adds PKCS7/PKCS5 padding to a block.
pkcs-1 OBJECT IDENTIFIER ::=
CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
CertPath implementation for X.509 certificates.
Implements the PKIX CertPathBuilding algorithm for BouncyCastle.
Implements the PKIX CertPathBuilding algorithm for BouncyCastle.
Deprecated.
use org.bouncycastle.pkix.jcajce.PKIXCertPathReviewer in the bcpkix package
CertPathValidatorSpi implementation for X.509 Certificate validation � la RFC
3280.
CertPathValidatorSpi implementation for X.509 Certificate validation � la RFC
3280.
Generic interface for a PKIX based certificate store.
This class is a Selector implementation for certificates.
Builder for a PKIXCertStoreSelector.
Generic interface for a PKIX based CRL store.
This class is a Selector implementation for X.509 certificate revocation
lists.
Builder for a PKIXCRLStoreSelector.
This class contains extended parameters for PKIX certification path builders.
Builder for a PKIXExtendedBuilderParameters object.
This class extends the PKIXParameters with a validity model parameter.
Builder for a PKIXExtendedParameters object.
PKIX RFC 5280
PolicyMappings V3 extension, described in RFC3280.
PolicyQualifierId, used in the CertificatePolicies
X509V3 extension.
Policy qualifiers, used in the X509V3 CertificatePolicies
extension.
Poly1305 message authentication code, designed by D.
Generates keys for the Poly1305 MAC.
Polynomial for
org.bouncycastle.pqc.crypto.ntru.This class describes operations with polynomials from the ring R =
GF(2^m)[X], where 2 <= m <=31.
This class describes operations with polynomials over finite field GF(2), i e
polynomial ring R = GF(2)[X].
This class represents polynomial rings GF(2^m)[X]/p(X) for
m<32.
PQC:
OtherInfo Generator for which can be used for populating the SuppPrivInfo field used to provide shared
secret data used with NIST SP 800-56A agreement algorithms.
Party U (initiator) generation.
Party V (responder) generation.
Interface for classes storing precomputation data for multiplication
algorithms.
Utility methods for generating primes and testing for primality.
Used to return the output from the
Enhanced
Miller-Rabin Probabilistic Primality Test
Used to return the output from the
Shawe-Taylor Random_Prime
Routine
a utility class that will extract X509Principal objects from X.509 certificates.
Class for instancing AnnotatedPrivateKeys.
Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
RFC 5958
Factory to create ASN.1 private key info objects from lightweight private keys.
Factory to create ASN.1 private key info objects from lightweight private keys.
PrivateKeyUsagePeriod ::= SEQUENCE {
notBefore [0] GeneralizedTime OPTIONAL,
notAfter [1] GeneralizedTime OPTIONAL }
A polynomial of the form
f1*f2+f3, where
f1,f2,f3 are very sparsely populated ternary polynomials.Utility method for accessing properties values - properties can be set in java.security,
thread local, and system properties.
A permission class to define what can be done with the ConfigurableProvider interface.
JcaJceHelper that obtains all algorithms from a specific Provider instance.RSA-PSS as described in PKCS# 1 v 2.1.
Factory to create asymmetric public key parameters for asymmetric ciphers from range of
ASN.1 encoded SubjectPublicKeyInfo objects.
Factory to create asymmetric public key parameters for asymmetric ciphers from range of
ASN.1 encoded SubjectPublicKeyInfo objects.
The QCStatement object.
Base interface for a qTESLA key.
qTESLA key-pair generation parameters.
Key-pair generator for qTESLA keys.
qTESLA parameter details.
qTESLA private key
qTESLA public key
The qTESLA security categories.
Signer for the qTESLA algorithm (https://qtesla.org/)
Utility class to convert decimal numbers (BigInteger) into a number in the base provided and the other way round.
This class implements AsymmetricCipherKeyPairGenerator.
Return the key data to encode in the PrivateKeyInfo structure.
This class implements an ASN.1 encoded Rainbow public key.
It implements the sign and verify functions for the Rainbow Signature Scheme.
This class is needed for the conversions while encoding and decoding, as well as for
comparison between arrays of some dimensions
Generic interface for objects generating random bytes.
An encoded key spec that just wraps the minimal data for a public/private key representation.
RC2CBC
RC2
RC2
PBEWithMD2AndRC2
PBEWithMD5AndRC2
PBEWithMD5AndRC2
PBEWithSHA1AndRC2
PBEWithSHA1AndRC2
PBEWithSHAAnd128BitRC2-CBC
PBEWithSHAAnd128BitRC2-CBC
PBEWithSHAAnd40BitRC2-CBC
PBEWithSHAAnd40BitRC2-CBC
an implementation of RC2 as described in RFC 2268
"A Description of the RC2(r) Encryption Algorithm" R.
Wrap keys according to RFC 3217 - RC2 mechanism
RC5
RC564
RC5
The specification for RC5 came from the
RC5 Encryption Algorithm
publication in RSA CryptoBytes, Spring of 1995.The specification for RC5 came from the
RC5 Encryption Algorithm
publication in RSA CryptoBytes, Spring of 1995.An RC6 engine.
Holding class for a single Relative Distinguished Name (RDN).
The ReasonFlags object.
A simple object to indicate that a symmetric cipher should reuse the
last key provided.
Deprecated.
use super class org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec
OCSP RFC 2560, RFC 6960
OCSP RFC 2560, RFC 6960
Contains a resultant and a polynomial
rho such that
res = rho*this + t*(x^n-1) for some integer t.Takes bytes generated by an underling RandomGenerator and reverses the order in
each small window (of configurable size).
an implementation of the RFC 3211 Key Wrap
Specification.
an implementation of the AES Key Wrapper from the NIST Key Wrap
Specification as described in RFC 3394.
An implementation of the AES Key Wrap with Padding specification
as described in RFC 5649.
an implementation of Rijndael, based on the documentation and reference implementation
by Paulo Barreto, Vincent Rijmen, for v2.0 August '99.
RIPEMD128 HashMac
implementation of RIPEMD128
RIPEMD160 HMac
PBEWithHmacRIPEMD160
PBEWithHmacRIPEMD160
implementation of RIPEMD see,
https://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
RIPEMD256 HMac
implementation of RIPEMD256.
RIPEMD320 HMac
implementation of RIPEMD 320.
Implementation of the RoleSyntax object as specified by the RFC3281.
this does your basic RSA algorithm with blinding
This does your basic RSA Chaum's blinding and unblinding as outlined in
"Handbook of Applied Cryptography", page 475.
Generate a random factor suitable for use with RSA blind signatures
as outlined in Chaum's blinding and unblinding as outlined in
"Handbook of Applied Cryptography", page 475.
this does your basic RSA algorithm.
The RSA Key Encapsulation Mechanism (RSA-KEM) from ISO 18033-2.
The RSA Key Encapsulation Mechanism (RSA-KEM) from ISO 18033-2.
Deprecated.
use RSAKEMGenerator, RSAKEMExtractor
an RSA key pair generator.
Deprecated.
use RSAPrivateKey
Deprecated.
use org.bouncycastle.asn1.pkcs.RSAPublicKey
utility class for converting java.security RSA objects into their
org.bouncycastle.crypto counterparts.
the foundation class for the exceptions thrown by the crypto packages.
Expires 13 May 2022
SABERPrivateKey ::= SEQUENCE {
version INTEGER {v0(0)} -- version (round 3)
z OCTET STRING, -- 32-byte random value z
s OCTET STRING, -- short integer polynomial s
PublicKey [0] IMPLICIT SABERPublicKey OPTIONAL,
-- see next section
hpk OCTET STRING -- H(pk)
}
Expires 13 May 2022
SABERPublicKey := SEQUENCE {
seed_A OCTET STRING, -- 32-byte seed
b OCTET STRING -- short integer polynomial b
}
Implementation of Daniel J.
Extended digest which provides the ability to store state and
provide an encoding.
Implementation of the scrypt a password-based key derivation function.
Configuration class for a PBKDF based around scrypt.
Key spec for use with the scrypt SecretKeyFactory.
RFC 7914 scrypt parameters.
Certicom object identifiers
SecretKeyData ::= SEQUENCE {
keyAlgorithm OBJECT IDENTIFIER,
keyBytes OCTET STRING
}
Carrier class for a KEM/KTS secret key plus its encapsulation.
Interface describing secret with encapsulation details.
Source provider for SecureRandom implementations.
Implementation of the SEED algorithm as described in RFC 4009
An implementation of the SEED key wrapper based on RFC 4010/RFC 3394.
Interface a selector from a store should conform to.
The SemanticsInformation object.
Serpent is a 128-bit 32-round block cipher with variable key lengths,
including 128, 192 and 256 bit keys conjectured to be at least as
secure as three-key triple-DES.
Base class for a constraint, serves to provide storage for the set of exceptions (if any).
SHA1 HMac
PBEWithHmacSHA
SHA1 HMac
implementation of SHA-1 as outlined in "Handbook of Applied Cryptography", pages 346 - 349.
SHA-224 as described in RFC 3874
HMACSHA256
PBEWithHmacSHA
FIPS 180-2 implementation of SHA-256.
HMACSHA384
FIPS 180-2 implementation of SHA-384.
implementation of SHA-3 based on following KeccakNISTInterface.c from https://keccak.noekeon.org/
HMACSHA512
SHA-512 HMac
FIPS 180-2 implementation of SHA-512.
FIPS 180-4 implementation of SHA-512/t
Block cipher Shacal2, designed by Helena Handschuh and David Naccache,
based on hash function SHA-256,
using SHA-256-Initialization-Values as data and SHA-256-Data as key.
implementation of SHAKE based on following KeccakNISTInterface.c from https://keccak.noekeon.org/
Wrapper class that reduces the output length of a particular digest to
only the first n bytes of the digest function.
Utility methods and constants for shorts.
Implements the Segmented Integer Counter (SIC) mode on top of a simple
block cipher.
Object Identifiers of SigI specifciation (German Signature Law
Interoperability specification).
SignatureCheck ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
certificates [0] EXPLICIT Certificates OPTIONAL,
signatureValue BIT STRING
}
Certificates ::= SEQUENCE OF Certificate
Signature class for composite signatures.
a PKCS#7 signed data object.
Generic signer interface for hash based and message recovery signers.
a PKCS#7 signer info object.
Signer with message recovery.
Implementation of SipHash as specified in "SipHash: a fast short-input PRF", by Jean-Philippe
Aumasson and Daniel J.
Implementation of SipHash with 128 bit output.
Skein HMac
Implementation of the Skein parameterised hash function in 256, 512 and 1024 bit block sizes,
based on the
Threefish tweakable block cipher.Implementation of the Skein family of parameterised hash functions in 256, 512 and 1024 bit block
sizes, based on the
Threefish tweakable block cipher.Implementation of the Skein parameterised MAC function in 256, 512 and 1024 bit block sizes,
based on the
Threefish tweakable block cipher.Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
A builder for
SkeinParameters.Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
A builder for
SkeinParameterSpec.a class that provides a basic SKIPJACK engine.
Ciphers producing a key stream which can be reset to particular points in the stream implement this.
General interface for a stream cipher that supports skipping.
AlgorithmSpec for SLH-DSA
SLH-DA signer.
SM2 public key encryption engine - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02.
SM2 Key Exchange protocol - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
Private parameters for an SM2 key exchange.
Public parameters for an SM2 key exchange.
Parameter spec for SM2 ID parameter
The SM2 Digital Signature algorithm.
SM3 HMac
Implementation of Chinese SM3 digest as described at
https://tools.ietf.org/html/draft-shen-sm3-hash-01
and at ....
SM4 Block Cipher - SM4 is a 128 bit block cipher with a 128 bit key.
StreamLined NTRU Prime Parameter Specs
Interface to SP800-90A deterministic random bit generators.
Builder class for making SecureRandom objects based on SP 800-90A Deterministic Random Bit Generators (DRBG).
Sparkle v1.2, based on the current round 3 submission, https://sparkle-lwc.github.io/
Reference C implementation: https://github.com/cryptolu/sparkle
Specification: https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/sparkle-spec-final.pdf
Sparkle v1.2, based on the current round 3 submission, https://sparkle-lwc.github.io/
Reference C implementation: https://github.com/cryptolu/sparkle
Specification: https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/sparkle-spec-final.pdf
A
TernaryPolynomial with a "low" number of nonzero coefficients.Key generation spec for SPHINCS-256 to allow specifying of tree hash.
SPHINCS-256 signer.
AlgorithmSpec for SPHINCS+.
See https://datatracker.ietf.org/doc/draft-uni-qsckeys-sphincsplus/00/ for details
ASN.1 Encoding for a
SphincsPlus private key for fully populated:
See https://datatracker.ietf.org/doc/draft-uni-qsckeys-sphincsplus/00/ for details.
SPHINCS+ signer.
Filter for strings to store in a SQL table.
Implements the client side SRP-6a protocol.
Implements the server side SRP-6a protocol.
Generates new SRP verifier for user
Base interface for a PQC stateful signature algorithm.
Deprecated.
it's better to avoid this and use extractKeyShard methods where possible.
A generic interface describing a simple store of objects.
Exception thrown if there's an issue doing a match in store.
A parent class for block cipher modes that do not require block aligned data to be processed, but can function in
a streaming mode.
the interface stream ciphers conform to.
Exception thrown when too much data is written to an InputStream
Utility methods to assist with stream processing.
An interface defining a list of strings.
String utilities.
X.509 Section 9.8.2.
This extension may contain further X.500 attributes of the subject.
The SubjectKeyIdentifier object.
The object that contains the public key stored in a certificate.
Factory to create ASN.1 subject public key info objects from lightweight public keys.
Factory to create ASN.1 subject public key info objects from lightweight public keys.
Target structure used in target information extension for attribute
certificates from RFC 3281.
Target information extension for attributes certificates according to RFC
3281.
Targets structure used in target information extension for attribute
certificates from RFC 3281.
A padder that adds Trailing-Bit-Compliment padding to a block.
The TBSCertificate object.
Deprecated.
use TBSCertificate
PKIX RFC-2459 - TBSCertList object.
An TEA engine.
An input stream which copies anything read through it to another stream.
An output stream which copies anything written into it to another stream.
Elliptic curves defined in "ECC Brainpool Standard Curves and Curve Generation"
https://www.ecc-brainpool.org/download/draft_pkix_additional_ecc_dp.txt
Object identifiers based on the TeleTrust branch.
A polynomial whose coefficients are all equal to -1, 0, or 1
A fixed secure random designed to return data for someone needing to create a single BigInteger.
A fixed secure random designed to return data for someone needing random bytes.
A class for returning "quick entropy" for testing purposes.
A thread based seed generator - one source of randomness.
Implementation of the Threefish tweakable large block cipher in 256, 512 and 1024 bit block
sizes.
Tiger HMac
PBEWithHmacTiger
PBEWithHmacTiger
Tiger HMac
implementation of Tiger based on:
https://www.cs.technion.ac.il/~biham/Reports/Tiger
Key Spec class for generating TLS key/iv material.
Tnepres is a 128-bit 32-round block cipher with variable key lengths,
including 128, 192 and 256 bit keys conjectured to be at least as
secure as three-key triple-DES.
General interface for a translator.
This class implements a treehash instance for the Merkle tree traversal
algorithm.
TupleHash - a hash designed to simply hash a tuple of input strings, any or all of which may be empty strings,
in an unambiguous way with an optional XOF mode.
Parameters for tweakable block ciphers.
PBEWithSHAAndTwofish-CBC
PBEWithSHAAndTwofish-CBC
A class that provides Twofish encryption operations.
The TypeOfBiometricData object.
Ukrainian object identifiers
This is a testing utility class to check the property that an
OutputStream is never
closed in some particular context - typically when wrapped by another OutputStream that
should not be forwarding its OutputStream.close() calls.Wrapper class to mark untrusted input.
Wrapper class to mark an untrusted Url
Convert binary data to and from UrlBase64 encoding.
Convert binary data to and from UrlBase64 encoding.
UserNotice class, used in
CertificatePolicies X509 extensions (in policy
qualifiers).Utilities for working with UTF-8 encodings.
Generator for Version 1 TBSCertificateStructures.
Generator for Version 2 AttributeCertificateInfo
Generator for Version 2 TBSCertList structures.
Generator for Version 3 TBSCertificateStructures.
Diffie-Hellman domain validation parameters.
This abstract class defines vectors.
Whirlpool HMac
Implementation of WhirlpoolDigest, based on Java source published by Barreto and Rijmen.
This class implements key pair generation and signature generation of the
Winternitz one-time signature scheme (OTSS), described in C.Dods, N.P.
This class implements signature verification of the Winternitz one-time
signature scheme (OTSS), described in C.Dods, N.P.
Class implementing the WNAF (Window Non-Adjacent Form) multiplication
algorithm.
Class holding precomputation data for the WNAF (Window Non-Adjacent Form)
algorithm.
Class implementing the WTNAF (Window
τ-adic Non-Adjacent Form) algorithm.Class holding precomputation data for the WTNAF (Window
τ-adic Non-Adjacent Form) algorithm.The X.500 Name object.
A builder class for making X.500 Name objects.
This interface provides a profile to conform to when
DNs are being converted into strings and back.
class for breaking up an X500 Name into it's component tokens, ala
java.util.StringTokenizer.
For some reason the class path project thinks that such a KeyFactory will exist.
Deprecated.
see X509CertificateHolder class in the PKIX package.
Deprecated.
use X509CertificateHolder class in the PKIX package.
Deprecated.
use org.bouncycastle.cert.X509AttributeCertificateSelector and org.bouncycastle.cert.X509AttributeCertificateSelectorBuilder.
Deprecated.
Do not use this class directly - either use org.bouncycastle.cert (bcpkix) or CertificateFactory.
This class contains a cross certificate pair.
Deprecated.
use org.bouncycastle.asn1.x509.Certificate
This class is an
Selector like implementation to select
certificates pairs, which are e.g.Deprecated.
use CertificateFactory or the PEMParser in the openssl package (pkix jar).
Deprecated.
use the classes under org.bouncycastle.cert.selector
This class contains a collection for collection based
X509Stores.The following extensions are listed in RFC 2459 as relevant to CRL Entries
ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
(critical)
Deprecated.
Do not use this class directly - either use org.bouncycastle.cert (bcpkix) or CertificateFactory.
This class is a Selector implementation for X.509 certificate revocation
lists.
The default converter for X509 DN entries when going from their
string value to ASN.1 strings.
Deprecated.
use Extension
Deprecated.
use
Extension and ExtensionsDeprecated.
use org.bouncycastle.asn1.x509.ExtensionsGenerator
Deprecated.
use org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils
A holding class for constructing an X509 Key Usage extension.
An expanded set of parameters for an LDAPCertStore
This is a general purpose implementation to get X.509 certificates and CRLs
from a LDAP location.
Deprecated.
use org.bouncycastle.asn1.x500.X500Name.
It turns out that the number of standard ways the fields in a DN should be
encoded into their ASN.1 counterparts is rapidly approaching the
number of machines on the internet.
Deprecated.
use X500NameTokenizer
Deprecated.
use the X500Name class.
Deprecated.
use CollectionStore - this class will be removed.
This class is a collection based Bouncy Castle
X509Store SPI implementation for certificate
pairs.A SPI implementation of Bouncy Castle
X509Store for getting
attribute certificates from an LDAP directory.A SPI implementation of Bouncy Castle
X509Store for getting
cross certificates pairs from an LDAP directory.A SPI implementation of Bouncy Castle
X509Store for getting
certificates form a LDAP directory.A SPI implementation of Bouncy Castle
X509Store for getting
certificate revocation lists from an LDAP directory.This class allows access to different implementations for reading X.509
objects from streams.
This abstract class defines the service provider interface (SPI) for
X509StreamParser.
Deprecated.
use org.bouncycastle.cert.X509v1CertificateBuilder.
Deprecated.
use org.bouncycastle.cert.X509AttributeCertificateHolder
Deprecated.
use org.bouncycastle.cert.X509v2CRLBuilder.
Deprecated.
use org.bouncycastle.cert.X509v3CertificateBuilder.
A padder that adds X9.23 padding to a block - if a SecureRandom is
passed in random padding is assumed, otherwise padding with zeros is used.
X9.31-1998 - signing using a hash.
Table of the current named curves defined in X.962 EC-DSA.
The Parameters ASN.1 CHOICE from X9.62.
ASN.1 def for Elliptic-Curve Curve structure.
ASN.1 def for Elliptic-Curve ECParameters structure.
A holding class that allows for X9ECParameters to be lazily constructed.
Class for describing an ECPoint as a DER object.
class for processing an FieldElement as a DER object.
ASN.1 def for Elliptic-Curve Field ID structure.
A class which converts integers to byte arrays, allowing padding and calculations
to be done according the the filed size of the curve or field element involved.
Object identifiers for the various X9 standards.
Key agreement using X25519 or X448.
ParameterSpec for XDH key agreement algorithms.
Parameters holder for private unified static/ephemeral agreement using Edwards Curves.
Parameters holder for public unified static/ephemeral agreement using Edwards Curves.
XMSS.
XMSS address.
XMSS key-pair generation parameters.
Key pair generator for XMSS keys.
XMSSKeyParams
XMSS^MT.
XMSS^MT key-pair generation parameters.
Key pair generator for XMSS^MT keys.
XMMSMTKeyParams
XMSS^MT Parameters.
XMMSMTPrivateKey
Base interface for an XMSSMT private key
XMSS^MT Private Key.
XMSSMTPublicKey
XMSS^MT Public Key.
XMSS^MT Signature.
XMSS^MT Signer class.
Binary tree node.
XMSS Parameters.
XMMSPrivateKey
Base interface for an XMSS private key
XMSS Private Key.
XMSSPublicKey
XMSS Public Key.
Reduced XMSS Signature.
XMSS Signature.
Deprecated.
use Encodable
Utils for XMSS implementation.
With FIPS PUB 202 a new kind of message digest was announced which supported extendable output, or variable digest sizes.
Xoodyak v1, https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/xoodyak-spec-final.pdf
Xoodyak v1, https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/xoodyak-spec-final.pdf
Implementation of Daniel J.
An XTEA engine.
A padder that adds NULL byte padding to a block.
Zuc128Engine implementation.
Zuc256 implementation.
Zuc128 Mac implementation.
Zuc256 implementation.
Zuc256 implementation.
Zuc256 Mac implementation.