Bouncy Castle Cryptography Library 1.85

Deprecated API

Deprecated Classes
org.bouncycastle.crypto.engines.AESFastEngine
          unfortunately this class is has a few side channel issues. In an environment where encryption/decryption may be closely observed it should not be used. 
org.bouncycastle.crypto.params.CCMParameters
          use AEADParameters 
org.bouncycastle.pqc.crypto.cmce.CMCEKEMExtractor
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEKEMGenerator
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEKeyGenerationParameters
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEKeyPairGenerator
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEKeyParameters
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEParameters
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEPrivateKeyParameters
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.cmce.CMCEPublicKeyParameters
          the standardised Classic McEliece KEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see org.bouncycastle.crypto.params.CMCEParameters and org.bouncycastle.jcajce.spec.CMCEParameterSpec). This is the legacy NIST round 3 (non-pc, incl. mceliece348864) implementation, retained for backwards compatibility. 
org.bouncycastle.asn1.util.DERDump
          use ASN1Dump. 
org.bouncycastle.asn1.x9.DHDomainParameters
          use DomainParameters 
org.bouncycastle.asn1.x9.DHValidationParms
          use ValidationParams 
org.bouncycastle.crypto.signers.ECGOST3410_2012Signer
          Use ECGOST3410Signer instead. 
org.bouncycastle.crypto.kems.ECIESKeyEncapsulation
          use ECIESKEMGenerator, ECIESKEMExtractor 
org.bouncycastle.asn1.sec.ECPrivateKeyStructure
          use ECPrivateKey 
org.bouncycastle.pqc.crypto.frodo.FrodoKEMExtractor
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoKEMGenerator
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoKeyGenerationParameters
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoKeyPairGenerator
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoKeyParameters
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoParameters
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoPrivateKeyParameters
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.pqc.crypto.frodo.FrodoPublicKeyParameters
          the standardised FrodoKEM (ISO/IEC 18033-2:2006/Amd 2:2026) is now provided under org.bouncycastle.crypto and org.bouncycastle.jcajce (see FrodoKEMParameters / FrodoKEMParameterSpec). This is the legacy NIST round 3 (unsalted, eFrodoKEM) implementation, retained for backwards compatibility. 
org.bouncycastle.util.GF16
          moved to GF16; this type now delegates there and will be removed in a future release. 
org.bouncycastle.pqc.crypto.mldsa.HashMLDSASigner
          use org.bouncycastle.crypto.signers.HashMLDSASigner 
org.bouncycastle.pqc.crypto.slhdsa.HashSLHDSASigner
          use org.bouncycastle.crypto.signers.HashSLHDSASigner 
org.bouncycastle.pqc.crypto.mldsa.MLDSAKeyGenerationParameters
          use org.bouncycastle.crypto.params.MLDSAKeyGenerationParameters 
org.bouncycastle.pqc.crypto.mldsa.MLDSAKeyPairGenerator
          use org.bouncycastle.crypto.generators.MLDSAKeyPairGenerator 
org.bouncycastle.pqc.crypto.mldsa.MLDSAKeyParameters
          use org.bouncycastle.crypto.params.MLDSAKeyParameters 
org.bouncycastle.pqc.crypto.mldsa.MLDSAParameters
          use org.bouncycastle.crypto.params.MLDSAParameters 
org.bouncycastle.pqc.crypto.mldsa.MLDSAPrivateKeyParameters
          use org.bouncycastle.crypto.params.MLDSAPrivateKeyParameters 
org.bouncycastle.pqc.crypto.mldsa.MLDSAPublicKeyParameters
          use org.bouncycastle.crypto.params.MLDSAPublicKeyParameters 
org.bouncycastle.pqc.crypto.mldsa.MLDSASigner
          use org.bouncycastle.crypto.signers.MLDSASigner 
org.bouncycastle.pqc.crypto.mlkem.MLKEMExtractor
          use org.bouncycastle.crypto.kems.MLKEMExtractor 
org.bouncycastle.pqc.crypto.mlkem.MLKEMGenerator
          use org.bouncycastle.crypto.kems.MLKEMGenerator 
org.bouncycastle.pqc.crypto.mlkem.MLKEMKeyGenerationParameters
          use org.bouncycastle.crypto.params.MLKEMKeyGenerationParameters 
org.bouncycastle.pqc.crypto.mlkem.MLKEMKeyPairGenerator
          use org.bouncycastle.crypto.generators.MLKEMKeyPairGenerator 
org.bouncycastle.pqc.crypto.mlkem.MLKEMKeyParameters
          use org.bouncycastle.crypto.params.MLKEMKeyParameters 
org.bouncycastle.pqc.crypto.mlkem.MLKEMParameters
          use org.bouncycastle.crypto.params.MLKEMParameters 
org.bouncycastle.pqc.crypto.mlkem.MLKEMPrivateKeyParameters
          use org.bouncycastle.crypto.params.MLKEMKeyPrivateKeyParameters 
org.bouncycastle.pqc.crypto.mlkem.MLKEMPublicKeyParameters
          use org.bouncycastle.crypto.params.MLKEMKeyPublicKeyParameters 
org.bouncycastle.asn1.OIDTokenizer
          Will be removed 
org.bouncycastle.crypto.util.Pack
          use org.bouncycastle.util.pack 
org.bouncycastle.crypto.modes.PaddedBlockCipher
          use org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher instead. 
org.bouncycastle.asn1.x509.PrivateKeyStatement
          use PrivateKeyPossessionStatement 
org.bouncycastle.crypto.kems.RSAKeyEncapsulation
          use RSAKEMGenerator, RSAKEMExtractor 
org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure
          use RSAPrivateKey 
org.bouncycastle.asn1.x509.RSAPublicKeyStructure
          use org.bouncycastle.asn1.pkcs.RSAPublicKey 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAEngine
          use org.bouncycastle.crypto.signers.slhdsa.SLHDSASigner 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAKeyGenerationParameters
          use org.bouncycastle.crypto.params.SLHDSAKeyGenerationParameters 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAKeyPairGenerator
          use org.bouncycastle.crypto.generators.SLHDSAKeyPairGenerator 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAKeyParameters
          use org.bouncycastle.crypto.params.SLHDSAKeyParameters 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAParameters
          use org.bouncycastle.crypto.params.SLHDSAParameters 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAPrivateKeyParameters
          use org.bouncycastle.crypto.params.SLHDSAPrivateKeyParameters 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSAPublicKeyParameters
          use org.bouncycastle.crypto.params.SLHDSAPublicKeyParameters 
org.bouncycastle.pqc.crypto.slhdsa.SLHDSASigner
          use org.bouncycastle.crypto.signers.SLHDSASigner 
org.bouncycastle.asn1.x509.TBSCertificateStructure
          use TBSCertificate 
org.bouncycastle.asn1.x509.X509CertificateStructure
          use org.bouncycastle.asn1.x509.Certificate 
org.bouncycastle.asn1.x509.X509Extension
          use Extension 
org.bouncycastle.asn1.x509.X509Extensions
          use Extension and Extensions 
org.bouncycastle.asn1.x509.X509ExtensionsGenerator
          use org.bouncycastle.asn1.x509.ExtensionsGenerator 
org.bouncycastle.asn1.x509.X509Name
          use org.bouncycastle.asn1.x500.X500Name. 
org.bouncycastle.asn1.x509.X509NameTokenizer
          use X500NameTokenizer 
 

Deprecated Interfaces
org.bouncycastle.crypto.KeyEncapsulation
          use EncapsulatedSecretGenerator and EncapsulatedSecretExtractor 
 

Deprecated Fields
org.bouncycastle.asn1.x509.ReasonFlags.AA_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.AA_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.ADD_INFO_NOT_AVAILABLE
          use lower case version 
org.bouncycastle.asn1.x509.ReasonFlags.AFFILIATION_CHANGED
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.AFFILIATION_CHANGED
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.AuditIdentity
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.AuthorityInfoAccess
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.AuthorityKeyIdentifier
          use X509Extension value. 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_ALG
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_CERT_ID
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_DATA_FORMAT
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_MESSAGE_CHECK
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_POP
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_REQUEST
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.BAD_TIME
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.BasicConstraints
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.BiometricInfo
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Name.C
          use a X500NameStyle 
org.bouncycastle.asn1.x509.ReasonFlags.CA_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.CA_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.x509.ReasonFlags.CERTIFICATE_HOLD
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.CERTIFICATE_HOLD
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.CertificateIssuer
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.CertificatePolicies
          use X509Extension value. 
org.bouncycastle.asn1.x509.ReasonFlags.CESSATION_OF_OPERATION
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.CESSATION_OF_OPERATION
          use lower case version 
org.bouncycastle.asn1.x509.X509Name.CN
          use a X500NameStyle 
org.bouncycastle.asn1.x509.X509Extensions.CRLDistributionPoints
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.CRLNumber
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.DeltaCRLIndicator
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Name.EmailAddress
          use a X500NameStyle 
org.bouncycastle.asn1.x509.X509Extensions.ExtendedKeyUsage
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.FreshestCRL
          use X509Extension value. 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_aa_commitmentType
          use id_aa_ets_commitmentType instead 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_aa_otherSigCert
          use id_aa_ets_otherSigCert instead 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_aa_signerLocation
          use id_aa_ets_signerLocation instead 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_aa_sigPolicyId
          use id_aa_ets_sigPolicyId instead 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_alg
          use smime_alg instead 
org.bouncycastle.asn1.x509.X509AttributeIdentifiers.id_at_privateKeyStatement
          use statementOfPossession 
org.bouncycastle.asn1.x509.X509ObjectIdentifiers.id_PasswordBasedMac
          Use CRMFObjectIdentifiers.passwordBasedMac instead 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_spq
          use id_spq_oid instead 
org.bouncycastle.asn1.cmp.PKIFailureInfo.INCORRECT_DATA
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.InhibitAnyPolicy
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.InstructionCode
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.InvalidityDate
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.IssuerAlternativeName
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.IssuingDistributionPoint
          use X509Extension value. 
org.bouncycastle.crypto.hpke.HPKE.kem_P384_SHA348
          use kem_P384_SHA384 
org.bouncycastle.asn1.x509.ReasonFlags.KEY_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.KEY_COMPROMISE
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.KeyUsage
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.LogoType
          use X509Extension value. 
org.bouncycastle.asn1.cmp.PKIFailureInfo.MISSING_TIME_STAMP
          use lower case version 
org.bouncycastle.asn1.x509.X509Extensions.NameConstraints
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.NoRevAvail
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Name.O
          use a X500NameStyle 
org.bouncycastle.asn1.x509.X509Name.OIDLookUp
          use DefaultSymbols 
org.bouncycastle.asn1.x509.X509Name.OU
          use a X500NameStyle 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC
          use pbeWithSHAAnd40BitRC2_CBC 
org.bouncycastle.asn1.x509.X509Extensions.PolicyConstraints
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.PolicyMappings
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.PrivateKeyUsagePeriod
          use X509Extension value. 
org.bouncycastle.asn1.x509.ReasonFlags.PRIVILEGE_WITHDRAWN
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.PRIVILEGE_WITHDRAWN
          use lower case version 
org.bouncycastle.asn1.eac.CertificateBody.profileType
            
org.bouncycastle.asn1.x509.X509Extensions.QCStatements
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.ReasonCode
          use X509Extension value. 
org.bouncycastle.asn1.x509.CRLReason.REMOVE_FROM_CRL
          use lower case version 
org.bouncycastle.asn1.eac.CertificateBody.requestType
            
org.bouncycastle.asn1.x509.X509AttributeIdentifiers.RoleSyntax
          use id_at_role 
org.bouncycastle.crypto.engines.Salsa20Engine.sigma
            
org.bouncycastle.asn1.x500.style.BCStyle.SN
          use SERIALNUMBER or SURNAME 
org.bouncycastle.crypto.encodings.PKCS1Encoding.STRICT_LENGTH_ENABLED_PROPERTY
          use NOT_STRICT_LENGTH_ENABLED_PROPERTY 
org.bouncycastle.asn1.x509.X509Extensions.SubjectAlternativeName
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.SubjectDirectoryAttributes
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.SubjectInfoAccess
          use X509Extension value. 
org.bouncycastle.asn1.x509.X509Extensions.SubjectKeyIdentifier
          use X509Extension value. 
org.bouncycastle.asn1.x509.ReasonFlags.SUPERSEDED
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.SUPERSEDED
          use lower case version 
org.bouncycastle.asn1.x509.X509Name.SymbolLookUp
          use DefaultLookUp 
org.bouncycastle.asn1.cmp.PKIFailureInfo.SYSTEM_FAILURE
          use lower case version 
org.bouncycastle.asn1.x509.X509Name.T
          use a X500NameStyle 
org.bouncycastle.asn1.x509.X509Extensions.TargetInformation
          use X509Extension value. 
org.bouncycastle.crypto.engines.Salsa20Engine.tau
            
org.bouncycastle.asn1.cmp.PKIFailureInfo.TIME_NOT_AVAILABLE
          use lower case version 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_IMPLICIT
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_IMPLICIT
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_IMPLICIT
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_RIPEMD128
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_RIPEMD128
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_RIPEMD128
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_RIPEMD160
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_RIPEMD160
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_RIPEMD160
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_SHA1
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_SHA1
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_SHA1
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_SHA224
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_SHA256
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_SHA256
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_SHA256
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_SHA384
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_SHA384
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_SHA384
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_SHA512
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_SHA512
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_SHA512
          use ISOTrailers 
org.bouncycastle.crypto.signers.X931Signer.TRAILER_WHIRLPOOL
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2Signer.TRAILER_WHIRLPOOL
          use ISOTrailers 
org.bouncycastle.crypto.signers.ISO9796d2PSSSigner.TRAILER_WHIRLPOOL
          use ISOTrailers 
org.bouncycastle.asn1.cmp.PKIFailureInfo.UNACCEPTED_EXTENSION
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.UNACCEPTED_POLICY
          use lower case version 
org.bouncycastle.asn1.x509.CRLReason.UNSPECIFIED
          use lower case version 
org.bouncycastle.asn1.x509.ReasonFlags.UNUSED
          use lower case version 
org.bouncycastle.asn1.cmp.PKIFailureInfo.WRONG_AUTHORITY
          use lower case version 
org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.x509certType
          use x509Certificate instead 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_mt_with_SHA256
          use xmss_mt_SHA256ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_mt_with_SHA512
          use xmss_mt_SHA512ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_mt_with_SHAKE128
          use xmss_mt_SHAKE128ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_mt_with_SHAKE256
          use xmss_mt_SHAKE256ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_with_SHA256
          use xmss_SHA256ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_with_SHA512
          use xmss_SHA512ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_with_SHAKE128
          use xmss_SHAKE128ph 
org.bouncycastle.pqc.asn1.PQCObjectIdentifiers.xmss_with_SHAKE256
          use xmss_SHAKE256ph 
 

Deprecated Methods
org.bouncycastle.asn1.x509.ExtensionsGenerator.addExtension(Extensions)
          Use addExtensions instead. 
org.bouncycastle.crypto.engines.ThreefishEngine.bytesToWord(byte[], int)
          Will be removed 
org.bouncycastle.util.Fingerprint.calculateFingerprintSHA512_160(byte[])
          use the SHAKE based version. 
org.bouncycastle.crypto.agreement.jpake.JPAKEUtil.calculateS(char[])
          Use version including the modulus instead. 
org.bouncycastle.util.GF16.decode(byte[], byte[], int)
          use GF16.decode(byte[], byte[], int). 
org.bouncycastle.math.ec.rfc7748.X448Field.decode(byte[], int[])
          Use X448Field.decode448(byte[], int[]) instead. 
org.bouncycastle.math.ec.rfc7748.X25519Field.decode(byte[], int[])
          Use X25519Field.decode255(byte[], int[]) instead. 
org.bouncycastle.util.GF16.decode(byte[], int, byte[], int, int)
          use GF16.decode(byte[], int, byte[], int, int). 
org.bouncycastle.math.ec.rfc7748.X448Field.decode(byte[], int, int[])
          Use X448Field.decode448(byte[], int, int[], int) instead. 
org.bouncycastle.math.ec.rfc7748.X25519Field.decode(byte[], int, int[])
          Use X25519Field.decode255(byte[], int, int[], int) instead. 
org.bouncycastle.math.ec.rfc7748.X448Field.decode(byte[], int, int[], int)
          Use X448Field.decode448(byte[], int, int[], int) instead. 
org.bouncycastle.math.ec.rfc7748.X25519Field.decode(byte[], int, int[], int)
          Use X25519Field.decode255(byte[], int, int[], int) instead. 
org.bouncycastle.math.ec.rfc7748.X448Field.decode(int[], int, int[])
          Use X448Field.decode448(int[], int, int[], int) instead. 
org.bouncycastle.math.ec.rfc7748.X25519Field.decode(int[], int, int[])
          Use X25519Field.decode255(int[], int, int[], int) instead. 
org.bouncycastle.crypto.kems.ECIESKeyEncapsulation.decrypt(byte[], int)
          use ECIESKEMExtractor 
org.bouncycastle.crypto.kems.ECIESKeyEncapsulation.decrypt(byte[], int, int, int)
          use ECIESKEMExtractor 
org.bouncycastle.util.GF16.encode(byte[], byte[], int)
          use GF16.encode(byte[], byte[], int). 
org.bouncycastle.util.GF16.encode(byte[], byte[], int, int)
          use GF16.encode(byte[], byte[], int, int). 
org.bouncycastle.crypto.kems.ECIESKeyEncapsulation.encrypt(byte[], int)
          use ECIESKEMGenerator 
org.bouncycastle.crypto.kems.ECIESKeyEncapsulation.encrypt(byte[], int, int)
          use ECIESKEMGenerator 
org.bouncycastle.crypto.generators.BCrypt.generate(byte[], byte[], int)
          as a direct replacement use BCrypt.generate(byte[], byte[], int, boolean) so the terminator choice is explicit at the call site — pass to have the spec-required 0x00 terminator appended (equivalent to feeding through BCrypt.passwordToByteArray(char[])), when the supplied bytes already include it. For general password hashing prefer OpenBSDBCrypt, which handles termination, salt formatting and the modular crypt output line; this raw primitive remains available for test-vector validation and interop with implementations that emit the 24-byte hash directly (issue #1741). 
org.bouncycastle.asn1.x509.SubjectPublicKeyInfo.getAlgorithmId()
          use getAlgorithm() 
org.bouncycastle.crypto.signers.RSADigestSigner.getAlgorithmName()
            
org.bouncycastle.asn1.ASN1BitString.getBytes(int)
          Will be removed 
org.bouncycastle.asn1.cms.TimeStampAndCRL.getCertificateList()
          use getCRL() 
org.bouncycastle.asn1.mozilla.PublicKeyAndChallenge.getChallenge()
          Use PublicKeyAndChallenge.getChallengeIA5() instead. 
org.bouncycastle.asn1.cmc.CMCStatusInfoV2.getcMCStatus()
          use getCMCStatus(); 
org.bouncycastle.asn1.cmc.RevokeRequest.getComment()
          Use RevokeRequest.getCommentUTF8() instead. 
org.bouncycastle.asn1.ess.ContentHints.getContentDescription()
          Use ContentHints.getContentDescriptionUTF8() instead. 
org.bouncycastle.asn1.esf.SignerLocation.getCountryName()
          use getCountry() 
org.bouncycastle.asn1.ocsp.CrlID.getCrlUrl()
          Use CrlID.getCrlUrlIA5() instead. 
org.bouncycastle.asn1.cms.TimeStampedDataParser.getDataUri()
          Use TimeStampedDataParser.getDataUriIA5() instead. 
org.bouncycastle.asn1.cms.TimeStampedData.getDataUri()
          Use TimeStampedData.getDataUriIA5() instead. 
org.bouncycastle.crypto.agreement.ECVKOAgreement.getFieldSize()
          Will be removed 
org.bouncycastle.asn1.cms.MetaData.getFileName()
          Use MetaData.getFileNameUTF8() instead. 
org.bouncycastle.asn1.bc.ExternalValue.getHashVal()
          use getHash(), the internal encoding is now an OCTET STRING 
org.bouncycastle.asn1.tsp.EncryptionInfo.getInstance(ASN1Object)
          Use EncryptionInfo.getInstance(Object) instead. 
org.bouncycastle.asn1.x509.AuthorityKeyIdentifier.getKeyIdentifier()
          Use AuthorityKeyIdentifier.getKeyIdentifierOctets() instead. 
org.bouncycastle.asn1.cryptopro.GOST3410ParamSetParameters.getLKeySize()
          use getKeySize 
org.bouncycastle.asn1.esf.SignerLocation.getLocalityName()
          use getLocality() 
org.bouncycastle.asn1.cms.MetaData.getMediaType()
          Use MetaData.getMediaTypeIA5() instead. 
org.bouncycastle.asn1.ASN1BitString.getPadBits(int)
          Will be removed 
org.bouncycastle.crypto.params.MLKEMPrivateKeyParameters.getParametersWithFormat(int)
          Use MLKEMPrivateKeyParameters.withPreferredFormat(int) instead. 
org.bouncycastle.pqc.crypto.mlkem.MLKEMPrivateKeyParameters.getParametersWithFormat(int)
          Use MLKEMPrivateKeyParameters.withPreferredFormat(int) instead. 
org.bouncycastle.asn1.crmf.CertReqMsg.getPopo()
          use getPop 
org.bouncycastle.crypto.params.MLDSAPrivateKeyParameters.getPrivateKey()
          Use MLDSAPrivateKeyParameters.getEncoded() instead. 
org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumPrivateKeyParameters.getPrivateKey()
          Use DilithiumPrivateKeyParameters.getEncoded() instead. 
org.bouncycastle.pqc.crypto.mldsa.MLDSAPrivateKeyParameters.getPrivateKey()
          Use MLDSAPrivateKeyParameters.getEncoded() instead. 
org.bouncycastle.asn1.cms.OriginatorPublicKey.getPublicKey()
          Use OriginatorPublicKey.getPublicKeyData() instead. 
org.bouncycastle.asn1.x509.SubjectPublicKeyInfo.getPublicKey()
          use parsePublicKey 
org.bouncycastle.asn1.x509.qualified.BiometricData.getSourceDataUri()
          Use BiometricData.getSourceDataUriIA5() instead. 
org.bouncycastle.asn1.cmc.CMCStatusInfoV2.getStatusString()
          Use CMCStatusInfoV2.getStatusStringUTF8() instead. 
org.bouncycastle.asn1.cmc.CMCStatusInfo.getStatusString()
          Use CMCStatusInfo.getStatusStringUTF8() instead. 
org.bouncycastle.asn1.cmp.PKIFreeText.getStringAt(int)
          Use PKIFreeText.getStringAtUTF8(int) instead. 
org.bouncycastle.asn1.cmp.CRLStatus.getTime()
          Use CRLStatus.getThisUpdate() instead. 
org.bouncycastle.asn1.x509.DeltaCertificateDescriptor.getValidity()
          Use getValidityObject instead. 
org.bouncycastle.asn1.cms.RecipientInfo.getVersion()
          Will be removed 
org.bouncycastle.asn1.cmp.CMPCertificate.getX509v2AttrCert()
          use getOtherCert and getOtherTag to make sure message is really what it should be. 
org.bouncycastle.util.GF16.innerProduct(byte[], int, byte[], int, int)
          use GF16.innerProduct(byte[], int, byte[], int, int). 
org.bouncycastle.crypto.kems.MLKEMGenerator.internalGenerateEncapsulated(AsymmetricKeyParameter, byte[])
          Use MLKEMGenerator.internalGenerateEncapsulated(MLKEMPublicKeyParameters, byte[]) instead. 
org.bouncycastle.pqc.crypto.mlkem.MLKEMGenerator.internalGenerateEncapsulated(AsymmetricKeyParameter, byte[])
          Use MLKEMGenerator.internalGenerateEncapsulated(MLKEMPublicKeyParameters, byte[]) instead. 
org.bouncycastle.util.GF16.inv(byte)
          use GF16.inv(byte). 
org.bouncycastle.util.GF16.mul(byte, byte)
          use GF16.mul(byte, byte). 
org.bouncycastle.util.GF16.mul(int, int)
          use GF16.mul(int, int). 
org.bouncycastle.asn1.ASN1InputStream.readFully(byte[])
          No longer used; will be removed 
org.bouncycastle.asn1.ASN1InputStream.readLength()
          No longer used; will be removed 
org.bouncycastle.asn1.crmf.CertTemplateBuilder.setExtensions(X509Extensions)
          use method taking Extensions 
org.bouncycastle.asn1.x509.V3TBSCertificateGenerator.setExtensions(X509Extensions)
          use method taking Extensions 
org.bouncycastle.asn1.x509.V2TBSCertListGenerator.setExtensions(X509Extensions)
          use the method taking Extensions 
org.bouncycastle.asn1.x509.V2AttributeCertificateInfoGenerator.setExtensions(X509Extensions)
          use method taking Extensions 
org.bouncycastle.asn1.x509.V3TBSCertificateGenerator.setIssuer(X509Name)
          use X500Name method 
org.bouncycastle.asn1.x509.V2TBSCertListGenerator.setIssuer(X509Name)
          use X500Name method 
org.bouncycastle.asn1.x509.V1TBSCertificateGenerator.setIssuer(X509Name)
          use X500Name method 
org.bouncycastle.asn1.x509.V3TBSCertificateGenerator.setSubject(X509Name)
          use X500Name method 
org.bouncycastle.asn1.x509.V1TBSCertificateGenerator.setSubject(X509Name)
          use X500Name method 
org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters.sign(int, Ed25519PublicKeyParameters, byte[], byte[], int, int, byte[], int)
          use overload that doesn't take a public key 
org.bouncycastle.crypto.params.Ed448PrivateKeyParameters.sign(int, Ed448PublicKeyParameters, byte[], byte[], int, int, byte[], int)
          use overload that doesn't take a public key 
org.bouncycastle.asn1.x509.DeltaCertificateDescriptor.trimTo(TBSCertificate, Extensions)
          Use DeltaCertificateTool#trimDeltaCertificateDescriptor instead. 
org.bouncycastle.crypto.engines.ThreefishEngine.wordToBytes(long, byte[], int)
          Will be removed 
 

Deprecated Constructors
org.bouncycastle.asn1.tsp.Accuracy()
          Will be removed 
org.bouncycastle.crypto.engines.AESEngine()
          use AESEngine.newInstance() 
org.bouncycastle.crypto.AsymmetricCipherKeyPair(CipherParameters, CipherParameters)
          use AsymmetricKeyParameter 
org.bouncycastle.asn1.x509.AuthorityKeyIdentifier(SubjectPublicKeyInfo)
          create the extension using org.bouncycastle.cert.X509ExtensionUtils 
org.bouncycastle.asn1.x509.AuthorityKeyIdentifier(SubjectPublicKeyInfo, GeneralNames, BigInteger)
          create the extension using org.bouncycastle.cert.X509ExtensionUtils 
org.bouncycastle.crypto.macs.BlockCipherMac(BlockCipher)
          use CBCBlockCipherMac 
org.bouncycastle.crypto.macs.BlockCipherMac(BlockCipher, int)
          use CBCBlockCipherMac 
org.bouncycastle.crypto.BufferedBlockCipher(BlockCipher)
          use the constructor on DefaultBufferedBlockCipher. 
org.bouncycastle.crypto.modes.CBCBlockCipher(BlockCipher)
          use the CBCBlockCipher.newInstance() static method. 
org.bouncycastle.crypto.modes.CCMBlockCipher(BlockCipher)
          use the CCMBlockCipher.newInstance() static method. 
org.bouncycastle.asn1.cmp.CertAnnContent(AttributeCertificate)
          use (type, otherCert) constructor 
org.bouncycastle.asn1.pkcs.CertificationRequest(ASN1Sequence)
          use getInstance() 
org.bouncycastle.asn1.pkcs.CertificationRequestInfo(X509Name, SubjectPublicKeyInfo, ASN1Set)
          use X500Name method. 
org.bouncycastle.crypto.modes.CFBBlockCipher(BlockCipher, int)
          use the equivalent CFBBlockCipher.newInstance() static method. 
org.bouncycastle.pqc.asn1.CMCEPublicKey(ASN1Sequence)
          use getInstance() 
org.bouncycastle.asn1.cmp.CMPCertificate(AttributeCertificate)
          use (type, otherCert) constructor 
org.bouncycastle.asn1.DERExternal(ASN1EncodableVector)
          Use DERExternal.fromVector(ASN1EncodableVector) instead. 
org.bouncycastle.asn1.DERExternal(DERSequence)
          Use DERExternal.fromSequence(ASN1Sequence) instead. 
org.bouncycastle.asn1.DLExternal(ASN1EncodableVector)
          Use DLExternal.fromVector(ASN1EncodableVector) instead. 
org.bouncycastle.asn1.DLExternal(DLSequence)
          Use DLExternal.fromSequence(ASN1Sequence) instead. 
org.bouncycastle.math.ec.ECCurve.F2m(int, int, BigInteger, BigInteger)
          use constructor taking order/cofactor 
org.bouncycastle.math.ec.ECCurve.F2m(int, int, int, int, BigInteger, BigInteger)
          use constructor taking order/cofactor 
org.bouncycastle.math.ec.ECCurve.Fp(BigInteger, BigInteger, BigInteger)
          use constructor taking order/cofactor 
org.bouncycastle.asn1.x509.ExtendedKeyUsage(Vector)
          use KeyPurposeId[] constructor. 
org.bouncycastle.pqc.asn1.FalconPublicKey(ASN1Sequence)
          use getInstance() 
org.bouncycastle.util.Fingerprint(byte[], boolean)
          use the SHAKE only version. 
org.bouncycastle.crypto.modes.GCMBlockCipher(BlockCipher)
          use the GCMBlockCipher.newInstance() static method. 
org.bouncycastle.crypto.modes.GCMBlockCipher(BlockCipher, GCMMultiplier)
          use the CBCBlockCipher.newInstance() static method. 
org.bouncycastle.asn1.x509.GeneralName(X509Name)
          use X500Name constructor. 
org.bouncycastle.asn1.cms.IssuerAndSerialNumber(ASN1Sequence)
          use getInstance() method. 
org.bouncycastle.asn1.cms.IssuerAndSerialNumber(X509CertificateStructure)
          use constructor taking Certificate 
org.bouncycastle.asn1.cms.IssuerAndSerialNumber(X509Name, ASN1Integer)
          use X500Name constructor 
org.bouncycastle.asn1.cms.IssuerAndSerialNumber(X509Name, BigInteger)
          use X500Name constructor 
org.bouncycastle.crypto.macs.OldHMac(Digest)
          uses incorrect pad for SHA-512 and SHA-384 use HMac. 
org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey(ASN1OctetString)
          use version taking a SubjectKeyIdentifier 
org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey(ASN1Primitive)
          use more specific version 
org.bouncycastle.asn1.x509.PolicyMappings(Hashtable)
          use CertPolicyId constructors. 
org.bouncycastle.asn1.x509.PolicyQualifierInfo(ASN1Sequence)
          use PolicyQualifierInfo.getInstance() 
org.bouncycastle.asn1.ocsp.ResponseData(ResponderID, ASN1GeneralizedTime, ASN1Sequence, X509Extensions)
          use method taking Extensions 
org.bouncycastle.asn1.cmp.RevDetails(CertTemplate, X509Extensions)
          use method taking Extensions 
org.bouncycastle.crypto.modes.SICBlockCipher(BlockCipher)
          use newInstance() method. 
org.bouncycastle.asn1.ocsp.SingleResponse(CertID, CertStatus, ASN1GeneralizedTime, ASN1GeneralizedTime, X509Extensions)
          use method taking ASN1GeneralizedTime and Extensions 
org.bouncycastle.pqc.asn1.SPHINCSPLUSPrivateKey(ASN1Sequence)
          use getInstance() 
org.bouncycastle.pqc.asn1.SPHINCSPLUSPublicKey(ASN1Sequence)
          use getInstance() 
org.bouncycastle.asn1.x509.SubjectPublicKeyInfo(ASN1Sequence)
          use SubjectPublicKeyInfo.getInstance() 
org.bouncycastle.asn1.ocsp.TBSRequest(GeneralName, ASN1Sequence, X509Extensions)
          use method taking Extensions 
org.bouncycastle.asn1.x500.X500Name(X500NameStyle, X500Name)
          use the getInstance() method that takes a style. 
org.bouncycastle.asn1.x509.X509Extensions(Vector, Hashtable)
          use Extensions 
org.bouncycastle.asn1.x509.X509Extensions(Vector, Vector)
          use Extensions 
org.bouncycastle.asn1.x509.X509Name(ASN1Sequence)
          use X500Name.getInstance() 
org.bouncycastle.asn1.x509.X509Name(boolean, Hashtable, String)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(boolean, String)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(boolean, String, X509NameEntryConverter)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(Hashtable)
          use an ordered constructor! The hashtable ordering is rarely correct 
org.bouncycastle.asn1.x509.X509Name(String)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(String, X509NameEntryConverter)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(Vector, Hashtable, X509NameEntryConverter)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(Vector, Vector)
          use X500Name, X500NameBuilder 
org.bouncycastle.asn1.x509.X509Name(Vector, Vector, X509NameEntryConverter)
          use X500Name, X500NameBuilder 
org.bouncycastle.pqc.crypto.xwing.XWingPrivateKeyParameters(byte[], MLKEMPrivateKeyParameters, X25519PrivateKeyParameters, MLKEMPublicKeyParameters, X25519PublicKeyParameters)
          use the constructor taking org.bouncycastle.crypto.params.MLKEMKeyPublicKeyParameters 
 


Bouncy Castle Cryptography Library 1.85