Search code examples
javasecuritybouncycastleencryption-asymmetricpublic-key-encryption

Java security with Bouncy Castle API

I want to know whether Bouncy Castle API is good fit for asymmetric encryption in Java.

Currently I am doing this with Java's JCE API. Will there be any advantages if I use Bouncy Castle API for asymmetric encryption?

Solution

  • An advantage of using JCE mechanisms is that it is something of a standard, so you may use any of several providers to work with depending on your needs. You will find many JCE providers, commercial and free, that cover much of the crypto spectrum. There might even be some hardware (HSM) support through a proprietary JCE provider, though I don't know that for a fact.

    Some advantages of completely avoiding the JCE and using the Bouncycastle lightweight API (BC LWAPI) exclusively are:

    1. No additional policy files are needed to make any of the cryptography work. E.g. you can use AES-256 without requiring users to download the unlimited jurisdiction policy files.
    2. The BC LWAPI is supported on the JME (formerly J2ME) environment. The JCE is not.
    3. Many more cryptographic primitives are supported in the BC LWAPI.