The Legion of the Bouncy Castle Java Cryptography API provides a lightweight cryptography API in Java, a provider for the JCE and JCA, a clean-room implementation of the JCE 1.2.1, generators for Version 1 and Version 3 X.509 certificates, generators for Version 2 X.509 attribute certificates, PKCS12 support, and APIs for dealing with S/MIME, CMS, OCSP, TSP, CMP, CRMF, EAC, OpenPGP, and TLS. Versions are provided for the J2ME, and JDK 1.0-1.7.

Changes:
This release includes further cleanup, and the PEM API is now usable via operator interfaces (use PEMParser for reading). The SHA3 family of digests and the DSTU-4145-2002 signature algorithm have been added. A new provider (BCPQ) has been added with support for the Rainbow signatures and McEliece-style encryption. Also added is support for auto-generation of ephemeral keys in IES. A number of bugs have been fixed, and the TLS/SSL API has been updated to avoid the issues raised by the "Lucky Thirteen" attack. If you are using the BC TLS/SSL API, the authors strongly recommend updating to this release.

URL:
Legion of the Bouncy Castle Java Cryptography API