BouncyCastle Version 1.24 now available.

This is largely a bug fix release, patching a problem that was introduced in 1.23 that could affect the encoding of ASN.1 bit strings.
Other fixes include:

  • OpenPGP Secret key rings now parse key rings with user attribute packets in them correctly.
  • OpenPGP Secret key rings now parse key rings with GPG comment packets in them.
  • X509Name and X509Principal now correctly handle BitStrings.
  • OpenPGP now correctly recognises RSA signature only keys.
  • When re-encoding PGP public keys taken off secret keys getEncoded would sometimes throw a NullPointerException.
  • A basic PKCS12 file with a single key and certificate, but no attributes, would cause a null pointer exception.
  • Signature verification now handles signatures where the parameters block is missing rather than NULL.
  • Lightweight CBCBlockCipherMac was failing to add padding if padding was being explicitly provided and data length was a multiple of the block size.
  • ZIP compression in PGP was failing to compress data in many cases.
  • Signatures were occassionally produced with incorrect padding in their associated bit strings.
  • An encoding error introduced in 1.23 which affected generation of the KeyUsage extension.

As usual, this can be downloaded from