When it comes to encryption, Bouncy Castle is probably the most popular library in the Java ecosystem. It has great algorithm support and is actively maintained.

However, when trying to use it to add OpenPGP support to your application, you quickly find yourself digging through StackOverflow posts with walls of hard-to-read source code. To even create a simple encrypted, signed message, you are supposed to wrap at least three different OutputStreams obtained from different Factories, each initialized with tons of obscure parameters such as buffer sizes and Provider classes.