You are of course free not to use static imports. I personally like them as the code looks a bit tidier.
Passwords in the API are typed as a char array. There is a good reason for this: depending on implementation specifics, String instances might be stored in a permanent memory area.
One might argue that accessing this memory area is not easy task for an attacker, but there's plenty of reasons why this is not always the case.
So, Bruce only accepts passwords as char arrays. If you are working with passwords that are already arriving to you in a String instance, just call .toCharArray() on it to perform the conversion where necessary.
Raw byte arrays
At the most basic level, computers work with bits. In Java, you can work at the bit level, but the most basic form of storage for encrypted data is the byte. At low level, Java cryptography usually works on arrays of bytes, such as:
The MESSAGE_SHA1 and hash byte arrays are identical. You can easily see however how this is not always a very practical representation format. You cannot directly use this value in a text file, an email message or a JSON payload.
For these reasons all methods that work with raw byte arrays also have an overloaded version that supports different encodings.
SMTP, the protocol the Internet uses for sending emails, - in its original form - was designed to transport 7-bit ASCII characters only. Base64 works around this limitation by using characters that fit in a 7-bit space.
Cipher encoding vs charset encoding
Please do not confuse the cipher encoding with the message character encoding. They are different things in the API parameters, and they are different Java types in Bruce so any confusion results in a compiler error.
All methods allow specifying an optional JCA provider.
I won't provide documentation for all overloaded methods that allow specifying a custom provider, otherwise the documentation would become even more verbose than it already is. Just know that the methods are there if you need them.
Do not forget to add the appropriate provider jar to the classpath for this to work.
There is a single exception in Bruce that wraps all kinds of errors: the BruceException. As it is a RuntimeException, you are not forced to catch it.
Initialization and configuration errors are raised as soon as possible.
Wherever possible, the originating exception is wrapped and can be accessed through the getCause() method.