"Why do you need BC provider?" ,I most tutorials about signing pdf with smart cards this is what is used BC and Itext.I don't know if there is another way ,probably yes ,since BC takes 1,7 mb it would sure come in handy for a web applet to exclude BC.
I have seen http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/HowToImplAJCEProvider.html#Step%205
I will give it a go(seems a bit complicated).What I did not know is that bouncy castle cames in already signed.I saw somewere thar all the jars in applet must be signed in the same way(with the same cert.).A solution might be to remove the signature from bouncy castle with which it was dilivered and sign it myself in the same way i would sign the applet alone and the itext lib!?