I don't know if this is on purpose, but it sounds a bit strange to me (sorry if I'm wrong).
DefaultSignatureAlgorithmIdentifierFinder adds mappings for PSS parameters for hash algorithms of SHA-2 family with DERNull.INSTANCE as parameters, see here an example:
//
// explicit params
//
AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
addParameters("SHA1WITHRSAANDMGF1", createPSSParams(sha1AlgId, 20));
AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
addParameters("SHA224WITHRSAANDMGF1", createPSSParams(sha224AlgId, 28));
AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
addParameters("SHA256WITHRSAANDMGF1", createPSSParams(sha256AlgId, 32));
AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
addParameters("SHA384WITHRSAANDMGF1", createPSSParams(sha384AlgId, 48));
AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
addParameters("SHA512WITHRSAANDMGF1", createPSSParams(sha512AlgId, 64));These AlgorithmIdentifiers are used for both the hash and the MGF1 hash.
In DefaultDigestAlgorithmIdentifierFinder, instead, the AlgorithmIdentifiers for SHA-2 algorithms are explicitly created with no parameters, contrary to SHA-1:
// IETF RFC 3370
addDigestAlgId(OIWObjectIdentifiers.idSHA1, true);
// IETF RFC 5754
addDigestAlgId(NISTObjectIdentifiers.id_sha224, false);
addDigestAlgId(NISTObjectIdentifiers.id_sha256, false);
addDigestAlgId(NISTObjectIdentifiers.id_sha384, false);
addDigestAlgId(NISTObjectIdentifiers.id_sha512, false);
addDigestAlgId(NISTObjectIdentifiers.id_sha512_224, false);
addDigestAlgId(NISTObjectIdentifiers.id_sha512_256, false);It seems like the same happens for SHA-3 algorithms.
Is this correct?
I'm using Bouncy Castle 1.84.
I don't know if this is on purpose, but it sounds a bit strange to me (sorry if I'm wrong).
DefaultSignatureAlgorithmIdentifierFinderadds mappings for PSS parameters for hash algorithms of SHA-2 family withDERNull.INSTANCEas parameters, see here an example:These AlgorithmIdentifiers are used for both the hash and the MGF1 hash.
In
DefaultDigestAlgorithmIdentifierFinder, instead, the AlgorithmIdentifiers for SHA-2 algorithms are explicitly created with no parameters, contrary to SHA-1:It seems like the same happens for SHA-3 algorithms.
Is this correct?
I'm using Bouncy Castle 1.84.