Add note that only SHA1withRSA issuer is actually used

peterdettman · peterdettman · commit ed2d4390eb3c · 2025-03-12T14:01:13.000+07:00
diff --git a/pkix/src/test/java/org/bouncycastle/cms/test/CMSTestUtil.java b/pkix/src/test/java/org/bouncycastle/cms/test/CMSTestUtil.java
@@ -504,6 +504,10 @@ public static X509Certificate makeOaepCertificate(KeyPair subKP, String _subDN,
 
     private static JcaContentSignerBuilder makeContentSignerBuilder(PublicKey issPub)
     {
+        /*
+         * NOTE: Current ALL test certificates are issued under a SHA1withRSA root, so this list is mostly
+         * redundant (and also incomplete in that it doesn't handle EdDSA or ML-DSA issuers).
+         */
         JcaContentSignerBuilder contentSignerBuilder;
         if (issPub instanceof RSAPublicKey)
         {
@@ -521,10 +525,14 @@ else if (issPub.getAlgorithm().equals("ECGOST3410"))
         {
             contentSignerBuilder = new JcaContentSignerBuilder("GOST3411withECGOST3410");
         }
-        else
+        else if (issPub.getAlgorithm().equals("GOST3410"))
         {
             contentSignerBuilder = new JcaContentSignerBuilder("GOST3411WithGOST3410");
         }
+        else
+        {
+            throw new UnsupportedOperationException("Algorithm handlers incomplete");
+        }
 
         contentSignerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
 

Original file line number	Diff line number	Diff line change
`@@ -504,6 +504,10 @@ public static X509Certificate makeOaepCertificate(KeyPair subKP, String _subDN,`
`504`	`504`
`505`	`505`	`private static JcaContentSignerBuilder makeContentSignerBuilder(PublicKey issPub)`
`506`	`506`	`{`
	`507`	`+ /*`
	`508`	`+ * NOTE: Current ALL test certificates are issued under a SHA1withRSA root, so this list is mostly`
	`509`	`+ * redundant (and also incomplete in that it doesn't handle EdDSA or ML-DSA issuers).`
	`510`	`+ */`
`507`	`511`	`JcaContentSignerBuilder contentSignerBuilder;`
`508`	`512`	`if (issPub instanceof RSAPublicKey)`
`509`	`513`	`{`
`@@ -521,10 +525,14 @@ else if (issPub.getAlgorithm().equals("ECGOST3410"))`
`521`	`525`	`{`
`522`	`526`	`contentSignerBuilder = new JcaContentSignerBuilder("GOST3411withECGOST3410");`
`523`	`527`	`}`
`524`		`- else`
	`528`	`+ else if (issPub.getAlgorithm().equals("GOST3410"))`
`525`	`529`	`{`
`526`	`530`	`contentSignerBuilder = new JcaContentSignerBuilder("GOST3411WithGOST3410");`
`527`	`531`	`}`
	`532`	`+ else`
	`533`	`+ {`
	`534`	`+ throw new UnsupportedOperationException("Algorithm handlers incomplete");`
	`535`	`+ }`
`528`	`536`
`529`	`537`	`contentSignerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);`
`530`	`538`