summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-07-26 13:28:56 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-07-26 13:28:56 +0700
commita69de14e882795cc0a0c4d1e7910e08044318626 (patch)
tree3a5ab7703d2e7b8ece047496986234322f6b7e37 /crypto/src
parentRefactoring around algorithm finders (diff)
downloadBouncyCastle.NET-ed25519-a69de14e882795cc0a0c4d1e7910e08044318626.tar.xz
Create new API for algorithm finders
Diffstat (limited to '')
-rw-r--r--crypto/src/cmp/CertificateConfirmationContent.cs26
-rw-r--r--crypto/src/cmp/CertificateConfirmationContentBuilder.cs29
-rw-r--r--crypto/src/cmp/CertificateStatus.cs39
-rw-r--r--crypto/src/cms/CMSSignedData.cs27
-rw-r--r--crypto/src/cms/CMSSignedDataGenerator.cs37
-rw-r--r--crypto/src/cms/CMSSignedGenerator.cs809
-rw-r--r--crypto/src/cms/CMSSignedHelper.cs5
-rw-r--r--crypto/src/cms/CMSUtils.cs13
-rw-r--r--crypto/src/operators/utilities/DefaultDigestAlgorithmFinder.cs326
-rw-r--r--crypto/src/operators/utilities/DefaultSignatureAlgorithmFinder.cs533
-rw-r--r--crypto/src/operators/utilities/IDigestAlgorithmFinder.cs32
-rw-r--r--crypto/src/operators/utilities/ISignatureAlgorithmFinder.cs9
12 files changed, 1015 insertions, 870 deletions
diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs
index 13db89c37..262a28531 100644
--- a/crypto/src/cmp/CertificateConfirmationContent.cs
+++ b/crypto/src/cmp/CertificateConfirmationContent.cs
@@ -1,44 +1,52 @@
 using System;
 
 using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Operators.Utilities;
 
 namespace Org.BouncyCastle.Cmp
 {
     public class CertificateConfirmationContent
     {
         public static CertificateConfirmationContent FromPkiBody(PkiBody pkiBody) =>
-            FromPkiBody(pkiBody, DefaultDigestAlgorithmIdentifierFinder.Instance);
+            FromPkiBody(pkiBody, DefaultDigestAlgorithmFinder.Instance);
 
         public static CertificateConfirmationContent FromPkiBody(PkiBody pkiBody,
-            DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+            IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             if (!IsCertificateConfirmationContent(pkiBody.Type))
                 throw new ArgumentException("content of PkiBody wrong type: " + pkiBody.Type);
 
-            return new CertificateConfirmationContent(CertConfirmContent.GetInstance(pkiBody.Content), digestAlgFinder);
+            var content = CertConfirmContent.GetInstance(pkiBody.Content);
+
+            return new CertificateConfirmationContent(content, digestAlgorithmFinder);
         }
 
         public static bool IsCertificateConfirmationContent(int bodyType) => PkiBody.TYPE_CERT_CONFIRM == bodyType;
 
         private readonly CertConfirmContent m_content;
-        private readonly DefaultDigestAlgorithmIdentifierFinder m_digestAlgIDFinder;
+        private readonly IDigestAlgorithmFinder m_digestAlgorithmFinder;
 
         public CertificateConfirmationContent(CertConfirmContent content)
-            : this(content, DefaultDigestAlgorithmIdentifierFinder.Instance)
+            : this(content, DefaultDigestAlgorithmFinder.Instance)
         {
         }
 
+        [Obsolete("Use constructor taking 'IDigestAlgorithmFinder' instead")]
         public CertificateConfirmationContent(CertConfirmContent content,
-            DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+            Org.BouncyCastle.Cms.DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+            : this(content, (IDigestAlgorithmFinder)digestAlgFinder)
+        {
+        }
+
+        public CertificateConfirmationContent(CertConfirmContent content, IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             m_content = content;
-            m_digestAlgIDFinder = digestAlgFinder;
+            m_digestAlgorithmFinder = digestAlgorithmFinder;
         }
 
         public CertConfirmContent ToAsn1Structure() => m_content;
 
         public CertificateStatus[] GetStatusMessages() => Array.ConvertAll(m_content.ToCertStatusArray(),
-            element => new CertificateStatus(m_digestAlgIDFinder, element));
+            element => new CertificateStatus(m_digestAlgorithmFinder, element));
     }
 }
diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
index 4178264b4..32fef908b 100644
--- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
+++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
@@ -1,10 +1,10 @@
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.X509;
 
@@ -12,18 +12,24 @@ namespace Org.BouncyCastle.Cmp
 {
     public sealed class CertificateConfirmationContentBuilder
     {
-        private readonly DefaultDigestAlgorithmIdentifierFinder m_digestAlgFinder;
+        private readonly IDigestAlgorithmFinder m_digestAlgorithmFinder;
         private readonly List<X509Certificate> m_acceptedCerts = new List<X509Certificate>();
         private readonly List<BigInteger> m_acceptedReqIDs = new List<BigInteger>();
 
         public CertificateConfirmationContentBuilder()
-            : this(DefaultDigestAlgorithmIdentifierFinder.Instance)
+            : this(DefaultDigestAlgorithmFinder.Instance)
         {
         }
 
-        public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+        [Obsolete("Use constructor taking 'IDigestAlgorithmFinder' instead")]
+        public CertificateConfirmationContentBuilder(Org.BouncyCastle.Cms.DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+            : this((IDigestAlgorithmFinder)digestAlgFinder)
         {
-            m_digestAlgFinder = digestAlgFinder;
+        }
+
+        public CertificateConfirmationContentBuilder(IDigestAlgorithmFinder digestAlgorithmFinder)
+        {
+            m_digestAlgorithmFinder = digestAlgorithmFinder;
         }
 
         public CertificateConfirmationContentBuilder AddAcceptedCertificate(X509Certificate certHolder,
@@ -42,10 +48,10 @@ namespace Org.BouncyCastle.Cmp
                 X509Certificate cert = m_acceptedCerts[i];
                 BigInteger reqID = m_acceptedReqIDs[i];
 
-                var sigAlgID = DefaultSignatureAlgorithmIdentifierFinder.Instance.Find(cert.SigAlgName)
+                var sigAlgID = DefaultSignatureAlgorithmFinder.Instance.Find(cert.SigAlgName)
                     ?? throw new CmpException("cannot find algorithm identifier for signature name");
 
-                AlgorithmIdentifier digAlgID = m_digestAlgFinder.Find(sigAlgID)
+                var digAlgID = m_digestAlgorithmFinder.Find(sigAlgID)
                     ?? throw new CmpException("cannot find algorithm for digest from signature");
 
                 byte[] digest = DigestUtilities.CalculateDigest(digAlgID.Algorithm, cert.GetEncoded());
@@ -53,8 +59,9 @@ namespace Org.BouncyCastle.Cmp
                 v.Add(new CertStatus(digest, reqID));
             }
 
-            return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)),
-                m_digestAlgFinder);
+            var content = CertConfirmContent.GetInstance(new DerSequence(v));
+
+            return new CertificateConfirmationContent(content, m_digestAlgorithmFinder);
         }
     }
 }
diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs
index 8ccf89562..55292329a 100644
--- a/crypto/src/cmp/CertificateStatus.cs
+++ b/crypto/src/cmp/CertificateStatus.cs
@@ -1,7 +1,9 @@
-using Org.BouncyCastle.Asn1.Cmp;
+using System;
+
+using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.X509;
@@ -10,30 +12,39 @@ namespace Org.BouncyCastle.Cmp
 {
     public class CertificateStatus
     {
-        private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder;
-        private readonly CertStatus certStatus;
+        private readonly IDigestAlgorithmFinder m_digestAlgorithmFinder;
+        private readonly CertStatus m_certStatus;
 
-        public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus)
+        [Obsolete("Use constructor taking 'IDigestAlgorithmFinder' instead")]
+        public CertificateStatus(Org.BouncyCastle.Cms.DefaultDigestAlgorithmIdentifierFinder digestAlgFinder,
+            CertStatus certStatus)
+            : this((IDigestAlgorithmFinder)digestAlgFinder, certStatus)
         {
-            this.digestAlgFinder = digestAlgFinder;
-            this.certStatus = certStatus;
         }
 
-        public virtual PkiStatusInfo StatusInfo => certStatus.StatusInfo;
+        public CertificateStatus(IDigestAlgorithmFinder digestAlgorithmFinder, CertStatus certStatus)
+        {
+            m_digestAlgorithmFinder = digestAlgorithmFinder;
+            m_certStatus = certStatus;
+        }
 
-        public virtual BigInteger CertRequestID => certStatus.CertReqID.Value;
+        public virtual PkiStatusInfo StatusInfo => m_certStatus.StatusInfo;
+
+        public virtual BigInteger CertRequestID => m_certStatus.CertReqID.Value;
 
         public virtual bool IsVerified(X509Certificate cert)
         {
-            var sigAlgID = DefaultSignatureAlgorithmIdentifierFinder.Instance.Find(cert.SigAlgName)
+            var signatureName = cert.SigAlgName;
+
+            var signatureAlgorithm = DefaultSignatureAlgorithmFinder.Instance.Find(signatureName)
                 ?? throw new CmpException("cannot find algorithm identifier for signature name");
 
-            var digAlgID = digestAlgFinder.Find(sigAlgID)
-                ?? throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName);
+            var digestAlgorithm = m_digestAlgorithmFinder.Find(signatureAlgorithm)
+                ?? throw new CmpException("cannot find algorithm for digest from signature " + signatureName);
 
-            byte[] digest = DigestUtilities.CalculateDigest(digAlgID.Algorithm, cert.GetEncoded());
+            byte[] digest = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm, cert.GetEncoded());
 
-            return Arrays.FixedTimeEquals(certStatus.CertHash.GetOctets(), digest);
+            return Arrays.FixedTimeEquals(m_certStatus.CertHash.GetOctets(), digest);
         }
     }
 }
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs
index cd517085c..a14a4dadb 100644
--- a/crypto/src/cms/CMSSignedData.cs
+++ b/crypto/src/cms/CMSSignedData.cs
@@ -5,6 +5,7 @@ using System.IO;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
 
@@ -271,29 +272,29 @@ namespace Org.BouncyCastle.Cms
 
         /**
          * Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm
-         * in it. Uses the current DigestAlgorithmIdentifierFinder for creating the digest sets.
+         * in it. Uses the DefaultDigestAlgorithmFinder for creating the digest sets.
          *
          * @param signedData      the signed data object to be used as a base.
          * @param digestAlgorithm the digest algorithm to be added to the signed data.
          * @return a new signed data object.
          */
         public static CmsSignedData AddDigestAlgorithm(CmsSignedData signedData, AlgorithmIdentifier digestAlgorithm) =>
-            AddDigestAlgorithm(signedData, digestAlgorithm, DefaultDigestAlgorithmIdentifierFinder.Instance);
+            AddDigestAlgorithm(signedData, digestAlgorithm, DefaultDigestAlgorithmFinder.Instance);
 
         /**
          * Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm
-         * in it. Uses the passed in DigestAlgorithmIdentifierFinder for creating the digest sets.
+         * in it. Uses the passed in IDigestAlgorithmFinder for creating the digest sets.
          *
          * @param signedData      the signed data object to be used as a base.
          * @param digestAlgorithm the digest algorithm to be added to the signed data.
-         * @param digestAlgIDFinder      the digest algorithmID map to generate the digest set with.
+         * @param digestAlgorithmFinder the digest algorithm finder to generate the digest set with.
          * @return a new signed data object.
          */
         public static CmsSignedData AddDigestAlgorithm(CmsSignedData signedData, AlgorithmIdentifier digestAlgorithm,
-			DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder)
+			IDigestAlgorithmFinder digestAlgorithmFinder)
 		{
 			ISet<AlgorithmIdentifier> digestAlgorithms = signedData.GetDigestAlgorithmIDs();
-			AlgorithmIdentifier digestAlg = Helper.FixDigestAlgID(digestAlgorithm, digestAlgIDFinder);
+			AlgorithmIdentifier digestAlg = Helper.FixDigestAlgID(digestAlgorithm, digestAlgorithmFinder);
 
 			//
 			// if the algorithm is already present there is no need to add it.
@@ -313,7 +314,7 @@ namespace Org.BouncyCastle.Cms
 
             foreach (var entry in digestAlgs)
 			{
-				digestAlgs.Add(Helper.FixDigestAlgID(entry, digestAlgIDFinder));
+				digestAlgs.Add(Helper.FixDigestAlgID(entry, digestAlgorithmFinder));
 			}
 			digestAlgs.Add(digestAlg);
 
@@ -344,7 +345,7 @@ namespace Org.BouncyCastle.Cms
 
         /**
 		 * Replace the SignerInformation store associated with this CMSSignedData object with the new one passed in
-		 * using the current DigestAlgorithmIdentifierFinder for creating the digest sets. You would probably only want
+		 * using the DefaultDigestAlgorithmFinder for creating the digest sets. You would probably only want
 		 * to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete one.
 		 *
 		 * @param signedData             the signed data object to be used as a base.
@@ -353,21 +354,21 @@ namespace Org.BouncyCastle.Cms
 		 */
         public static CmsSignedData ReplaceSigners(CmsSignedData signedData,
 			SignerInformationStore signerInformationStore) =>
-				ReplaceSigners(signedData, signerInformationStore, DefaultDigestAlgorithmIdentifierFinder.Instance);
+				ReplaceSigners(signedData, signerInformationStore, DefaultDigestAlgorithmFinder.Instance);
 
         /**
          * Replace the SignerInformation store associated with this CMSSignedData object with the new one passed in
-         * using the passed in DigestAlgorithmIdentifierFinder for creating the digest sets. You would probably only
+         * using the passed in IDigestAlgorithmFinder for creating the digest sets. You would probably only
          * want to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete
          * one.
          *
          * @param signedData             the signed data object to be used as a base.
          * @param signerInformationStore the new signer information store to use.
-         * @param dgstAlgIDFinder      the digest algorithmID map to generate the digest set with.
+         * @param digestAlgorithmFinder the digest algorithm finder to generate the digest set with.
          * @return a new signed data object.
          */
         public static CmsSignedData ReplaceSigners(CmsSignedData signedData,
-			SignerInformationStore signerInformationStore, DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder)
+			SignerInformationStore signerInformationStore, IDigestAlgorithmFinder digestAlgorithmFinder)
 		{
             //
             // copy
@@ -389,7 +390,7 @@ namespace Org.BouncyCastle.Cms
 
 			foreach (var signer in signers)
 			{
-				CmsUtilities.AddDigestAlgs(digestAlgs, signer, digestAlgIDFinder);
+				CmsUtilities.AddDigestAlgs(digestAlgs, signer, digestAlgorithmFinder);
 				vec.Add(signer.ToSignerInfo());
 			}
 
diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs
index ec8e28e47..5a0d4a192 100644
--- a/crypto/src/cms/CMSSignedDataGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataGenerator.cs
@@ -12,6 +12,7 @@ using Org.BouncyCastle.Security.Certificates;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.X509;
 using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Operators.Utilities;
 
 namespace Org.BouncyCastle.Cms
 {
@@ -46,8 +47,8 @@ namespace Org.BouncyCastle.Cms
 
 			private readonly ISignatureFactory			sigCalc;
 			private readonly SignerIdentifier			signerIdentifier;
-			private readonly string						digestOID;
-			private readonly string						encOID;
+			private readonly string						digestOid;
+			private readonly string						encOid;
 			private readonly CmsAttributeTableGenerator	sAttr;
 			private readonly CmsAttributeTableGenerator	unsAttr;
 			private readonly Asn1.Cms.AttributeTable	baseSignedTable;
@@ -57,21 +58,21 @@ namespace Org.BouncyCastle.Cms
 	            AsymmetricKeyParameter		key,
 				SecureRandom                random,
 	            SignerIdentifier			signerIdentifier,
-	            string						digestOID,
-	            string						encOID,
+	            string						digestOid,
+	            string						encOid,
 	            CmsAttributeTableGenerator	sAttr,
 	            CmsAttributeTableGenerator	unsAttr,
 	            Asn1.Cms.AttributeTable		baseSignedTable)
 	        {
-                string digestName = Helper.GetDigestAlgName(digestOID);
+                string digestName = Helper.GetDigestAlgName(digestOid);
 
-                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
+                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOid);
 
                 this.outer = outer;
                 this.sigCalc = new Asn1SignatureFactory(signatureName, key, random);
                 this.signerIdentifier = signerIdentifier;
-                this.digestOID = digestOID;
-                this.encOID = encOID;
+                this.digestOid = digestOid;
+                this.encOid = encOid;
 	            this.sAttr = sAttr;
 	            this.unsAttr = unsAttr;
 	            this.baseSignedTable = baseSignedTable;
@@ -88,9 +89,9 @@ namespace Org.BouncyCastle.Cms
                 this.outer = outer;
                 this.sigCalc = sigCalc;
                 this.signerIdentifier = signerIdentifier;
-                this.digestOID = DefaultDigestAlgorithmIdentifierFinder.Instance.Find(
-					(AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
-                this.encOID = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
+                this.digestOid = DefaultDigestAlgorithmFinder.Instance
+					.Find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
+                this.encOid = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
                 this.sAttr = sAttr;
                 this.unsAttr = unsAttr;
                 this.baseSignedTable = baseSignedTable;
@@ -98,7 +99,7 @@ namespace Org.BouncyCastle.Cms
 
             internal AlgorithmIdentifier DigestAlgorithmID
 			{
-				get { return new AlgorithmIdentifier(new DerObjectIdentifier(digestOID), DerNull.Instance); }
+				get { return new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance); }
 			}
 
 			internal CmsAttributeTableGenerator SignedAttributes
@@ -114,11 +115,11 @@ namespace Org.BouncyCastle.Cms
 			internal SignerInfo ToSignerInfo(DerObjectIdentifier contentType, CmsProcessable content)
             {
                 AlgorithmIdentifier digAlgId = DigestAlgorithmID;
-				string digestName = Helper.GetDigestAlgName(digestOID);
+				string digestName = Helper.GetDigestAlgName(digestOid);
 
-				string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
+				string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOid);
 
-				if (!outer.m_digests.TryGetValue(digestOID, out var hash))
+				if (!outer.m_digests.TryGetValue(digestOid, out var hash))
                 {
                     IDigest dig = Helper.GetDigestInstance(digestName);
                     if (content != null)
@@ -126,7 +127,7 @@ namespace Org.BouncyCastle.Cms
                         content.Write(new DigestSink(dig));
                     }
                     hash = DigestUtilities.DoFinal(dig);
-                    outer.m_digests.Add(digestOID, (byte[])hash.Clone());
+                    outer.m_digests.Add(digestOid, (byte[])hash.Clone());
                 }
 
 				Asn1Set signedAttr = null;
@@ -182,7 +183,7 @@ namespace Org.BouncyCastle.Cms
 				// TODO[RSAPSS] Need the ability to specify non-default parameters
 				Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
 				AlgorithmIdentifier encAlgId = Helper.GetEncAlgorithmIdentifier(
-					new DerObjectIdentifier(encOID), sigX509Parameters);
+					new DerObjectIdentifier(encOid), sigX509Parameters);
 				
                 return new SignerInfo(signerIdentifier, digAlgId,
                     signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr);
@@ -457,7 +458,7 @@ namespace Org.BouncyCastle.Cms
             //
             foreach (SignerInformation signer in _signers)
             {
-                CmsUtilities.AddDigestAlgs(digestAlgs, signer, DefaultDigestAlgorithmIdentifierFinder.Instance);
+                CmsUtilities.AddDigestAlgs(digestAlgs, signer, DefaultDigestAlgorithmFinder.Instance);
                 // TODO Verify the content type and calculated digest match the precalculated SignerInfo
                 signerInfos.Add(signer.ToSignerInfo());
             }
diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs
index 5cb56805f..fd8a05d7a 100644
--- a/crypto/src/cms/CMSSignedGenerator.cs
+++ b/crypto/src/cms/CMSSignedGenerator.cs
@@ -25,814 +25,29 @@ using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cms
 {
-    // TODO[api] Create API for this
+    [Obsolete("Use 'Org.BouncyCastle.Operators.Utilities.DefaultSignatureAlgorithmFinder' instead")]
     public class DefaultSignatureAlgorithmIdentifierFinder
+        : Org.BouncyCastle.Operators.Utilities.ISignatureAlgorithmFinder
     {
-        public static readonly DefaultSignatureAlgorithmIdentifierFinder Instance =
-            new DefaultSignatureAlgorithmIdentifierFinder();
-
-        private static readonly Dictionary<string, DerObjectIdentifier> m_algorithms =
-            new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
-        private static readonly HashSet<DerObjectIdentifier> m_noParams = new HashSet<DerObjectIdentifier>();
-        private static readonly Dictionary<string, Asn1Encodable> m_parameters =
-            new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase);
-        private static readonly HashSet<DerObjectIdentifier> m_pkcs15RsaEncryption = new HashSet<DerObjectIdentifier>();
-        private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids =
-            new Dictionary<DerObjectIdentifier, DerObjectIdentifier>();
-
-        static DefaultSignatureAlgorithmIdentifierFinder()
-        {
-            m_algorithms["COMPOSITE"] = MiscObjectIdentifiers.id_alg_composite;
-
-            m_algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption;
-            m_algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption;
-            m_algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption;
-            m_algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption;
-            m_algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
-            m_algorithms["SHA-1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
-            m_algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
-            m_algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
-            m_algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
-            m_algorithms["SHA-224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
-            m_algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
-            m_algorithms["SHA-224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
-            m_algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
-            m_algorithms["SHA-256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
-            m_algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
-            m_algorithms["SHA-256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
-            m_algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
-            m_algorithms["SHA-384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
-            m_algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
-            m_algorithms["SHA-384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
-            m_algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
-            m_algorithms["SHA-512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
-            m_algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
-            m_algorithms["SHA-512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
-            m_algorithms["SHA512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
-            m_algorithms["SHA-512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
-            m_algorithms["SHA512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
-            m_algorithms["SHA-512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
-            m_algorithms["SHA512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
-            m_algorithms["SHA-512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
-            m_algorithms["SHA512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
-            m_algorithms["SHA-512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
-            m_algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
-            m_algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160;
-            m_algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160;
-            m_algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128;
-            m_algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128;
-            m_algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256;
-            m_algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256;
-            m_algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1;
-            m_algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1;
-            m_algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1;
-            m_algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224;
-            m_algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256;
-            m_algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384;
-            m_algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512;
-            m_algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224;
-            m_algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256;
-            m_algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384;
-            m_algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512;
-            m_algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;
-            m_algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;
-            m_algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;
-            m_algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;
-            m_algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;
-            m_algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;
-            m_algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;
-            m_algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;
-            m_algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;
-            m_algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;
-            m_algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;
-            m_algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;
-            m_algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1;
-            m_algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1;
-            m_algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224;
-            m_algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256;
-            m_algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384;
-            m_algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512;
-            m_algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94;
-            m_algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94;
-            m_algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
-            m_algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
-            m_algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
-            m_algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
-            m_algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
-            m_algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
-            m_algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
-            m_algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
-            m_algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
-            m_algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
-            m_algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
-
-            // NOTE: Not in bc-java
-            m_algorithms["GOST3411-2012-256WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
-            m_algorithms["GOST3411-2012-512WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
-
-            m_algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1;
-            m_algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224;
-            m_algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256;
-            m_algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384;
-            m_algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512;
-            m_algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512;
-            m_algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512;
-
-            m_algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1;
-            m_algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160;
-            m_algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224;
-            m_algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256;
-            m_algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384;
-            m_algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512;
-            m_algorithms["SHA3-224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_224;
-            m_algorithms["SHA3-256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_256;
-            m_algorithms["SHA3-384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_384;
-            m_algorithms["SHA3-512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_512;
-
-            m_algorithms["ED25519"] = EdECObjectIdentifiers.id_Ed25519;
-            m_algorithms["ED448"] = EdECObjectIdentifiers.id_Ed448;
-
-            // RFC 8702
-            m_algorithms["SHAKE128WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128;
-            m_algorithms["SHAKE256WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256;
-            m_algorithms["SHAKE128WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128;
-            m_algorithms["SHAKE256WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256;
-            m_algorithms["SHAKE128WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake128;
-            m_algorithms["SHAKE256WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake256;
-
-            //m_algorithms["RIPEMD160WITHSM2"] = GMObjectIdentifiers.sm2sign_with_rmd160;
-            //m_algorithms["SHA1WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha1;
-            //m_algorithms["SHA224WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha224;
-            m_algorithms["SHA256WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha256;
-            //m_algorithms["SHA384WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha384;
-            //m_algorithms["SHA512WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha512;
-            m_algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3;
-
-            m_algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_SHA256ph;
-            m_algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_SHA512ph;
-            m_algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_SHAKE128ph;
-            m_algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_SHAKE256ph;
-
-            m_algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHA256ph;
-            m_algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHA512ph;
-            m_algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHAKE128ph;
-            m_algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHAKE256ph;
-
-            m_algorithms["SHA256WITHXMSS-SHA256"] = BCObjectIdentifiers.xmss_SHA256ph;
-            m_algorithms["SHA512WITHXMSS-SHA512"] = BCObjectIdentifiers.xmss_SHA512ph;
-            m_algorithms["SHAKE128WITHXMSS-SHAKE128"] = BCObjectIdentifiers.xmss_SHAKE128ph;
-            m_algorithms["SHAKE256WITHXMSS-SHAKE256"] = BCObjectIdentifiers.xmss_SHAKE256ph;
-
-            m_algorithms["SHA256WITHXMSSMT-SHA256"] = BCObjectIdentifiers.xmss_mt_SHA256ph;
-            m_algorithms["SHA512WITHXMSSMT-SHA512"] = BCObjectIdentifiers.xmss_mt_SHA512ph;
-            m_algorithms["SHAKE128WITHXMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128ph;
-            m_algorithms["SHAKE256WITHXMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256ph;
-
-            m_algorithms["LMS"] = PkcsObjectIdentifiers.IdAlgHssLmsHashsig;
-
-            m_algorithms["XMSS"] = IsaraObjectIdentifiers.id_alg_xmss;
-            m_algorithms["XMSS-SHA256"] = BCObjectIdentifiers.xmss_SHA256;
-            m_algorithms["XMSS-SHA512"] = BCObjectIdentifiers.xmss_SHA512;
-            m_algorithms["XMSS-SHAKE128"] = BCObjectIdentifiers.xmss_SHAKE128;
-            m_algorithms["XMSS-SHAKE256"] = BCObjectIdentifiers.xmss_SHAKE256;
-
-            m_algorithms["XMSSMT"] = IsaraObjectIdentifiers.id_alg_xmssmt;
-            m_algorithms["XMSSMT-SHA256"] = BCObjectIdentifiers.xmss_mt_SHA256;
-            m_algorithms["XMSSMT-SHA512"] = BCObjectIdentifiers.xmss_mt_SHA512;
-            m_algorithms["XMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128;
-            m_algorithms["XMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256;
-
-            m_algorithms["SPHINCS+"] = BCObjectIdentifiers.sphincsPlus;
-            m_algorithms["SPHINCSPLUS"] = BCObjectIdentifiers.sphincsPlus;
-
-            m_algorithms["DILITHIUM2"] = BCObjectIdentifiers.dilithium2;
-            m_algorithms["DILITHIUM3"] = BCObjectIdentifiers.dilithium3;
-            m_algorithms["DILITHIUM5"] = BCObjectIdentifiers.dilithium5;
-            m_algorithms["DILITHIUM2-AES"] = BCObjectIdentifiers.dilithium2_aes;
-            m_algorithms["DILITHIUM3-AES"] = BCObjectIdentifiers.dilithium3_aes;
-            m_algorithms["DILITHIUM5-AES"] = BCObjectIdentifiers.dilithium5_aes;
-
-            m_algorithms["FALCON-512"] = BCObjectIdentifiers.falcon_512;
-            m_algorithms["FALCON-1024"] = BCObjectIdentifiers.falcon_1024;
-
-            m_algorithms["PICNIC"] = BCObjectIdentifiers.picnic_signature;
-            m_algorithms["SHA512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha512;
-            m_algorithms["SHA3-512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha3_512;
-            m_algorithms["SHAKE256WITHPICNIC"] = BCObjectIdentifiers.picnic_with_shake256;
-
-            //
-            // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
-            // The parameters field SHALL be NULL for RSA based signature algorithms.
-            //
-            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
-            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
-            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
-            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
-            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
-            m_noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
-            m_noParams.Add(NistObjectIdentifiers.DsaWithSha224);
-            m_noParams.Add(NistObjectIdentifiers.DsaWithSha256);
-            m_noParams.Add(NistObjectIdentifiers.DsaWithSha384);
-            m_noParams.Add(NistObjectIdentifiers.DsaWithSha512);
-            m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_224);
-            m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_256);
-            m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_384);
-            m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_512);
-            m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224);
-            m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256);
-            m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384);
-            m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512);
-
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384);
-            m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512);
-
-            //
-            // RFC 4491
-            //
-            m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
-            m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
-            m_noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
-            m_noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
-
-            //
-            // SPHINCS-256
-            //
-            m_noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA512);
-            m_noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
-
-            //
-            // SPHINCS-PLUS
-            //
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256s_r3);
-            m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256f_r3);
-
-            //
-            // Dilithium
-            //
-            m_noParams.Add(BCObjectIdentifiers.dilithium);
-            m_noParams.Add(BCObjectIdentifiers.dilithium2);
-            m_noParams.Add(BCObjectIdentifiers.dilithium3);
-            m_noParams.Add(BCObjectIdentifiers.dilithium5);
-            m_noParams.Add(BCObjectIdentifiers.dilithium2_aes);
-            m_noParams.Add(BCObjectIdentifiers.dilithium3_aes);
-            m_noParams.Add(BCObjectIdentifiers.dilithium5_aes);
-
-            //
-            // Falcon
-            //
-            m_noParams.Add(BCObjectIdentifiers.falcon);
-            m_noParams.Add(BCObjectIdentifiers.falcon_512);
-            m_noParams.Add(BCObjectIdentifiers.falcon_1024);
-
-            //
-            // Picnic
-            //
-            m_noParams.Add(BCObjectIdentifiers.picnic_signature);
-            m_noParams.Add(BCObjectIdentifiers.picnic_with_sha512);
-            m_noParams.Add(BCObjectIdentifiers.picnic_with_sha3_512);
-            m_noParams.Add(BCObjectIdentifiers.picnic_with_shake256);
-
-            //
-            // XMSS
-            //
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHA256ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHA512ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE128ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE256ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128ph);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256ph);
-
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHA256);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHA512);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE128);
-            m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE256);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128);
-            m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256);
-
-            m_noParams.Add(IsaraObjectIdentifiers.id_alg_xmss);
-            m_noParams.Add(IsaraObjectIdentifiers.id_alg_xmssmt);
-
-            //
-            // qTESLA
-            //
-            m_noParams.Add(BCObjectIdentifiers.qTESLA_p_I);
-            m_noParams.Add(BCObjectIdentifiers.qTESLA_p_III);
-
-            //
-            // SM2
-            //
-            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_rmd160);
-            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha1);
-            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha224);
-            m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha256);
-            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha384);
-            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha512);
-            m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sm3);
-
-            // EdDSA
-            m_noParams.Add(EdECObjectIdentifiers.id_Ed25519);
-            m_noParams.Add(EdECObjectIdentifiers.id_Ed448);
-
-            // RFC 8702
-            m_noParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128);
-            m_noParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256);
-            m_noParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128);
-            m_noParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256);
-
-            //
-            // PKCS 1.5 encrypted  algorithms
-            //
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-            m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-            m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
-            m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
-            m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
-            m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224);
-            m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256);
-            m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384);
-            m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512);
-
-            //
-            // explicit params
-            //
-            AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
-            m_parameters["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20);
-
-            AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
-            m_parameters["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28);
-
-            AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
-            m_parameters["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32);
-
-            AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
-            m_parameters["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48);
-
-            AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
-            m_parameters["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64);
-
-            AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance);
-            m_parameters["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28);
-
-            AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance);
-            m_parameters["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32);
-
-            AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance);
-            m_parameters["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48);
-
-            AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance);
-            m_parameters["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64);
-
-            //
-            // digests
-            //
-            m_digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224;
-            m_digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384;
-            m_digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512;
-            m_digestOids[PkcsObjectIdentifiers.Sha512_224WithRSAEncryption] = NistObjectIdentifiers.IdSha512_224;
-            m_digestOids[PkcsObjectIdentifiers.Sha512_256WithRSAEncryption] = NistObjectIdentifiers.IdSha512_256;
-            m_digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224;
-            m_digestOids[NistObjectIdentifiers.DsaWithSha256] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[NistObjectIdentifiers.DsaWithSha384] = NistObjectIdentifiers.IdSha384;
-            m_digestOids[NistObjectIdentifiers.DsaWithSha512] = NistObjectIdentifiers.IdSha512;
-            m_digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224;
-            m_digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256;
-            m_digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384;
-            m_digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512;
-            m_digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224;
-            m_digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256;
-            m_digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384;
-            m_digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512;
-            m_digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224;
-            m_digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256;
-            m_digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384;
-            m_digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512;
-
-            m_digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2;
-            m_digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4;
-            m_digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5;
-            m_digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1;
-            m_digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128;
-            m_digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160;
-            m_digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256;
-            m_digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411;
-            m_digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411;
-            m_digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256;
-            m_digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512;
-
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3] = NistObjectIdentifiers.IdShake256;
-
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple] = NistObjectIdentifiers.IdSha256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple] = NistObjectIdentifiers.IdShake256;
-
-            //m_digestOids[GMObjectIdentifiers.sm2sign_with_rmd160] = TeleTrusTObjectIdentifiers.RipeMD160;
-            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha1] = OiwObjectIdentifiers.IdSha1;
-            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha224] = NistObjectIdentifiers.IdSha224;
-            m_digestOids[GMObjectIdentifiers.sm2sign_with_sha256] = NistObjectIdentifiers.IdSha256;
-            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha384] = NistObjectIdentifiers.IdSha384;
-            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha512] = NistObjectIdentifiers.IdSha512;
-            m_digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3;
-
-            m_digestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128] = NistObjectIdentifiers.IdShake128;
-            m_digestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256] = NistObjectIdentifiers.IdShake256;
-            m_digestOids[CmsObjectIdentifiers.id_ecdsa_with_shake128] = NistObjectIdentifiers.IdShake128;
-            m_digestOids[CmsObjectIdentifiers.id_ecdsa_with_shake256] = NistObjectIdentifiers.IdShake256;
-        }
-
-        private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgID, int saltSize)
-        {
-            return new RsassaPssParameters(
-                hashAlgID,
-                new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgID),
-                new DerInteger(saltSize),
-                new DerInteger(1));
-        }
-
         // TODO[api] Make virtual
-        public AlgorithmIdentifier Find(string sigAlgName)
-        {
-            if (!m_algorithms.TryGetValue(sigAlgName, out var sigAlgOid))
-                throw new ArgumentException("Unknown signature type requested: " + sigAlgName, nameof(sigAlgName));
-
-            AlgorithmIdentifier sigAlgID;
-            if (m_noParams.Contains(sigAlgOid))
-            {
-                sigAlgID = new AlgorithmIdentifier(sigAlgOid);
-            }
-            else if (m_parameters.TryGetValue(sigAlgName, out var parameters))
-            {
-                sigAlgID = new AlgorithmIdentifier(sigAlgOid, parameters);
-            }
-            else
-            {
-                sigAlgID = new AlgorithmIdentifier(sigAlgOid, DerNull.Instance);
-            }
-            return sigAlgID;
-        }
+        public AlgorithmIdentifier Find(string sigAlgName) =>
+            Org.BouncyCastle.Operators.Utilities.DefaultSignatureAlgorithmFinder.Instance.Find(sigAlgName);
     }
 
-    // TODO[api] Create API for this
+    [Obsolete("Use 'Org.BouncyCastle.Operators.Utilities.DefaultDigestAlgorithmFinder' instead")]
     public class DefaultDigestAlgorithmIdentifierFinder
+        : Org.BouncyCastle.Operators.Utilities.IDigestAlgorithmFinder
     {
-        public static readonly DefaultDigestAlgorithmIdentifierFinder Instance =
-            new DefaultDigestAlgorithmIdentifierFinder();
-
-        private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids =
-            new Dictionary<DerObjectIdentifier, DerObjectIdentifier>();
-        private static readonly Dictionary<string, DerObjectIdentifier> m_digestNameToOids =
-            new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
-        private static readonly Dictionary<DerObjectIdentifier, AlgorithmIdentifier> m_digestOidToAlgIDs =
-            new Dictionary<DerObjectIdentifier, AlgorithmIdentifier>();
-
-        // signatures that use SHAKE-256
-        private static readonly HashSet<DerObjectIdentifier> m_shake256Oids = new HashSet<DerObjectIdentifier>();
-
-        static DefaultDigestAlgorithmIdentifierFinder()
-        {
-            //
-            // digests
-            //
-            m_digestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1);
-            m_digestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
-            m_digestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4);
-            m_digestOids.Add(OiwObjectIdentifiers.MD5WithRsa, PkcsObjectIdentifiers.MD5);
-            m_digestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1);
-
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, NistObjectIdentifiers.IdSha384);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, NistObjectIdentifiers.IdSha512);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, NistObjectIdentifiers.IdSha512_224);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, NistObjectIdentifiers.IdSha512_256);
-            m_digestOids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, PkcsObjectIdentifiers.MD2);
-            m_digestOids.Add(PkcsObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
-            m_digestOids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, PkcsObjectIdentifiers.MD5);
-            m_digestOids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, OiwObjectIdentifiers.IdSha1);
-
-            m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha1, OiwObjectIdentifiers.IdSha1);
-            m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha224, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha256, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha384, NistObjectIdentifiers.IdSha384);
-            m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha512, NistObjectIdentifiers.IdSha512);
-            m_digestOids.Add(X9ObjectIdentifiers.IdDsaWithSha1, OiwObjectIdentifiers.IdSha1);
-
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA1, OiwObjectIdentifiers.IdSha1);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384, NistObjectIdentifiers.IdSha384);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512, NistObjectIdentifiers.IdSha512);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224, NistObjectIdentifiers.IdSha3_224);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256, NistObjectIdentifiers.IdSha3_256);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384, NistObjectIdentifiers.IdSha3_384);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512, NistObjectIdentifiers.IdSha3_512);
-            m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_RIPEMD160, TeleTrusTObjectIdentifiers.RipeMD160);
-
-            m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, OiwObjectIdentifiers.IdSha1);
-            m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, NistObjectIdentifiers.IdSha384);
-            m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, NistObjectIdentifiers.IdSha512);
-
-            m_digestOids.Add(NistObjectIdentifiers.DsaWithSha224, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(NistObjectIdentifiers.DsaWithSha256, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(NistObjectIdentifiers.DsaWithSha384, NistObjectIdentifiers.IdSha384);
-            m_digestOids.Add(NistObjectIdentifiers.DsaWithSha512, NistObjectIdentifiers.IdSha512);
-
-            m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, NistObjectIdentifiers.IdSha3_224);
-            m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, NistObjectIdentifiers.IdSha3_256);
-            m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, NistObjectIdentifiers.IdSha3_384);
-            m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, NistObjectIdentifiers.IdSha3_512);
-            m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_224, NistObjectIdentifiers.IdSha3_224);
-            m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_256, NistObjectIdentifiers.IdSha3_256);
-            m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_384, NistObjectIdentifiers.IdSha3_384);
-            m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_512, NistObjectIdentifiers.IdSha3_512);
-            m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224, NistObjectIdentifiers.IdSha3_224);
-            m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256, NistObjectIdentifiers.IdSha3_256);
-            m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384, NistObjectIdentifiers.IdSha3_384);
-            m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512, NistObjectIdentifiers.IdSha3_512);
-
-            m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, TeleTrusTObjectIdentifiers.RipeMD128);
-            m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, TeleTrusTObjectIdentifiers.RipeMD160);
-            m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, TeleTrusTObjectIdentifiers.RipeMD256);
-
-            m_digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, CryptoProObjectIdentifiers.GostR3411);
-            m_digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, CryptoProObjectIdentifiers.GostR3411);
-            m_digestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-            m_digestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-
-            m_digestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512, NistObjectIdentifiers.IdSha3_512);
-            m_digestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA512, NistObjectIdentifiers.IdSha512);
-
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3, NistObjectIdentifiers.IdShake256);
-
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple, NistObjectIdentifiers.IdSha256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple, NistObjectIdentifiers.IdShake256);
-
-            m_digestOids.Add(BCObjectIdentifiers.falcon, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.falcon_512, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.falcon_1024, NistObjectIdentifiers.IdShake256);
-
-            m_digestOids.Add(BCObjectIdentifiers.picnic_signature, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(BCObjectIdentifiers.picnic_with_sha512, NistObjectIdentifiers.IdSha512);
-            m_digestOids.Add(BCObjectIdentifiers.picnic_with_sha3_512, NistObjectIdentifiers.IdSha3_512);
-            m_digestOids.Add(BCObjectIdentifiers.picnic_with_shake256, NistObjectIdentifiers.IdShake256);
-
-            //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_rmd160, TeleTrusTObjectIdentifiers.RipeMD160);
-            //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha1, OiwObjectIdentifiers.IdSha1);
-            //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha224, NistObjectIdentifiers.IdSha224);
-            m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha256, NistObjectIdentifiers.IdSha256);
-            //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha384, NistObjectIdentifiers.IdSha384);
-            //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha512, NistObjectIdentifiers.IdSha512);
-            m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3);
-
-            m_digestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128, NistObjectIdentifiers.IdShake128);
-            m_digestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256, NistObjectIdentifiers.IdShake256);
-            m_digestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128, NistObjectIdentifiers.IdShake128);
-            m_digestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256, NistObjectIdentifiers.IdShake256);
-
-            m_digestNameToOids.Add("SHA-1", OiwObjectIdentifiers.IdSha1);
-            m_digestNameToOids.Add("SHA-224", NistObjectIdentifiers.IdSha224);
-            m_digestNameToOids.Add("SHA-256", NistObjectIdentifiers.IdSha256);
-            m_digestNameToOids.Add("SHA-384", NistObjectIdentifiers.IdSha384);
-            m_digestNameToOids.Add("SHA-512", NistObjectIdentifiers.IdSha512);
-            m_digestNameToOids.Add("SHA-512-224", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA-512/224", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA-512(224)", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA-512-256", NistObjectIdentifiers.IdSha512_256);
-            m_digestNameToOids.Add("SHA-512/256", NistObjectIdentifiers.IdSha512_256);
-            m_digestNameToOids.Add("SHA-512(256)", NistObjectIdentifiers.IdSha512_256);
-
-            m_digestNameToOids.Add("SHA1", OiwObjectIdentifiers.IdSha1);
-            m_digestNameToOids.Add("SHA224", NistObjectIdentifiers.IdSha224);
-            m_digestNameToOids.Add("SHA256", NistObjectIdentifiers.IdSha256);
-            m_digestNameToOids.Add("SHA384", NistObjectIdentifiers.IdSha384);
-            m_digestNameToOids.Add("SHA512", NistObjectIdentifiers.IdSha512);
-            m_digestNameToOids.Add("SHA512-224", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA512/224", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA512(224)", NistObjectIdentifiers.IdSha512_224);
-            m_digestNameToOids.Add("SHA512-256", NistObjectIdentifiers.IdSha512_256);
-            m_digestNameToOids.Add("SHA512/256", NistObjectIdentifiers.IdSha512_256);
-            m_digestNameToOids.Add("SHA512(256)", NistObjectIdentifiers.IdSha512_256);
-
-            m_digestNameToOids.Add("SHA3-224", NistObjectIdentifiers.IdSha3_224);
-            m_digestNameToOids.Add("SHA3-256", NistObjectIdentifiers.IdSha3_256);
-            m_digestNameToOids.Add("SHA3-384", NistObjectIdentifiers.IdSha3_384);
-            m_digestNameToOids.Add("SHA3-512", NistObjectIdentifiers.IdSha3_512);
-
-            m_digestNameToOids.Add("SHAKE128", NistObjectIdentifiers.IdShake128);
-            m_digestNameToOids.Add("SHAKE256", NistObjectIdentifiers.IdShake256);
-            m_digestNameToOids.Add("SHAKE-128", NistObjectIdentifiers.IdShake128);
-            m_digestNameToOids.Add("SHAKE-256", NistObjectIdentifiers.IdShake256);
-
-            m_digestNameToOids.Add("GOST3411", CryptoProObjectIdentifiers.GostR3411);
-            m_digestNameToOids.Add("GOST3411-2012-256", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-            m_digestNameToOids.Add("GOST3411-2012-512", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-
-            m_digestNameToOids.Add("MD2", PkcsObjectIdentifiers.MD2);
-            m_digestNameToOids.Add("MD4", PkcsObjectIdentifiers.MD4);
-            m_digestNameToOids.Add("MD5", PkcsObjectIdentifiers.MD5);
-
-            m_digestNameToOids.Add("RIPEMD128", TeleTrusTObjectIdentifiers.RipeMD128);
-            m_digestNameToOids.Add("RIPEMD160", TeleTrusTObjectIdentifiers.RipeMD160);
-            m_digestNameToOids.Add("RIPEMD256", TeleTrusTObjectIdentifiers.RipeMD256);
-
-            m_digestNameToOids.Add("SM3", GMObjectIdentifiers.sm3);
-
-            // IETF RFC 3370
-            AddDigestAlgID(OiwObjectIdentifiers.IdSha1, true);
-            // IETF RFC 5754
-            AddDigestAlgID(NistObjectIdentifiers.IdSha224, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha256, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha384, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha512, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha512_224, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha512_256, false);
-
-            // NIST CSOR
-            AddDigestAlgID(NistObjectIdentifiers.IdSha3_224, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha3_256, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha3_384, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdSha3_512, false);
-
-            // RFC 8702
-            AddDigestAlgID(NistObjectIdentifiers.IdShake128, false);
-            AddDigestAlgID(NistObjectIdentifiers.IdShake256, false);
-
-            // RFC 4357
-            AddDigestAlgID(CryptoProObjectIdentifiers.GostR3411, true);
-
-            // draft-deremin-rfc4491
-            AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, false);
-            AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, false);
-
-            // IETF RFC 1319
-            AddDigestAlgID(PkcsObjectIdentifiers.MD2, true);
-            // IETF RFC 1320
-            AddDigestAlgID(PkcsObjectIdentifiers.MD4, true);
-            // IETF RFC 1321
-            AddDigestAlgID(PkcsObjectIdentifiers.MD5, true);
-
-            // found no standard which specified the handle of AlgorithmIdentifier.parameters,
-            // so let it as before.
-            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD128, true);
-            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD160, true);
-            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD256, true);
-
-            m_shake256Oids.Add(EdECObjectIdentifiers.id_Ed448);
-
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium2);
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium3);
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium5);
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium2_aes);
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium3_aes);
-            m_shake256Oids.Add(BCObjectIdentifiers.dilithium5_aes);
-
-            m_shake256Oids.Add(BCObjectIdentifiers.falcon_512);
-            m_shake256Oids.Add(BCObjectIdentifiers.falcon_1024);
-        }
-
-        private static void AddDigestAlgID(DerObjectIdentifier oid, bool withNullParams) =>
-            m_digestOidToAlgIDs.Add(oid, new AlgorithmIdentifier(oid, withNullParams ? DerNull.Instance : null));
-
         // TODO[api] Make virtual
-        public AlgorithmIdentifier Find(AlgorithmIdentifier sigAlgId)
-        {
-            DerObjectIdentifier sigAlgOid = sigAlgId.Algorithm;
+        public AlgorithmIdentifier Find(AlgorithmIdentifier sigAlgId) =>
+            Org.BouncyCastle.Operators.Utilities.DefaultDigestAlgorithmFinder.Instance.Find(sigAlgId);
 
-            if (m_shake256Oids.Contains(sigAlgOid))
-                return new AlgorithmIdentifier(NistObjectIdentifiers.IdShake256Len, new DerInteger(512));
-
-            DerObjectIdentifier digAlgOid;
-            if (PkcsObjectIdentifiers.IdRsassaPss.Equals(sigAlgOid))
-            {
-                digAlgOid = RsassaPssParameters.GetInstance(sigAlgId.Parameters).HashAlgorithm.Algorithm;
-            }
-            else if (EdECObjectIdentifiers.id_Ed25519.Equals(sigAlgOid))
-            {
-                digAlgOid = NistObjectIdentifiers.IdSha512;
-            }
-            else if (PkcsObjectIdentifiers.IdAlgHssLmsHashsig.Equals(sigAlgOid))
-            {
-                digAlgOid = NistObjectIdentifiers.IdSha256;
-            }
-            else
-            {
-                digAlgOid = CollectionUtilities.GetValueOrNull(m_digestOids, sigAlgOid);
-            }
-
-            return Find(digAlgOid);
-        }
-
-        public virtual AlgorithmIdentifier Find(DerObjectIdentifier digAlgOid)
-        {
-            if (digAlgOid == null)
-                throw new ArgumentNullException(nameof(digAlgOid));
-
-            if (m_digestOidToAlgIDs.TryGetValue(digAlgOid, out var digAlgID))
-                return digAlgID;
-
-            return new AlgorithmIdentifier(digAlgOid);
-        }
+        public virtual AlgorithmIdentifier Find(DerObjectIdentifier digAlgOid) =>
+            Org.BouncyCastle.Operators.Utilities.DefaultDigestAlgorithmFinder.Instance.Find(digAlgOid);
 
         // TODO[api] Make virtual
-        public AlgorithmIdentifier Find(string digAlgName)
-        {
-            if (m_digestNameToOids.TryGetValue(digAlgName, out var oid))
-                return Find(oid);
-
-            try
-            {
-                return Find(new DerObjectIdentifier(digAlgName));
-            }
-            catch (Exception)
-            {
-                // ignore - tried it but it didn't work...
-            }
-
-            return null;
-        }
+        public AlgorithmIdentifier Find(string digAlgName) =>
+            Org.BouncyCastle.Operators.Utilities.DefaultDigestAlgorithmFinder.Instance.Find(digAlgName);
     }
 
     public abstract class CmsSignedGenerator
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index b7566c409..00b16dbc7 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -14,6 +14,7 @@ using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Asn1.X9;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
@@ -205,11 +206,11 @@ namespace Org.BouncyCastle.Cms
 		}
 
         internal AlgorithmIdentifier FixDigestAlgID(AlgorithmIdentifier algID,
-            DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder)
+			IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             var parameters = algID.Parameters;
             if (parameters == null || DerNull.Instance.Equals(parameters))
-                return digestAlgIDFinder.Find(algID.Algorithm);
+                return digestAlgorithmFinder.Find(algID.Algorithm);
 
             return algID;
         }
diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs
index 5124dce94..15681a318 100644
--- a/crypto/src/cms/CMSUtils.cs
+++ b/crypto/src/cms/CMSUtils.cs
@@ -8,6 +8,7 @@ using Org.BouncyCastle.Asn1.Ocsp;
 using Org.BouncyCastle.Asn1.Sec;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.Utilities.IO;
 using Org.BouncyCastle.X509;
@@ -151,26 +152,26 @@ namespace Org.BouncyCastle.Cms
 
 		// TODO Clean up this method (which is not present in bc-java)
         internal static void AddDigestAlgs(Asn1EncodableVector digestAlgs, SignerInformation signer,
-            DefaultDigestAlgorithmIdentifierFinder dgstAlgFinder)
+            IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             var helper = CmsSignedHelper.Instance;
-            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, dgstAlgFinder));
+            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
             SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures();
             foreach (var counterSigner in counterSignaturesStore)
             {
-                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, dgstAlgFinder));
+                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
             }
         }
 
         internal static void AddDigestAlgs(ISet<AlgorithmIdentifier> digestAlgs, SignerInformation signer,
-			DefaultDigestAlgorithmIdentifierFinder dgstAlgFinder)
+            IDigestAlgorithmFinder digestAlgorithmFinder)
         {
 			var helper = CmsSignedHelper.Instance;
-            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, dgstAlgFinder));
+            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
             SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures();
 			foreach (var counterSigner in counterSignaturesStore)
 			{
-                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, dgstAlgFinder));
+                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
             }
         }
 
diff --git a/crypto/src/operators/utilities/DefaultDigestAlgorithmFinder.cs b/crypto/src/operators/utilities/DefaultDigestAlgorithmFinder.cs
new file mode 100644
index 000000000..025b94622
--- /dev/null
+++ b/crypto/src/operators/utilities/DefaultDigestAlgorithmFinder.cs
@@ -0,0 +1,326 @@
+using System;
+using System.Collections.Generic;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.BC;
+using Org.BouncyCastle.Asn1.Bsi;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Eac;
+using Org.BouncyCastle.Asn1.EdEC;
+using Org.BouncyCastle.Asn1.GM;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Rosstandart;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Operators.Utilities
+{
+    public class DefaultDigestAlgorithmFinder
+        : IDigestAlgorithmFinder
+    {
+        public static readonly DefaultDigestAlgorithmFinder Instance = new DefaultDigestAlgorithmFinder();
+
+        private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> DigestOids =
+            new Dictionary<DerObjectIdentifier, DerObjectIdentifier>();
+        private static readonly Dictionary<string, DerObjectIdentifier> DigestNameToOids =
+            new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
+        private static readonly Dictionary<DerObjectIdentifier, AlgorithmIdentifier> DigestOidToAlgIDs =
+            new Dictionary<DerObjectIdentifier, AlgorithmIdentifier>();
+
+        // signatures that use SHAKE-256
+        private static readonly HashSet<DerObjectIdentifier> Shake256Oids = new HashSet<DerObjectIdentifier>();
+
+        static DefaultDigestAlgorithmFinder()
+        {
+            //
+            // digests
+            //
+            DigestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1);
+            DigestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
+            DigestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4);
+            DigestOids.Add(OiwObjectIdentifiers.MD5WithRsa, PkcsObjectIdentifiers.MD5);
+            DigestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1);
+
+            DigestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, NistObjectIdentifiers.IdSha384);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, NistObjectIdentifiers.IdSha512);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, NistObjectIdentifiers.IdSha512_224);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, NistObjectIdentifiers.IdSha512_256);
+            DigestOids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, PkcsObjectIdentifiers.MD2);
+            DigestOids.Add(PkcsObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
+            DigestOids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, PkcsObjectIdentifiers.MD5);
+            DigestOids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, OiwObjectIdentifiers.IdSha1);
+
+            DigestOids.Add(X9ObjectIdentifiers.ECDsaWithSha1, OiwObjectIdentifiers.IdSha1);
+            DigestOids.Add(X9ObjectIdentifiers.ECDsaWithSha224, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(X9ObjectIdentifiers.ECDsaWithSha256, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(X9ObjectIdentifiers.ECDsaWithSha384, NistObjectIdentifiers.IdSha384);
+            DigestOids.Add(X9ObjectIdentifiers.ECDsaWithSha512, NistObjectIdentifiers.IdSha512);
+            DigestOids.Add(X9ObjectIdentifiers.IdDsaWithSha1, OiwObjectIdentifiers.IdSha1);
+
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA1, OiwObjectIdentifiers.IdSha1);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384, NistObjectIdentifiers.IdSha384);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512, NistObjectIdentifiers.IdSha512);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224, NistObjectIdentifiers.IdSha3_224);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256, NistObjectIdentifiers.IdSha3_256);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384, NistObjectIdentifiers.IdSha3_384);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512, NistObjectIdentifiers.IdSha3_512);
+            DigestOids.Add(BsiObjectIdentifiers.ecdsa_plain_RIPEMD160, TeleTrusTObjectIdentifiers.RipeMD160);
+
+            DigestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, OiwObjectIdentifiers.IdSha1);
+            DigestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, NistObjectIdentifiers.IdSha384);
+            DigestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, NistObjectIdentifiers.IdSha512);
+
+            DigestOids.Add(NistObjectIdentifiers.DsaWithSha224, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(NistObjectIdentifiers.DsaWithSha256, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(NistObjectIdentifiers.DsaWithSha384, NistObjectIdentifiers.IdSha384);
+            DigestOids.Add(NistObjectIdentifiers.DsaWithSha512, NistObjectIdentifiers.IdSha512);
+
+            DigestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, NistObjectIdentifiers.IdSha3_224);
+            DigestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, NistObjectIdentifiers.IdSha3_256);
+            DigestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, NistObjectIdentifiers.IdSha3_384);
+            DigestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, NistObjectIdentifiers.IdSha3_512);
+            DigestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_224, NistObjectIdentifiers.IdSha3_224);
+            DigestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_256, NistObjectIdentifiers.IdSha3_256);
+            DigestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_384, NistObjectIdentifiers.IdSha3_384);
+            DigestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_512, NistObjectIdentifiers.IdSha3_512);
+            DigestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224, NistObjectIdentifiers.IdSha3_224);
+            DigestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256, NistObjectIdentifiers.IdSha3_256);
+            DigestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384, NistObjectIdentifiers.IdSha3_384);
+            DigestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512, NistObjectIdentifiers.IdSha3_512);
+
+            DigestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, TeleTrusTObjectIdentifiers.RipeMD128);
+            DigestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, TeleTrusTObjectIdentifiers.RipeMD160);
+            DigestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, TeleTrusTObjectIdentifiers.RipeMD256);
+
+            DigestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, CryptoProObjectIdentifiers.GostR3411);
+            DigestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, CryptoProObjectIdentifiers.GostR3411);
+            DigestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
+            DigestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
+
+            DigestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512, NistObjectIdentifiers.IdSha3_512);
+            DigestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA512, NistObjectIdentifiers.IdSha512);
+
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3, NistObjectIdentifiers.IdShake256);
+
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple, NistObjectIdentifiers.IdSha256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple, NistObjectIdentifiers.IdShake256);
+
+            DigestOids.Add(BCObjectIdentifiers.falcon, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.falcon_512, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.falcon_1024, NistObjectIdentifiers.IdShake256);
+
+            DigestOids.Add(BCObjectIdentifiers.picnic_signature, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(BCObjectIdentifiers.picnic_with_sha512, NistObjectIdentifiers.IdSha512);
+            DigestOids.Add(BCObjectIdentifiers.picnic_with_sha3_512, NistObjectIdentifiers.IdSha3_512);
+            DigestOids.Add(BCObjectIdentifiers.picnic_with_shake256, NistObjectIdentifiers.IdShake256);
+
+            //DigestOids.Add(GMObjectIdentifiers.sm2sign_with_rmd160, TeleTrusTObjectIdentifiers.RipeMD160);
+            //DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sha1, OiwObjectIdentifiers.IdSha1);
+            //DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sha224, NistObjectIdentifiers.IdSha224);
+            DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sha256, NistObjectIdentifiers.IdSha256);
+            //DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sha384, NistObjectIdentifiers.IdSha384);
+            //DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sha512, NistObjectIdentifiers.IdSha512);
+            DigestOids.Add(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3);
+
+            DigestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128, NistObjectIdentifiers.IdShake128);
+            DigestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256, NistObjectIdentifiers.IdShake256);
+            DigestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128, NistObjectIdentifiers.IdShake128);
+            DigestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256, NistObjectIdentifiers.IdShake256);
+
+            DigestNameToOids.Add("SHA-1", OiwObjectIdentifiers.IdSha1);
+            DigestNameToOids.Add("SHA-224", NistObjectIdentifiers.IdSha224);
+            DigestNameToOids.Add("SHA-256", NistObjectIdentifiers.IdSha256);
+            DigestNameToOids.Add("SHA-384", NistObjectIdentifiers.IdSha384);
+            DigestNameToOids.Add("SHA-512", NistObjectIdentifiers.IdSha512);
+            DigestNameToOids.Add("SHA-512-224", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA-512/224", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA-512(224)", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA-512-256", NistObjectIdentifiers.IdSha512_256);
+            DigestNameToOids.Add("SHA-512/256", NistObjectIdentifiers.IdSha512_256);
+            DigestNameToOids.Add("SHA-512(256)", NistObjectIdentifiers.IdSha512_256);
+
+            DigestNameToOids.Add("SHA1", OiwObjectIdentifiers.IdSha1);
+            DigestNameToOids.Add("SHA224", NistObjectIdentifiers.IdSha224);
+            DigestNameToOids.Add("SHA256", NistObjectIdentifiers.IdSha256);
+            DigestNameToOids.Add("SHA384", NistObjectIdentifiers.IdSha384);
+            DigestNameToOids.Add("SHA512", NistObjectIdentifiers.IdSha512);
+            DigestNameToOids.Add("SHA512-224", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA512/224", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA512(224)", NistObjectIdentifiers.IdSha512_224);
+            DigestNameToOids.Add("SHA512-256", NistObjectIdentifiers.IdSha512_256);
+            DigestNameToOids.Add("SHA512/256", NistObjectIdentifiers.IdSha512_256);
+            DigestNameToOids.Add("SHA512(256)", NistObjectIdentifiers.IdSha512_256);
+
+            DigestNameToOids.Add("SHA3-224", NistObjectIdentifiers.IdSha3_224);
+            DigestNameToOids.Add("SHA3-256", NistObjectIdentifiers.IdSha3_256);
+            DigestNameToOids.Add("SHA3-384", NistObjectIdentifiers.IdSha3_384);
+            DigestNameToOids.Add("SHA3-512", NistObjectIdentifiers.IdSha3_512);
+
+            DigestNameToOids.Add("SHAKE128", NistObjectIdentifiers.IdShake128);
+            DigestNameToOids.Add("SHAKE256", NistObjectIdentifiers.IdShake256);
+            DigestNameToOids.Add("SHAKE-128", NistObjectIdentifiers.IdShake128);
+            DigestNameToOids.Add("SHAKE-256", NistObjectIdentifiers.IdShake256);
+
+            DigestNameToOids.Add("GOST3411", CryptoProObjectIdentifiers.GostR3411);
+            DigestNameToOids.Add("GOST3411-2012-256", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
+            DigestNameToOids.Add("GOST3411-2012-512", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
+
+            DigestNameToOids.Add("MD2", PkcsObjectIdentifiers.MD2);
+            DigestNameToOids.Add("MD4", PkcsObjectIdentifiers.MD4);
+            DigestNameToOids.Add("MD5", PkcsObjectIdentifiers.MD5);
+
+            DigestNameToOids.Add("RIPEMD128", TeleTrusTObjectIdentifiers.RipeMD128);
+            DigestNameToOids.Add("RIPEMD160", TeleTrusTObjectIdentifiers.RipeMD160);
+            DigestNameToOids.Add("RIPEMD256", TeleTrusTObjectIdentifiers.RipeMD256);
+
+            DigestNameToOids.Add("SM3", GMObjectIdentifiers.sm3);
+
+            // IETF RFC 3370
+            AddDigestAlgID(OiwObjectIdentifiers.IdSha1, true);
+            // IETF RFC 5754
+            AddDigestAlgID(NistObjectIdentifiers.IdSha224, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha256, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha384, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha512, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha512_224, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha512_256, false);
+
+            // NIST CSOR
+            AddDigestAlgID(NistObjectIdentifiers.IdSha3_224, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha3_256, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha3_384, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdSha3_512, false);
+
+            // RFC 8702
+            AddDigestAlgID(NistObjectIdentifiers.IdShake128, false);
+            AddDigestAlgID(NistObjectIdentifiers.IdShake256, false);
+
+            // RFC 4357
+            AddDigestAlgID(CryptoProObjectIdentifiers.GostR3411, true);
+
+            // draft-deremin-rfc4491
+            AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, false);
+            AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, false);
+
+            // IETF RFC 1319
+            AddDigestAlgID(PkcsObjectIdentifiers.MD2, true);
+            // IETF RFC 1320
+            AddDigestAlgID(PkcsObjectIdentifiers.MD4, true);
+            // IETF RFC 1321
+            AddDigestAlgID(PkcsObjectIdentifiers.MD5, true);
+
+            // found no standard which specified the handle of AlgorithmIdentifier.parameters,
+            // so let it as before.
+            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD128, true);
+            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD160, true);
+            AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD256, true);
+
+            Shake256Oids.Add(EdECObjectIdentifiers.id_Ed448);
+
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium2);
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium3);
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium5);
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium2_aes);
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium3_aes);
+            Shake256Oids.Add(BCObjectIdentifiers.dilithium5_aes);
+
+            Shake256Oids.Add(BCObjectIdentifiers.falcon_512);
+            Shake256Oids.Add(BCObjectIdentifiers.falcon_1024);
+        }
+
+        private static void AddDigestAlgID(DerObjectIdentifier oid, bool withNullParams) =>
+            DigestOidToAlgIDs.Add(oid, new AlgorithmIdentifier(oid, withNullParams ? DerNull.Instance : null));
+
+        protected DefaultDigestAlgorithmFinder()
+        {
+        }
+
+        public virtual AlgorithmIdentifier Find(AlgorithmIdentifier signatureAlgorithm)
+        {
+            DerObjectIdentifier signatureOid = signatureAlgorithm.Algorithm;
+
+            if (Shake256Oids.Contains(signatureOid))
+                return new AlgorithmIdentifier(NistObjectIdentifiers.IdShake256Len, new DerInteger(512));
+
+            DerObjectIdentifier digestOid;
+            if (PkcsObjectIdentifiers.IdRsassaPss.Equals(signatureOid))
+            {
+                digestOid = RsassaPssParameters.GetInstance(signatureAlgorithm.Parameters).HashAlgorithm.Algorithm;
+            }
+            else if (EdECObjectIdentifiers.id_Ed25519.Equals(signatureOid))
+            {
+                digestOid = NistObjectIdentifiers.IdSha512;
+            }
+            else if (PkcsObjectIdentifiers.IdAlgHssLmsHashsig.Equals(signatureOid))
+            {
+                digestOid = NistObjectIdentifiers.IdSha256;
+            }
+            else
+            {
+                digestOid = CollectionUtilities.GetValueOrNull(DigestOids, signatureOid);
+            }
+
+            return Find(digestOid);
+        }
+
+        public virtual AlgorithmIdentifier Find(DerObjectIdentifier digestOid)
+        {
+            if (digestOid == null)
+                throw new ArgumentNullException(nameof(digestOid));
+
+            if (DigestOidToAlgIDs.TryGetValue(digestOid, out var digestAlgorithm))
+                return digestAlgorithm;
+
+            return new AlgorithmIdentifier(digestOid);
+        }
+
+        public virtual AlgorithmIdentifier Find(string digestName)
+        {
+            if (DigestNameToOids.TryGetValue(digestName, out var digestOid))
+                return Find(digestOid);
+
+            try
+            {
+                return Find(new DerObjectIdentifier(digestName));
+            }
+            catch (Exception)
+            {
+                // ignore - tried it but it didn't work...
+            }
+
+            return null;
+        }
+    }
+}
diff --git a/crypto/src/operators/utilities/DefaultSignatureAlgorithmFinder.cs b/crypto/src/operators/utilities/DefaultSignatureAlgorithmFinder.cs
new file mode 100644
index 000000000..0da904328
--- /dev/null
+++ b/crypto/src/operators/utilities/DefaultSignatureAlgorithmFinder.cs
@@ -0,0 +1,533 @@
+using System;
+using System.Collections.Generic;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.BC;
+using Org.BouncyCastle.Asn1.Bsi;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Eac;
+using Org.BouncyCastle.Asn1.EdEC;
+using Org.BouncyCastle.Asn1.GM;
+using Org.BouncyCastle.Asn1.Isara;
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Rosstandart;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+
+namespace Org.BouncyCastle.Operators.Utilities
+{
+    public class DefaultSignatureAlgorithmFinder
+        : ISignatureAlgorithmFinder
+    {
+        public static readonly DefaultSignatureAlgorithmFinder Instance = new DefaultSignatureAlgorithmFinder();
+
+        private static readonly Dictionary<string, DerObjectIdentifier> Algorithms =
+            new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
+        private static readonly HashSet<DerObjectIdentifier> NoParams = new HashSet<DerObjectIdentifier>();
+        private static readonly Dictionary<string, Asn1Encodable> Parameters =
+            new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase);
+        private static readonly HashSet<DerObjectIdentifier> Pkcs15RsaEncryption = new HashSet<DerObjectIdentifier>();
+        private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> DigestOids =
+            new Dictionary<DerObjectIdentifier, DerObjectIdentifier>();
+
+        static DefaultSignatureAlgorithmFinder()
+        {
+            Algorithms["COMPOSITE"] = MiscObjectIdentifiers.id_alg_composite;
+
+            Algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption;
+            Algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption;
+            Algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption;
+            Algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption;
+            Algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
+            Algorithms["SHA-1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
+            Algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
+            Algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
+            Algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
+            Algorithms["SHA-224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
+            Algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
+            Algorithms["SHA-224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
+            Algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
+            Algorithms["SHA-256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
+            Algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
+            Algorithms["SHA-256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
+            Algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
+            Algorithms["SHA-384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
+            Algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
+            Algorithms["SHA-384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
+            Algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
+            Algorithms["SHA-512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
+            Algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
+            Algorithms["SHA-512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
+            Algorithms["SHA512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
+            Algorithms["SHA-512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
+            Algorithms["SHA512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
+            Algorithms["SHA-512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption;
+            Algorithms["SHA512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
+            Algorithms["SHA-512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
+            Algorithms["SHA512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
+            Algorithms["SHA-512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption;
+            Algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            Algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160;
+            Algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160;
+            Algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128;
+            Algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128;
+            Algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256;
+            Algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256;
+            Algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1;
+            Algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1;
+            Algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1;
+            Algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224;
+            Algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256;
+            Algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384;
+            Algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512;
+            Algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224;
+            Algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256;
+            Algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384;
+            Algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512;
+            Algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;
+            Algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;
+            Algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;
+            Algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;
+            Algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;
+            Algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;
+            Algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;
+            Algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;
+            Algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;
+            Algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;
+            Algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;
+            Algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;
+            Algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1;
+            Algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1;
+            Algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224;
+            Algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256;
+            Algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384;
+            Algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512;
+            Algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94;
+            Algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94;
+            Algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
+            Algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
+            Algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
+            Algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
+            Algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
+            Algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
+            Algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
+            Algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
+            Algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
+            Algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
+            Algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
+
+            // NOTE: Not in bc-java
+            Algorithms["GOST3411-2012-256WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256;
+            Algorithms["GOST3411-2012-512WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512;
+
+            Algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1;
+            Algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224;
+            Algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256;
+            Algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384;
+            Algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512;
+            Algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512;
+            Algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512;
+
+            Algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1;
+            Algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160;
+            Algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224;
+            Algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256;
+            Algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384;
+            Algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512;
+            Algorithms["SHA3-224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_224;
+            Algorithms["SHA3-256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_256;
+            Algorithms["SHA3-384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_384;
+            Algorithms["SHA3-512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_512;
+
+            Algorithms["ED25519"] = EdECObjectIdentifiers.id_Ed25519;
+            Algorithms["ED448"] = EdECObjectIdentifiers.id_Ed448;
+
+            // RFC 8702
+            Algorithms["SHAKE128WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128;
+            Algorithms["SHAKE256WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256;
+            Algorithms["SHAKE128WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128;
+            Algorithms["SHAKE256WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256;
+            Algorithms["SHAKE128WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake128;
+            Algorithms["SHAKE256WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake256;
+
+            //m_algorithms["RIPEMD160WITHSM2"] = GMObjectIdentifiers.sm2sign_with_rmd160;
+            //m_algorithms["SHA1WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha1;
+            //m_algorithms["SHA224WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha224;
+            Algorithms["SHA256WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha256;
+            //m_algorithms["SHA384WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha384;
+            //m_algorithms["SHA512WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha512;
+            Algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3;
+
+            Algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_SHA256ph;
+            Algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_SHA512ph;
+            Algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_SHAKE128ph;
+            Algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_SHAKE256ph;
+
+            Algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHA256ph;
+            Algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHA512ph;
+            Algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHAKE128ph;
+            Algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_SHAKE256ph;
+
+            Algorithms["SHA256WITHXMSS-SHA256"] = BCObjectIdentifiers.xmss_SHA256ph;
+            Algorithms["SHA512WITHXMSS-SHA512"] = BCObjectIdentifiers.xmss_SHA512ph;
+            Algorithms["SHAKE128WITHXMSS-SHAKE128"] = BCObjectIdentifiers.xmss_SHAKE128ph;
+            Algorithms["SHAKE256WITHXMSS-SHAKE256"] = BCObjectIdentifiers.xmss_SHAKE256ph;
+
+            Algorithms["SHA256WITHXMSSMT-SHA256"] = BCObjectIdentifiers.xmss_mt_SHA256ph;
+            Algorithms["SHA512WITHXMSSMT-SHA512"] = BCObjectIdentifiers.xmss_mt_SHA512ph;
+            Algorithms["SHAKE128WITHXMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128ph;
+            Algorithms["SHAKE256WITHXMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256ph;
+
+            Algorithms["LMS"] = PkcsObjectIdentifiers.IdAlgHssLmsHashsig;
+
+            Algorithms["XMSS"] = IsaraObjectIdentifiers.id_alg_xmss;
+            Algorithms["XMSS-SHA256"] = BCObjectIdentifiers.xmss_SHA256;
+            Algorithms["XMSS-SHA512"] = BCObjectIdentifiers.xmss_SHA512;
+            Algorithms["XMSS-SHAKE128"] = BCObjectIdentifiers.xmss_SHAKE128;
+            Algorithms["XMSS-SHAKE256"] = BCObjectIdentifiers.xmss_SHAKE256;
+
+            Algorithms["XMSSMT"] = IsaraObjectIdentifiers.id_alg_xmssmt;
+            Algorithms["XMSSMT-SHA256"] = BCObjectIdentifiers.xmss_mt_SHA256;
+            Algorithms["XMSSMT-SHA512"] = BCObjectIdentifiers.xmss_mt_SHA512;
+            Algorithms["XMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128;
+            Algorithms["XMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256;
+
+            Algorithms["SPHINCS+"] = BCObjectIdentifiers.sphincsPlus;
+            Algorithms["SPHINCSPLUS"] = BCObjectIdentifiers.sphincsPlus;
+
+            Algorithms["DILITHIUM2"] = BCObjectIdentifiers.dilithium2;
+            Algorithms["DILITHIUM3"] = BCObjectIdentifiers.dilithium3;
+            Algorithms["DILITHIUM5"] = BCObjectIdentifiers.dilithium5;
+            Algorithms["DILITHIUM2-AES"] = BCObjectIdentifiers.dilithium2_aes;
+            Algorithms["DILITHIUM3-AES"] = BCObjectIdentifiers.dilithium3_aes;
+            Algorithms["DILITHIUM5-AES"] = BCObjectIdentifiers.dilithium5_aes;
+
+            Algorithms["FALCON-512"] = BCObjectIdentifiers.falcon_512;
+            Algorithms["FALCON-1024"] = BCObjectIdentifiers.falcon_1024;
+
+            Algorithms["PICNIC"] = BCObjectIdentifiers.picnic_signature;
+            Algorithms["SHA512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha512;
+            Algorithms["SHA3-512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha3_512;
+            Algorithms["SHAKE256WITHPICNIC"] = BCObjectIdentifiers.picnic_with_shake256;
+
+            //
+            // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+            // The parameters field SHALL be NULL for RSA based signature algorithms.
+            //
+            NoParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+            NoParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+            NoParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+            NoParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+            NoParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+            NoParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+            NoParams.Add(NistObjectIdentifiers.DsaWithSha224);
+            NoParams.Add(NistObjectIdentifiers.DsaWithSha256);
+            NoParams.Add(NistObjectIdentifiers.DsaWithSha384);
+            NoParams.Add(NistObjectIdentifiers.DsaWithSha512);
+            NoParams.Add(NistObjectIdentifiers.IdDsaWithSha3_224);
+            NoParams.Add(NistObjectIdentifiers.IdDsaWithSha3_256);
+            NoParams.Add(NistObjectIdentifiers.IdDsaWithSha3_384);
+            NoParams.Add(NistObjectIdentifiers.IdDsaWithSha3_512);
+            NoParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224);
+            NoParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256);
+            NoParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384);
+            NoParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512);
+
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384);
+            NoParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512);
+
+            //
+            // RFC 4491
+            //
+            NoParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+            NoParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+            NoParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
+            NoParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
+
+            //
+            // SPHINCS-256
+            //
+            NoParams.Add(BCObjectIdentifiers.sphincs256_with_SHA512);
+            NoParams.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
+
+            //
+            // SPHINCS-PLUS
+            //
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256s_r3);
+            NoParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256f_r3);
+
+            //
+            // Dilithium
+            //
+            NoParams.Add(BCObjectIdentifiers.dilithium);
+            NoParams.Add(BCObjectIdentifiers.dilithium2);
+            NoParams.Add(BCObjectIdentifiers.dilithium3);
+            NoParams.Add(BCObjectIdentifiers.dilithium5);
+            NoParams.Add(BCObjectIdentifiers.dilithium2_aes);
+            NoParams.Add(BCObjectIdentifiers.dilithium3_aes);
+            NoParams.Add(BCObjectIdentifiers.dilithium5_aes);
+
+            //
+            // Falcon
+            //
+            NoParams.Add(BCObjectIdentifiers.falcon);
+            NoParams.Add(BCObjectIdentifiers.falcon_512);
+            NoParams.Add(BCObjectIdentifiers.falcon_1024);
+
+            //
+            // Picnic
+            //
+            NoParams.Add(BCObjectIdentifiers.picnic_signature);
+            NoParams.Add(BCObjectIdentifiers.picnic_with_sha512);
+            NoParams.Add(BCObjectIdentifiers.picnic_with_sha3_512);
+            NoParams.Add(BCObjectIdentifiers.picnic_with_shake256);
+
+            //
+            // XMSS
+            //
+            NoParams.Add(BCObjectIdentifiers.xmss_SHA256ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHA512ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHAKE128ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHAKE256ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHA256ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHA512ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128ph);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256ph);
+
+            NoParams.Add(BCObjectIdentifiers.xmss_SHA256);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHA512);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHAKE128);
+            NoParams.Add(BCObjectIdentifiers.xmss_SHAKE256);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHA256);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHA512);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128);
+            NoParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256);
+
+            NoParams.Add(IsaraObjectIdentifiers.id_alg_xmss);
+            NoParams.Add(IsaraObjectIdentifiers.id_alg_xmssmt);
+
+            //
+            // qTESLA
+            //
+            NoParams.Add(BCObjectIdentifiers.qTESLA_p_I);
+            NoParams.Add(BCObjectIdentifiers.qTESLA_p_III);
+
+            //
+            // SM2
+            //
+            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_rmd160);
+            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha1);
+            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha224);
+            NoParams.Add(GMObjectIdentifiers.sm2sign_with_sha256);
+            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha384);
+            //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha512);
+            NoParams.Add(GMObjectIdentifiers.sm2sign_with_sm3);
+
+            // EdDSA
+            NoParams.Add(EdECObjectIdentifiers.id_Ed25519);
+            NoParams.Add(EdECObjectIdentifiers.id_Ed448);
+
+            // RFC 8702
+            NoParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128);
+            NoParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256);
+            NoParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128);
+            NoParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256);
+
+            //
+            // PKCS 1.5 encrypted  algorithms
+            //
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+            Pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+            Pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+            Pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+            Pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+            Pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224);
+            Pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256);
+            Pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384);
+            Pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512);
+
+            //
+            // explicit params
+            //
+            AlgorithmIdentifier sha1AlgID = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+            Parameters["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgID, 20);
+
+            AlgorithmIdentifier sha224AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
+            Parameters["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgID, 28);
+
+            AlgorithmIdentifier sha256AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
+            Parameters["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgID, 32);
+
+            AlgorithmIdentifier sha384AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
+            Parameters["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgID, 48);
+
+            AlgorithmIdentifier sha512AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
+            Parameters["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgID, 64);
+
+            AlgorithmIdentifier sha3_224AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance);
+            Parameters["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgID, 28);
+
+            AlgorithmIdentifier sha3_256AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance);
+            Parameters["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgID, 32);
+
+            AlgorithmIdentifier sha3_384AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance);
+            Parameters["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgID, 48);
+
+            AlgorithmIdentifier sha3_512AlgID = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance);
+            Parameters["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgID, 64);
+
+            //
+            // digests
+            //
+            DigestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224;
+            DigestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256;
+            DigestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384;
+            DigestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512;
+            DigestOids[PkcsObjectIdentifiers.Sha512_224WithRSAEncryption] = NistObjectIdentifiers.IdSha512_224;
+            DigestOids[PkcsObjectIdentifiers.Sha512_256WithRSAEncryption] = NistObjectIdentifiers.IdSha512_256;
+            DigestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224;
+            DigestOids[NistObjectIdentifiers.DsaWithSha256] = NistObjectIdentifiers.IdSha256;
+            DigestOids[NistObjectIdentifiers.DsaWithSha384] = NistObjectIdentifiers.IdSha384;
+            DigestOids[NistObjectIdentifiers.DsaWithSha512] = NistObjectIdentifiers.IdSha512;
+            DigestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224;
+            DigestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256;
+            DigestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384;
+            DigestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512;
+            DigestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224;
+            DigestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256;
+            DigestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384;
+            DigestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512;
+            DigestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224;
+            DigestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256;
+            DigestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384;
+            DigestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512;
+
+            DigestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2;
+            DigestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4;
+            DigestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5;
+            DigestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1;
+            DigestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128;
+            DigestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160;
+            DigestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256;
+            DigestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411;
+            DigestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411;
+            DigestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256;
+            DigestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512;
+
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3] = NistObjectIdentifiers.IdShake256;
+
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple] = NistObjectIdentifiers.IdSha256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple] = NistObjectIdentifiers.IdShake256;
+            DigestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple] = NistObjectIdentifiers.IdShake256;
+
+            //m_digestOids[GMObjectIdentifiers.sm2sign_with_rmd160] = TeleTrusTObjectIdentifiers.RipeMD160;
+            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha1] = OiwObjectIdentifiers.IdSha1;
+            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha224] = NistObjectIdentifiers.IdSha224;
+            DigestOids[GMObjectIdentifiers.sm2sign_with_sha256] = NistObjectIdentifiers.IdSha256;
+            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha384] = NistObjectIdentifiers.IdSha384;
+            //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha512] = NistObjectIdentifiers.IdSha512;
+            DigestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3;
+
+            DigestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128] = NistObjectIdentifiers.IdShake128;
+            DigestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256] = NistObjectIdentifiers.IdShake256;
+            DigestOids[CmsObjectIdentifiers.id_ecdsa_with_shake128] = NistObjectIdentifiers.IdShake128;
+            DigestOids[CmsObjectIdentifiers.id_ecdsa_with_shake256] = NistObjectIdentifiers.IdShake256;
+        }
+
+        private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgID, int saltSize)
+        {
+            return new RsassaPssParameters(
+                hashAlgID,
+                new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgID),
+                new DerInteger(saltSize),
+                new DerInteger(1));
+        }
+
+        protected DefaultSignatureAlgorithmFinder()
+        {
+        }
+
+        public virtual AlgorithmIdentifier Find(string signatureName)
+        {
+            if (!Algorithms.TryGetValue(signatureName, out var signatureOid))
+                throw new ArgumentException("Unknown signature type requested: " + signatureName,
+                    nameof(signatureName));
+
+            AlgorithmIdentifier signatureAlgorithm;
+            if (NoParams.Contains(signatureOid))
+            {
+                signatureAlgorithm = new AlgorithmIdentifier(signatureOid);
+            }
+            else if (Parameters.TryGetValue(signatureName, out var parameters))
+            {
+                signatureAlgorithm = new AlgorithmIdentifier(signatureOid, parameters);
+            }
+            else
+            {
+                signatureAlgorithm = new AlgorithmIdentifier(signatureOid, DerNull.Instance);
+            }
+            return signatureAlgorithm;
+        }
+    }
+}
diff --git a/crypto/src/operators/utilities/IDigestAlgorithmFinder.cs b/crypto/src/operators/utilities/IDigestAlgorithmFinder.cs
new file mode 100644
index 000000000..867829dba
--- /dev/null
+++ b/crypto/src/operators/utilities/IDigestAlgorithmFinder.cs
@@ -0,0 +1,32 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Operators.Utilities
+{
+    /// <summary>
+    /// Base interface for a finder of digest algorithm identifiers used with signatures.
+    /// </summary>
+    public interface IDigestAlgorithmFinder
+    {
+        /// <summary>
+        /// Find the digest algorithm identifier that matches with the passed in signature algorithm identifier.
+        /// </summary>
+        /// <param name="signatureAlgorithm">the signature algorithm of interest.</param>
+        /// <returns>an algorithm identifier for the corresponding digest.</returns>
+        AlgorithmIdentifier Find(AlgorithmIdentifier signatureAlgorithm);
+
+        /// <summary>
+        /// Find the digest algorithm identifier that matches with the passed in digest name.
+        /// </summary>
+        /// <param name="digestOid">the OID of the digest algorithm of interest.</param>
+        /// <returns>an algorithm identifier for the digest signature.</returns>
+        AlgorithmIdentifier Find(DerObjectIdentifier digestOid);
+
+        /// <summary>
+        /// Find the digest algorithm identifier that matches with the passed in digest name.
+        /// </summary>
+        /// <param name="digestName">the name of the digest algorithm of interest.</param>
+        /// <returns>an algorithm identifier for the digest signature.</returns>
+        AlgorithmIdentifier Find(string digestName);
+    }
+}
diff --git a/crypto/src/operators/utilities/ISignatureAlgorithmFinder.cs b/crypto/src/operators/utilities/ISignatureAlgorithmFinder.cs
new file mode 100644
index 000000000..c08ad7e98
--- /dev/null
+++ b/crypto/src/operators/utilities/ISignatureAlgorithmFinder.cs
@@ -0,0 +1,9 @@
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Operators.Utilities
+{
+    public interface ISignatureAlgorithmFinder
+    {
+        AlgorithmIdentifier Find(string signatureName);
+    }
+}