I would like to apply a KECCAK-384 hash with an RSA signature to some data, but I need to do it in two steps - apply the hash first and then sign the data.
The Signature.sign() function appears to need the right digest DER data structure to sign correctly.
How can I make the two equivalents without using any external libraries like BouncyCastle?
With SHA3-384 it's ok (as there is an OID) but for KECCAK-384, I didn't find the right way as there is no OID.
Regards,
For SHA3-384 it's ok :
Signature signEng1= Signature.getInstance("NoneWithRSA");
signEng1.initSign(rsaKeyPair.getPrivate());
signEng1.update(digestinfo);
signEng1.update(hashToSign);
byte[] sig1= signEng1.sign();
In Fact, each provider decide the header for Keccak 384 as it's not in a RFC.