I have PDF document signed by esig/dss https://github.com/esig/dss library. I can see that singature in Acrobat Reader. When I want to verify it with iText and BouncyCastle I got exception:
2.16.840.1.101.3.4.2.1withRSA Signature not available
I work on Fedora with Oracle JDK 1.8.0_112 with unlimited cryptography, iText-2.0.8.jar and BouncyCastle bcprov-jdk16-139.jar.
When I chcecked Message Digest available in my environment using response from: Complete list of MessageDigest available in the JDK
I got:
Alias: "OID.2.16.840.1.101.3.4.2.1" -> "SHA-256"
So it is available in my JDK.
Sho why 2.16.840.1.101.3.4.2.1withRSA Signature not available?
You mention that you use "iText-2.0.8.jar" and "bcprov-jdk16-139.jar".
Those versions are ancient, itext 2.0.8 in particular has been released early 2008. The PAdES specifications had first been published in 2009, and they introduced numerous changes and additions into pdf signing. Esig/dss essentially had been introduced as a first implementation of these changes and additions.
Thus, you definitely should consider updating to support current standards.