Community articleSignature_GetSigningCert function
Added by IBM contributorIBM on August 16, 2011
Rate this article 1 starsRate this article 2 starsRate this article 3 starsRate this article 4 starsRate this article 5 stars

No abstract provided.


This function retrieves the signing certificate from a signature object.


   r_error Signature_GetSigningCert(
      Signature *theSignature, 
      Certificate **theCertificate);


Table 1. get signing cert parameters
theSignatureSignature*The signature from which you want to extract the signing certificate.
theCertificateCertificate**A pointer that is set to the signing certificate.


OK on success or an error code on failure.


The following example gets the signing certificate from a signature object, then iterates through the certificate issuers until it reaches the end of the chain. During the iteration, each certificate is passed to a function that processes them.
   r_error processCertChain(Signature *theSig)
   Certificate *theCert, *issuerCert;
   SecurityUserStatusType theStatus;
      /* Get the signing certificate from the signature. */
      if (Signature_GetSigningCert(theSig, &theCert) != OK)
         fprintf(stderr, "Could not get signing certificate.\n"); 
      /* Loop through the certificate chain, passing each certificate to the 
         ProcessCert function. The loop ends when the issuer certificate is 
         NULL. */
      while (theCert != NULL)
         /* Pass the certificate to the processCert function.  Note that 
            this is not an API function, but rather a function you would 
            write to process the certificate in some way. */
         if (ProcessCert(theCert) != OK)
            fprintf(stderr, "Could not process certificate.\n"); 
         /* Get the issuer certificate from theCert. */
         if (Certificate_GetIssuer(theCert, &theStatus, &issuerCert) != OK)
            fprintf(stderr, "Could not get issuer certificate.\n");
         /* Check to ensure the function exited with the correct status. */
         if (theStatus != SUSTATUS_OK)
            fprintf(stderr, "GetIssuer exited with wrong status.\n");
         /* Free theCert object. */
         /* Assign theCert to equal the issuerCert for next iteration of the 
            loop. */
         theCert = issuerCert;

Parent topic:
Signature functions