Seal - Core/com.jermey.seal.core.x509/TbsCertificateBuilder/reconstructTbsForVerification

reconstructTbsForVerification

fun reconstructTbsForVerification(certDerBytes: ByteArray): ByteArray(source)

Reconstruct the TBS certificate bytes for SCT signature verification.

For precertificates:

  • Removes the poison extension (1.3.6.1.4.1.11129.2.4.3)

For regular certificates with embedded SCTs:

  • Removes the SCT extension (1.3.6.1.4.1.11129.2.4.2)

Return

The reconstructed TBS certificate bytes for signature verification.

Parameters

certDerBytes

The complete certificate DER bytes.

Throws

if the certificate structure is invalid.