Error Codes and Messages

If an error prevents the signature from being verified (for example, if the signer’s certificate cannot be read or the signature itself is found to be invalid) processSignedData sets the verify flag to false and reports the cause of the failure in errorCode and errorMessage as follows:

errorCode	errorMessage	Signature could not be verified because...
1	Invalid signer certificate file information.	The signer’s certificate could not be read. The variable containing the certificate chain is not an array object.
2	Certificate at index ‘i’ is not in recognizable format.	The signer’s certificate could not be read. The data at position i in the certificate chain does not appear to be a certificate.
3	Invalid certificate input at index ‘i’.	The signer’s certificate could not be read. The data at position i in the certificate chain is not a byte[ ].
4	Signature cannot be verified.	The signature was invalid. Either the supplied certificate does not belong to the original signer or a message integrity violation has occurred.

If processSignedData is able to verify the signature, but is not able to authenticate the certificate of the signer (that is, the certificate could not be confirmed to be from a trusted source), the verify flag will be true and the errorCode and errorMessage values will be set as follows.

errorCode	errorMessage	Certificate could not be authenticated because...
5	Expired certificate chain.	One or more certificates in the supplied chain is expired.
6	Error in certificate chain.	The certificate chain is incomplete or invalid. For example, the certificate for an intermediate CA may be missing from the chain.
7	Untrusted certificate.	None of the CAs in the chain are trusted by this server. None of the certificates could be matched to a certificate in the server’s truststore.

Note:
Regardless of whether processSignedData is able to verify the signature or authenticate the certificate, it always returns a MIME object containing the parsed message.