public final void verify(publickey key, string sigprovider)
      throws certificateexception, nosuchalgorithmexception, invalidkeyexception,
          nosuchproviderexception, signatureexception {
    string signame = x509signatureutil.getsignaturename(c.getsignaturealgorithm());
    signature signature = signature.getinstance(signame, sigprovider);

    checksignature(key, signature);
  }
  public final void verify(publickey key)
      throws certificateexception, nosuchalgorithmexception, invalidkeyexception,
          nosuchproviderexception, signatureexception {
    signature signature;
    string signame = x509signatureutil.getsignaturename(c.getsignaturealgorithm());

    try {
      signature = signature.getinstance(signame, bouncycastleprovider.provider_name);
    } catch (exception e) {
      signature = signature.getinstance(signame);
    }

    checksignature(key, signature);
  }
  private void checksignature(publickey key, signature signature)
      throws certificateexception, nosuchalgorithmexception, signatureexception,
          invalidkeyexception {
    if (!isalgidequal(c.getsignaturealgorithm(), c.gettbscertificate().getsignature())) {
      throw new certificateexception("signature algorithm in tbs cert not same as outer cert");
    }

    asn1encodable params = c.getsignaturealgorithm().getparameters();

    // todo this should go after the initverify?
    x509signatureutil.setsignatureparameters(signature, params);

    signature.initverify(key);

    signature.update(this.gettbscertificate());

    if (!signature.verify(this.getsignature())) {
      throw new signatureexception("certificate does not verify with supplied key");
    }
  }