How do I decrypt X509 Certificate Signature

Question

Given a certificate and CA's public key, I want to decrypt the signature part only to use it for verification. The RSA signature decryption is defined as: H'=s^e mod n where s is the signature. I did this decryption manually using BigInteger as the following code but it doesn't seem alright because the result doesn't look the same when I generate the SHA1 hash value of the certificate (using getTBSCertificate() method). Is there a java class that takes (a certificate + CA's public key) and produce the decrypted signature.

File f= new File("/Users/AA/Desktop/InCommonServerCA"); // path for CA certificate 
CertificateFactory cf = CertificateFactory.getInstance("X.509");
BufferedInputStream in = new BufferedInputStream(new FileInputStream(f));
Certificate certCA = cf.generateCertificate(in);

RSAPublicKey pub = (RSAPublicKey) certCA.getPublicKey();
BigInteger n= pub.getModulus(); // to get the CA's modulus (n)
BigInteger e=pub.getPublicExponent(); // to get the CA's exponent (e)
in.close();

// implement `H'=s^e mod n`
BigInteger h1, signature;
signature= new BigInteger(x509cert.getSignature());
h1=signature.modPow(e, n);

Answer 1

You only have to call Certificate.verify().

There is no such thing as decrypting a digital signature.