private static void AddCaCertificateToStorage(Certificate certificate, byte[] certificateHash,
byte[] encodedCert, bool isRootCA)
{
CaCertificateEntry caCertificateEntry = new CaCertificateEntry();
caCertificateEntry.CertificateValue = encodedCert;
if (isRootCA)
{
caCertificateEntry.IsTrusted = true;
caCertificateEntry.IsRevoked = false;
}
else
{
caCertificateEntry.IsTrusted = false;
caCertificateEntry.IsRevoked = false;
}
byte[] caCertificateEntrySerialized = SerializationUtil.Serialize(caCertificateEntry);
StorageUtil.saveToStorage(certificateHash, caCertificateEntrySerialized);
CaCertificateSubjectKeyIdEntry cACertificateSubjectKeyIdEntry = new CaCertificateSubjectKeyIdEntry();
cACertificateSubjectKeyIdEntry.CertificateHash = certificateHash;
cACertificateSubjectKeyIdEntry.IsRootCa = isRootCA;
byte[] cACertificateSubjectKeyIdEntrySerialized =
SerializationUtil.Serialize(cACertificateSubjectKeyIdEntry);
Logger.log("Saving CA Certificate for Key Id Search :");
Logger.log(certificate.SubjectKeyIdentifier.keyIdentifier);
StorageUtil.saveToStorage(certificate.SubjectKeyIdentifier.keyIdentifier,
cACertificateSubjectKeyIdEntrySerialized);
}
public static void MarkRootCaCertificateUntrustedInStorage(Certificate rootCACertificate,
byte[] certificateHash)
{
byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash);
CaCertificateEntry cACertificateEntry =
(CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized);
cACertificateEntry.IsTrusted = false;
cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry);
StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized);
MarkAllCertificatesAsRevokedForCa(rootCACertificate);
}
public static bool MarkSubCaCertificateRevokedInStorage(Certificate subCACertificate, byte[] certificateHash)
{
byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash);
CaCertificateEntry cACertificateEntry =
(CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized);
if (cACertificateEntry.IsRevoked || cACertificateEntry.IsTrusted)
{
return(false);
}
cACertificateEntry.IsRevoked = true;
cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry);
StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized);
MarkAllCertificatesAsRevokedForCa(subCACertificate);
return(true);
}
