private static void AddCaCertificateToStorage(Certificate certificate, byte[] certificateHash, byte[] encodedCert, bool isRootCA) { CaCertificateEntry caCertificateEntry = new CaCertificateEntry(); caCertificateEntry.CertificateValue = encodedCert; if (isRootCA) { caCertificateEntry.IsTrusted = true; caCertificateEntry.IsRevoked = false; } else { caCertificateEntry.IsTrusted = false; caCertificateEntry.IsRevoked = false; } byte[] caCertificateEntrySerialized = SerializationUtil.Serialize(caCertificateEntry); StorageUtil.saveToStorage(certificateHash, caCertificateEntrySerialized); CaCertificateSubjectKeyIdEntry cACertificateSubjectKeyIdEntry = new CaCertificateSubjectKeyIdEntry(); cACertificateSubjectKeyIdEntry.CertificateHash = certificateHash; cACertificateSubjectKeyIdEntry.IsRootCa = isRootCA; byte[] cACertificateSubjectKeyIdEntrySerialized = SerializationUtil.Serialize(cACertificateSubjectKeyIdEntry); Logger.log("Saving CA Certificate for Key Id Search :"); Logger.log(certificate.SubjectKeyIdentifier.keyIdentifier); StorageUtil.saveToStorage(certificate.SubjectKeyIdentifier.keyIdentifier, cACertificateSubjectKeyIdEntrySerialized); }
public static void MarkRootCaCertificateUntrustedInStorage(Certificate rootCACertificate, byte[] certificateHash) { byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash); CaCertificateEntry cACertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized); cACertificateEntry.IsTrusted = false; cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry); StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized); MarkAllCertificatesAsRevokedForCa(rootCACertificate); }
public static bool MarkSubCaCertificateRevokedInStorage(Certificate subCACertificate, byte[] certificateHash) { byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash); CaCertificateEntry cACertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized); if (cACertificateEntry.IsRevoked || cACertificateEntry.IsTrusted) { return(false); } cACertificateEntry.IsRevoked = true; cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry); StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized); MarkAllCertificatesAsRevokedForCa(subCACertificate); return(true); }