private static Certificate FindIssuerCaCertificate(Certificate certificate)
{
Certificate nullCertificate = new Certificate();
CaCertificateSubjectKeyIdEntry cACertificateSubjectKeyIdEntry = FindCaCertificateHashEntry(certificate.AuthorityKeyIdentifier.keyIdentifier);
if (cACertificateSubjectKeyIdEntry.CertificateHash == null)
{
return(nullCertificate);
}
CaCertificateEntry cACertificateEntry = FindCaCertificatewithCertificateHash(cACertificateSubjectKeyIdEntry.CertificateHash);
if (cACertificateEntry.CertificateValue == null)
{
return(nullCertificate);
}
if (cACertificateSubjectKeyIdEntry.IsRootCa)
{
if (!cACertificateEntry.IsTrusted)
{
return(nullCertificate);
}
}
else
{
if (cACertificateEntry.IsRevoked)
{
return(nullCertificate);
}
}
Certificate caCertificate = CertificateParser.Parse(cACertificateEntry.CertificateValue);
if (!caCertificate.IsLoaded)
{
return(nullCertificate);
}
if (!CertificateValidator.CheckValidityPeriod(caCertificate))
{
return(nullCertificate);
}
return(caCertificate);
}
public static bool MarkSubCaCertificateRevokedInStore(byte[] certificateHash)
{
byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash);
CaCertificateEntry cACertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized);
if (cACertificateEntry.IsRevoked || cACertificateEntry.IsTrusted)
{
return(false);
}
cACertificateEntry.IsRevoked = true;
cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry);
Certificate subCACertificate = CertificateParser.Parse(cACertificateEntry.CertificateValue);
StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized);
MarkAllCertificatesAsRevokedForCa(subCACertificate);
return(true);
}
