public static bool ReportFraud(byte[] fraudId, byte[] fakeButValidCertificateBytes, byte[] fakeButValidCertificateHash, byte[] signerCertificateBytes, byte[] signerCertificateBytesHash, byte[] signature) { Certificate fakeButValidCertificate = CertificateParser.Parse(fakeButValidCertificateBytes); if (!fakeButValidCertificate.IsLoaded) { Logger.log("Can not parse Fake But Valid SSL Certificate"); return(false); } EndEntityCertificateEntry fakeButValidCertificateEntry = CertificateStorageManager.RetrieveEndEntityCertificateFromStorage(fakeButValidCertificateHash); if (fakeButValidCertificateEntry.CertificateValue == null) { Logger.log("Can not find Fake But Valid SSL Certificate"); return(false); } if (fakeButValidCertificateEntry.IsRevoked) { Logger.log("Fake But Valid SSL Certificate is revoked before"); return(false); } Certificate signerCertificate = CertificateParser.Parse(signerCertificateBytes); if (!signerCertificate.IsLoaded) { Logger.log("Can not parse Signer Certificate"); return(false); } var signerCertificateContainFakeButValidCertificateDnsEntry = checkDnsValues(fakeButValidCertificate, signerCertificate); if (!signerCertificateContainFakeButValidCertificateDnsEntry) { Logger.log("Signer Certificate Does not contain required DNS value"); return(false); } Logger.log("Starting Validate Signature For Report Fraud Request"); bool signatureValidationResult = SignatureValidator.CheckReportFraudRequestSignature(signature, fakeButValidCertificate, signerCertificate); if (!signatureValidationResult) { Logger.log("Report Fraud Request signature Invalid"); return(false); } Logger.log("Validated Signature For Report Fraud Request"); FraudStorageManager.AddFraudReportToStorage(fraudId, signerCertificateBytes, fakeButValidCertificateHash); //todo: add fraud notification after log infrastructure fixed return(true); }