public async Task RevokeRSAIssuersTest()
        {
            using (var mock = AutoMock.GetLoose()) {
                // Setup
                Setup(mock, HandleQuery);
                ICertificateIssuer service = mock.Create <CertificateIssuer>();
                var rootca = await service.NewRootCertificateAsync("rootca",
                                                                   X500DistinguishedNameEx.Create("CN=rootca"), DateTime.UtcNow, TimeSpan.FromDays(5),
                                                                   new CreateKeyParams { KeySize = 2048, Type = KeyType.RSA },
                                                                   new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(3) });

                var intca = await service.NewIssuerCertificateAsync("rootca", "intca",
                                                                    X500DistinguishedNameEx.Create("CN=intca"), DateTime.UtcNow,
                                                                    new CreateKeyParams { KeySize = 2048, Type = KeyType.RSA },
                                                                    new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(2) });

                var footca1 = await service.NewIssuerCertificateAsync("intca", "footca1",
                                                                      X500DistinguishedNameEx.Create("CN=footca"), DateTime.UtcNow,
                                                                      new CreateKeyParams { KeySize = 2048, Type = KeyType.RSA },
                                                                      new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(1) });

                var footca2 = await service.NewIssuerCertificateAsync("intca", "footca2",
                                                                      X500DistinguishedNameEx.Create("CN=footca"), DateTime.UtcNow,
                                                                      new CreateKeyParams { KeySize = 2048, Type = KeyType.RSA },
                                                                      new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(1) });

                // Run
                ICertificateRevoker revoker = mock.Create <CertificateRevoker>();
                await revoker.RevokeCertificateAsync(footca1.SerialNumber);

                await revoker.RevokeCertificateAsync(footca2.SerialNumber);

                ICertificateStore store = mock.Create <CertificateDatabase>();
                var foundi = await store.FindLatestCertificateAsync("intca");

                var found1 = await store.FindLatestCertificateAsync("footca1");

                var found2 = await store.FindLatestCertificateAsync("footca2");

                ICrlEndpoint crls = mock.Create <CrlDatabase>();
                // Get crl chain for intca and rootca
                var chainr = await crls.GetCrlChainAsync(intca.SerialNumber);

                // Assert
                Assert.NotNull(foundi);
                Assert.NotNull(found1);
                Assert.NotNull(found2);
                Assert.Null(foundi.Revoked);
                Assert.NotNull(found1.Revoked);
                Assert.NotNull(found2.Revoked);
                Assert.NotNull(chainr);
                Assert.NotEmpty(chainr);
                Assert.Equal(2, chainr.Count());
                Assert.True(chainr.ToArray()[1].HasValidSignature(intca));
                Assert.True(chainr.ToArray()[0].HasValidSignature(rootca));
                Assert.True(chainr.Last().IsRevoked(footca1));
                Assert.True(chainr.Last().IsRevoked(footca2));
                Assert.False(chainr.First().IsRevoked(intca));
            }
        }
        public async Task RevokeECCIssuerAndECCIssuersTestAsync()
        {
            using (var mock = Setup(HandleQuery)) {
                ICertificateIssuer service = mock.Create <CertificateIssuer>();
                var rootca = await service.NewRootCertificateAsync("rootca",
                                                                   X500DistinguishedNameEx.Create("CN=rootca"), DateTime.UtcNow, TimeSpan.FromDays(5),
                                                                   new CreateKeyParams { KeySize = 2048, Type = KeyType.ECC, Curve = CurveType.P384 },
                                                                   new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(3) });

                var intca = await service.NewIssuerCertificateAsync("rootca", "intca",
                                                                    X500DistinguishedNameEx.Create("CN=intca"), DateTime.UtcNow,
                                                                    new CreateKeyParams { KeySize = 2048, Type = KeyType.ECC, Curve = CurveType.P384 },
                                                                    new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(2) });

                var footca1 = await service.NewIssuerCertificateAsync("intca", "footca1",
                                                                      X500DistinguishedNameEx.Create("CN=footca"), DateTime.UtcNow,
                                                                      new CreateKeyParams { KeySize = 2048, Type = KeyType.ECC, Curve = CurveType.P384 },
                                                                      new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(1) });

                var footca2 = await service.NewIssuerCertificateAsync("intca", "footca2",
                                                                      X500DistinguishedNameEx.Create("CN=footca"), DateTime.UtcNow,
                                                                      new CreateKeyParams { KeySize = 2048, Type = KeyType.ECC, Curve = CurveType.P384 },
                                                                      new IssuerPolicies { IssuedLifetime = TimeSpan.FromHours(1) });

                // Run
                ICertificateRevoker revoker = mock.Create <CertificateRevoker>();
                await revoker.RevokeCertificateAsync(intca.SerialNumber);

                ICertificateStore store = mock.Create <CertificateDatabase>();
                var foundi = await store.FindLatestCertificateAsync("intca");

                var found1 = await store.FindLatestCertificateAsync("footca1");

                var found2 = await store.FindLatestCertificateAsync("footca2");

                ICrlEndpoint crls = mock.Create <CrlDatabase>();
                // Get crl for root
                var chainr = await crls.GetCrlChainAsync(rootca.SerialNumber);

                // Assert
                Assert.NotNull(foundi);
                Assert.NotNull(found1);
                Assert.NotNull(found2);
                Assert.NotNull(foundi.Revoked);
                Assert.NotNull(found1.Revoked);
                Assert.NotNull(found2.Revoked);
                Assert.NotNull(chainr);
                Assert.Single(chainr);
                Assert.True(chainr.Single().HasValidSignature(rootca));
                Assert.True(chainr.Single().IsRevoked(intca));
            }
        }