private static Certificate FindIssuerCaCertificate(Certificate certificate) { Certificate nullCertificate = new Certificate(); CaCertificateSubjectKeyIdEntry cACertificateSubjectKeyIdEntry = FindCaCertificateHashEntry(certificate.AuthorityKeyIdentifier.keyIdentifier); if (cACertificateSubjectKeyIdEntry.CertificateHash == null) { return(nullCertificate); } CaCertificateEntry cACertificateEntry = FindCaCertificatewithCertificateHash(cACertificateSubjectKeyIdEntry.CertificateHash); if (cACertificateEntry.CertificateValue == null) { return(nullCertificate); } if (cACertificateSubjectKeyIdEntry.IsRootCa) { if (!cACertificateEntry.IsTrusted) { return(nullCertificate); } } else { if (cACertificateEntry.IsRevoked) { return(nullCertificate); } } Certificate caCertificate = CertificateParser.Parse(cACertificateEntry.CertificateValue); if (!caCertificate.IsLoaded) { return(nullCertificate); } if (!CertificateValidator.CheckValidityPeriod(caCertificate)) { return(nullCertificate); } return(caCertificate); }
public static bool MarkSubCaCertificateRevokedInStore(byte[] certificateHash) { byte[] cACertificateEntrySerialized = StorageUtil.readFromStorage(certificateHash); CaCertificateEntry cACertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(cACertificateEntrySerialized); if (cACertificateEntry.IsRevoked || cACertificateEntry.IsTrusted) { return(false); } cACertificateEntry.IsRevoked = true; cACertificateEntrySerialized = SerializationUtil.Serialize(cACertificateEntry); Certificate subCACertificate = CertificateParser.Parse(cACertificateEntry.CertificateValue); StorageUtil.saveToStorage(certificateHash, cACertificateEntrySerialized); MarkAllCertificatesAsRevokedForCa(subCACertificate); return(true); }