From 61251002727a84e3185b19bc0a1894ed21acaafe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksander=20Aas=20Sja=CC=8Afjell?=
 <aleksander.sjafjell@bekk.no>
Date: Thu, 29 Dec 2016 14:18:17 +0100
Subject: [PATCH 1/5] Legger til metode for validering av sertifikat og kjede
 uten orgnr
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fordi det i Oppslagstjenesten ikke er noen verdi i å sjekke om det er utstedt til rett organisasjonsnummer. Det bare er et krav at det er et virksomhetssertifikat og vi har ikke noe organisasjonsnummer å matche med.
---
 .../CertificateValidatorTests.cs              | 80 ++++++++++++-----
 Difi.Felles.Utility/CertificateValidator.cs   | 85 +++++++++++++++++++
 2 files changed, 146 insertions(+), 19 deletions(-)

diff --git a/Difi.Felles.Utility.Tester/CertificateValidatorTests.cs b/Difi.Felles.Utility.Tester/CertificateValidatorTests.cs
index 9094932..83f604b 100755
--- a/Difi.Felles.Utility.Tester/CertificateValidatorTests.cs
+++ b/Difi.Felles.Utility.Tester/CertificateValidatorTests.cs
@@ -6,7 +6,7 @@ namespace Difi.Felles.Utility.Tester
 {
     public class CertificateValidatorTests
     {
-        public class ValidateCertificateAndChainMethod : CertificateValidatorTests
+        public class ValidateCertificateAndChainInternalMethod : CertificateValidatorTests
         {
             [Fact]
             public void Returns_fail_if_certificate_error()
@@ -15,7 +15,7 @@ public void Returns_fail_if_certificate_error()
                 var funksjoneltTestmiljøSertifikater = CertificateChainUtility.FunksjoneltTestmiljøSertifikater();
 
                 //Act
-                var result = CertificateValidator.ValidateCertificateAndChain(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate(), "988015814", funksjoneltTestmiljøSertifikater);
+                var result = CertificateValidator.ValidateCertificateAndChainInternal(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate(), "988015814", funksjoneltTestmiljøSertifikater);
 
                 //Assert
                 Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
@@ -29,7 +29,7 @@ public void Returns_fail_if_self_signed_certificate()
                 var funksjoneltTestmiljøSertifikater = CertificateChainUtility.FunksjoneltTestmiljøSertifikater();
 
                 //Act
-                var result = CertificateValidator.ValidateCertificateAndChain(CertificateResource.UnitTests.GetValidSelfSignedTestCertificate(), "988015814", funksjoneltTestmiljøSertifikater);
+                var result = CertificateValidator.ValidateCertificateAndChainInternal(CertificateResource.UnitTests.GetValidSelfSignedTestCertificate(), "988015814", funksjoneltTestmiljøSertifikater);
 
                 //Assert
                 Assert.Equal(CertificateValidationType.InvalidChain, result.Type);
@@ -43,7 +43,7 @@ public void Returns_ok_if_valid_certificate_and_chain()
                 var funksjoneltTestmiljøSertifikater = CertificateChainUtility.FunksjoneltTestmiljøSertifikater();
 
                 //Act
-                var result = CertificateValidator.ValidateCertificateAndChain(CertificateResource.UnitTests.GetPostenCertificate(), "984661185", funksjoneltTestmiljøSertifikater);
+                var result = CertificateValidator.ValidateCertificateAndChainInternal(CertificateResource.UnitTests.GetPostenCertificate(), "984661185", funksjoneltTestmiljøSertifikater);
 
                 //Assert
                 Assert.Equal(CertificateValidationType.Valid, result.Type);
@@ -51,16 +51,19 @@ public void Returns_ok_if_valid_certificate_and_chain()
             }
         }
 
-        public class ValidateCertificateMethod : CertificateValidatorTests
+        public class ValidateCertificateMethodWithOrganizationNumber : CertificateValidatorTests
         {
+            /// <summary>
+            ///     To ensure we are calling the overload doing checking for expiration, activation and not null.
+            /// </summary>
             [Fact]
-            public void Returns_fail_if_expired()
+            public void Calls_validate_certificate_overload_with_no_organization_number()
             {
                 //Arrange
-                const string certificateOrganizationNumber = "988015814";
+                const string organizationNumber = "988015814";
 
                 //Act
-                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate(), certificateOrganizationNumber);
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate(), organizationNumber);
 
                 //Assert
                 Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
@@ -68,17 +71,14 @@ public void Returns_fail_if_expired()
             }
 
             [Fact]
-            public void Returns_fail_if_not_activated()
+            public void Ignores_issued_to_organization_if_no_organization_number()
             {
-                //Arrange
-                const string certificateOrganizationNumber = "988015814";
-
                 //Act
-                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.NotActivatedSelfSignedTestCertificate(), certificateOrganizationNumber);
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate(), string.Empty);
 
                 //Assert
-                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
-                Assert.Contains("aktiveres ikke før", result.Message);
+                Assert.Equal(CertificateValidationType.Valid, result.Type);
+                Assert.Contains("er et gyldig sertifikat", result.Message);
             }
 
             [Fact]
@@ -95,14 +95,56 @@ public void Returns_fail_if_not_issued_to_organization_number()
                 Assert.Contains("ikke utstedt til organisasjonsnummer", result.Message);
             }
 
+            [Fact]
+            public void Returns_ok_if_valid()
+            {
+                //Arrange
+                const string certificateOrganizationNumber = "984661185";
+
+                //Act
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate(), certificateOrganizationNumber);
+
+                //Assert
+                Assert.Equal(CertificateValidationType.Valid, result.Type);
+                Assert.Contains("er et gyldig sertifikat", result.Message);
+            }
+        }
+
+        public class ValidateCertificateMethodWithNoOrganizationNumber : CertificateValidatorTests
+        {
+            [Fact]
+            public void Returns_fail_if_expired()
+            {
+                //Arrange
+
+                //Act
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate());
+
+                //Assert
+                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
+                Assert.Contains("gikk ut", result.Message);
+            }
+
+            [Fact]
+            public void Returns_fail_if_not_activated()
+            {
+                //Arrange
+
+                //Act
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.NotActivatedSelfSignedTestCertificate());
+
+                //Assert
+                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
+                Assert.Contains("aktiveres ikke før", result.Message);
+            }
+
             [Fact]
             public void Returns_fail_with_null_certificate()
             {
                 //Arrange
-                const string organizationNumber = "123456789";
 
                 //Act
-                var result = CertificateValidator.ValidateCertificate(null, organizationNumber);
+                var result = CertificateValidator.ValidateCertificate(null);
 
                 //Assert
                 Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
@@ -113,15 +155,15 @@ public void Returns_fail_with_null_certificate()
             public void Returns_ok_if_valid()
             {
                 //Arrange
-                const string certificateOrganizationNumber = "984661185";
 
                 //Act
-                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate(), certificateOrganizationNumber);
+                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate());
 
                 //Assert
                 Assert.Equal(CertificateValidationType.Valid, result.Type);
                 Assert.Contains("er et gyldig sertifikat", result.Message);
             }
+
         }
 
         public class IsValidCertificateMethod : CertificateValidatorTests
diff --git a/Difi.Felles.Utility/CertificateValidator.cs b/Difi.Felles.Utility/CertificateValidator.cs
index 4eea477..15aa3c8 100755
--- a/Difi.Felles.Utility/CertificateValidator.cs
+++ b/Difi.Felles.Utility/CertificateValidator.cs
@@ -14,7 +14,47 @@ public static bool IsValidCertificate(X509Certificate2 certificate, string certi
             return ValidateCertificate(certificate, certificateOrganizationNumber).Type == CertificateValidationType.Valid;
         }
 
+        /// <summary>
+        ///     Validates the certificate and chain. Validates that certificate is
+        ///     <list type="bullet">
+        ///         <item> Not null </item>
+        ///         <item> Issued to organization number </item>
+        ///         <item> Is activated </item>
+        ///         <item> Not Expired </item>
+        ///         <item> Has a valid chain. A valid chain is one built with the allowed chain certificates.</item>
+        ///     </list>
+        /// </summary>
+        /// <param name="certificate">The certificate to validate</param>
+        /// <param name="certificateOrganizationNumber">The organization number which the certificate is issued to</param>
+        /// <param name="allowedChainCertificates"></param>
+        /// <returns></returns>
         public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, string certificateOrganizationNumber, X509Certificate2Collection allowedChainCertificates)
+        {
+            return ValidateCertificateAndChainInternal(certificate, certificateOrganizationNumber, allowedChainCertificates);
+        }
+
+
+        /// <summary>
+        ///     Validates the certificate and chain. Validates that certificate is
+        ///     <list type="bullet">
+        ///         <item> Not null </item>
+        ///         <item> Is activated </item>
+        ///         <item> Not Expired </item>
+        ///         <item> Has a valid chain. A valid chain is one built with the allowed chain certificates.</item>
+        ///     </list>
+        /// </summary>
+        /// <param name="certificate">The certificate to validate</param>
+        /// <param name="certificateOrganizationNumber">The organization number which the certificate is issued to</param>
+        /// <param name="allowedChainCertificates"></param>
+        /// <returns></returns>
+        public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, X509Certificate2Collection allowedChainCertificates)
+        {
+            var certificateOrganizationNumber = string.Empty;
+
+            return ValidateCertificateAndChainInternal(certificate, certificateOrganizationNumber, allowedChainCertificates);
+        }
+
+        internal static CertificateValidationResult ValidateCertificateAndChainInternal(X509Certificate2 certificate, string certificateOrganizationNumber, X509Certificate2Collection allowedChainCertificates)
         {
             var sertifikatValideringsResultat = ValidateCertificate(certificate, certificateOrganizationNumber);
 
@@ -27,6 +67,22 @@ public static CertificateValidationResult ValidateCertificateAndChain(X509Certif
             return certificateChainValidator.Validate(certificate);
         }
 
+        /// <summary>
+        ///     Validates the certificate itself. Validates that certificate is
+        ///     <list type="bullet">
+        ///         <item> Not null </item>
+        ///         <item> Issued to organization number </item>
+        ///         <item> Is activated </item>
+        ///         <item> Not Expired </item>
+        ///     </list>
+        /// </summary>
+        /// <remarks>
+        ///     Does not validate the certificate chain. Please use <see cref="ValidateCertificateAndChain" /> for including
+        ///     chain validation
+        /// </remarks>
+        /// <param name="certificate">The certificate to validate</param>
+        /// <param name="certificateOrganizationNumber">The organization number the certificate is issued to</param>
+        /// <returns>The result of the certificate validation</returns>
         public static CertificateValidationResult ValidateCertificate(X509Certificate2 certificate, string certificateOrganizationNumber)
         {
             if (certificate == null)
@@ -34,11 +90,40 @@ public static CertificateValidationResult ValidateCertificate(X509Certificate2 c
                 return NoCertificateResult();
             }
 
+            if (string.IsNullOrWhiteSpace(certificateOrganizationNumber))
+            {
+                return ValidateCertificate(certificate);
+            }
+
             if (!IsIssuedToOrganizationNumber(certificate, certificateOrganizationNumber))
             {
                 return NotIssuedToOrganizationResult(certificate, certificateOrganizationNumber);
             }
 
+            return ValidateCertificate(certificate);
+        }
+
+        /// <summary>
+        ///     Validates the certificate itself. Validates that certificate is
+        ///     <list type="bullet">
+        ///         <item> Not null </item>
+        ///         <item> Is activated </item>
+        ///         <item> Not Expired </item>
+        ///     </list>
+        /// </summary>
+        /// <remarks>
+        ///     Does not validate the certificate chain. Please use <see cref="ValidateCertificateAndChain" /> for including
+        ///     chain validation
+        /// </remarks>
+        /// <param name="certificate"></param>
+        /// <returns></returns>
+        public static CertificateValidationResult ValidateCertificate(X509Certificate2 certificate)
+        {
+            if (certificate == null)
+            {
+                return NoCertificateResult();
+            }
+
             if (!IsActivatedCertificate(certificate))
             {
                 return NotActivatedResult(certificate);

From 4b47c9767497025acb8316c7b0a4d70f8967acef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksander=20Aas=20Sja=CC=8Afjell?=
 <aleksander.sjafjell@bekk.no>
Date: Thu, 29 Dec 2016 14:44:23 +0100
Subject: [PATCH 2/5] Oppdaterer til versjon 1.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fordi vi har fått ny funksjonalitet som ikke brekker den gamle
---
 SharedAssemblyInfo.cs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/SharedAssemblyInfo.cs b/SharedAssemblyInfo.cs
index 778f456..a8b520d 100755
--- a/SharedAssemblyInfo.cs
+++ b/SharedAssemblyInfo.cs
@@ -4,8 +4,8 @@
 [assembly: AssemblyTrademark("Direktoratet for forvaltning og IKT (Difi)")]
 [assembly: AssemblyProduct("Difi Felles Utility")]
 [assembly: AssemblyDescription("Bibliotek brukt av Difi i klientbiblioteker")]
-[assembly: AssemblyVersion("1.1.0")]
-[assembly: AssemblyFileVersion("1.1.0")]
-[assembly: AssemblyInformationalVersion("1.1.0")]
+[assembly: AssemblyVersion("1.2.0")]
+[assembly: AssemblyFileVersion("1.2.0")]
+[assembly: AssemblyInformationalVersion("1.2.0")]
 [assembly: AssemblyCopyright("© 2015-2016 Direktoratet for forvaltning og IKT (Difi)")]
 [assembly: AssemblyCulture("")]
\ No newline at end of file

From 6d7f392487e20a2d5c8d755810f4a7b9d84d2975 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksander=20Aas=20Sja=CC=8Afjell?=
 <aleksander.sjafjell@bekk.no>
Date: Thu, 29 Dec 2016 14:50:01 +0100
Subject: [PATCH 3/5] Oppgraderer XUnit for tester

---
 .../Difi.Felles.Utility.Tester.csproj         | 19 ++++++++-----------
 Difi.Felles.Utility.Tester/packages.config    |  9 +++++----
 2 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/Difi.Felles.Utility.Tester/Difi.Felles.Utility.Tester.csproj b/Difi.Felles.Utility.Tester/Difi.Felles.Utility.Tester.csproj
index c12fe65..5895866 100755
--- a/Difi.Felles.Utility.Tester/Difi.Felles.Utility.Tester.csproj
+++ b/Difi.Felles.Utility.Tester/Difi.Felles.Utility.Tester.csproj
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="..\packages\xunit.core.2.0.0\build\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.core.props" Condition="Exists('..\packages\xunit.core.2.0.0\build\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.core.props')" />
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -56,12 +55,16 @@
       <HintPath>..\packages\xunit.abstractions.2.0.0\lib\net35\xunit.abstractions.dll</HintPath>
       <Private>True</Private>
     </Reference>
-    <Reference Include="xunit.assert, Version=2.0.0.2929, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.assert.2.0.0\lib\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.assert.dll</HintPath>
+    <Reference Include="xunit.assert, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
+      <HintPath>..\packages\xunit.assert.2.1.0\lib\dotnet\xunit.assert.dll</HintPath>
       <Private>True</Private>
     </Reference>
-    <Reference Include="xunit.core, Version=2.0.0.2929, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.extensibility.core.2.0.0\lib\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.core.dll</HintPath>
+    <Reference Include="xunit.core, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
+      <HintPath>..\packages\xunit.extensibility.core.2.1.0\lib\dotnet\xunit.core.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="xunit.execution.desktop, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
+      <HintPath>..\packages\xunit.extensibility.execution.2.1.0\lib\net45\xunit.execution.desktop.dll</HintPath>
       <Private>True</Private>
     </Reference>
   </ItemGroup>
@@ -134,12 +137,6 @@
   </Choose>
   <Import Project="$(VSToolsPath)\TeamTest\Microsoft.TestTools.targets" Condition="Exists('$(VSToolsPath)\TeamTest\Microsoft.TestTools.targets')" />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
-    <PropertyGroup>
-      <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
-    </PropertyGroup>
-    <Error Condition="!Exists('..\packages\xunit.core.2.0.0\build\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.core.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\xunit.core.2.0.0\build\portable-net45+win+wpa81+wp80+monotouch+monoandroid+Xamarin.iOS\xunit.core.props'))" />
-  </Target>
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
diff --git a/Difi.Felles.Utility.Tester/packages.config b/Difi.Felles.Utility.Tester/packages.config
index c99194b..b52a4b2 100755
--- a/Difi.Felles.Utility.Tester/packages.config
+++ b/Difi.Felles.Utility.Tester/packages.config
@@ -1,9 +1,10 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
   <package id="api-client-shared" version="2.0.0" targetFramework="net45" />
-  <package id="xunit" version="2.0.0" targetFramework="net45" />
+  <package id="xunit" version="2.1.0" targetFramework="net45" />
   <package id="xunit.abstractions" version="2.0.0" targetFramework="net45" />
-  <package id="xunit.assert" version="2.0.0" targetFramework="net45" />
-  <package id="xunit.core" version="2.0.0" targetFramework="net45" />
-  <package id="xunit.extensibility.core" version="2.0.0" targetFramework="net45" />
+  <package id="xunit.assert" version="2.1.0" targetFramework="net45" />
+  <package id="xunit.core" version="2.1.0" targetFramework="net45" />
+  <package id="xunit.extensibility.core" version="2.1.0" targetFramework="net45" />
+  <package id="xunit.extensibility.execution" version="2.1.0" targetFramework="net45" />
 </packages>
\ No newline at end of file

From c7f0e925f5290bf9342a991fbe87c8dedec21f37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksander=20Aas=20Sja=CC=8Afjell?=
 <aleksander.sjafjell@bekk.no>
Date: Tue, 17 Jan 2017 13:35:15 +0100
Subject: [PATCH 4/5] FIkser netdoc for CertificateValidator

---
 Difi.Felles.Utility/CertificateValidator.cs | 54 ++++++++++-----------
 1 file changed, 26 insertions(+), 28 deletions(-)

diff --git a/Difi.Felles.Utility/CertificateValidator.cs b/Difi.Felles.Utility/CertificateValidator.cs
index 15aa3c8..830f8e4 100755
--- a/Difi.Felles.Utility/CertificateValidator.cs
+++ b/Difi.Felles.Utility/CertificateValidator.cs
@@ -15,38 +15,36 @@ public static bool IsValidCertificate(X509Certificate2 certificate, string certi
         }
 
         /// <summary>
-        ///     Validates the certificate and chain. Validates that certificate is
+        ///     Validates the certificate and chain. Validates that the certificate
         ///     <list type="bullet">
-        ///         <item> Not null </item>
-        ///         <item> Issued to organization number </item>
-        ///         <item> Is activated </item>
-        ///         <item> Not Expired </item>
-        ///         <item> Has a valid chain. A valid chain is one built with the allowed chain certificates.</item>
+        ///         <item> is not null </item>
+        ///         <item> is ssued to organization number </item>
+        ///         <item> is activated </item>
+        ///         <item> is not Expired </item>
+        ///         <item> has a valid chain</item>
         ///     </list>
         /// </summary>
         /// <param name="certificate">The certificate to validate</param>
         /// <param name="certificateOrganizationNumber">The organization number which the certificate is issued to</param>
         /// <param name="allowedChainCertificates"></param>
-        /// <returns></returns>
+        /// <returns>True if the certificate is valid, otherwise false</returns>
         public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, string certificateOrganizationNumber, X509Certificate2Collection allowedChainCertificates)
         {
             return ValidateCertificateAndChainInternal(certificate, certificateOrganizationNumber, allowedChainCertificates);
         }
 
-
         /// <summary>
-        ///     Validates the certificate and chain. Validates that certificate is
+        ///     Validates the certificate and chain. Validates that the certificate
         ///     <list type="bullet">
-        ///         <item> Not null </item>
-        ///         <item> Is activated </item>
-        ///         <item> Not Expired </item>
-        ///         <item> Has a valid chain. A valid chain is one built with the allowed chain certificates.</item>
+        ///         <item> is not null </item>
+        ///         <item> is activated </item>
+        ///         <item> is not expired </item>
+        ///         <item> has a valid chain</item>
         ///     </list>
         /// </summary>
         /// <param name="certificate">The certificate to validate</param>
-        /// <param name="certificateOrganizationNumber">The organization number which the certificate is issued to</param>
-        /// <param name="allowedChainCertificates"></param>
-        /// <returns></returns>
+        /// <param name="allowedChainCertificates">The certificates allowed to use to build a certificate chain.</param>
+        /// <returns>The result of the validation which is represented by a <see cref="CertificateValidationType"/> and a textual description of the validation</returns>
         public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, X509Certificate2Collection allowedChainCertificates)
         {
             var certificateOrganizationNumber = string.Empty;
@@ -68,21 +66,21 @@ internal static CertificateValidationResult ValidateCertificateAndChainInternal(
         }
 
         /// <summary>
-        ///     Validates the certificate itself. Validates that certificate is
+        ///     Validates that the certificate
         ///     <list type="bullet">
-        ///         <item> Not null </item>
-        ///         <item> Issued to organization number </item>
-        ///         <item> Is activated </item>
-        ///         <item> Not Expired </item>
+        ///         <item> is not null </item>
+        ///         <item> is issued to organization number </item>
+        ///         <item> is activated </item>
+        ///         <item> is not expired </item>
         ///     </list>
         /// </summary>
         /// <remarks>
-        ///     Does not validate the certificate chain. Please use <see cref="ValidateCertificateAndChain" /> for including
+        ///     Does not validate the certificate chain. Please use <see cref="ValidateCertificateAndChain(X509Certificate2,string,X509Certificate2Collection)" /> for including
         ///     chain validation
         /// </remarks>
         /// <param name="certificate">The certificate to validate</param>
         /// <param name="certificateOrganizationNumber">The organization number the certificate is issued to</param>
-        /// <returns>The result of the certificate validation</returns>
+        /// <returns>The result of the validation which is represented by a <see cref="CertificateValidationType"/> and a textual description of the validation</returns>
         public static CertificateValidationResult ValidateCertificate(X509Certificate2 certificate, string certificateOrganizationNumber)
         {
             if (certificate == null)
@@ -104,18 +102,18 @@ public static CertificateValidationResult ValidateCertificate(X509Certificate2 c
         }
 
         /// <summary>
-        ///     Validates the certificate itself. Validates that certificate is
+        ///     Validates that the certificate
         ///     <list type="bullet">
-        ///         <item> Not null </item>
-        ///         <item> Is activated </item>
-        ///         <item> Not Expired </item>
+        ///         <item> is not null </item>
+        ///         <item> is activated </item>
+        ///         <item> is not expired </item>
         ///     </list>
         /// </summary>
         /// <remarks>
         ///     Does not validate the certificate chain. Please use <see cref="ValidateCertificateAndChain" /> for including
         ///     chain validation
         /// </remarks>
-        /// <param name="certificate"></param>
+        /// <param name="certificate">The certificate to validate</param>
         /// <returns></returns>
         public static CertificateValidationResult ValidateCertificate(X509Certificate2 certificate)
         {

From bd0490651522f84ffadcb0991535a16c9d031318 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleksander=20Aas=20Sja=CC=8Afjell?=
 <aleksander.sjafjell@bekk.no>
Date: Wed, 18 Jan 2017 08:15:58 +0100
Subject: [PATCH 5/5] Legger inn manglende kommentar for
 allowedChainCertificates i CertificateValidator

---
 Difi.Felles.Utility/CertificateValidator.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Difi.Felles.Utility/CertificateValidator.cs b/Difi.Felles.Utility/CertificateValidator.cs
index 830f8e4..95b2a72 100755
--- a/Difi.Felles.Utility/CertificateValidator.cs
+++ b/Difi.Felles.Utility/CertificateValidator.cs
@@ -26,7 +26,7 @@ public static bool IsValidCertificate(X509Certificate2 certificate, string certi
         /// </summary>
         /// <param name="certificate">The certificate to validate</param>
         /// <param name="certificateOrganizationNumber">The organization number which the certificate is issued to</param>
-        /// <param name="allowedChainCertificates"></param>
+        /// <param name="allowedChainCertificates">The certificates allowed to build a certificate chain</param>
         /// <returns>True if the certificate is valid, otherwise false</returns>
         public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, string certificateOrganizationNumber, X509Certificate2Collection allowedChainCertificates)
         {
@@ -43,7 +43,7 @@ public static CertificateValidationResult ValidateCertificateAndChain(X509Certif
         ///     </list>
         /// </summary>
         /// <param name="certificate">The certificate to validate</param>
-        /// <param name="allowedChainCertificates">The certificates allowed to use to build a certificate chain.</param>
+        /// <param name="allowedChainCertificates">The certificates allowed to build a certificate chain</param>
         /// <returns>The result of the validation which is represented by a <see cref="CertificateValidationType"/> and a textual description of the validation</returns>
         public static CertificateValidationResult ValidateCertificateAndChain(X509Certificate2 certificate, X509Certificate2Collection allowedChainCertificates)
         {