private bool IsExpectedIssuer(X509Chain chain)
{
if (_expectedIssuer == CertificateIssuer.None)
{
return(true);
}
if (IssuerThumbprints == null)
{
throw new SecurityTokenValidationException("Validation failed. No intermediate CA certificate thumbprint(s) defined to check against.");
}
var issuer = chain.Issuer();
return(IssuerThumbprints.Contains(issuer.Certificate.Thumbprint, thumbprintComparer));
}
private bool IsPeppolIntermediateCA(X509Certificate2 certificate)
{
if (IssuerThumbprints == null)
{
return(false);
}
X509Chain chain = new X509Chain();
chain.Build(certificate);
for (var i = 1; i < chain.ChainElements.Count; i++)
{
if (IssuerThumbprints.Contains(chain.ChainElements[i].Certificate.Thumbprint, thumbprintComparer))
{
return(true);
}
}
return(false);
}