====== Razred RevocationExtensions ======

Razširitvene metode za preverjanje preklica certifikatov.

----

===== Definicija =====

<code csharp>
namespace WvdS.System.Security.Cryptography.X509Certificates;

public static class RevocationExtensions
</code>

----

===== Metode =====

^  Metoda  ^  Opis  ^
| IsRevoked | Preveri, ali je certifikat preklican |
| FetchCrlAsync | Prenese CRL iz URL (iz razširitve certifikata) |
| CheckRevocationAsync | Kombinirano: prenos CRL in preverjanje preklica |
| GetCrlDistributionPoints | Ekstrahira CRL-URL-je iz certifikata |
| GetOcspUrls | Ekstrahira OCSP-URL-je iz certifikata |

----

===== Preverjanje preklica =====

**Z obstoječim CRL:**

<code csharp>
var certificate = new X509Certificate2("user.cer");
byte[] crlData = File.ReadAllBytes("ca.crl");
var caCert = new X509Certificate2("ca.cer");

RevocationResult result = certificate.IsRevoked(crlData, caCert, CryptoMode.Hybrid);

if (result.Success && result.IsRevoked)
{
    Console.WriteLine($"Certifikat preklican: {result.RevocationDate}");
    Console.WriteLine($"Razlog: {result.Reason}");
}
</code>

**Samodejni prenos CRL:**

<code csharp>
RevocationResult result = await certificate.CheckRevocationAsync(
    caCert,
    mode: CryptoMode.Hybrid);
</code>

----

===== Razred RevocationResult =====

^  Lastnost  ^  Tip  ^  Opis  ^
| ''IsRevoked'' | bool | Certifikat je preklican |
| ''RevocationDate'' | DateTimeOffset? | Čas preklica |
| ''Reason'' | CrlReason? | Razlog preklica |
| ''CrlVerified'' | bool | Podpis CRL je bil preverjen |
| ''Success'' | bool | Preverjanje je bilo uspešno |

----

===== CRL-predpomnilnik =====

<code csharp>
using var cache = new CrlCache(defaultCacheDuration: TimeSpan.FromHours(1));

// Preverjanje s samodejnim predpomnenjem CRL
RevocationResult result1 = await cache.CheckRevocationAsync(cert1, caCert);
RevocationResult result2 = await cache.CheckRevocationAsync(cert2, caCert); // CRL iz predpomnilnika
</code>

----

===== Glejte tudi =====

  * [[.:certificaterevocationlistextensions|CertificateRevocationListExtensions]]
  * [[.:x509chainextensions|X509ChainExtensions]]

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//

{{tag>crl revocation widerruf ocsp}}