Skip to content

/AWS1/CL_SGN=>GETREVOCATIONSTATUS()

About GetRevocationStatus

Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.

Method Signature

IMPORTING

Required arguments:

iv_signaturetimestamp TYPE /AWS1/SGNTIMESTAMP /AWS1/SGNTIMESTAMP

The timestamp of the signature that validates the profile or job.

iv_platformid TYPE /AWS1/SGNPLATFORMID /AWS1/SGNPLATFORMID

The ID of a signing platform.

iv_profileversionarn TYPE /AWS1/SGNARN /AWS1/SGNARN

The version of a signing profile.

iv_jobarn TYPE /AWS1/SGNARN /AWS1/SGNARN

The ARN of a signing job.

it_certificatehashes TYPE /AWS1/CL_SGNCERTHASHES_W=>TT_CERTIFICATEHASHES TT_CERTIFICATEHASHES

A list of composite signed hashes that identify certificates.

A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.

The following example shows how to calculate a hash for this parameter using OpenSSL commands:

openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs

openssl sha384 < childCert.tbs -binary > childCertTbsHash

openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs

openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex

cat certificateHash.hex | tr -d '\n'

RETURNING

oo_output TYPE REF TO /aws1/cl_sgngetrevocationsta01 /AWS1/CL_SGNGETREVOCATIONSTA01

Domain /AWS1/RT_ACCOUNT_ID
Primitive Type NUMC

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->/aws1/if_sgn~getrevocationstatus(
  it_certificatehashes = VALUE /aws1/cl_sgncerthashes_w=>tt_certificatehashes(
    ( new /aws1/cl_sgncerthashes_w( |string| ) )
  )
  iv_jobarn = |string|
  iv_platformid = |string|
  iv_profileversionarn = |string|
  iv_signaturetimestamp = '20150101000000.0000000'
).

This is an example of reading all possible response values

LOOP AT lo_result->get_revokedentities( ) into lo_row.
  lv_string = lo_row_1->get_value( ).
ENDLOOP.