/AWS1/CL_SGN=>GETREVOCATIONSTATUS()
¶
About GetRevocationStatus¶
Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_SIGNATURETIMESTAMP
TYPE /AWS1/SGNTIMESTAMP
/AWS1/SGNTIMESTAMP
¶
The timestamp of the signature that validates the profile or job.
IV_PLATFORMID
TYPE /AWS1/SGNPLATFORMID
/AWS1/SGNPLATFORMID
¶
The ID of a signing platform.
IV_PROFILEVERSIONARN
TYPE /AWS1/SGNARN
/AWS1/SGNARN
¶
The version of a signing profile.
IV_JOBARN
TYPE /AWS1/SGNARN
/AWS1/SGNARN
¶
The ARN of a signing job.
IT_CERTIFICATEHASHES
TYPE /AWS1/CL_SGNCERTHASHES_W=>TT_CERTIFICATEHASHES
TT_CERTIFICATEHASHES
¶
A list of composite signed hashes that identify certificates.
A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.
The following example shows how to calculate a hash for this parameter using OpenSSL commands:
openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs
openssl sha384 < childCert.tbs -binary > childCertTbsHash
openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs
openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex
cat certificateHash.hex | tr -d '\n'