Skip to content

/AWS1/CL_SGN=>GETREVOCATIONSTATUS()

About GetRevocationStatus

Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.

Method Signature

IMPORTING

Required arguments:

IV_SIGNATURETIMESTAMP TYPE /AWS1/SGNTIMESTAMP /AWS1/SGNTIMESTAMP

The timestamp of the signature that validates the profile or job.

IV_PLATFORMID TYPE /AWS1/SGNPLATFORMID /AWS1/SGNPLATFORMID

The ID of a signing platform.

IV_PROFILEVERSIONARN TYPE /AWS1/SGNARN /AWS1/SGNARN

The version of a signing profile.

IV_JOBARN TYPE /AWS1/SGNARN /AWS1/SGNARN

The ARN of a signing job.

IT_CERTIFICATEHASHES TYPE /AWS1/CL_SGNCERTHASHES_W=>TT_CERTIFICATEHASHES TT_CERTIFICATEHASHES

A list of composite signed hashes that identify certificates.

A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.

The following example shows how to calculate a hash for this parameter using OpenSSL commands:

openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs

openssl sha384 < childCert.tbs -binary > childCertTbsHash

openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs

openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex

cat certificateHash.hex | tr -d '\n'

RETURNING

OO_OUTPUT TYPE REF TO /AWS1/CL_SGNGETREVOCATIONSTA01 /AWS1/CL_SGNGETREVOCATIONSTA01