Skip to content

/AWS1/IF_SGD=>GETREVOCATIONSTATUS()

About GetRevocationStatus

Retrieves the revocation status for a signed artifact by checking if the signing profile, job, or certificate has been revoked.

Method Signature

METHODS /AWS1/IF_SGD~GETREVOCATIONSTATUS
  IMPORTING
    !IV_SIGNATURETIMESTAMP TYPE /AWS1/SGDTIMESTAMP OPTIONAL
    !IV_PLATFORMID TYPE /AWS1/SGDPLATFORMID OPTIONAL
    !IV_PROFILEVERSIONARN TYPE /AWS1/SGDARN OPTIONAL
    !IV_JOBARN TYPE /AWS1/SGDARN OPTIONAL
    !IT_CERTIFICATEHASHES TYPE /AWS1/CL_SGDCERTHASHES_W=>TT_CERTIFICATEHASHES OPTIONAL
  RETURNING
    VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_sgdgetrevocstatusrsp
  RAISING
    /AWS1/CX_SGDACCESSDENIEDEX
    /AWS1/CX_SGDINTSERVICEERROREX
    /AWS1/CX_SGDTOOMANYREQUESTSEX
    /AWS1/CX_SGDVLDTNEXCEPTION
    /AWS1/CX_SGDCLIENTEXC
    /AWS1/CX_SGDSERVEREXC
    /AWS1/CX_RT_TECHNICAL_GENERIC
    /AWS1/CX_RT_SERVICE_GENERIC.

IMPORTING

Required arguments:

iv_signaturetimestamp TYPE /AWS1/SGDTIMESTAMP /AWS1/SGDTIMESTAMP

The timestamp when the artifact was signed, in ISO 8601 format.

iv_platformid TYPE /AWS1/SGDPLATFORMID /AWS1/SGDPLATFORMID

The platform identifier for the signing platform used.

iv_profileversionarn TYPE /AWS1/SGDARN /AWS1/SGDARN

The ARN of the signing profile version used to sign the artifact.

iv_jobarn TYPE /AWS1/SGDARN /AWS1/SGDARN

The ARN of the signing job that produced the signature.

it_certificatehashes TYPE /AWS1/CL_SGDCERTHASHES_W=>TT_CERTIFICATEHASHES TT_CERTIFICATEHASHES

List of certificate hashes to check for revocation.

RETURNING

oo_output TYPE REF TO /aws1/cl_sgdgetrevocstatusrsp /AWS1/CL_SGDGETREVOCSTATUSRSP

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->getrevocationstatus(
  it_certificatehashes = VALUE /aws1/cl_sgdcerthashes_w=>tt_certificatehashes(
    ( new /aws1/cl_sgdcerthashes_w( |string| ) )
  )
  iv_jobarn = |string|
  iv_platformid = |string|
  iv_profileversionarn = |string|
  iv_signaturetimestamp = '20150101000000.0000000'
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  LOOP AT lo_result->get_revokedentities( ) into lo_row.
    lo_row_1 = lo_row.
    IF lo_row_1 IS NOT INITIAL.
      lv_revokedentity = lo_row_1->get_value( ).
    ENDIF.
  ENDLOOP.
ENDIF.

Check revocation status for a signed artifact

Checks if a signing profile, job, or certificate has been revoked for a given artifact.

DATA(lo_result) = lo_client->getrevocationstatus(
  it_certificatehashes = VALUE /aws1/cl_sgdcerthashes_w=>tt_certificatehashes(
    ( new /aws1/cl_sgdcerthashes_w( |e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855| ) )
  )
  iv_jobarn = |arn:aws:signer:us-east-1:123456789012:/signing-jobs/my-job-id|
  iv_platformid = |Notation-OCI-SHA384-ECDSA|
  iv_profileversionarn = |arn:aws:signer:us-east-1:123456789012:/signing-profiles/my-profile/v1|
  iv_signaturetimestamp = '20231114221320.0000000'
).