3.1.4.1.12 ICertAdminD::OpenView (Opnum 14)
The OpenView method opens a view into the database and returns a set of resultant row data.
-
HRESULT OpenView( [in, string, unique] wchar_t const* pwszAuthority, [in] DWORD ccvr, [in, size_is(ccvr)] CERTVIEWRESTRICTION const* acvr, [in] DWORD ccolOut, [in, size_is(ccolOut)] DWORD const* acolOut, [in] DWORD ielt, [in] DWORD celt, [out] DWORD* pceltFetched, [out, ref] CERTTRANSBLOB* pctbResultRows );
pwszAuthority: See the definition of the pwszAuthority parameter in section 3.1.4.1.1.
ccvr: An unsigned integer value that specifies the count of a CERTVIEWRESTRICTION structure array that is pointed to by the acvr parameter.
acvr: A pointer to an array of CERTVIEWRESTRICTION structures. For more information, see section 2.2.1.3.
ccolOut: An unsigned integer value that specifies the count of a DWORD array that is pointed to by the acolOut parameter.
acolOut: A pointer to an array of DWORDs. Each DWORD value specifies the column identifier for the resultant set of rows.
ielt: An unsigned integer value that specifies the identifier of the first row to return from the resultant set of rows.
celt: An unsigned integer value that specifies the requested count of the row data to be returned from the resultant set of rows.
pceltFetched: A pointer to an unsigned integer value that receives the actual count of row data that is returned by the server in the pctbResultRows parameter.
pctbResultRows: A pointer to a CERTTRANSBLOB structure. The pb byte array of the CERTTRANSBLOB structure MUST contain (on successful return) an array of n marshaled CERTTRANSDBRESULTROW structures (section 2.2.3), where n is the value returned in pceltFetched. Each CERTTRANSDBRESULTROW contains one or more CERTTRANSDBRESULTCOLUMN structures (section 2.2.1.10).
The OpenView method opens a view into the database and returns a set of resultant row data.
The CA server MUST enforce the following sequencing rules:
If the OpenView method is called when the value of Config_Database_View_Open is False, the server MUST set Config_Database_View_Open to True and continue processing by using the following rules.
If the OpenView method is called when the value of Config_Database_View_Open is True, the server MUST return an error. The error code SHOULD be ERROR_UNEXPECTED_ERROR.
The CA server MUST apply the following processing rules:
The CA server MUST ensure that sortOrder is specified in only one of the restrictions that are specified in the acvr parameter. If more than one column specifies sort order, the server MUST reject the request by using the error ERROR_INVALID_PARAMETER.
The CA server MUST also ensure that all the column identifiers that are specified in the restrictions and the acolOut parameter are valid and associated with only one database table. The table MUST be either the Request table (section 3.1.1.1) or the CRL table (section 3.1.1.4). If the table is not the Request table or the CRL table, the CA MUST return ERROR_INVALID_PARAMETER.
The CA server MUST compute the resultant set of rows to return, after applying the restrictions on the row set that is associated with the table and sorting the resultant rows based on the restriction information. If no sort ordering is provided in the restriction set, the sorting MUST be done based on the primary index column of the table. If no restriction set is given, the resultant set of rows to return is the entire row set that is associated with the table.
Each restriction MUST be processed in the following manner:
Based on the value type of the column, which is identified by the columnIndex parameter, the pbValue MUST be decoded. The value MUST be in the format and encoded as specified in section 2.2.1.3; otherwise, the CA server MUST fail with the error ERROR_INVALID_PARAMETER.
Based on the seek operator that is specified in the restriction, the value for the associated column in each row of the resultant set MUST satisfy the rules that follow.
For each row in the resultant set (after sorting), only the columns that are identified by column identifiers in the acolOut array MUST be retained. The rest of the columns MUST be removed from the resultant set.
See section 3.1.4.1.13 for the processing of the ielt and celt parameters and the data returned via the pceltFetched and pctbResultRows out parameters.
The value for the associated column in each row of the resultant set MUST be compared, based on the seek operator, to the value specified in the restriction. If the comparison fails, the row MUST be removed from the resultant set. For column type 3 (BINARY), the seek operator MUST be 0x00000001; otherwise, the call MUST fail with error ERROR_INVALID_PARAMETER.