Поделиться через

3.1.4.2.18 ICertAdminD2::DeleteRow (Opnum 48)

  • Статья

The DeleteRow method deletes a row or set of rows from a database table.

 HRESULT DeleteRow(
   [in, string, unique] wchar_t const* pwszAuthority,
   [in] DWORD dwFlags,
   [in] FILETIME FileTime,
   [in] DWORD dwTable,
   [in] DWORD dwRowId,
   [out, retval] LONG* pcDeleted
 );

pwszAuthority:  See the definition of the pwszAuthority parameter in section 3.1.4.1.1.

dwFlags: An unsigned integer value that specifies the type of rows to be deleted. This parameter can be one of the following values.

Value

Meaning

0x00000000

Delete the individual row.

0x00000001

Delete the rows that contain expired certificates.

0x00000002

Delete the rows that contain pending or failed requests.

FileTime:  Contains a 64-bit value that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). The value is used to query for multiple rows to be deleted. It MUST contain all zeros if the dwRowId parameter is nonzero.

dwTable: An unsigned integer value that specifies the table in which to delete rows. This parameter can be one of the following values.

Value

Meaning

0x00000000

Delete the Request table rows.

0x00003000

Delete the Extension table rows.

0x00004000

Delete the Attribute table rows.

0x00005000

Delete the CRL table rows.

dwRowId: An unsigned integer value that represents the row identifier in the CA data table. MUST be set to 0 if FileTime is nonzero.

pcDeleted:  Returns the count of successfully deleted table rows.

The DeleteRow method is used to instruct the CA to delete rows from the specified table.

The following processing rules apply:

  1. The CA MUST verify that exactly one of dwRowId or FileTime is zero. If both are zero or if neither is zero, the CA MUST fail the request with error code E_INVALIDARG (0x80070057).

  2. The CA MUST verify that dwTable is set to one of the values defined for the dwTable parameter. If set to any other value, the CA MUST fail the request with error code E_INVALIDARG (0x80070057).

  3. If dwTable is set to 0x00000000:

    1. If the dwFlags parameter is nonzero and not set to 0X00000001 or 0x00000002, the CA MUST fail the request.

    2. If the dwRowId parameter is nonzero:

      1. If dwRowId is not a valid RequestId, the CA MUST pass the request and return 0 in the pcDeleted parameter.

      2. The CA MUST delete the corresponding rows in the Request table and also delete all the associated rows in the Extension table and Attribute table.

    3. If FileTime is nonzero:

      1. The CA MUST delete all the rows in the Request table that match the following criteria and also delete all associated rows in the Extension table and Attribute table:

        1.  If the dwFlags parameter is set to 0x00000001:

          • Delete all rows that contain issued and revoked certificates that expire before FileTime and do not contain archived private keys in the Request_Raw_Archived_Key datum.

        2. If dwFlags is set to 0x00000002:

          • Delete all rows that contain pending and failed requests that were last acted upon before FileTime and do not contain archived private keys in the Request_Raw_Archived_Key datum.

  4. If dwTable is set to 0x00003000:

    1. If dwRowId is zero, the CA MUST fail the request.

    2. If dwFlags is nonzero, the CA MUST fail the request.

    3. The CA MUST delete the corresponding Extension table row.

  5. If dwTable is set to 0x00004000:

    1. If dwRowId is zero, the CA MUST fail the request.

    2. If dwFlags is nonzero, the CA MUST fail the request.

    3. The CA MUST delete the corresponding Attribute table row.

  6. If dwTable is set to 0x00005000:

    1. If dwFlags is nonzero and not set to 0x00000001, the CA MUST fail the request.

    2. If dwFlags is set to 0x00000000 or 0x00000001:

      1. If dwRowId is nonzero:

        1. If dwRowId is not a valid CRL table CRL_RowId, the CA MUST pass the request and return 0 in the pcDeleted parameter.

        2. The CA MUST delete the corresponding CRL table row.

      2. If FileTime is nonzero:

        • The CA MUST delete all CRL table rows that contain CRLs for which the value in the CRL_Next_Update column occurs before FileTime.

  7. The CA MUST count all deleted rows and return that count in *pcDeleted. If the Windows CA fails to delete all rows that match a date restriction as previously specified, it returns an HRESULT value of ERROR_OUT_OF_MEMORY to indicate to the client that more rows matching the criteria might remain.