3.1.4.1.11 ICertAdminD::EnumAttributesOrExtensions (Opnum 13)

The EnumAttributesOrExtensions method is used to access sets of attributes or extensions for a particular row ID.

 HRESULT EnumAttributesOrExtensions(
   [in, string, unique] wchar_t const* pwszAuthority,
   [in] DWORD RowId,
   [in] DWORD Flags,
   [in, string, unique] wchar_t const* pwszLast,
   [in] DWORD celt,
   [out] DWORD* pceltFetched,
   [out, ref] CERTTRANSBLOB* pctbOut
 );

pwszAuthority:  See the pwszAuthority definition in section ICertAdminD::SetExtension (section 3.1.4.1.1).

RowId: An unsigned integer that specifies the RequestID value of the row to retrieve attributes or extensions.

Flags: An unsigned integer value that MUST take either of the following values.

Value

Meaning

0x00000000

Enumerate attributes

0x00000001

Enumerate extensions

pwszLast: A pointer to a null-terminated UNICODE string that specifies the name of the attribute or extension beyond which the data is requested. If the value of Flags is 1, the name MUST be an OID (1) string as specified in [X680].

celt: An unsigned integer value that specifies the requested count of attributes (CERTTRANSDBATTRIBUTE) or extensions (CERTTRANSDBEXTENSION) structures to be returned to the client.

pceltFetched: A pointer to the unsigned integer that receives the actual count of the attributes (CERTTRANSDBATTRIBUTE) or extensions (CERTTRANSDBEXTENSION) structure data returned by the server in the pctbOut parameter.

pctbOut: A pointer to the CERTTRANSBLOB structure. The data returned is marshaled CERTTRANSDBATTRIBUTE or CERTTRANSDBEXTENSION structure array as described in CERTTRANSDBATTRIBUTE and CERTTRANSDBEXTENSION.

The EnumAttributesOrExtensions method obtains information about the attributes or extensions (as specified in [MS-WCCE] section 2.2.2.7) that are associated with a specific request in the Request table.

The CA server MUST apply the following ordered processing rules. If an error is encountered, the CA SHOULD return the specified error and terminate the processing of the method:

  1. The CA server MUST enforce that the Flags parameter is either 0 or 1; otherwise, it MUST return an error. The error SHOULD be ERROR_INVALID_PARAMETER.

  2. The CA server MUST enforce that the RowId parameter value is greater than 0 and that a row exists in the Request table with the specified RowId in the Request_Request_ID column. Otherwise, the CA Server MUST return an error code. If the RowId parameter value is not greater than 0, the error code SHOULD be ERROR_INVALID_PARAMETER. If the row does not exist, the error SHOULD be 0x80094004.

  3. If the value of the Flags parameter is 0x00000000, the CA MUST compute the set of rows from the Attribute table, where each row MUST have the same value in its Request_ID_Attribute column as the RowId parameter value. If the pwszLast parameter is not NULL, the CA MUST find the row in the set that has the same value in the AttributeName as the value of the pwszLast parameter (case-insensitive comparison). If the row is not found, the CA MUST fail. The error code SHOULD be 0x80094004. If the row is found, the CA MUST remove the rows prior to this row (including this row) from the set of rows to return to the client.

    Note The computed set of rows from this step is referred to as the "resultant set" in steps 5 and 7.

  4. If the value of the Flags parameter is 0x00000001, the CA MUST compute the set of rows from the Extension table, where each row MUST have the same value in its Request_ID_Extension column as the RowId parameter value. If the pwszLast parameter is not NULL, the CA MUST find the row in the set that has the same value in the ExtensionName as the value of the pwszLast parameter (case-insensitive comparison). If the row is not found, the CA MUST fail. The error code SHOULD be ERROR_INVALID_PARAMETER. If the row is found, the CA MUST remove the rows prior to this row (including this row) from the set of rows to return to the client.

    Note The computed set of rows from this step is referred to as the resultant set in steps 5 and 7.

  5. The value of the celt parameter is referred to as RequestedRows. If RequestedRows is smaller than the number of the rows in the resultant set, the CA MUST return in step 7 only the first RequestedRows rows in the sorted resultant set, and remove the rest of the rows from the resultant set.

  6. The value of the *pceltFetched parameter MUST be set to the number of the rows in the resultant rows set returned in step 7.

  7. The CA MUST return the resultant set in the pctbOut parameter. The format and marshaling for the value of pctbOut is described in CERTTRANSDBATTRIBUTE and CERTTRANSDBEXTENSION.