本文整理汇总了C++中Input::Peek方法的典型用法代码示例。如果您正苦于以下问题:C++ Input::Peek方法的具体用法?C++ Input::Peek怎么用?C++ Input::Peek使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Input的用法示例。
在下文中一共展示了Input::Peek方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: Fail
// ResponseData ::= SEQUENCE {
// version [0] EXPLICIT Version DEFAULT v1,
// responderID ResponderID,
// producedAt GeneralizedTime,
// responses SEQUENCE OF SingleResponse,
// responseExtensions [1] EXPLICIT Extensions OPTIONAL }
static inline Result
ResponseData(Input& input, Context& context,
const SignedDataWithSignature& signedResponseData,
/*const*/ SECItem* certs, size_t numCerts)
{
der::Version version;
Result rv = der::OptionalVersion(input, version);
if (rv != Success) {
return rv;
}
if (version != der::Version::v1) {
// TODO: more specific error code for bad version?
return Fail(SEC_ERROR_BAD_DER);
}
// ResponderID ::= CHOICE {
// byName [1] Name,
// byKey [2] KeyHash }
SECItem responderID;
ResponderIDType responderIDType
= input.Peek(static_cast<uint8_t>(ResponderIDType::byName))
? ResponderIDType::byName
: ResponderIDType::byKey;
rv = der::ExpectTagAndGetValue(input, static_cast<uint8_t>(responderIDType),
responderID);
if (rv != Success) {
return rv;
}
// This is the soonest we can verify the signature. We verify the signature
// right away to follow the principal of minimizing the processing of data
// before verifying its signature.
rv = VerifySignature(context, responderIDType, responderID, certs, numCerts,
signedResponseData);
if (rv != Success) {
return rv;
}
// TODO: Do we even need to parse this? Should we just skip it?
PRTime producedAt;
rv = der::GeneralizedTime(input, producedAt);
if (rv != Success) {
return rv;
}
// We don't accept an empty sequence of responses. In practice, a legit OCSP
// responder will never return an empty response, and handling the case of an
// empty response makes things unnecessarily complicated.
rv = der::NestedOf(input, der::SEQUENCE, der::SEQUENCE,
der::EmptyAllowed::No,
bind(SingleResponse, _1, ref(context)));
if (rv != Success) {
return rv;
}
return der::OptionalExtensions(input,
der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
ExtensionNotUnderstood);
}示例2: End
//.........这里部分代码省略.........
if (rv != Success) {
return rv;
}
}
// TBSCertificate ::= SEQUENCE {
// version [0] EXPLICIT Version DEFAULT v1,
// serialNumber CertificateSerialNumber,
// signature AlgorithmIdentifier,
// issuer Name,
// validity Validity,
// subject Name,
// subjectPublicKeyInfo SubjectPublicKeyInfo,
// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
// -- If present, version MUST be v2 or v3
// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
// -- If present, version MUST be v2 or v3
// extensions [3] EXPLICIT Extensions OPTIONAL
// -- If present, version MUST be v3
// }
rv = der::OptionalVersion(tbsCertificate, version);
if (rv != Success) {
return rv;
}
rv = der::CertificateSerialNumber(tbsCertificate, serialNumber);
if (rv != Success) {
return rv;
}
// XXX: Ignored. What are we supposed to check? This seems totally redundant
// with Certificate.signatureAlgorithm. Is it important to check that they
// are consistent with each other? It doesn't seem to matter!
SignatureAlgorithm signature;
rv = der::SignatureAlgorithmIdentifier(tbsCertificate, signature);
if (rv != Success) {
return rv;
}
rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE, issuer);
if (rv != Success) {
return rv;
}
rv = der::ExpectTagAndGetValue(tbsCertificate, der::SEQUENCE, validity);
if (rv != Success) {
return rv;
}
// TODO(bug XXXXXXX): We rely on the the caller of mozilla::pkix to validate
// that the name is syntactically valid, if they care. In Gecko we do this
// implicitly by parsing the certificate into a CERTCertificate object.
// Instead of relying on the caller to do this, we should do it ourselves.
rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE, subject);
if (rv != Success) {
return rv;
}
// TODO(bug XXXXXXX): We defer parsing/validating subjectPublicKeyInfo to
// the point where the public key is needed. For end-entity certificates, we
// assume that the caller will extract the public key and use it somehow; if
// they don't do that then we'll never know whether the key is invalid. On
// the other hand, if the caller never uses the key then in some ways it
// doesn't matter. Regardless, we should parse and validate
// subjectPublicKeyKeyInfo internally.
rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE,
subjectPublicKeyInfo);
if (rv != Success) {
return rv;
}
static const uint8_t CSC = der::CONTEXT_SPECIFIC | der::CONSTRUCTED;
// RFC 5280 says: "These fields MUST only appear if the version is 2 or 3
// (Section 4.1.2.1). These fields MUST NOT appear if the version is 1."
if (version != der::Version::v1) {
// Ignore issuerUniqueID if present.
if (tbsCertificate.Peek(CSC | 1)) {
rv = der::ExpectTagAndSkipValue(tbsCertificate, CSC | 1);
if (rv != Success) {
return rv;
}
}
// Ignore subjectUniqueID if present.
if (tbsCertificate.Peek(CSC | 2)) {
rv = der::ExpectTagAndSkipValue(tbsCertificate, CSC | 2);
if (rv != Success) {
return rv;
}
}
}
// Extensions were added in v3, so only accept extensions in v3 certificates.
if (version == der::Version::v3) {
rv = der::OptionalExtensions(tbsCertificate, CSC | 3,
bind(&BackCert::RememberExtension, this, _1,
_2, _3));
if (rv != Success) {
return rv;
}
}
return der::End(tbsCertificate);
}