本文整理汇总了C++中KeyList::zones_share_keys方法的典型用法代码示例。如果您正苦于以下问题:C++ KeyList::zones_share_keys方法的具体用法?C++ KeyList::zones_share_keys怎么用?C++ KeyList::zones_share_keys使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类KeyList的用法示例。
在下文中一共展示了KeyList::zones_share_keys方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: addtime
/**
* See what needs to be done for the policy
*
* @param zone
* @param now
* @param keyfactory
* @param key_list
* @param[out] allow_unsigned, true when no keys are configured.
* @return time_t
* */
time_t
updatePolicy(EnforcerZone &zone, const time_t now,
HsmKeyFactory &keyfactory, KeyDataList &key_list, bool &allow_unsigned)
{
time_t return_at = -1;
const Policy *policy = zone.policy();
KeyList policyKeys = policy->keys();
const string policyName = policy->name();
const char *scmd = "updatePolicy";
ods_log_verbose("[%s] %s policyName: %s", module_str, scmd,
policyName.c_str());
/** Decommision all keys without any matching config */
for (int j = 0; j < key_list.numKeys(); j++) {
KeyData &key = key_list.key(j);
if (!existsPolicyForKey(keyfactory, policyKeys, key))
key.setIntroducing(false);
}
/** If no keys are configured an unsigned zone is okay. */
allow_unsigned = (0 == (numberOfKeyConfigs(policyKeys, ZSK) +
numberOfKeyConfigs(policyKeys, KSK) +
numberOfKeyConfigs(policyKeys, CSK) ));
/** Visit every type of key-configuration, not pretty but we can't
* loop over enums. Include MAX in enum? */
for ( int role = 1; role < 4; role++ ) {
/** NOTE: we are not looping over keys, but configurations */
for ( int i = 0; i < numberOfKeyConfigs( policyKeys, (KeyRole)role ); i++ ) {
string repository;
int bits, algorithm, lifetime, p_rolltype;
bool manual_rollover;
/** select key properties of key i in KeyRole role */
keyProperties(policyKeys, i, (KeyRole)role, &bits,
&algorithm, &lifetime, repository, &manual_rollover,
&p_rolltype);
bool forceRoll = false;
/** Should we do a manual rollover *now*? */
if (manual_rollover) {
switch((KeyRole)role) {
case KSK: forceRoll = zone.rollKskNow(); break;
case ZSK: forceRoll = zone.rollZskNow(); break;
case CSK: forceRoll = zone.rollCskNow(); break;
default:
/** Programming error, report a bug! */
ods_fatal_exit("[%s] %s Unknow Role: (%d)",
module_str, scmd, role);
}
/** If no similar key available, roll. */
forceRoll |= !keyForAlgorithm(key_list, (KeyRole)role,
algorithm);
/** No reason to roll at all */
if (!forceRoll) continue;
}
/** Try an automatic roll */
if (!forceRoll) {
/** Is there a predecessor key? */
KeyData *key;
if (youngestKeyForConfig(keyfactory, policyKeys,
(KeyRole)role, i, key_list, &key) &&
key->inception() + lifetime > now)
{
/** yes, but no need to roll at this time. Schedule
* for later */
minTime( addtime(key->inception(), lifetime), return_at );
continue;
}
/** No, or key is expired, we need a new one. */
}
/** time for a new key */
ods_log_verbose("[%s] %s New key needed for role %d",
module_str, scmd, role);
HsmKey *newkey_hsmkey;
bool got_key;
/** Sanity check. This would produce silly output and give
* the signer lots of useless work */
if (role&KSK && policy->parent().ttlds() + policy->keys().ttl() >= lifetime ||
role&ZSK && policy->signatures().max_zone_ttl() + policy->keys().ttl() >= lifetime) {
ods_log_crit("[%s] %s Key lifetime unreasonably short "
"with respect to TTL and MaxZoneTTL. Will not insert key!",
module_str, scmd);
continue;
}
if ( policyKeys.zones_share_keys() )
//.........这里部分代码省略.........