Move Token from CKM::Crypto to CKM namespace.

Token is used in database and crypto module. It should not be hidden in
CKM::Crypto namespace.

Change-Id: I6d000c05deda8f0027ce3afbdeb3bd0a793f0f78

21 files changed, 354 insertions, 270 deletions

diff --git a/src/manager/CMakeLists.txt b/src/manager/CMakeLists.txt
index 9cfea7ee..1d6501b0 100644
--- a/src/manager/CMakeLists.txt
+++ b/src/manager/CMakeLists.txt
@@ -16,6 +16,7 @@ SET(COMMON_SOURCES
     ${COMMON_PATH}/common/algo-param.cpp
     ${COMMON_PATH}/common/base64.cpp
     ${COMMON_PATH}/common/crypto-init.cpp
+    ${COMMON_PATH}/common/data-type.cpp
     ${COMMON_PATH}/common/protocols.cpp
     ${COMMON_PATH}/common/message-buffer.cpp
     ${COMMON_PATH}/common/certificate-impl.cpp
diff --git a/src/manager/client-async/ocsp-receiver.cpp b/src/manager/client-async/ocsp-receiver.cpp
index c6193946..f07883e7 100644
--- a/src/manager/client-async/ocsp-receiver.cpp
+++ b/src/manager/client-async/ocsp-receiver.cpp
@@ -20,7 +20,6 @@
  */
 
 #include <ocsp-receiver.h>
-#include <protocols.h>
 #include <dpl/log/log.h>
 
 namespace CKM {
diff --git a/src/manager/client/client-common.cpp b/src/manager/client/client-common.cpp
index dc306091..1d61e670 100644
--- a/src/manager/client/client-common.cpp
+++ b/src/manager/client/client-common.cpp
@@ -38,7 +38,6 @@
 
 #include <ckm/ckm-error.h>
 #include <ckmc/ckmc-type.h>
-#include <protocols.h>
 #include <client-common.h>
 
 namespace {
diff --git a/src/manager/client/client-manager-impl.h b/src/manager/client/client-manager-impl.h
index 8111150f..0fdb21af 100644
--- a/src/manager/client/client-manager-impl.h
+++ b/src/manager/client/client-manager-impl.h
@@ -20,7 +20,7 @@
  */
 #pragma once
 
-#include <protocols.h>
+#include <data-type.h>
 #include <client-common.h>
 #include <ckm/ckm-type.h>
 #include <ckm/ckm-key.h>
diff --git a/src/manager/common/data-type.cpp b/src/manager/common/data-type.cpp
new file mode 100644
index 00000000..d724001e
--- /dev/null
+++ b/src/manager/common/data-type.cpp
@@ -0,0 +1,141 @@
+/*
+ *  Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+/*
+ * @file       data-type.cpp
+ * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version    1.0
+ */
+
+#include <data-type.h>
+
+namespace CKM
+{
+
+DataType::DataType()
+  : m_dataType(BINARY_DATA)
+{}
+
+DataType::DataType(Type data)
+  : m_dataType(data)
+{
+    if (!isInRange(data))
+        ThrowMsg(Exception::OutOfRange, "Invalid conversion from DataType to DBDataType");
+}
+
+DataType::DataType(KeyType key) {
+    switch(key) {
+    case KeyType::KEY_RSA_PUBLIC:    m_dataType = DataType::KEY_RSA_PUBLIC;    break;
+    case KeyType::KEY_RSA_PRIVATE:   m_dataType = DataType::KEY_RSA_PRIVATE;   break;
+    case KeyType::KEY_DSA_PUBLIC:    m_dataType = DataType::KEY_DSA_PUBLIC;    break;
+    case KeyType::KEY_DSA_PRIVATE:   m_dataType = DataType::KEY_DSA_PRIVATE;   break;
+    case KeyType::KEY_ECDSA_PUBLIC:  m_dataType = DataType::KEY_ECDSA_PUBLIC;  break;
+    case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DataType::KEY_ECDSA_PRIVATE; break;
+    case KeyType::KEY_AES:           m_dataType = DataType::KEY_AES;           break;
+    default:
+        ThrowMsg(Exception::OutOfRange, "Invalid conversion from KeyType to DBDataType");
+    }
+}
+
+DataType::DataType(int data)
+  : m_dataType(static_cast<Type>(data))
+{
+    if (!isInRange(data))
+        ThrowMsg(Exception::OutOfRange, "Invalid conversion from int to DBDataType");
+}
+
+DataType::operator int () const {
+    return static_cast<int>(m_dataType);
+}
+
+DataType::operator KeyType () const {
+    switch(m_dataType) {
+    case DataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC;
+    case DataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE;
+    case DataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC;
+    case DataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE;
+    case DataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE;
+    case DataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC;
+    case DataType::KEY_AES: return KeyType::KEY_AES;
+    default:
+        ThrowMsg(Exception::OutOfRange, "Invalid conversion from DBDataType to KeyType");
+    }
+}
+
+bool DataType::operator==(const DataType &second) const {
+    return m_dataType == second.m_dataType;
+}
+
+bool DataType::isKey() const {
+    if (DB_KEY_FIRST <= m_dataType && DB_KEY_LAST >= m_dataType)
+        return true;
+    return false;
+}
+
+bool DataType::isChainCert() const {
+    if (DB_CHAIN_FIRST <= m_dataType && DB_CHAIN_LAST >= m_dataType)
+        return true;
+    return false;
+}
+
+bool DataType::isKeyPrivate() const {
+    switch (m_dataType) {
+    case KEY_RSA_PRIVATE:
+    case KEY_DSA_PRIVATE:
+    case KEY_ECDSA_PRIVATE:
+          return true;
+    default:
+          return false;
+    }
+}
+
+bool DataType::isKeyPublic() const {
+    switch (m_dataType) {
+    case KEY_RSA_PUBLIC:
+    case KEY_DSA_PUBLIC:
+    case KEY_ECDSA_PUBLIC:
+          return true;
+    default:
+          return false;
+    }
+}
+
+bool DataType::isCertificate() const {
+    return m_dataType == CERTIFICATE;
+}
+
+bool DataType::isBinaryData() const {
+    return m_dataType == BINARY_DATA;
+}
+
+bool DataType::isInRange(int data) {
+    if (data < static_cast<int>(DB_FIRST))
+        return false;
+    if (data > static_cast<int>(DB_LAST))
+        return false;
+    return true;
+}
+
+DataType DataType::getChainDatatype(unsigned int index)
+{
+    DataType result(static_cast<int>(index) + DB_CHAIN_FIRST);
+
+    if ( !result.isChainCert() )
+        ThrowMsg(Exception::OutOfRange, "Certificate number is out of range");
+
+    return result;
+}
+
+} // namespace CKM
diff --git a/src/manager/common/data-type.h b/src/manager/common/data-type.h
new file mode 100644
index 00000000..2f5f008f
--- /dev/null
+++ b/src/manager/common/data-type.h
@@ -0,0 +1,103 @@
+/*
+ *  Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+/*
+ * @file       data-type.h
+ * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version    1.0
+ */
+
+#pragma once
+
+#include <ckm/ckm-type.h>
+#include <dpl/exception.h>
+#include <symbol-visibility.h>
+
+namespace CKM {
+
+class COMMON_API DataType {
+public:
+    class Exception {
+    public:
+        DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
+        DECLARE_EXCEPTION_TYPE(Base, OutOfRange)
+    };
+
+    enum Type {
+        KEY_RSA_PUBLIC,
+        KEY_RSA_PRIVATE,
+        KEY_ECDSA_PUBLIC,
+        KEY_ECDSA_PRIVATE,
+        KEY_DSA_PUBLIC,
+        KEY_DSA_PRIVATE,
+        KEY_AES,
+        CERTIFICATE,
+        BINARY_DATA,
+
+        CHAIN_CERT_0,
+        CHAIN_CERT_1,
+        CHAIN_CERT_2,
+        CHAIN_CERT_3,
+        CHAIN_CERT_4,
+        CHAIN_CERT_5,
+        CHAIN_CERT_6,
+        CHAIN_CERT_7,
+        CHAIN_CERT_8,
+        CHAIN_CERT_9,
+        CHAIN_CERT_10,
+        CHAIN_CERT_11,
+        CHAIN_CERT_12,
+        CHAIN_CERT_13,
+        CHAIN_CERT_14,
+        CHAIN_CERT_15,
+
+        // Special types to support database,
+        DB_KEY_FIRST = KEY_RSA_PUBLIC,
+        DB_KEY_LAST  = KEY_AES,
+        DB_CHAIN_FIRST = CHAIN_CERT_0,
+        DB_CHAIN_LAST = CHAIN_CERT_15,
+        DB_FIRST = KEY_RSA_PUBLIC,
+        DB_LAST  = CHAIN_CERT_15,
+    };
+
+    DataType();
+    DataType(Type data);
+    explicit DataType(int data);
+    explicit DataType(KeyType key);
+    DataType(const DataType &) = default;
+    DataType& operator=(const DataType &) = default;
+
+    operator int () const;
+    operator KeyType () const;
+    bool operator==(const DataType &second) const;
+
+    bool isKey() const;
+    bool isChainCert() const;
+    bool isKeyPrivate() const;
+    bool isKeyPublic() const;
+    bool isCertificate() const;
+    bool isBinaryData() const;
+
+    static bool isInRange(int data);
+    static DataType getChainDatatype(unsigned int index);
+
+    // it's not virtual for a reason!
+    ~DataType(){}
+
+private:
+    Type m_dataType;
+};
+
+} // namespace CKM
diff --git a/src/manager/common/protocols.h b/src/manager/common/protocols.h
index 607192eb..f2baa9de 100644
--- a/src/manager/common/protocols.h
+++ b/src/manager/common/protocols.h
@@ -31,6 +31,7 @@
 #include <dpl/exception.h>
 #include <dpl/serialization.h>
 #include <symbol-visibility.h>
+#include <data-type.h>
 
 namespace CKM {
 
@@ -69,175 +70,6 @@ enum class LogicCommand : int {
     // for backward compatibility append new at the end
 };
 
-class COMMON_API DataType {
-public:
-    class Exception {
-    public:
-        DECLARE_EXCEPTION_TYPE(CKM::Exception, Base)
-        DECLARE_EXCEPTION_TYPE(Base, OutOfRange)
-    };
-
-    enum Type {
-        KEY_RSA_PUBLIC,
-        KEY_RSA_PRIVATE,
-        KEY_ECDSA_PUBLIC,
-        KEY_ECDSA_PRIVATE,
-        KEY_DSA_PUBLIC,
-        KEY_DSA_PRIVATE,
-        KEY_AES,
-        CERTIFICATE,
-        BINARY_DATA,
-
-        CHAIN_CERT_0,
-        CHAIN_CERT_1,
-        CHAIN_CERT_2,
-        CHAIN_CERT_3,
-        CHAIN_CERT_4,
-        CHAIN_CERT_5,
-        CHAIN_CERT_6,
-        CHAIN_CERT_7,
-        CHAIN_CERT_8,
-        CHAIN_CERT_9,
-        CHAIN_CERT_10,
-        CHAIN_CERT_11,
-        CHAIN_CERT_12,
-        CHAIN_CERT_13,
-        CHAIN_CERT_14,
-        CHAIN_CERT_15,
-
-        // Special types to support database,
-        DB_KEY_FIRST = KEY_RSA_PUBLIC,
-        DB_KEY_LAST  = KEY_AES,
-        DB_CHAIN_FIRST = CHAIN_CERT_0,
-        DB_CHAIN_LAST = CHAIN_CERT_15,
-        DB_FIRST = KEY_RSA_PUBLIC,
-        DB_LAST  = CHAIN_CERT_15,
-    };
-
-    DataType()
-      : m_dataType(BINARY_DATA)
-    {}
-
-    DataType(Type data)
-      : m_dataType(data)
-    {
-        if (!isInRange(data))
-            ThrowMsg(Exception::OutOfRange, "Invalid conversion from DataType to DBDataType");
-    }
-
-    explicit DataType(KeyType key) {
-        switch(key) {
-        case KeyType::KEY_RSA_PUBLIC:    m_dataType = DataType::KEY_RSA_PUBLIC;    break;
-        case KeyType::KEY_RSA_PRIVATE:   m_dataType = DataType::KEY_RSA_PRIVATE;   break;
-        case KeyType::KEY_DSA_PUBLIC:    m_dataType = DataType::KEY_DSA_PUBLIC;    break;
-        case KeyType::KEY_DSA_PRIVATE:   m_dataType = DataType::KEY_DSA_PRIVATE;   break;
-        case KeyType::KEY_ECDSA_PUBLIC:  m_dataType = DataType::KEY_ECDSA_PUBLIC;  break;
-        case KeyType::KEY_ECDSA_PRIVATE: m_dataType = DataType::KEY_ECDSA_PRIVATE; break;
-        case KeyType::KEY_AES:           m_dataType = DataType::KEY_AES;           break;
-        default:
-            ThrowMsg(Exception::OutOfRange, "Invalid conversion from KeyType to DBDataType");
-        }
-    }
-
-    explicit DataType(int data)
-      : m_dataType(static_cast<Type>(data))
-    {
-        if (!isInRange(data))
-            ThrowMsg(Exception::OutOfRange, "Invalid conversion from int to DBDataType");
-    }
-
-    DataType(const DataType &) = default;
-    DataType& operator=(const DataType &) = default;
-
-    operator int () const {
-        return static_cast<int>(m_dataType);
-    }
-
-    operator KeyType () const {
-        switch(m_dataType) {
-        case DataType::KEY_RSA_PUBLIC: return KeyType::KEY_RSA_PUBLIC;
-        case DataType::KEY_RSA_PRIVATE: return KeyType::KEY_RSA_PRIVATE;
-        case DataType::KEY_DSA_PUBLIC: return KeyType::KEY_DSA_PUBLIC;
-        case DataType::KEY_DSA_PRIVATE: return KeyType::KEY_DSA_PRIVATE;
-        case DataType::KEY_ECDSA_PRIVATE: return KeyType::KEY_ECDSA_PRIVATE;
-        case DataType::KEY_ECDSA_PUBLIC: return KeyType::KEY_ECDSA_PUBLIC;
-        case DataType::KEY_AES: return KeyType::KEY_AES;
-        default:
-            ThrowMsg(Exception::OutOfRange, "Invalid conversion from DBDataType to KeyType");
-        }
-    }
-
-    bool operator==(const DataType &second) const {
-        return m_dataType == second.m_dataType;
-    }
-
-    bool isKey() const {
-        if (DB_KEY_FIRST <= m_dataType && DB_KEY_LAST >= m_dataType)
-            return true;
-        return false;
-    }
-
-    bool isChainCert() const {
-        if (DB_CHAIN_FIRST <= m_dataType && DB_CHAIN_LAST >= m_dataType)
-            return true;
-        return false;
-    }
-
-    static DataType getChainDatatype(unsigned int index)
-    {
-        DataType result(static_cast<int>(index) + DB_CHAIN_FIRST);
-
-        if ( !result.isChainCert() )
-            ThrowMsg(Exception::OutOfRange, "Certificate number is out of range");
-
-        return result;
-    }
-
-    bool isKeyPrivate() const {
-        switch (m_dataType) {
-        case KEY_RSA_PRIVATE:
-        case KEY_DSA_PRIVATE:
-        case KEY_ECDSA_PRIVATE:
-              return true;
-        default:
-              return false;
-        }
-    }
-
-    bool isKeyPublic() const {
-        switch (m_dataType) {
-        case KEY_RSA_PUBLIC:
-        case KEY_DSA_PUBLIC:
-        case KEY_ECDSA_PUBLIC:
-              return true;
-        default:
-              return false;
-        }
-    }
-
-    bool isCertificate() const {
-        return m_dataType == CERTIFICATE;
-    }
-
-    bool isBinaryData() const {
-        return m_dataType == BINARY_DATA;
-    }
-
-    static bool isInRange(int data) {
-        if (data < static_cast<int>(DB_FIRST))
-            return false;
-        if (data > static_cast<int>(DB_LAST))
-            return false;
-        return true;
-    }
-
-    // it's not virtual for a reason!
-    ~DataType(){}
-
-private:
-    Type m_dataType;
-};
-
 // (client side) Alias = (service side) Label::Name
 COMMON_API extern char const * const LABEL_NAME_SEPARATOR;
 COMMON_API extern char const * const LABEL_SYSTEM_DB;
diff --git a/src/manager/crypto/generic-backend/gstore.h b/src/manager/crypto/generic-backend/gstore.h
index a3c76fdb..c7b796c5 100644
--- a/src/manager/crypto/generic-backend/gstore.h
+++ b/src/manager/crypto/generic-backend/gstore.h
@@ -24,24 +24,26 @@
 
 #include <generic-backend/exception.h>
 #include <generic-backend/gkey.h>
-#include <generic-backend/id.h>
-#include <generic-backend/token.h>
 #include <ckm/ckm-type.h>
+#include <crypto-backend.h>
+#include <token.h>
 
 namespace CKM {
 namespace Crypto {
 
 class GStore {
-protected:
-    GStore(){}
 public:
-    virtual Id getBackendId() const { Throw(Exception::OperationNotSupported); }
     virtual GKeyShPtr getKey(const Token &) { Throw(Exception::OperationNotSupported); }
     virtual TokenPair generateAKey(const CryptoAlgorithm &) { Throw(Exception::OperationNotSupported); }
     virtual Token generateSKey(const CryptoAlgorithm &) { Throw(Exception::OperationNotSupported); }
-    virtual Token import(KeyType, const RawBuffer &) { Throw(Exception::OperationNotSupported); }
+    virtual Token import(DataType, const RawBuffer &) { Throw(Exception::OperationNotSupported); }
     virtual void destroy(const Token &) { Throw(Exception::OperationNotSupported); }
     virtual ~GStore() {}
+
+protected:
+    explicit GStore(CryptoBackend backendId) : m_backendId(backendId) {}
+
+    CryptoBackend m_backendId;
 };
 
 typedef std::shared_ptr<GStore> GStoreShPtr;
diff --git a/src/manager/crypto/generic-backend/token.h b/src/manager/crypto/generic-backend/token.h
deleted file mode 100644
index a91dfdbb..00000000
--- a/src/manager/crypto/generic-backend/token.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- *  Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License
- */
-/*
- * @file       gstore.h
- * @author     Bartłomiej Grzelewski (b.grzelewski@samsung.com)
- * @version    1.0
- */
-#pragma once
-
-#include <utility>
-
-#include <ckm/ckm-raw-buffer.h>
-#include <ckm/ckm-type.h>
-
-#include <generic-backend/id.h>
-
-namespace CKM {
-namespace Crypto {
-
-struct Token {
-    RawBuffer buffer;
-    Id        backendId;
-    KeyType   keyType;
-};
-
-typedef std::pair<Token,Token> TokenPair;
-
-} // namespace Crypto
-} // namespace CKM
-
diff --git a/src/manager/crypto/platform/decider.cpp b/src/manager/crypto/platform/decider.cpp
index 995a6e72..b3e44138 100644
--- a/src/manager/crypto/platform/decider.cpp
+++ b/src/manager/crypto/platform/decider.cpp
@@ -6,7 +6,7 @@ namespace CKM {
 namespace Crypto {
 
 Decider::Decider()
-  : m_store(new SW::Store)
+  : m_store(new SW::Store(CryptoBackend::OpenSSL))
 {}
 
 GStoreShPtr Decider::getStore(const Token &) {
diff --git a/src/manager/crypto/platform/decider.h b/src/manager/crypto/platform/decider.h
index 535722a0..aec56c1c 100644
--- a/src/manager/crypto/platform/decider.h
+++ b/src/manager/crypto/platform/decider.h
@@ -3,7 +3,7 @@
 #include <memory>
 
 #include <generic-backend/gstore.h>
-#include <generic-backend/token.h>
+#include <token.h>
 
 namespace CKM {
 namespace Crypto {
diff --git a/src/manager/crypto/sw-backend/key.h b/src/manager/crypto/sw-backend/key.h
index 9a9338c7..fb0a36ee 100644
--- a/src/manager/crypto/sw-backend/key.h
+++ b/src/manager/crypto/sw-backend/key.h
@@ -24,6 +24,7 @@
 #include <openssl/evp.h>
 
 #include <generic-backend/gkey.h>
+#include <data-type.h>
 
 namespace CKM {
 namespace Crypto {
@@ -34,20 +35,20 @@ typedef std::shared_ptr<EVP_PKEY> EvpShPtr;
 
 class SKey : public GKey {
 public:
-    SKey(RawBuffer buffer, KeyType keyType)
+    SKey(RawBuffer buffer, DataType keyType)
       : m_key(std::move(buffer))
       , m_type(keyType)
     {}
 protected:
     RawBuffer m_key;
-    KeyType m_type;
+    DataType m_type;
 };
 
 class AKey : public GKey {
 public:
-    AKey(RawBuffer buffer, KeyType keyType)
+    AKey(RawBuffer buffer, DataType dataType = DataType::KEY_AES)
       : m_key(std::move(buffer))
-      , m_type(keyType)
+      , m_type(dataType)
     {}
     virtual RawBuffer sign(const CryptoAlgorithm &alg, const RawBuffer &message);
     virtual bool verify(const CryptoAlgorithm &alg, const RawBuffer &message, const RawBuffer &sign);
@@ -57,7 +58,7 @@ protected:
 
     EvpShPtr m_evp;
     RawBuffer m_key;
-    KeyType m_type;
+    DataType m_type;
 };
 
 } // namespace SW
diff --git a/src/manager/crypto/sw-backend/store.cpp b/src/manager/crypto/sw-backend/store.cpp
index 38d36c37..2bc374eb 100644
--- a/src/manager/crypto/sw-backend/store.cpp
+++ b/src/manager/crypto/sw-backend/store.cpp
@@ -30,39 +30,28 @@ namespace CKM {
 namespace Crypto {
 namespace SW {
 
-Id Store::getBackendId() const { return Id::OpenSSL; }
-
 GKeyShPtr Store::getKey(const Token &token) {
-    if (token.backendId != getBackendId()) {
+    if (token.backendId != m_backendId) {
         LogDebug("Decider choose wrong backend!");
         ThrowMsg(Exception::WrongBackend, "Decider choose wrong backend!");
     }
 
-    switch (token.keyType) {
-    case KeyType::KEY_RSA_PUBLIC:
-    case KeyType::KEY_RSA_PRIVATE:
-    case KeyType::KEY_DSA_PUBLIC:
-    case KeyType::KEY_DSA_PRIVATE:
-    case KeyType::KEY_ECDSA_PUBLIC:
-    case KeyType::KEY_ECDSA_PRIVATE:
-         return std::make_shared<AKey>(token.buffer, token.keyType);
-    case KeyType::KEY_AES:
-         return std::make_shared<SKey>(token.buffer, token.keyType);
-    default:
-         LogDebug(
-            "This type of key is not supported by openssl backend: " << (int)token.keyType);
-         ThrowMsg(Exception::KeyNotSupported,
-            "This type of key is not supported by openssl backend: " << (int)token.keyType);
+    if (token.dataType.isKeyPrivate() || token.dataType.isKeyPublic()) {
+         return std::make_shared<AKey>(token.data, token.dataType);
+    }
+
+    if (token.dataType == DataType(DataType::KEY_AES)) {
+         return std::make_shared<SKey>(token.data, token.dataType);
     }
 
+    LogDebug(
+        "This type of data is not supported by openssl backend: " << (int)token.dataType);
+    ThrowMsg(Exception::KeyNotSupported,
+        "This type of data is not supported by openssl backend: " << (int)token.dataType);
 }
 
-Token Store::import(KeyType keyType, const RawBuffer &buffer) {
-    Token token;
-    token.buffer = buffer;
-    token.keyType = keyType;
-    token.backendId = getBackendId();
-    return token;
+Token Store::import(DataType dataType, const RawBuffer &buffer) {
+    return Token(m_backendId, dataType, buffer);
 }
 
 } // namespace SW
diff --git a/src/manager/crypto/sw-backend/store.h b/src/manager/crypto/sw-backend/store.h
index 31247ab7..dc7a78c1 100644
--- a/src/manager/crypto/sw-backend/store.h
+++ b/src/manager/crypto/sw-backend/store.h
@@ -22,7 +22,6 @@
 
 #include <generic-backend/gkey.h>
 #include <generic-backend/gstore.h>
-#include <generic-backend/id.h>
 
 namespace CKM {
 namespace Crypto {
@@ -30,9 +29,10 @@ namespace SW {
 
 class Store : public GStore {
 public:
-    virtual Id getBackendId() const;
+    explicit Store(CryptoBackend backendId) : GStore(backendId) {}
+
     virtual GKeyShPtr getKey(const Token &token);
-    virtual Token import(KeyType keyType, const RawBuffer &buffer);
+    virtual Token import(DataType dataType, const RawBuffer &buffer);
     virtual void destroy(const Token &){}
 };
 
diff --git a/src/manager/main/generic-event.h b/src/manager/main/generic-event.h
index 9cf60f89..7b98f7c5 100644
--- a/src/manager/main/generic-event.h
+++ b/src/manager/main/generic-event.h
@@ -16,7 +16,7 @@
  *  limitations under the License
  */
 /*
- * @file        protocols.h
+ * @file        generic-event.h
  * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
  * @author      Zofia Abramowska (z.abramowska@samsung.com)
  * @version     1.0
diff --git a/src/manager/main/generic-socket-manager.h b/src/manager/main/generic-socket-manager.h
index 5018c4ad..f1d20af4 100644
--- a/src/manager/main/generic-socket-manager.h
+++ b/src/manager/main/generic-socket-manager.h
@@ -32,9 +32,9 @@
 #include <sys/types.h>
 
 #include <dpl/exception.h>
-#include <protocols.h>
 #include <generic-event.h>
 #include <dpl/raw-buffer.h>
+#include <ckm/ckm-type.h>
 
 extern "C" {
 struct msghdr;
diff --git a/src/manager/service/access-control.h b/src/manager/service/access-control.h
index 32bfb666..75297c42 100644
--- a/src/manager/service/access-control.h
+++ b/src/manager/service/access-control.h
@@ -24,7 +24,6 @@
 #include <string>
 #include <ckm/ckm-type.h>
 #include <ckm/ckm-raw-buffer.h>
-#include <protocols.h>
 #include <db-row.h>
 #include <permission.h>
 #include <generic-socket-manager.h>
diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
index 89fa59cd..99f60d92 100644
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -389,8 +389,7 @@ DB::Row CKMLogic::createEncryptedRow(
     const RawBuffer &data,
     const Policy &policy) const
 {
-    DB::Row row = { name, label, policy.extractable, dataType, DBCMAlgType::NONE,
-                  0, RawBuffer(), static_cast<int>(data.size()), data, RawBuffer() };
+    DB::Row row(name, label, static_cast<int>(policy.extractable), dataType, data, static_cast<int>(data.size()));
 
     // do not encrypt data with password during cc_mode on
     if(m_accessControl.isCCMode()) {
diff --git a/src/manager/crypto/generic-backend/id.h b/src/manager/service/crypto-backend.h
index 4086d577..def25a7f 100644
--- a/src/manager/crypto/generic-backend/id.h
+++ b/src/manager/service/crypto-backend.h
@@ -14,20 +14,19 @@
  *  limitations under the License
  */
 /*
- * @file       id.h
+ * @file       crypto-backend.h
  * @author     Bartłomiej Grzelewski (b.grzelewski@samsung.com)
  * @version    1.0
  */
 #pragma once
 
 namespace CKM {
-namespace Crypto {
 
-enum class Id {
-    OpenSSL = 0,
-    TrustZone = 1
+enum class CryptoBackend {
+    None = 0,
+    OpenSSL = 1,
+    TrustZone = 2
 };
 
-} // namespace Crypto
 } // namespace CKM
 
diff --git a/src/manager/service/db-row.h b/src/manager/service/db-row.h
index a64237ad..333f5ccc 100644
--- a/src/manager/service/db-row.h
+++ b/src/manager/service/db-row.h
@@ -24,24 +24,40 @@
 #include <vector>
 #include <ckm/ckm-type.h>
 #include <protocols.h>
+#include <token.h>
 
 namespace CKM {
 namespace DB {
 
-struct Row {
+struct Row : public Token {
+    Row() = default;
+
+    Row(const Name &pName,
+        const Label &pLabel,
+        int pExportable,
+        DataType pDataType,
+        const RawBuffer &pData,
+        int pDataSize) :
+        Token(CryptoBackend::None, pDataType, pData)
+      , name(pName)
+      , ownerLabel(pLabel)
+      , exportable(pExportable)
+      , algorithmType(DBCMAlgType::NONE)
+      , encryptionScheme(0)
+      , dataSize(pDataSize)
+    {}
+
     Name name;
     Label ownerLabel;
     int exportable;
-    DataType dataType;        // cert/key/data
     DBCMAlgType algorithmType;  // Algorithm type used for row data encryption
     int encryptionScheme;       // for example: (ENCR_BASE64 | ENCR_PASSWORD)
     RawBuffer iv;               // encoded in base64
     int dataSize;               // size of information without hash and padding
-    RawBuffer data;
     RawBuffer tag;              // tag for Aes Gcm algorithm
 };
-typedef std::vector<Row> RowVector;
 
+typedef std::vector<Row> RowVector;
 
 } // namespace DB
 } // namespace CKM
diff --git a/src/manager/service/token.h b/src/manager/service/token.h
new file mode 100644
index 00000000..f6940377
--- /dev/null
+++ b/src/manager/service/token.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+ */
+/*
+ * @file        token.h
+ * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version     1.0
+ * @brief       OBJECT_TABLE entry enhanced with corresponding NAME_TABLE identifier
+ */
+#pragma once
+
+#include <utility>
+
+#include <data-type.h>
+#include <crypto-backend.h>
+
+namespace CKM {
+
+struct Token {
+    Token()
+      : backendId(CryptoBackend::None)
+    {}
+    Token(CryptoBackend pBackendId, DataType pDataType, const RawBuffer &pData)
+      : backendId(pBackendId)
+      , dataType(pDataType)
+      , data(pData)
+    {}
+    CryptoBackend backendId;
+    DataType dataType;
+    RawBuffer data;
+};
+
+typedef std::pair<Token,Token> TokenPair;
+
+} // namespace CKM