diff options
Diffstat (limited to 'src/manager/crypto/platform/decider.cpp')
-rw-r--r-- | src/manager/crypto/platform/decider.cpp | 71 |
1 files changed, 37 insertions, 34 deletions
diff --git a/src/manager/crypto/platform/decider.cpp b/src/manager/crypto/platform/decider.cpp index 6c6dc963..c986f4ea 100644 --- a/src/manager/crypto/platform/decider.cpp +++ b/src/manager/crypto/platform/decider.cpp @@ -32,62 +32,65 @@ namespace CKM { namespace Crypto { namespace { -CryptoBackend chooseCryptoBackend(DataType dataType, bool exportable, bool encrypted) +CryptoBackend chooseCryptoBackend(DataType dataType, bool exportable, + bool encrypted) { -// Only software backend supports device encyption key - if (encrypted) - return CryptoBackend::OpenSSL; + // Only software backend supports device encyption key + if (encrypted) + return CryptoBackend::OpenSSL; -// The list of items that MUST be support by OpenSSL - if (dataType.isCertificate()) - return CryptoBackend::OpenSSL; + // The list of items that MUST be support by OpenSSL + if (dataType.isCertificate()) + return CryptoBackend::OpenSSL; - if (dataType.isBinaryData()) - return CryptoBackend::OpenSSL; + if (dataType.isBinaryData()) + return CryptoBackend::OpenSSL; - if (exportable) - return CryptoBackend::OpenSSL; + if (exportable) + return CryptoBackend::OpenSSL; -// This is the place where we can use trust zone backend -// Examples: -// -// if (dataType.isKeyPrivate()) -// return CryptoBackend::TrustZone; + // This is the place where we can use trust zone backend + // Examples: + // + // if (dataType.isKeyPrivate()) + // return CryptoBackend::TrustZone; -// This item does not met Trust Zone requirements. Let's use software backend - return CryptoBackend::OpenSSL; + // This item does not met Trust Zone requirements. Let's use software backend + return CryptoBackend::OpenSSL; } } // namespace Decider::Decider() - : m_swStore(new SW::Store(CryptoBackend::OpenSSL)) - , m_tzStore(new TZ::Store(CryptoBackend::TrustZone)) + : m_swStore(new SW::Store(CryptoBackend::OpenSSL)) + , m_tzStore(new TZ::Store(CryptoBackend::TrustZone)) { } -GStore& Decider::getStore(const Token &token) const +GStore &Decider::getStore(const Token &token) const { - return getStore(token.backendId); + return getStore(token.backendId); }; -GStore& Decider::getStore(CryptoBackend cryptoBackend) const +GStore &Decider::getStore(CryptoBackend cryptoBackend) const { - GStore *gStore = NULL; - if (cryptoBackend == CryptoBackend::OpenSSL) - gStore = m_swStore.get(); - if (cryptoBackend == CryptoBackend::TrustZone) - gStore = m_tzStore.get(); + GStore *gStore = NULL; - if (gStore) - return *gStore; + if (cryptoBackend == CryptoBackend::OpenSSL) + gStore = m_swStore.get(); - ThrowErr(Exc::Crypto::InternalError, - "Backend not available. BackendId: ", (int)cryptoBackend); + if (cryptoBackend == CryptoBackend::TrustZone) + gStore = m_tzStore.get(); + + if (gStore) + return *gStore; + + ThrowErr(Exc::Crypto::InternalError, + "Backend not available. BackendId: ", (int)cryptoBackend); } -GStore& Decider::getStore(DataType data, bool exportable, bool encrypted) const +GStore &Decider::getStore(DataType data, bool exportable, bool encrypted) const { - return getStore(chooseCryptoBackend(data, exportable, encrypted)); + return getStore(chooseCryptoBackend(data, exportable, encrypted)); } } // namespace Crypto |