diff options
author | Veronika Slivova <slivova@google.com> | 2018-07-04 08:24:16 -0700 |
---|---|---|
committer | Tink Team <noreply@google.com> | 2018-07-06 17:20:21 -0400 |
commit | 44b8960e774f22f9122f84a8109c12f328af8de5 (patch) | |
tree | d27af34de22e5d6d05aa0554d2b261338323075d /cc/registry.h | |
parent | 57c0a72df8f705489204887cdf2e1d40ddae55d4 (diff) | |
download | tink-44b8960e774f22f9122f84a8109c12f328af8de5.tar.gz |
Registry::RegisterKeyManager - new key allowed can be changed to more
restrictive
PiperOrigin-RevId: 203283070
GitOrigin-RevId: 058f0b9a347ec73ba0ae1ee38679c0739a8eec89
Diffstat (limited to 'cc/registry.h')
-rw-r--r-- | cc/registry.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/cc/registry.h b/cc/registry.h index 09b2dfdf3..14fe5ca5c 100644 --- a/cc/registry.h +++ b/cc/registry.h @@ -249,6 +249,16 @@ crypto::tink::util::Status Registry::RegisterKeyManager( return ToStatusF(crypto::tink::util::error::ALREADY_EXISTS, "A manager for type '%s' has been already registered.", type_url.c_str()); + } else { + auto curr_new_key_allowed = type_to_new_key_allowed_map_.find(type_url); + if (!curr_new_key_allowed->second && new_key_allowed) { + return ToStatusF(crypto::tink::util::error::ALREADY_EXISTS, + "A manager for type '%s' has been already registered " + "with forbidden new key operation.", + type_url.c_str()); + } else { + curr_new_key_allowed->second = new_key_allowed; + } } } else { type_to_manager_map_.insert( |