summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Redfish.md1
-rw-r--r--redfish-core/lib/storage.hpp51
2 files changed, 52 insertions, 0 deletions
diff --git a/Redfish.md b/Redfish.md
index 1cdce980aa..aa5ab895de 100644
--- a/Redfish.md
+++ b/Redfish.md
@@ -904,6 +904,7 @@ other.
#### Storage
- CapacityBytes
+- EncryptionStatus
- Links
- Status
diff --git a/redfish-core/lib/storage.hpp b/redfish-core/lib/storage.hpp
index fe4842c02c..3bc8419be9 100644
--- a/redfish-core/lib/storage.hpp
+++ b/redfish-core/lib/storage.hpp
@@ -17,6 +17,7 @@
#include "app.hpp"
#include "dbus_utility.hpp"
+#include "generated/enums/drive.hpp"
#include "health.hpp"
#include "human_sort.hpp"
#include "openbmc_dbus_rest.hpp"
@@ -440,6 +441,8 @@ inline void
// this interface isn't required
return;
}
+ const std::string* encryptionStatus = nullptr;
+ const bool* isLocked = nullptr;
for (const std::pair<std::string, dbus::utility::DbusVariantType>&
property : propertiesList)
{
@@ -524,7 +527,55 @@ inline void
*lifeLeft;
}
}
+ else if (propertyName == "EncryptionStatus")
+ {
+ encryptionStatus = std::get_if<std::string>(&property.second);
+ if (encryptionStatus == nullptr)
+ {
+ BMCWEB_LOG_ERROR << "Illegal property: EncryptionStatus";
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ }
+ else if (propertyName == "Locked")
+ {
+ isLocked = std::get_if<bool>(&property.second);
+ if (isLocked == nullptr)
+ {
+ BMCWEB_LOG_ERROR << "Illegal property: Locked";
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ }
+ }
+
+ if (encryptionStatus == nullptr || isLocked == nullptr ||
+ *encryptionStatus ==
+ "xyz.openbmc_project.Drive.DriveEncryptionState.Unknown")
+ {
+ return;
+ }
+ if (*encryptionStatus !=
+ "xyz.openbmc_project.Drive.DriveEncryptionState.Encrypted")
+ {
+ //"The drive is not currently encrypted."
+ asyncResp->res.jsonValue["EncryptionStatus"] =
+ drive::EncryptionStatus::Unencrypted;
+ return;
+ }
+ if (*isLocked)
+ {
+ //"The drive is currently encrypted and the data is not
+ // accessible to the user."
+ asyncResp->res.jsonValue["EncryptionStatus"] =
+ drive::EncryptionStatus::Locked;
+ return;
}
+ // if not locked
+ // "The drive is currently encrypted but the data is accessible
+ // to the user in unencrypted form."
+ asyncResp->res.jsonValue["EncryptionStatus"] =
+ drive::EncryptionStatus::Unlocked;
});
}