#ifndef __VAULTKEEPER_API_H__
#define __VAULTKEEPER_API_H__

/*
  Warring!
  To get an instance of Vault Keeper,
  It must be defined 'TA_APP_NAME'
  ex) char TZ_APP_NAME[] = {"XXXX"};
  in case of the variable doesnt exist, link error will happen
*/

//==============================================================================
// VK Manager Error codes
//==============================================================================
#define VKM_SUCCESS                 0
#define VKM_ERR_OPEN_FAIL          -1
// VK_ERR_GENERAL                  -2
// VK_ERR_INVALID_ARGUMENT         -3
// VK_ERR_ALLOCATE_MEMORY          -4
// VK_ERR_PERMISSION_DENIED        -5
// VK_ERR_BUFFER_ALL_ZERO          -6
// VK_ERR_PARSING                  -7
// VK_ERR_TZ_API                   -8
// VK_ERR_TZ_API_FUSE              -9
// VK_ERR_TZ_API_CRYPTO            -10
// VK_ERR_TZ_API_RPMB              -11
// VK_ERR_TZ_API_PERSISTENT        -12
// VK_ERR_TZ_API_KEY               -13
// VK_ERR_READ_VAULT               -14
// VK_ERR_WRITE_VAULT              -15
// VK_ERR_READ_VTAB                -16
// VK_ERR_READ_NONCE               -17
// VK_ERR_WRITE_NONCE              -18
// VK_ERR_CLIENT_NOT_INITIALIZED   -19
// VK_ERR_INTEGRITY_FAILED         -20
// VK_ERR_MISMATCH_HMAC            -21
// VK_ERR_VERIFY_CERT_CHAIN        -22
// VK_ERR_VERIFY_SIGNATURE         -23
// VK_ERR_CRYPTO_ENCRYPT           -24
// VK_ERR_CRYPTO_DECRYPT           -25
// VK_ERR_WRAP_UNWRAP_OBJECT       -26
// VK_ERR_RPMB_OPERATION           -27
// VK_ERR_RPMB_KEY_PROV            -28
// VK_ERR_SECURE_BOOT_DISABLED     -29

//==============================================================================
// VAULT TYPE
//==============================================================================
#define VAULT_TYPE_UNSHELTERED    0x00000001 // User data unecnrypted area (32bytes)
#define VAULT_TYPE_SHELTERED      0x00000002 // User data encrypted area (On-demand)


//==============================================================================
// SBOX TYPE
//==============================================================================
#define SBOX_TYPE_WB                    0x00000002 // Warranty bit(0/1)
#define SBOX_TYPE_EMT                   0x00000003 // Engineering mode token
#define SBOX_TYPE_AID                   0x00000004 // Activated ID (32Bytes)
#define SBOX_TYPE_BIN_TYPE              0x00000005 // Binary type (Factory:0/USER:1/ENG:2)
#define SBOX_TYPE_COMMERCIAL_DEVICE     0x00000006 // Device type (PROD:0/ENG:1)

/*
	out_data (Max 512B)
	out_data_len out_data buffer size
	out_data_lenout result size of read
	return If successfully done, return VK_SUCCESS.
*/
int vk_read_sbox(const uint32_t sbox_type, void* out_data, size_t out_data_len, size_t* out_data_lenout);

int vk_read_vault(const uint32_t vault_type, void* out_data, size_t out_data_len, size_t* out_data_lenout);

int vk_write_vault(const uint32_t vault_type, const void* in_data, size_t in_data_len);

#endif // __VAULTKEEPER_API_H__