#!/bin/bash
source utils.sh

########################## EDIT HERE ##########################
# Set this to the absolute path of the folder containing this file
export COMP_PATH_ROOT=$P4_SECURITY_DEV_PATH/TZSDK/android-security-exynos/tbase
# Release or Debug
# We need to set Debug to use SCrypto2.0
# If we set Release mode, build will be failed
# SCrypto2.0 should check symbol information for hmac
export MODE=Debug
###############################################################

export SEC_SOC_NUM=$1
export PLATFORM_OS_VER=$2
export VKBUILD_MODE=$3

case "$SEC_SOC_NUM" in
	MTK6762)
		export SEC_PRODUCT=$SEC_SOC_NUM
		;;
	*)
		export SEC_PRODUCT=exynos$SEC_SOC_NUM
		;;
esac

export COMP_PATH_BASE=$(pwd)
export COMP_PATH_SECAPP=$COMP_PATH_BASE/app/platform/kinibi
export COMP_PATH_SECDRIVER=$COMP_PATH_BASE/driver/platform/kinibi
export VK_TA_NAME=ffffffff000000000000000000000045.tlbin
export VK_DRIVER_NAME=ffffffffd00000000000000000000045.drbin
export PERFORCE_TARGET_MAIN=OHIO
########################## USED LATER #########################
export TLSDK_DIR_SRC=$COMP_PATH_ROOT/$SEC_PRODUCT/t-base-dev-kit/t-sdk/TlSdk
export TBASE_SEC_OPTION=tw

# Scrypto20 uses large memory, It must be recommended that TA heapsize is more than defualt setting value.
# Otherwise, tlApiMalloc() could be failed. Follow below guide.
# 1. Open TLSDK_DIR_SRC/trustlet.mk
# 2. Find TA siging command part (java -jar $(TASDK_DIR_SRC)/Bin/MobiConvert/signclient.jar -model $(MODEL) -runtype $(RUNTYPE) -input $(TA_AXF) -output $(TA_BIN) -conf_str "-s 3 -n 1 -i 1 -m 2 -f 8 -mh 61440")
# 3. Edit -mh option parameter 61440(defult) -> 122880(twice value)
###############################################################

if [ "$PLATFORM_OS_VER" == "p" ] || [ "$PLATFORM_OS_VER" == "P" ] ; then
export VK_TA_OUTPUT_PATH=$COMP_PATH_BASE/../Bin/TA/Android_P/$SEC_PRODUCT
export VK_DRIVER_OUTPUT_PATH=$COMP_PATH_BASE/../Bin/TA/Android_P/$SEC_PRODUCT/drv
else
export VK_TA_OUTPUT_PATH=$COMP_PATH_BASE/../Bin/TA/$SEC_PRODUCT
export VK_DRIVER_OUTPUT_PATH=$COMP_PATH_BASE/../Bin/TA/$SEC_PRODUCT/drv
fi

if [ "$3" == "" ]; then
	VKBUILD_MODE=release
	export MODE=Release
fi

show_invalid_param()
{
	echo "------------------------------------------------------------------"
	echo "Please check parameter, Your args (Chipset:${SEC_SOC_NUM}) (TargetVersion:${PLATFORM_OS_VER}) (VkBuildMode:${VKBUILD_MODE})"
	echo "[Usage] ./build_kinibi.sh [Chipset] [TargetVersion] {VkBuildMode}"
	echo "[Chipset Support] 8895, 8890G, 7880, 7870, 7885, 7570, 9810 MTK6762"
	echo "[Android Platform version] Q, P"
	# debug mode : Add logs for debugging
	# no_key : Disable RPMB forcely(include debug mode)
	echo "[VkBuildMode Support - default release] debug, no_key"
	echo "------------------------------------------------------------------"
}

validate_params()
{
	# Check Chipset parameter
	if [ "$SEC_SOC_NUM" ]; then
		printGreen "VaultKeeper kinibi TA build For Exynos$SEC_SOC_NUM"
		case "$SEC_SOC_NUM" in
			9810_500)
				export RUNTYPE=gd_mobicore400_trustlet
				export TBASE_SEC_ARCH=64
				export SEC_SOC_NUM=9810
				export SEC_PRODUCT=exynos9810
				export VK_DRIVER_NEEDED=yes
				export TLSDK_DIR_SRC=$COMP_PATH_ROOT/$SEC_PRODUCT/t-base-dev-kit/t-sdk/TlSdk
				export KINIBI_VERSION=500
				;;
			9810|7885)
				export RUNTYPE=gd_mobicore400_trustlet
				export TBASE_SEC_ARCH=64
				export VK_DRIVER_NEEDED=yes
				;;			
			8895)
				export RUNTYPE=gd_mobicore400_trustlet
				export TBASE_SEC_ARCH=64
				;;
			MTK6762) # Waffle JDM S1 model; using TA SDK in PEACE
				export RUNTYPE=gd_mobicore400_trustlet
				export TBASE_SEC_ARCH=64
				export LM_LICENSE_FILE=8224@168.219.209.143:8224@168.219.209.108
				export TLSDK_DIR_SRC=$P4_SECURITY_DEV_PATH/../../../PEACE/Waffle/MT6762/android/vendor/mediatek/proprietary/trustzone/trustonic/internal/bsp/common/400b/t-sdk/TlSdk/Out
				export ARM_RVCT_PATH=$COMP_PATH_ROOT/../Common/ArmRvct/sec_rvct40/Out
				export ARM_RVCT_PATH_BIN=$ARM_RVCT_PATH/bin/linux_x86_64
				export ARM_RVCT_PATH_LIB=$ARM_RVCT_PATH/lib
				export ARM_RVCT_PATH_INC=$ARM_RVCT_PATH/inc
				;;
			8890G) # For Grace model
				export RUNTYPE=gd_mobicore311_trustlet
				export TBASE_SEC_ARCH=64
				export SEC_SOC_NUM=8890
				export SEC_PRODUCT=exynos8890
				export TLSDK_DIR_SRC=$COMP_PATH_ROOT/$SEC_PRODUCT/t-base-dev-kit/t-sdk/TlSdk
				;;
			7570|7870|7880)
				export RUNTYPE=gd_mobicore310_trustlet
				export TBASE_SEC_ARCH=64
				;;
			*)
				show_invalid_param
				exit
				;;
		esac
	else
		show_invalid_param
		exit
	fi

	# Check Android target version
	if [ "$PLATFORM_OS_VER" ]; then
		printGreen "Android version : $PLATFORM_OS_VER OS"
		case "$PLATFORM_OS_VER" in
			q|Q|p|P|o|O)
				;;
			*)
				show_invalid_param
				exit
				;;
		esac
	else
		show_invalid_param
		exit
	fi

	# Check build mode parameter
	if [ "$VKBUILD_MODE" ]; then
		printGreen "VaultKeeper kinibi TA build as $VKBUILD_MODE mode"
		case "$VKBUILD_MODE" in
			release|debug|no_key)
				;;
			*)
				show_invalid_param
				exit
				;;
		esac
	else
		show_invalid_param
		exit
	fi
}

delete_local_output()
{
	rm -rf $COMP_PATH_SECAPP/Out/
	rm -rf $COMP_PATH_SECAPP/../app/
	mkdir -p $VK_TA_OUTPUT_PATH
	if [ "$VK_DRIVER_NEEDED" == "yes" ] ; then
		mkdir -p $VK_DRIVER_OUTPUT_PATH
	fi

}

copy_local_output_to_integ_branch()
{
	VK_TA_OUTPUT=$COMP_PATH_SECAPP/Out/Bin/$MODE/$VK_TA_NAME
	VK_DRIVER_OUTPUT=$COMP_PATH_SECDRIVER/Out/Bin/$MODE/$VK_DRIVER_NAME
	cp -rf $VK_TA_OUTPUT $VK_TA_OUTPUT_PATH
	if [ "$VK_DRIVER_NEEDED" == "yes" ] ; then
		cp -rf $VK_DRIVER_OUTPUT $VK_DRIVER_OUTPUT_PATH
	fi
}

do_kinibi_build()
{
	#Soruce setup.sh in kinibi package
	echo "$COMP_PATH_ROOT"
	echo "$COMP_PATH_ROOT/$SEC_PRODUCT"
	source $COMP_PATH_ROOT/$SEC_PRODUCT/setup.sh

	cd $COMP_PATH_SECAPP
	./build.sh
	cd $COMP_PATH_BASE
}

do_kinibi_driver_build()
{
	#Soruce setup.sh in kinibi package
	echo "$COMP_PATH_ROOT"
	echo "$COMP_PATH_ROOT/$SEC_PRODUCT"
	source $COMP_PATH_ROOT/$SEC_PRODUCT/setup.sh

	cd $COMP_PATH_SECDRIVER
	./build.sh
	cd $COMP_PATH_BASE
}

push_to_device()
{
	adb remount
	adb push $VK_TA_OUTPUT_PATH/$VK_TA_NAME /system/vendor/app/mcRegistry/
	adb push $VK_TA_OUTPUT_PATH/$VK_TA_NAME /vendor/app/mcRegistry/

	if [ "$VK_DRIVER_NEEDED" == "yes" ] ; then
		adb push $VK_DRIVER_OUTPUT_PATH/$VK_DRIVER_NAME /vendor/app/mcRegistry/
	fi
}

validate_params
delete_local_output
echo ""
do_kinibi_build

if [ "$VK_DRIVER_NEEDED" == "yes" ] ; then
	do_kinibi_driver_build
fi

## Copy to integration branch
if [ "$P4_SECURITY_DEV_PATH" ]; then
	print_success "Copy to integration target file."
	copy_local_output_to_integ_branch
else
	print_warning "P4_SECURITY_DEV_PATH isn't set, skip copy to integration file."
fi

## Push binary to device
echo ""
adb start-server
RET="$(adb get-state)"
if [ "$RET" = "device" ]; then
	print_success "device is connected. push vaultkeeper binary to device."
	push_to_device
else
	print_warning "device isn't connected. skip vaultkeeper binary push"
fi

delete_local_output