#
# Copyright (c) 2020 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

declare_args() {
  # whether use huks
  huks_enabled = true

  # for HUKS can compile on liteos_m
  disable_huks_binary = false

  # cut abilities for authentication
  disable_authenticate = false

  # if HUKS use mbedtls engine
  huks_use_mbedtls = true

  # whether use lite storeage
  huks_use_lite_storage = false

  # whether use hardware root key for better security
  huks_use_hardware_root_key = false

  # whether use hks config file
  huks_config_file = ""

  # config hks key store path in mini or lite system
  huks_key_store_path = "/storage/"

  # config hks key store path in standard system
  huks_key_store_standard_path = "/data/service/el1/public/huks_service"

  # whether huks enable log
  huks_enable_log = false

  # specify the path of MbedTls huks depends on
  huks_dependency_mbedtls_path = ""

  # specify the path of OpenSSL huks depends on
  huks_dependency_openssl_path = ""

  # specify the uid white list for change key owner
  huks_uid_trust_list_define = "{}"

  # whether enable key file auto-upgrade
  huks_enable_upgrade_key = true

  # whether enable upgrade key file for l1 sdk to l1 service, default as false
  huks_enable_upgrade_small_to_service = false

  # whether enable upgrade root key component from V1 to V2, default as true
  huks_enable_upgrade_rkc_v1tov2 = true

  # whether enable upgrade key derivation algorithm
  huks_enable_upgrade_derive_key_alg = true

  # default security level supported by huks is software
  huks_security_level = "software"

  # default tdd running environment do not change this config in your device
  huks_test_suite_running_environment = "system"

  # config lite hap key store path in mini or lite system
  huks_lite_hap_store_path = "user/ace/data"

  # whether use rkc in standard system
  huks_use_rkc_in_standard = false

  # config rkc store path in standard system
  huks_use_rkc_in_standard_path = "data/data/huks_service"

  # config is qemu risc-v mini system
  huks_qemu_enabled = false

  # whether enable upgrade key storage secure level
  huks_enable_upgrade_key_storage_secure_level = true

  # sa upgrade config, organized as {uid, needDe, needFrontUser}
  huks_sa_upgrade_config = "{ { 3074, true, false }, { 3515, true, false }, { 3058, true, false }, { 6666, true, false }, { 1002, true, false }, { 3012, true, false }, { 1042, true, false }, { 1010, true, false }, { 5522, true, false }, { 6226, true, false } }"

  # hap upgrade config, organized as {hapName, needDe, needFrontUser}
  huks_hap_upgrade_config = "{}"

  # whether enable skip upgrade key storage secure level
  huks_enable_skip_upgrade_key_storage_secure_level = true

  # sa temporary skip upgrade config
  huks_sa_skip_upgrade_config =
      "{ 0, 3553, 3333, 3046, 3520, 7008, 1027, 1024 }"

  # hap temporary skip upgrade config
  huks_hap_skip_upgrade_config = "{}"

  # whether enable huks hdi in system in standard
  huks_enable_hdi_in_standard = true

  # trusted list for change storage level
  huks_change_storage_level_config = "{ 0, 3333 }"
}