SGX_DIR := $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
RUNTIME_DIR = $(SGX_DIR)/../../../../Runtime

LIBPAL = $(RUNTIME_DIR)/libpal-Linux-SGX.so
SGX_SIGNER_KEY ?= $(SGX_DIR)/signer/enclave-key.pem
SGX_SIGN = $(SGX_DIR)/signer/pal-sgx-sign -libpal $(LIBPAL) -key $(SGX_SIGNER_KEY)
SGX_GET_TOKEN = $(SGX_DIR)/signer/pal-sgx-get-token

# sgx manifest.sgx/sig/token
drop_manifest_suffix = $(filter-out manifest,$(sort $(patsubst %.manifest,%,$(1))))
expand_target_to_token = $(addsuffix .token,$(call drop_manifest_suffix,$(1)))
expand_target_to_sig = $(addsuffix .sig,$(call drop_manifest_suffix,$(1)))
expand_target_to_sgx = $(addsuffix .manifest.sgx,$(call drop_manifest_suffix,$(1)))

$(SGX_SIGNER_KEY):
	$(error "Cannot find any enclave key. Generate $(abspath $(SGX_SIGNER_KEY)) or specify 'SGX_SIGNER_KEY=' with make")

%.token: %.sig
	$(call cmd,sgx_get_token)

%.sig %.manifest.sgx: %.manifest % $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
	$(call cmd,sgx_sign_exec)

%.sig %.manifest.sgx: manifest % $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
	$(call cmd,sgx_sign_exec)

%.sig %.manifest.sgx: %.manifest $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
	$(call cmd,sgx_sign)

.PRECIOUS: %.manifest.sgx.d

%.manifest.sgx.d: %.manifest
	$(call cmd,sgx_sign_depend_exec)

%.manifest.sgx.d: manifest
	$(call cmd,sgx_sign_depend)

# It is possible to have an SGX manifest without main executable: manifest may not have
# loader.exec but only preloaded libraries. There is no good way to distinguish this rule
# from the above rule. Since manifests without main executables are very rare, these cases
# use static pattern rules in the corresponding Makefiles (e.g., in Pal/regression).
# %.manifest.sgx.d: %.manifest
# 	$(call cmd,sgx_sign_depend)

ifeq ($(filter %clean,$(MAKECMDGOALS)),)
ifeq ($(target),)
$(error define "target" variable for manifest.sgx dependency calculation)
endif
include $(addsuffix .manifest.sgx.d,$(call drop_manifest_suffix,$(target)))
endif