Revert "Revert "Weaver HAL""
This reverts commit 66d499a26faa4603af9b8140cb1d620431b036a5.
Test: It builds
Change-Id: I204e46e7ab7c91454a4561ff44bf9920ca78d6a5
diff --git a/weaver/1.0/IWeaver.hal b/weaver/1.0/IWeaver.hal
new file mode 100644
index 0000000..2362c29
--- /dev/null
+++ b/weaver/1.0/IWeaver.hal
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.weaver@1.0;
+
+/**
+ * Weaver provides secure storage of secret values that can only be read if the
+ * corresponding key has been presented.
+ *
+ * The storage must be secure as the device's user authentication and encryption
+ * relies on the security of these values. The cardinality of the domains of the
+ * key and value must be suitably large such that they cannot be easily guessed.
+ *
+ * Weaver is structured as an array of slots, each containing a key-value pair.
+ * Slots are uniquely identified by an ID in the range [0, `getConfig().slots`).
+ */
+interface IWeaver {
+ /**
+ * Retrieves the config information for this implementation of Weaver.
+ *
+ * The config is static i.e. every invocation returns the same information.
+ *
+ * @return status is OK if the config was successfuly obtained.
+ * @return config data for this implementation of Weaver if status is OK,
+ * otherwise undefined.
+ */
+ getConfig() generates (WeaverStatus status, WeaverConfig config);
+
+ /**
+ * Overwrites the identified slot with the provided key and value.
+ *
+ * The new values are written regardless of the current state of the slot in
+ * order to remain idempotent.
+ *
+ * @param slotId of the slot to write to.
+ * @param key to write to the slot.
+ * @param value to write to slot.
+ * @return status is OK if the write was successfully completed.
+ */
+ write(uint32_t slotId, vec<uint8_t> key, vec<uint8_t> value)
+ generates (WeaverStatus status);
+
+ /**
+ * Attempts to retrieve the value stored in the identified slot.
+ *
+ * The value is only returned if the provided key matches the key stored in
+ * the slot. The value is never returned if the wrong key is provided.
+ *
+ * Throttling is used to limit the frequency of failed read attempts. The
+ * value is only returned when throttling is not active, even if the correct
+ * key is provided. If called when throttling is active, the time until the
+ * next attempt can be made is returned.
+ *
+ * @param slotId of the slot to read from.
+ * @param key that is stored in the slot.
+ * @return status is OK if the value was successfully read, INCORRECT_KEY if
+ * the key does not match the key in the slot or THROTTLE if
+ * throttling is active.
+ * @return readResponse contains the value read and the timeout to wait
+ * before making the next request. The value is undefined if the
+ * status is not OK and the timeout is undefined if the status is
+ * FAILED.
+ */
+ read(uint32_t slotId, vec<uint8_t> key)
+ generates (WeaverReadStatus status,
+ WeaverReadResponse readResponse);
+};