From b77a5ff81962efb7e90606df461429855993bf73 Mon Sep 17 00:00:00 2001 From: "1362134550@qq.com" <1362134550@qq.com> Date: Tue, 9 Sep 2025 16:29:00 +0800 Subject: [PATCH 1/5] =?UTF-8?q?=E5=BC=82=E5=B8=B8=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../entry/src/main/ets/pages/Index.ets | 43 +++++++++++-------- 1 file changed, 26 insertions(+), 17 deletions(-) diff --git a/AppDataSecurity/entry/src/main/ets/pages/Index.ets b/AppDataSecurity/entry/src/main/ets/pages/Index.ets index 3574ed8a..77abcf98 100644 --- a/AppDataSecurity/entry/src/main/ets/pages/Index.ets +++ b/AppDataSecurity/entry/src/main/ets/pages/Index.ets @@ -91,28 +91,37 @@ let cipherData: Uint8Array; // [Start write_file] function writeFile(filePath: string, data: string) { - let file = fileIo.openSync(filePath, fileIo.OpenMode.READ_WRITE | fileIo.OpenMode.CREATE); - let writeLen = fileIo.writeSync(file.fd, data); - hilog.info(0x0000, 'AppDataSecurity', 'The length of str is: ' + writeLen); - fileIo.closeSync(file); + try { + let file = fileIo.openSync(filePath, fileIo.OpenMode.READ_WRITE | fileIo.OpenMode.CREATE); + let writeLen = fileIo.writeSync(file.fd, data); + hilog.info(0x0000, 'AppDataSecurity', 'The length of str is: ' + writeLen); + fileIo.closeSync(file); + } catch (error) { + hilog.error(0x0000, 'AppDataSecurity', `writeFile error ${JSON.stringify(error)}`); + } } function readFile(filePath: string): string { - let file = fileIo.openSync(filePath, fileIo.OpenMode.READ_WRITE | fileIo.OpenMode.CREATE); - let arrayBuffer = new ArrayBuffer(1024); + try { + let file = fileIo.openSync(filePath, fileIo.OpenMode.READ_WRITE | fileIo.OpenMode.CREATE); + let arrayBuffer = new ArrayBuffer(1024); - class Option { - public offset: number = 0; - public length: number = 0; - } + class Option { + public offset: number = 0; + public length: number = 0; + } - let option = new Option(); - option.length = arrayBuffer.byteLength; - let readLen = fileIo.readSync(file.fd, arrayBuffer, option); - let buf = buffer.from(arrayBuffer, 0, readLen); - hilog.info(0x0000, 'AppDataSecurity', `The length of of file: ${readLen}`); - fileIo.closeSync(file); - return buf.toString(); + let option = new Option(); + option.length = arrayBuffer.byteLength; + let readLen = fileIo.readSync(file.fd, arrayBuffer, option); + let buf = buffer.from(arrayBuffer, 0, readLen); + hilog.info(0x0000, 'AppDataSecurity', `The length of of file: ${readLen}`); + fileIo.closeSync(file); + return buf.toString(); + } catch (error) { + hilog.error(0x0000, 'AppDataSecurity', `readFile error ${JSON.stringify(error)}`); + } + return ''; } // [End write_file] -- Gitee From a6a44820f6ac20a9232cc44bdf29c24094ba3fec Mon Sep 17 00:00:00 2001 From: "1362134550@qq.com" <1362134550@qq.com> Date: Wed, 10 Sep 2025 10:47:54 +0800 Subject: [PATCH 2/5] =?UTF-8?q?=E5=BC=82=E5=B8=B8=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- AppDataSecurity/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/AppDataSecurity/README.md b/AppDataSecurity/README.md index a8b967ef..09f2972b 100644 --- a/AppDataSecurity/README.md +++ b/AppDataSecurity/README.md @@ -8,6 +8,12 @@ |----------------------------------------------------| | | +### 使用说明 +1. 点击获取通用文件路径获取el2文件路径。 +2. 点击获取EL1文件路径获取el1文件路径。 +3. 点击加密会执行加密算法,可通过日志查看加密结果。 +4. 点击解密对加密的数据进行解密,可通过日志查看解密结果。 + ### 工程目录 ``` ├──entry/src/main/ets/ -- Gitee From 6ee3649ec3dcd5fd764deb4b034784459d9c632f Mon Sep 17 00:00:00 2001 From: "1362134550@qq.com" <1362134550@qq.com> Date: Wed, 10 Sep 2025 19:46:09 +0800 Subject: [PATCH 3/5] =?UTF-8?q?=E6=9C=80=E4=BD=B3=E5=AE=9E=E8=B7=B5?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Privacy/PrivacyError/src/main/module.json5 | 4 +- Privacy/README.md | 50 ++++++++++++++++++++++ Privacy/privacy/src/main/module.json5 | 4 +- 3 files changed, 52 insertions(+), 6 deletions(-) diff --git a/Privacy/PrivacyError/src/main/module.json5 b/Privacy/PrivacyError/src/main/module.json5 index 3a13a597..50bb6376 100644 --- a/Privacy/PrivacyError/src/main/module.json5 +++ b/Privacy/PrivacyError/src/main/module.json5 @@ -5,9 +5,7 @@ "description": "$string:module_desc", "mainElement": "PrivacyErrorAbility", "deviceTypes": [ - "phone", - "tablet", - "2in1" + "phone" ], "deliveryWithInstall": true, "installationFree": false, diff --git a/Privacy/README.md b/Privacy/README.md index 870130d6..68c21ad1 100644 --- a/Privacy/README.md +++ b/Privacy/README.md @@ -8,6 +8,56 @@ 本示例为最佳实践示例代码,开发者可以查阅官网最佳实践下应用安全编码实践、应用资产保护设计、应用代码混淆、网络连接安全配置四篇最佳实践学习。 +## 工程目录 +``` +├── privacy +│ ├── src/main/ets +│ │ ├── pages +│ │ │ ├── app_json.md // 页面配置说明 +│ │ │ ├── ApplicationAssetProtectionAfter.ets // 应用资产保护后 +│ │ │ ├── ApplicationAssetProtectionBefore.ets // 应用资产保护前 +│ │ │ ├── CheckWantOne.ets // Want校验场景一 +│ │ │ ├── CheckWantTwo.ets // Want校验场景二 +│ │ │ ├── CodeConfusion.cpp // 代码混淆实现 +│ │ │ ├── Cybersecurity.cpp // 网络安全检测 +│ │ │ ├── GeolocationAccess.ets // 地理位置权限 +│ │ │ ├── Index.ets // 主页入口 +│ │ │ ├── NetworkTrust.ets // 网络信任管理 +│ │ │ ├── NoInfoJumpTo.ets // 无信息跳转 +│ │ │ ├── OnSslErrorEventReceive.ets // SSL错误事件处理 +│ │ │ ├── PrivacyMode.ets // 隐私模式切换 +│ │ │ ├── PublicSafeInfo.ets // 公共安全信息 +│ │ │ ├── PublicSensitive.ets // 公共敏感信息 +│ │ │ ├── RunJavaScript.ets // JS执行风险 +│ │ │ ├── RunJavaScriptTrustList.ets // 可信列表JS执行 +│ │ │ ├── SignInfo.cpp // 签名信息验证 +│ │ │ ├── TrustListCheck.ets // 信任列表校验 +│ │ │ ├── UrlListCheck.ets // URL白名单检查 +│ │ │ └── WebUrlSafe.ets // 安全URL加载 +│ │ ├── privacyability +│ │ │ └── PrivacyAbility.ets // 程序入口类 +│ │ └── privacybackupability +│ │ └── PrivacyBackupAbility.ets // 备份能力 +│ └── resources // 资源目录内容不展开 +└── PrivacyError + ├── src/main/ets + │ ├── pages + │ │ ├── app_json.md // 页面配置说明 + │ │ ├── GeolocationAccess.ets // 地理位置权限访问 + │ │ ├── Index.ets // 主页入口 + │ │ ├── JavaScriptProxy.ets // JS代理风险示例 + │ │ ├── MixedMode.ets // 混合模式加载网页 + │ │ ├── NoInfoJumpTo.ets // 无敏感信息跳转 + │ │ ├── OnSslErrorEventReceive.ets // SSL错误事件处理 + │ │ ├── PublicSafeInfo.ets // 公共安全信息展示 + │ │ ├── PublicSensitive.ets // 公共敏感信息风险 + │ │ ├── RunJavaScriptTrustList.ets // 可信列表JS执行 + │ │ └── UntrustedDataToSQL.ets // 不可信数据注入SQL + │ └── privacyerrorability + │ └── PrivacyErrorAbility.ets // 程序入口类 + └── resources // 资源目录内容不展开 +``` + ### 相关权限 不涉及。 diff --git a/Privacy/privacy/src/main/module.json5 b/Privacy/privacy/src/main/module.json5 index 2f1ce9ad..1e9e3104 100644 --- a/Privacy/privacy/src/main/module.json5 +++ b/Privacy/privacy/src/main/module.json5 @@ -5,9 +5,7 @@ "description": "$string:module_desc", "mainElement": "PrivacyAbility", "deviceTypes": [ - "phone", - "tablet", - "2in1" + "phone" ], "deliveryWithInstall": true, "installationFree": false, -- Gitee From f7422545554b48a890e28de87c0aac955dfe58be Mon Sep 17 00:00:00 2001 From: "1362134550@qq.com" <1362134550@qq.com> Date: Wed, 10 Sep 2025 19:49:59 +0800 Subject: [PATCH 4/5] =?UTF-8?q?=E6=9C=80=E4=BD=B3=E5=AE=9E=E8=B7=B5?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../privacy/src/main/ets/privacyability/PrivacyAbility.ets | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Privacy/privacy/src/main/ets/privacyability/PrivacyAbility.ets b/Privacy/privacy/src/main/ets/privacyability/PrivacyAbility.ets index d12583ab..cc9a0cb7 100644 --- a/Privacy/privacy/src/main/ets/privacyability/PrivacyAbility.ets +++ b/Privacy/privacy/src/main/ets/privacyability/PrivacyAbility.ets @@ -21,7 +21,11 @@ const DOMAIN = 0x0000; export default class PrivacyAbility extends UIAbility { onCreate(want: Want, launchParam: AbilityConstant.LaunchParam): void { - this.context.getApplicationContext().setColorMode(ConfigurationConstant.ColorMode.COLOR_MODE_NOT_SET); + try { + this.context.getApplicationContext().setColorMode(ConfigurationConstant.ColorMode.COLOR_MODE_NOT_SET); + } catch (e) { + hilog.error(0x0000, 'testTag', 'setColorMode error. Cause: %{public}s', JSON.stringify(e) ?? ''); + } hilog.info(DOMAIN, 'testTag', '%{public}s', 'Ability onCreate'); } -- Gitee From 3f81abc11e4065c59e209d76416ed564dc3929f1 Mon Sep 17 00:00:00 2001 From: "1362134550@qq.com" <1362134550@qq.com> Date: Wed, 10 Sep 2025 19:56:56 +0800 Subject: [PATCH 5/5] =?UTF-8?q?=E6=9C=80=E4=BD=B3=E5=AE=9E=E8=B7=B5?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/ets/privacyerrorability/PrivacyErrorAbility.ets | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Privacy/PrivacyError/src/main/ets/privacyerrorability/PrivacyErrorAbility.ets b/Privacy/PrivacyError/src/main/ets/privacyerrorability/PrivacyErrorAbility.ets index eccbf622..b014fe09 100644 --- a/Privacy/PrivacyError/src/main/ets/privacyerrorability/PrivacyErrorAbility.ets +++ b/Privacy/PrivacyError/src/main/ets/privacyerrorability/PrivacyErrorAbility.ets @@ -37,10 +37,10 @@ export default class PrivacyErrorAbility extends UIAbility { hilog.error(DOMAIN, 'testTag', 'Failed to load the content. Cause: %{public}s', JSON.stringify(err)); return; } + let uiContext: UIContext | undefined = windowStage.getMainWindowSync().getUIContext() + AppStorage.setOrCreate('uiContext', uiContext); hilog.info(DOMAIN, 'testTag', 'Succeeded in loading the content.'); }); - let uiContext: UIContext | undefined = windowStage.getMainWindowSync().getUIContext() - AppStorage.setOrCreate('uiContext', uiContext); } onWindowStageDestroy(): void { -- Gitee