From 010b483c504392f2f2ffd091ef334f73c962d141 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=B9=E8=80=80=E5=BE=B7?= Date: Thu, 29 May 2025 20:19:42 +0800 Subject: [PATCH 1/5] modify doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 尹耀德 --- api/@ohos.security.asset.d.ts | 360 ++++++++++++++++++++-------------- 1 file changed, 214 insertions(+), 146 deletions(-) diff --git a/api/@ohos.security.asset.d.ts b/api/@ohos.security.asset.d.ts index 59c0ac4bb4..daa12ce1b3 100644 --- a/api/@ohos.security.asset.d.ts +++ b/api/@ohos.security.asset.d.ts @@ -37,9 +37,8 @@ */ declare namespace asset { /** - * Add an Asset. - * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently - * by setting {@link Tag.IS_PERSISTENT} tag. + * Add an asset. This API uses a promise to return the result. + * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @returns { Promise } the promise object returned by the function. @@ -65,9 +64,8 @@ declare namespace asset { * @since 11 */ /** - * Add an Asset. - * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently - * by setting {@link Tag.IS_PERSISTENT} tag. + * Add an asset. This API uses a promise to return the result. + * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @returns { Promise } the promise object returned by the function. @@ -96,9 +94,8 @@ declare namespace asset { function add(attributes: AssetMap): Promise; /** - * Add an Asset to a specific user space. - * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently - * by setting {@link Tag.IS_PERSISTENT} tag. + * Adds an asset to the specified user space. This API uses a promise to return the result. + * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. * * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS * @param { number } userId - the user identifier to add an Asset. The user identifier cannot be lower than 100. @@ -130,9 +127,8 @@ declare namespace asset { function addAsUser(userId: number, attributes: AssetMap): Promise; /** - * Add an Asset. - * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently - * by setting {@link Tag.IS_PERSISTENT} tag. + * Add an asset. This API returns the result synchronously. + * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @throws { BusinessError } 201 - The caller doesn't have the permission. @@ -157,9 +153,8 @@ declare namespace asset { * @since 12 */ /** - * Add an Asset. - * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently - * by setting {@link Tag.IS_PERSISTENT} tag. + * Add an asset. This API returns the result synchronously. + * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @throws { BusinessError } 201 - The caller doesn't have the permission. @@ -187,7 +182,7 @@ declare namespace asset { function addSync(attributes: AssetMap): void; /** - * Remove one or more Assets that match a search query. + * Removes one or more assets. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @returns { Promise } the promise object returned by the function. @@ -208,7 +203,7 @@ declare namespace asset { * @since 11 */ /** - * Remove one or more Assets that match a search query. + * Removes one or more assets. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @returns { Promise } the promise object returned by the function. @@ -232,7 +227,7 @@ declare namespace asset { function remove(query: AssetMap): Promise; /** - * Remove one or more Assets that match a search query from a specific user space. + * Removes one or more assets from the specified user space. This API uses a promise to return the result. * * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS * @param { number } userId - the user identifier to remove one or more Assets. The user identifier cannot be lower @@ -261,7 +256,7 @@ declare namespace asset { function removeAsUser(userId: number, query: AssetMap): Promise; /** - * Remove one or more Assets that match a search query. + * Removes one or more assets. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -281,7 +276,7 @@ declare namespace asset { * @since 12 */ /** - * Remove one or more Assets that match a search query. + * Removes one or more assets. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -304,7 +299,7 @@ declare namespace asset { function removeSync(query: AssetMap): void; /** - * Update an Asset that matches a search query. + * Updates an asset. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -329,7 +324,7 @@ declare namespace asset { * @since 11 */ /** - * Update an Asset that matches a search query. + * Updates an asset. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -357,7 +352,7 @@ declare namespace asset { function update(query: AssetMap, attributesToUpdate: AssetMap): Promise; /** - * Update an Asset that matches a search query in a specific user space. + * Updates an asset in the specified user space. This API uses a promise to return the result. * * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS * @param { number } userId - the user identifier to update an Asset. The user identifier cannot be lower than 100. @@ -389,7 +384,7 @@ declare namespace asset { function updateAsUser(userId: number, query: AssetMap, attributesToUpdate: AssetMap): Promise; /** - * Update an Asset that matches a search query. + * Updates an asset. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -413,7 +408,7 @@ declare namespace asset { * @since 12 */ /** - * Update an Asset that matches a search query. + * Updates an asset. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -440,7 +435,9 @@ declare namespace asset { function updateSync(query: AssetMap, attributesToUpdate: AssetMap): void; /** - * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. + * Performs preprocessing for the asset query. This API is used when user authentication is required for the + * access to the asset. After the user authentication is successful, call {@link asset.querySync} and + * {@link asset.postQuerySync}. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise } the promise object returned by the function. @@ -464,7 +461,9 @@ declare namespace asset { * @since 11 */ /** - * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. + * Performs preprocessing for the asset query. This API is used when user authentication is required for the + * access to the asset. After the user authentication is successful, call {@link asset.querySync} and + * {@link asset.postQuerySync}. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise } the promise object returned by the function. @@ -524,7 +523,9 @@ declare namespace asset { function preQueryAsUser(userId: number, query: AssetMap): Promise; /** - * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. + * Performs preprocessing for the asset query. This API is used when user authentication is required for the + * access to the asset. After the user authentication is successful, call {@link asset.querySync} and + * {@link asset.postQuerySync}. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Uint8Array } the challenge value to be used when {@link querySync} is called. @@ -548,7 +549,9 @@ declare namespace asset { * @since 12 */ /** - * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. + * Performs preprocessing for the asset query. This API is used when user authentication is required for the + * access to the asset. After the user authentication is successful, call {@link asset.querySync} and + * {@link asset.postQuerySync}. This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Uint8Array } the challenge value to be used when {@link querySync} is called. @@ -575,7 +578,10 @@ declare namespace asset { function preQuerySync(query: AssetMap): Uint8Array; /** - * Query one or more Assets that match a search query. + * Queries one or more assets. If user authentication is required for the access to the asset, + * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. + * For details about the development procedure, see Querying an Asset with User Authentication. + * This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise> } the promise object returned by the function. @@ -599,7 +605,10 @@ declare namespace asset { * @since 11 */ /** - * Query one or more Assets that match a search query. + * Queries one or more assets. If user authentication is required for the access to the asset, + * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. + * For details about the development procedure, see Querying an Asset with User Authentication. + * This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise> } the promise object returned by the function. @@ -658,7 +667,10 @@ declare namespace asset { function queryAsUser(userId: number, query: AssetMap): Promise>; /** - * Query one or more Assets that match a search query. + * Queries one or more assets. If user authentication is required for the access to the asset, + * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. + * For details about the development procedure, see Querying an Asset with User Authentication. + * This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Array } the query result. @@ -682,7 +694,10 @@ declare namespace asset { * @since 12 */ /** - * Query one or more Assets that match a search query. + * Queries one or more assets. If user authentication is required for the access to the asset, + * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. + * For details about the development procedure, see Querying an Asset with User Authentication. + * This API returns the result synchronously. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Array } the query result. @@ -709,7 +724,9 @@ declare namespace asset { function querySync(query: AssetMap): Array; /** - * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. + * Performs postprocessing for the asset query. This API is used when user authentication is required for + * the access to the asset. This API must be used with {@link asset.preQuery} together. + * This API uses a promise to return the result. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuery}. * @returns { Promise } the promise object returned by the function. @@ -727,7 +744,9 @@ declare namespace asset { * @since 11 */ /** - * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. + * Performs postprocessing for the asset query. This API is used when user authentication is required for + * the access to the asset. This API must be used with {@link asset.preQuery} together. + * This API uses a promise to return the result. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuery}. * @returns { Promise } the promise object returned by the function. @@ -775,7 +794,9 @@ declare namespace asset { function postQueryAsUser(userId:number, handle: AssetMap): Promise; /** - * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. + * Performs postprocessing for the asset query. This API is used when user authentication is required for + * the access to the asset. This API must be used with {@link asset.preQuery} together. + * This API returns the result synchronously. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuerySync}. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -792,7 +813,9 @@ declare namespace asset { * @since 12 */ /** - * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. + * Performs postprocessing for the asset query. This API is used when user authentication is required for + * the access to the asset. This API must be used with {@link asset.preQuery} together. + * This API returns the result synchronously. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuerySync}. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -831,14 +854,14 @@ declare namespace asset { function querySyncResult(query: AssetMap): Promise; /** - * A Map type containing tag-value pairs that describe the attributes of an Asset. + * Represents a set of asset attributes in the form of KV pairs. * * @typedef { Map } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A Map type containing tag-value pairs that describe the attributes of an Asset. + * Represents a set of asset attributes in the form of KV pairs. * * @typedef { Map } * @syscap SystemCapability.Security.Asset @@ -848,14 +871,14 @@ declare namespace asset { type AssetMap = Map; /** - * A type that indicates the secret or attribute value of an Asset tag. + * Represents the value of each attribute in {@link AssetMap}. * * @typedef { boolean | number | Uint8Array } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A type that indicates the secret or attribute value of an Asset tag. + * Represents the value of each attribute in {@link AssetMap}. * * @typedef { boolean | number | Uint8Array } * @syscap SystemCapability.Security.Asset @@ -865,14 +888,14 @@ declare namespace asset { type Value = boolean | number | Uint8Array; /** - * An enum type indicates when the Asset is accessible. + * Enumerates the types of access control based on the lock screen status. * * @enum { number } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An enum type indicates when the Asset is accessible. + * Enumerates the types of access control based on the lock screen status. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -881,13 +904,13 @@ declare namespace asset { */ enum Accessibility { /** - * The secret value in the Asset can only be accessed after the device is powered on. + * The asset can be accessed after the device is powered on. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * The secret value in the Asset can only be accessed after the device is powered on. + * The asset can be accessed after the device is powered on. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -895,13 +918,19 @@ declare namespace asset { */ DEVICE_POWERED_ON = 0, /** - * The secret value in the Asset can only be accessed after the device is first unlocked. + * The asset can be accessed only after the device is unlocked for the first time. + *

NOTE: + * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. + *

* * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * The secret value in the Asset can only be accessed after the device is first unlocked. + * The asset can be accessed only after the device is unlocked for the first time. + *

NOTE: + * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -909,13 +938,19 @@ declare namespace asset { */ DEVICE_FIRST_UNLOCKED = 1, /** - * The secret value in the Asset can only be accessed while the device is unlocked. + * The asset can be accessed only when the device is unlocked. + *

NOTE: + * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. + *

* * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * The secret value in the Asset can only be accessed while the device is unlocked. + * The asset can be accessed only when the device is unlocked. + *

NOTE: + * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -925,14 +960,14 @@ declare namespace asset { } /** - * An enum type indicates the user authentication type for Asset access control. + * Enumerates the types of user authentication supported by an asset. * * @enum { number } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An enum type indicates the user authentication type for Asset access control. + * Enumerates the types of user authentication supported by an asset. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -941,13 +976,13 @@ declare namespace asset { */ enum AuthType { /** - * The access to an Asset doesn't require user authentication. + * No user authentication is required before the asset is accessed. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * The access to an Asset doesn't require user authentication. + * No user authentication is required before the asset is accessed. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -955,13 +990,15 @@ declare namespace asset { */ NONE = 0x00, /** - * The access to an Asset requires user authentication using either PIN/pattern/password or biometric traits. + * The asset can be accessed if any user authentication (such as PIN, facial, or fingerprint authentication) + * is successful. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * The access to an Asset requires user authentication using either PIN/pattern/password or biometric traits. + * The asset can be accessed if any user authentication (such as PIN, facial, or fingerprint authentication) + * is successful. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -971,14 +1008,20 @@ declare namespace asset { } /** - * An enum type indicates the type of Asset synchronization. + * Enumerates the sync types supported by an asset. + *

NOTE: + * This field is an embedded parameter. Currently, asset sync is not supported. + *

* * @enum { number } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An enum type indicates the type of Asset synchronization. + * Enumerates the sync types supported by an asset. + *

NOTE: + * This field is an embedded parameter. Currently, asset sync is not supported. + *

* * @enum { number } * @syscap SystemCapability.Security.Asset @@ -987,13 +1030,13 @@ declare namespace asset { */ enum SyncType { /** - * An Asset with this attribute value is never allowed to be transferred out. + * Asset sync is not allowed. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An Asset with this attribute value is never allowed to be transferred out. + * Asset sync is not allowed. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1001,13 +1044,13 @@ declare namespace asset { */ NEVER = 0, /** - * An Asset with this attribute value can only be restored to the device from which it was transferred out. + * Asset sync is allowed only on the local device, for example, in data restore on the local device. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An Asset with this attribute value can only be restored to the device from which it was transferred out. + * Asset sync is allowed only on the local device, for example, in data restore on the local device. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1015,13 +1058,13 @@ declare namespace asset { */ THIS_DEVICE = 1 << 0, /** - * An Asset with this attribute value can only be transferred out to a trusted device (user authorized). + * Asset sync is allowed only between trusted devices, for example, in the case of cloning. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An Asset with this attribute value can only be transferred out to a trusted device (user authorized). + * Asset sync is allowed only between trusted devices, for example, in the case of cloning. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1029,13 +1072,15 @@ declare namespace asset { */ TRUSTED_DEVICE = 1 << 1, /** - * An Asset with this attribute value can only be transferred out to devices logged in with trusted accounts. + * Asset sync is allowed only between the devices that are logged in with trusted accounts, for example, + * in cloud sync scenarios. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * An Asset with this attribute value can only be transferred out to devices logged in with trusted accounts. + * Asset sync is allowed only between the devices that are logged in with trusted accounts, for example, + * in cloud sync scenarios. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1069,14 +1114,14 @@ declare namespace asset { } /** - * An enum type indicates the strategy for conflict resolution when handling duplicated Asset alias. + * Enumerates the policies for resolving conflicts (for example, a duplicate alias) when an asset is added. * * @enum { number } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An enum type indicates the strategy for conflict resolution when handling duplicated Asset alias. + * Enumerates the policies for resolving conflicts (for example, a duplicate alias) when an asset is added. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1085,13 +1130,13 @@ declare namespace asset { */ enum ConflictResolution { /** - * Directly overwrite an Asset with duplicated alias when a conflict is detected. + * Overwrite the original asset. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * Directly overwrite an Asset with duplicated alias when a conflict is detected. + * Overwrite the original asset. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1099,13 +1144,13 @@ declare namespace asset { */ OVERWRITE = 0, /** - * Throw an error so that the caller can take measures when a conflict is detected. + * Throw an exception for the service to perform subsequent processing. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * Throw an error so that the caller can take measures when a conflict is detected. + * Throw an exception for the service to perform subsequent processing. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1115,14 +1160,14 @@ declare namespace asset { } /** - * An enum type indicates the return type of the queried Asset. + * Enumerates the type of information returned by an asset query operation. * * @enum { number } * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * An enum type indicates the return type of the queried Asset. + * Enumerates the type of information returned by an asset query operation. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1131,13 +1176,19 @@ declare namespace asset { */ enum ReturnType { /** - * Specify that the return data should contain both secret value and attributes. + * The query result contains the asset plaintext and its attributes. + *

NOTE: + * Use this option when you need to query the plaintext of a single asset. + *

* * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * Specify that the return data should contain both secret value and attributes. + * The query result contains the asset plaintext and its attributes. + *

NOTE: + * Use this option when you need to query the plaintext of a single asset. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1145,13 +1196,19 @@ declare namespace asset { */ ALL = 0, /** - * Specify that the return data contains only attributes. + * The query result contains only the asset attributes. + *

NOTE: + * Use this option when you need to query attributes of multiple assets. + *

* * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * Specify that the return data contains only attributes. + * The query result contains only the asset attributes. + *

NOTE: + * Use this option when you need to query attributes of multiple assets. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1161,7 +1218,7 @@ declare namespace asset { } /** - * An enum type indicates the additional action to be performed during operation. + * Enumerates the types of additional operation to perform. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1169,14 +1226,14 @@ declare namespace asset { */ enum OperationType { /** - * Synchronization is required during operation. + * Sync. * * @syscap SystemCapability.Security.Asset * @since 12 */ NEED_SYNC = 0, /** - * Logout is required during operation. + * Logout. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1298,13 +1355,13 @@ declare namespace asset { */ enum Tag { /** - * A tag whose value is a byte array indicating the sensitive user data such as passwords and tokens. + * Asset plaintext. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the sensitive user data such as passwords and tokens. + * Asset plaintext. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1312,13 +1369,13 @@ declare namespace asset { */ SECRET = TagType.BYTES | 0x01, /** - * A tag whose value is a byte array identifying an Asset. + * Asset alias, which uniquely identifies an asset. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array identifying an Asset. + * Asset alias, which uniquely identifies an asset. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1326,13 +1383,13 @@ declare namespace asset { */ ALIAS = TagType.BYTES | 0x02, /** - * A tag whose value is a 32-bit unsigned integer indicating when the Asset can be accessed. + * Access control based on the lock screen status. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating when the Asset can be accessed. + * Access control based on the lock screen status. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1340,13 +1397,13 @@ declare namespace asset { */ ACCESSIBILITY = TagType.NUMBER | 0x03, /** - * A tag whose value is a bool indicating whether a screen lock password is required for the device. + * Whether the asset is accessible only when a lock screen password is set. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a bool indicating whether a screen lock password is required for the device. + * Whether the asset is accessible only when a lock screen password is set. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1354,13 +1411,13 @@ declare namespace asset { */ REQUIRE_PASSWORD_SET = TagType.BOOL | 0x04, /** - * A tag whose value is a 32-bit unsigned integer indicating the user authentication type for Asset access control. + * Type of user authentication required for accessing the asset. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the user authentication type for Asset access control. + * Type of user authentication required for accessing the asset. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1368,13 +1425,13 @@ declare namespace asset { */ AUTH_TYPE = TagType.NUMBER | 0x05, /** - * A tag whose value is a 32-bit unsigned integer indicating the validity period in seconds of user authentication. + * Validity period of the user authentication. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the validity period in seconds of user authentication. + * Validity period of the user authentication. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1382,13 +1439,13 @@ declare namespace asset { */ AUTH_VALIDITY_PERIOD = TagType.NUMBER | 0x06, /** - * A tag whose value is a byte array indicating the authentication challenge for anti-replay protection. + * Challenge for the user authentication. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the authentication challenge for anti-replay protection. + * Challenge for the user authentication. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1396,13 +1453,13 @@ declare namespace asset { */ AUTH_CHALLENGE = TagType.BYTES | 0x07, /** - * A tag whose value is a byte array indicating the authentication token after a user is verified. + * Authorization token obtained after the user authentication is successful. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the authentication token after a user is verified. + * Authorization token obtained after the user authentication is successful. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1410,13 +1467,13 @@ declare namespace asset { */ AUTH_TOKEN = TagType.BYTES | 0x08, /** - * A tag whose value is a 32-bit unsigned integer indicating the type of Asset synchronization. + * Asset sync type. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the type of Asset synchronization. + * Asset sync type. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1424,20 +1481,20 @@ declare namespace asset { */ SYNC_TYPE = TagType.NUMBER | 0x10, /** - * A tag whose value is a bool indicating whether Asset is stored persistently. + * Whether to retain the asset when the application is uninstalled. * * @syscap SystemCapability.Security.Asset * @since 11 */ IS_PERSISTENT = TagType.BOOL | 0x11, /** - * A tag whose value is a byte array indicating the first user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the first user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1445,13 +1502,13 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_1 = TagType.BYTES | 0x20, /** - * A tag whose value is a byte array indicating the second user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the second user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1459,13 +1516,13 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_2 = TagType.BYTES | 0x21, /** - * A tag whose value is a byte array indicating the third user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the third user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1473,13 +1530,13 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_3 = TagType.BYTES | 0x22, /** - * A tag whose value is a byte array indicating the fourth user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the fourth user-defined Asset data label (not allow to update). + * Additional asset data customized by the service with integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1487,13 +1544,13 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_4 = TagType.BYTES | 0x23, /** - * A tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1501,13 +1558,13 @@ declare namespace asset { */ DATA_LABEL_NORMAL_1 = TagType.BYTES | 0x30, /** - * A tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1515,13 +1572,13 @@ declare namespace asset { */ DATA_LABEL_NORMAL_2 = TagType.BYTES | 0x31, /** - * A tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1529,13 +1586,13 @@ declare namespace asset { */ DATA_LABEL_NORMAL_3 = TagType.BYTES | 0x32, /** - * A tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). + * Additional asset data customized by the service without integrity protection. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1543,15 +1600,15 @@ declare namespace asset { */ DATA_LABEL_NORMAL_4 = TagType.BYTES | 0x33, /** - * A local tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * A local tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1559,15 +1616,15 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_1 = TagType.BYTES | 0x34, /** - * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1575,15 +1632,15 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_2 = TagType.BYTES | 0x35, /** - * A local tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * A local tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1591,15 +1648,15 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_3 = TagType.BYTES | 0x36, /** - * A local tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * A local tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). - * The information of a local tag will not be synchronized. + * Local information about the asset. The value is assigned by the service without integrity protection and + * will not be synced. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1607,13 +1664,13 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_4 = TagType.BYTES | 0x37, /** - * A tag whose value is a 32-bit unsigned integer indicating the return type of the queried Asset. + * Type of the asset query result to return. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the return type of the queried Asset. + * Type of the asset query result to return. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1621,13 +1678,13 @@ declare namespace asset { */ RETURN_TYPE = TagType.NUMBER | 0x40, /** - * A tag whose value is a 32-bit unsigned integer indicating the maximum number of returned Assets in one query. + * Maximum number of asset records to return. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the maximum number of returned Assets in one query. + * Maximum number of asset records to return. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1635,13 +1692,16 @@ declare namespace asset { */ RETURN_LIMIT = TagType.NUMBER | 0x41, /** - * A tag whose value is a 32-bit unsigned integer indicating the offset of return data in batch query. + * Offset of the asset query result. * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the offset of return data in batch query. + * Offset of the asset query result. + *

NOTE: + * This parameter specifies the starting asset record to return in batch asset query. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1649,13 +1709,21 @@ declare namespace asset { */ RETURN_OFFSET = TagType.NUMBER | 0x42, /** - * A tag whose value is a 32-bit unsigned integer indicating how the query results are sorted. + * Sorting order of the query results. Currently, the results can be sorted only by + * ASSET_TAG_DATA_LABEL. + *

NOTE: + * By default, assets are returned in the order in which they are added. + *

* * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating how the query results are sorted. + * Sorting order of the query results. Currently, the results can be sorted only by + * ASSET_TAG_DATA_LABEL. + *

NOTE: + * By default, assets are returned in the order in which they are added. + *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1663,13 +1731,13 @@ declare namespace asset { */ RETURN_ORDERED_BY = TagType.NUMBER | 0x43, /** - * A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts. + * Policy for resolving the conflict (for example, a duplicate alias). * * @syscap SystemCapability.Security.Asset * @since 11 */ /** - * A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts. + * Policy for resolving the conflict (for example, a duplicate alias). * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1677,13 +1745,13 @@ declare namespace asset { */ CONFLICT_RESOLUTION = TagType.NUMBER | 0x44, /** - * A tag whose value is a byte array indicating the update time of an Asset. + * Data update time, in timestamp. * * @syscap SystemCapability.Security.Asset * @since 12 */ /** - * A tag whose value is a byte array indicating the update time of an Asset. + * Data update time, in timestamp. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1691,14 +1759,14 @@ declare namespace asset { */ UPDATE_TIME = TagType.BYTES | 0x45, /** - * A tag whose value is a 32-bit unsigned integer indicating the additional action to be performed during operation. + * Additional operation type. * * @syscap SystemCapability.Security.Asset * @since 12 */ OPERATION_TYPE = TagType.NUMBER | 0x46, /** - * A tag whose value is a bool indicating whether the attributes of an asset are required to be encrypted. + * Whether to encrypt the additional asset information customized by the service. * * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1706,7 +1774,7 @@ declare namespace asset { */ REQUIRE_ATTR_ENCRYPTED = TagType.BOOL | 0x47, /** - * A tag whose value is a byte array indicating the group id an asset belongs to. + * Group to which the asset belongs. * * @syscap SystemCapability.Security.Asset * @since 18 -- Gitee From 419f0b671cf3bc1283ab49aa36f609a8827fba95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=B9=E8=80=80=E5=BE=B7?= Date: Thu, 29 May 2025 20:52:26 +0800 Subject: [PATCH 2/5] add MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 尹耀德 --- api/@ohos.security.asset.d.ts | 169 ++++++++++++++-------------------- 1 file changed, 68 insertions(+), 101 deletions(-) diff --git a/api/@ohos.security.asset.d.ts b/api/@ohos.security.asset.d.ts index daa12ce1b3..ecfb461435 100644 --- a/api/@ohos.security.asset.d.ts +++ b/api/@ohos.security.asset.d.ts @@ -37,8 +37,9 @@ */ declare namespace asset { /** - * Add an asset. This API uses a promise to return the result. - * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. + * Add an Asset. + * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently + * by setting {@link Tag.IS_PERSISTENT} tag. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @returns { Promise } the promise object returned by the function. @@ -127,8 +128,9 @@ declare namespace asset { function addAsUser(userId: number, attributes: AssetMap): Promise; /** - * Add an asset. This API returns the result synchronously. - * To set {@link Tag.IS_PERSISTENT}, the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. + * Add an Asset. + * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently + * by setting {@link Tag.IS_PERSISTENT} tag. * * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. * @throws { BusinessError } 201 - The caller doesn't have the permission. @@ -182,7 +184,7 @@ declare namespace asset { function addSync(attributes: AssetMap): void; /** - * Removes one or more assets. This API uses a promise to return the result. + * Remove one or more Assets that match a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @returns { Promise } the promise object returned by the function. @@ -256,7 +258,7 @@ declare namespace asset { function removeAsUser(userId: number, query: AssetMap): Promise; /** - * Removes one or more assets. This API returns the result synchronously. + * Remove one or more Assets that match a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -299,7 +301,7 @@ declare namespace asset { function removeSync(query: AssetMap): void; /** - * Updates an asset. This API uses a promise to return the result. + * Update an Asset that matches a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -384,7 +386,7 @@ declare namespace asset { function updateAsUser(userId: number, query: AssetMap, attributesToUpdate: AssetMap): Promise; /** - * Updates an asset. This API returns the result synchronously. + * Update an Asset that matches a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. @@ -435,9 +437,7 @@ declare namespace asset { function updateSync(query: AssetMap, attributesToUpdate: AssetMap): void; /** - * Performs preprocessing for the asset query. This API is used when user authentication is required for the - * access to the asset. After the user authentication is successful, call {@link asset.querySync} and - * {@link asset.postQuerySync}. This API uses a promise to return the result. + * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise } the promise object returned by the function. @@ -523,9 +523,7 @@ declare namespace asset { function preQueryAsUser(userId: number, query: AssetMap): Promise; /** - * Performs preprocessing for the asset query. This API is used when user authentication is required for the - * access to the asset. After the user authentication is successful, call {@link asset.querySync} and - * {@link asset.postQuerySync}. This API returns the result synchronously. + * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Uint8Array } the challenge value to be used when {@link querySync} is called. @@ -578,10 +576,7 @@ declare namespace asset { function preQuerySync(query: AssetMap): Uint8Array; /** - * Queries one or more assets. If user authentication is required for the access to the asset, - * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. - * For details about the development procedure, see Querying an Asset with User Authentication. - * This API uses a promise to return the result. + * Query one or more Assets that match a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise> } the promise object returned by the function. @@ -667,10 +662,7 @@ declare namespace asset { function queryAsUser(userId: number, query: AssetMap): Promise>; /** - * Queries one or more assets. If user authentication is required for the access to the asset, - * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. - * For details about the development procedure, see Querying an Asset with User Authentication. - * This API returns the result synchronously. + * Query one or more Assets that match a search query. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Array } the query result. @@ -724,9 +716,7 @@ declare namespace asset { function querySync(query: AssetMap): Array; /** - * Performs postprocessing for the asset query. This API is used when user authentication is required for - * the access to the asset. This API must be used with {@link asset.preQuery} together. - * This API uses a promise to return the result. + * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuery}. * @returns { Promise } the promise object returned by the function. @@ -794,9 +784,7 @@ declare namespace asset { function postQueryAsUser(userId:number, handle: AssetMap): Promise; /** - * Performs postprocessing for the asset query. This API is used when user authentication is required for - * the access to the asset. This API must be used with {@link asset.preQuery} together. - * This API returns the result synchronously. + * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuerySync}. * @throws { BusinessError } 401 - Parameter error. Possible causes: @@ -854,7 +842,7 @@ declare namespace asset { function querySyncResult(query: AssetMap): Promise; /** - * Represents a set of asset attributes in the form of KV pairs. + * A Map type containing tag-value pairs that describe the attributes of an Asset. * * @typedef { Map } * @syscap SystemCapability.Security.Asset @@ -871,7 +859,7 @@ declare namespace asset { type AssetMap = Map; /** - * Represents the value of each attribute in {@link AssetMap}. + * A type that indicates the secret or attribute value of an Asset tag. * * @typedef { boolean | number | Uint8Array } * @syscap SystemCapability.Security.Asset @@ -888,7 +876,7 @@ declare namespace asset { type Value = boolean | number | Uint8Array; /** - * Enumerates the types of access control based on the lock screen status. + * An enum type indicates when the Asset is accessible. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -904,7 +892,7 @@ declare namespace asset { */ enum Accessibility { /** - * The asset can be accessed after the device is powered on. + * The secret value in the Asset can only be accessed after the device is powered on. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -918,10 +906,7 @@ declare namespace asset { */ DEVICE_POWERED_ON = 0, /** - * The asset can be accessed only after the device is unlocked for the first time. - *

NOTE: - * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. - *

+ * The secret value in the Asset can only be accessed after the device is first unlocked. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -938,10 +923,7 @@ declare namespace asset { */ DEVICE_FIRST_UNLOCKED = 1, /** - * The asset can be accessed only when the device is unlocked. - *

NOTE: - * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. - *

+ * The secret value in the Asset can only be accessed while the device is unlocked. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -960,7 +942,7 @@ declare namespace asset { } /** - * Enumerates the types of user authentication supported by an asset. + * An enum type indicates the user authentication type for Asset access control. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -976,7 +958,7 @@ declare namespace asset { */ enum AuthType { /** - * No user authentication is required before the asset is accessed. + * The access to an Asset doesn't require user authentication. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -990,8 +972,7 @@ declare namespace asset { */ NONE = 0x00, /** - * The asset can be accessed if any user authentication (such as PIN, facial, or fingerprint authentication) - * is successful. + * The access to an Asset requires user authentication using either PIN/pattern/password or biometric traits. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1008,10 +989,7 @@ declare namespace asset { } /** - * Enumerates the sync types supported by an asset. - *

NOTE: - * This field is an embedded parameter. Currently, asset sync is not supported. - *

+ * An enum type indicates the type of Asset synchronization. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1030,7 +1008,7 @@ declare namespace asset { */ enum SyncType { /** - * Asset sync is not allowed. + * An Asset with this attribute value is never allowed to be transferred out. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1044,7 +1022,7 @@ declare namespace asset { */ NEVER = 0, /** - * Asset sync is allowed only on the local device, for example, in data restore on the local device. + * An Asset with this attribute value can only be restored to the device from which it was transferred out. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1058,7 +1036,7 @@ declare namespace asset { */ THIS_DEVICE = 1 << 0, /** - * Asset sync is allowed only between trusted devices, for example, in the case of cloning. + * An Asset with this attribute value can only be transferred out to a trusted device (user authorized). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1072,8 +1050,7 @@ declare namespace asset { */ TRUSTED_DEVICE = 1 << 1, /** - * Asset sync is allowed only between the devices that are logged in with trusted accounts, for example, - * in cloud sync scenarios. + * An Asset with this attribute value can only be transferred out to devices logged in with trusted accounts. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1114,7 +1091,7 @@ declare namespace asset { } /** - * Enumerates the policies for resolving conflicts (for example, a duplicate alias) when an asset is added. + * An enum type indicates the strategy for conflict resolution when handling duplicated Asset alias. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1130,7 +1107,7 @@ declare namespace asset { */ enum ConflictResolution { /** - * Overwrite the original asset. + * Directly overwrite an Asset with duplicated alias when a conflict is detected. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1144,7 +1121,7 @@ declare namespace asset { */ OVERWRITE = 0, /** - * Throw an exception for the service to perform subsequent processing. + * Throw an error so that the caller can take measures when a conflict is detected. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1160,7 +1137,7 @@ declare namespace asset { } /** - * Enumerates the type of information returned by an asset query operation. + * An enum type indicates the return type of the queried Asset. * * @enum { number } * @syscap SystemCapability.Security.Asset @@ -1176,10 +1153,7 @@ declare namespace asset { */ enum ReturnType { /** - * The query result contains the asset plaintext and its attributes. - *

NOTE: - * Use this option when you need to query the plaintext of a single asset. - *

+ * Specify that the return data should contain both secret value and attributes. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1196,10 +1170,7 @@ declare namespace asset { */ ALL = 0, /** - * The query result contains only the asset attributes. - *

NOTE: - * Use this option when you need to query attributes of multiple assets. - *

+ * Specify that the return data contains only attributes. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1355,7 +1326,7 @@ declare namespace asset { */ enum Tag { /** - * Asset plaintext. + * A tag whose value is a byte array indicating the sensitive user data such as passwords and tokens. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1369,7 +1340,7 @@ declare namespace asset { */ SECRET = TagType.BYTES | 0x01, /** - * Asset alias, which uniquely identifies an asset. + * A tag whose value is a byte array identifying an Asset. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1383,7 +1354,7 @@ declare namespace asset { */ ALIAS = TagType.BYTES | 0x02, /** - * Access control based on the lock screen status. + * A tag whose value is a 32-bit unsigned integer indicating when the Asset can be accessed. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1397,7 +1368,7 @@ declare namespace asset { */ ACCESSIBILITY = TagType.NUMBER | 0x03, /** - * Whether the asset is accessible only when a lock screen password is set. + * A tag whose value is a bool indicating whether a screen lock password is required for the device. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1411,7 +1382,7 @@ declare namespace asset { */ REQUIRE_PASSWORD_SET = TagType.BOOL | 0x04, /** - * Type of user authentication required for accessing the asset. + * A tag whose value is a 32-bit unsigned integer indicating the user authentication type for Asset access control. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1425,7 +1396,7 @@ declare namespace asset { */ AUTH_TYPE = TagType.NUMBER | 0x05, /** - * Validity period of the user authentication. + * A tag whose value is a 32-bit unsigned integer indicating the validity period in seconds of user authentication. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1439,7 +1410,7 @@ declare namespace asset { */ AUTH_VALIDITY_PERIOD = TagType.NUMBER | 0x06, /** - * Challenge for the user authentication. + * A tag whose value is a byte array indicating the authentication challenge for anti-replay protection. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1453,7 +1424,7 @@ declare namespace asset { */ AUTH_CHALLENGE = TagType.BYTES | 0x07, /** - * Authorization token obtained after the user authentication is successful. + * A tag whose value is a byte array indicating the authentication token after a user is verified. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1467,7 +1438,7 @@ declare namespace asset { */ AUTH_TOKEN = TagType.BYTES | 0x08, /** - * Asset sync type. + * A tag whose value is a 32-bit unsigned integer indicating the type of Asset synchronization. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1488,7 +1459,7 @@ declare namespace asset { */ IS_PERSISTENT = TagType.BOOL | 0x11, /** - * Additional asset data customized by the service with integrity protection. + * A tag whose value is a byte array indicating the first user-defined Asset data label (not allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1502,7 +1473,7 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_1 = TagType.BYTES | 0x20, /** - * Additional asset data customized by the service with integrity protection. + * A tag whose value is a byte array indicating the second user-defined Asset data label (not allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1516,7 +1487,7 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_2 = TagType.BYTES | 0x21, /** - * Additional asset data customized by the service with integrity protection. + * A tag whose value is a byte array indicating the third user-defined Asset data label (not allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1530,7 +1501,7 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_3 = TagType.BYTES | 0x22, /** - * Additional asset data customized by the service with integrity protection. + * A tag whose value is a byte array indicating the fourth user-defined Asset data label (not allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1544,7 +1515,7 @@ declare namespace asset { */ DATA_LABEL_CRITICAL_4 = TagType.BYTES | 0x23, /** - * Additional asset data customized by the service without integrity protection. + * A tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1558,7 +1529,7 @@ declare namespace asset { */ DATA_LABEL_NORMAL_1 = TagType.BYTES | 0x30, /** - * Additional asset data customized by the service without integrity protection. + * A tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1572,7 +1543,7 @@ declare namespace asset { */ DATA_LABEL_NORMAL_2 = TagType.BYTES | 0x31, /** - * Additional asset data customized by the service without integrity protection. + * A tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1586,7 +1557,7 @@ declare namespace asset { */ DATA_LABEL_NORMAL_3 = TagType.BYTES | 0x32, /** - * Additional asset data customized by the service without integrity protection. + * A tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1600,8 +1571,8 @@ declare namespace asset { */ DATA_LABEL_NORMAL_4 = TagType.BYTES | 0x33, /** - * Local information about the asset. The value is assigned by the service without integrity protection and - * will not be synced. + * A local tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). + * The information of a local tag will not be synchronized. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1616,8 +1587,8 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_1 = TagType.BYTES | 0x34, /** - * Local information about the asset. The value is assigned by the service without integrity protection and - * will not be synced. + * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). + * The information of a local tag will not be synchronized. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1632,8 +1603,8 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_2 = TagType.BYTES | 0x35, /** - * Local information about the asset. The value is assigned by the service without integrity protection and - * will not be synced. + * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). + * The information of a local tag will not be synchronized. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1648,8 +1619,8 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_3 = TagType.BYTES | 0x36, /** - * Local information about the asset. The value is assigned by the service without integrity protection and - * will not be synced. + * A local tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). + * The information of a local tag will not be synchronized. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1664,7 +1635,7 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_4 = TagType.BYTES | 0x37, /** - * Type of the asset query result to return. + * A tag whose value is a 32-bit unsigned integer indicating the return type of the queried Asset. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1678,7 +1649,7 @@ declare namespace asset { */ RETURN_TYPE = TagType.NUMBER | 0x40, /** - * Maximum number of asset records to return. + * A tag whose value is a 32-bit unsigned integer indicating the maximum number of returned Assets in one query. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1692,7 +1663,7 @@ declare namespace asset { */ RETURN_LIMIT = TagType.NUMBER | 0x41, /** - * Offset of the asset query result. + * A tag whose value is a 32-bit unsigned integer indicating the offset of return data in batch query. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1709,11 +1680,7 @@ declare namespace asset { */ RETURN_OFFSET = TagType.NUMBER | 0x42, /** - * Sorting order of the query results. Currently, the results can be sorted only by - * ASSET_TAG_DATA_LABEL. - *

NOTE: - * By default, assets are returned in the order in which they are added. - *

+ * A tag whose value is a 32-bit unsigned integer indicating how the query results are sorted. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1731,7 +1698,7 @@ declare namespace asset { */ RETURN_ORDERED_BY = TagType.NUMBER | 0x43, /** - * Policy for resolving the conflict (for example, a duplicate alias). + * A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts. * * @syscap SystemCapability.Security.Asset * @since 11 @@ -1745,7 +1712,7 @@ declare namespace asset { */ CONFLICT_RESOLUTION = TagType.NUMBER | 0x44, /** - * Data update time, in timestamp. + * A tag whose value is a byte array indicating the update time of an Asset. * * @syscap SystemCapability.Security.Asset * @since 12 @@ -1774,7 +1741,7 @@ declare namespace asset { */ REQUIRE_ATTR_ENCRYPTED = TagType.BOOL | 0x47, /** - * Group to which the asset belongs. + * Group to which the asset belongs. * * @syscap SystemCapability.Security.Asset * @since 18 -- Gitee From 978d6c7b793cdc3d0bc70ee602bc93e01e62d441 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=B9=E8=80=80=E5=BE=B7?= Date: Thu, 29 May 2025 20:53:47 +0800 Subject: [PATCH 3/5] add MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 尹耀德 --- api/@ohos.security.asset.d.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/@ohos.security.asset.d.ts b/api/@ohos.security.asset.d.ts index ecfb461435..83cee1261f 100644 --- a/api/@ohos.security.asset.d.ts +++ b/api/@ohos.security.asset.d.ts @@ -1179,7 +1179,7 @@ declare namespace asset { * The query result contains only the asset attributes. *

NOTE: * Use this option when you need to query attributes of multiple assets. - *

+ *

* * @syscap SystemCapability.Security.Asset * @atomicservice -- Gitee From c6b43bf6a93e22d4415dded9333f28552069f8c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=B9=E8=80=80=E5=BE=B7?= Date: Thu, 29 May 2025 20:55:36 +0800 Subject: [PATCH 4/5] add MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 尹耀德 --- api/@ohos.security.asset.d.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/api/@ohos.security.asset.d.ts b/api/@ohos.security.asset.d.ts index 83cee1261f..9d6784d033 100644 --- a/api/@ohos.security.asset.d.ts +++ b/api/@ohos.security.asset.d.ts @@ -915,7 +915,7 @@ declare namespace asset { * The asset can be accessed only after the device is unlocked for the first time. *

NOTE: * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. - *

+ *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -932,7 +932,7 @@ declare namespace asset { * The asset can be accessed only when the device is unlocked. *

NOTE: * If no lock screen password is set, this option is equivalent to DEVICE_POWERED_ON. - *

+ *

* * @syscap SystemCapability.Security.Asset * @atomicservice @@ -1162,7 +1162,7 @@ declare namespace asset { * The query result contains the asset plaintext and its attributes. *

NOTE: * Use this option when you need to query the plaintext of a single asset. - *

+ *

* * @syscap SystemCapability.Security.Asset * @atomicservice -- Gitee From 88341e73db1989a25ba432b63e6c1e46d1436d19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=B9=E8=80=80=E5=BE=B7?= Date: Fri, 30 May 2025 15:09:45 +0800 Subject: [PATCH 5/5] add MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 尹耀德 --- api/@ohos.security.asset.d.ts | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/api/@ohos.security.asset.d.ts b/api/@ohos.security.asset.d.ts index 9d6784d033..ab17412263 100644 --- a/api/@ohos.security.asset.d.ts +++ b/api/@ohos.security.asset.d.ts @@ -462,8 +462,8 @@ declare namespace asset { */ /** * Performs preprocessing for the asset query. This API is used when user authentication is required for the - * access to the asset. After the user authentication is successful, call {@link asset.querySync} and - * {@link asset.postQuerySync}. This API uses a promise to return the result. + * access to the asset. After the user authentication is successful, call {@link asset.query} and + * {@link asset.postQuery}. This API uses a promise to return the result. * * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. * @returns { Promise } the promise object returned by the function. @@ -687,7 +687,7 @@ declare namespace asset { */ /** * Queries one or more assets. If user authentication is required for the access to the asset, - * call {@link asset.preQuery} before this API and call {@link asset.postQuery} after this API. + * call {@link asset.preQuerySync} before this API and call {@link asset.postQuerySync} after this API. * For details about the development procedure, see Querying an Asset with User Authentication. * This API returns the result synchronously. * @@ -802,7 +802,7 @@ declare namespace asset { */ /** * Performs postprocessing for the asset query. This API is used when user authentication is required for - * the access to the asset. This API must be used with {@link asset.preQuery} together. + * the access to the asset. This API must be used with {@link asset.preQuerySync} together. * This API returns the result synchronously. * * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuerySync}. @@ -1603,7 +1603,7 @@ declare namespace asset { */ DATA_LABEL_NORMAL_LOCAL_2 = TagType.BYTES | 0x35, /** - * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). + * A local tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). * The information of a local tag will not be synchronized. * * @syscap SystemCapability.Security.Asset -- Gitee