diff --git a/zh-cn/application-dev/reference/apis/js-apis-huks.md b/zh-cn/application-dev/reference/apis/js-apis-huks.md index 35a639c989a2d4e581dc421c706e76e47c98f38d..415f310cb2f25485e2e8fae19bd0a1d9adf607d9 100755 --- a/zh-cn/application-dev/reference/apis/js-apis-huks.md +++ b/zh-cn/application-dev/reference/apis/js-apis-huks.md @@ -100,32 +100,38 @@ generateKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 以生成ECC256密钥为例 */ -let keyAlias = 'keyAlias'; -let properties = new Array(); -properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_ECC -}; -properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 -}; -properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: - huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | - huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY -}; -properties[3] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 -}; -let options = { +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyDigest = huks.HuksKeyAlg.HUKS_ALG_ECC +} +let keyAlias: string = 'keyAlias'; +let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_ECC + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY + }, + { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + }, +]; +let options: huks.HuksOptions = { properties: properties }; try { - huks.generateKeyItem(keyAlias, options, function (error, data) { + huks.generateKeyItem(keyAlias, options, (error, data) => { if (error) { console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -175,27 +181,34 @@ generateKeyItem(keyAlias: string, options: HuksOptions) : Promise\ ```js /* 以生成ECC256密钥为例 */ +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyDigest = huks.HuksKeyAlg.HUKS_ALG_ECC +} let keyAlias = 'keyAlias'; -let properties = new Array(); -properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_ECC -}; -properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 -}; -properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: - huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | - huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY -}; -properties[3] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 -}; -let options = { +let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_ECC + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY + }, + { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + }, +]; +let options: huks.HuksOptions = { properties: properties }; try { @@ -203,7 +216,7 @@ try { .then((data) => { console.info(`promise: generateKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -244,13 +257,14 @@ deleteKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { if (error) { console.error(`callback: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -294,9 +308,11 @@ deleteKeyItem(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* 此处options选择emptyOptions传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { +let emptyOptions: huks.HuksOptions = { properties: [] }; try { @@ -304,7 +320,7 @@ try { .then ((data) => { console.info(`promise: deleteKeyItem key success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -335,9 +351,10 @@ getSdkVersion(options: HuksOptions) : string **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions传空 */ -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; let result = huks.getSdkVersion(emptyOptions); ``` @@ -381,9 +398,15 @@ importKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { if (error) { console.error(`callback: importKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -468,50 +492,56 @@ importKeyItem(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* 以导入AES128为例 */ +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyPadding | + huks.HuksCipherMode = huks.HuksKeyAlg.HUKS_ALG_ECC +} let plainTextSize32 = makeRandomArr(32); - -function makeRandomArr(size) { +function makeRandomArr(size: number) { let arr = new Uint8Array(size); for (let i = 0; i < size; i++) { arr[i] = Math.floor(Math.random() * 10); } return arr; }; - /*第一步:生成密钥*/ let keyAlias = 'keyAlias'; -let properties = new Array(); -properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_AES -}; -properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 -}; -properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT -}; -properties[3] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 -}; -properties[4] = { - tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, - value: huks.HuksCipherMode.HUKS_MODE_ECB -}; -let huksoptions = { +let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_AES + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT + }, + { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 + }, + { + tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, + value: huks.HuksCipherMode.HUKS_MODE_ECB + } +]; +let huksoptions: huks.HuksOptions = { properties: properties, inData: plainTextSize32 }; try { huks.importKeyItem(keyAlias, huksoptions) - .then ((data) => { + .then((data) => { console.info(`promise: importKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: importKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -557,60 +587,65 @@ attestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { if (error) { console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -621,33 +656,33 @@ async function generateKey(alias) { console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function attestKey() { let aliasString = keyAliasString; let aliasUint8 = stringToUint8Array(aliasString); - let properties = new Array(); - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO, - value: securityLevel - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE, - value: challenge - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO, - value: versionInfo - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS, - value: aliasUint8 - }; - let options = { + let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO, + value: securityLevel + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE, + value: challenge + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO, + value: versionInfo + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS, + value: aliasUint8 + } + ]; + let options: huks.HuksOptions = { properties: properties }; await generateKey(aliasString); try { - huks.attestKeyItem(aliasString, options, function (error, data) { + huks.attestKeyItem(aliasString, options, (error, data) => { if (error) { console.error(`callback: attestKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -703,101 +738,107 @@ attestKeyItem(keyAlias: string, options: HuksOptions) : Promise\ { console.info(`promise: generateKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { console.error(`promise: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function attestKey() { let aliasString = keyAliasString; let aliasUint8 = stringToUint8Array(aliasString); - let properties = new Array(); - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO, - value: securityLevel - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE, - value: challenge - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO, - value: versionInfo - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS, - value: aliasUint8 - }; - let options = { + let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO, + value: securityLevel + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE, + value: challenge + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO, + value: versionInfo + }, + { + tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS, + value: aliasUint8 + } + ]; + let options: huks.HuksOptions = { properties: properties }; await generateKey(aliasString); try { await huks.attestKeyItem(aliasString, options) - .then ((data) => { + .then((data) => { console.info(`promise: attestKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: attestKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -847,29 +888,32 @@ importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, options: HuksOp ```js import huks from '@ohos.security.huks'; - -let exportWrappingKey; +import { BusinessError } from '@ohos.base'; +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyDigest | huks.HuksKeyPadding | huks.HuksUnwrapSuite | + huks.HuksCipherMode | huks.HuksImportKeyType = huks.HuksKeyAlg.HUKS_ALG_ECC +} let alias1 = "importAlias"; let alias2 = "wrappingKeyAlias"; - -async function TestGenFunc(alias, options) { +async function TestGenFunc(alias: string, options: huks.HuksOptions) { try { await genKey(alias, options) .then((data) => { console.info(`callback: generateKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - -function genKey(alias, options) { - return new Promise((resolve, reject) => { +function genKey(alias: string, options: huks.HuksOptions) { + return new Promise((resolve, reject) => { try { - huks.generateKeyItem(alias, options, function (error, data) { + huks.generateKeyItem(alias, options, (error, data) => { if (error) { reject(error); } else { @@ -877,30 +921,27 @@ function genKey(alias, options) { } }); } catch (error) { - throw(error); + throw (new Error(error)); } }); } - -async function TestExportFunc(alias, options) { +async function TestExportFunc(alias: string, options: huks.HuksOptions) { try { await exportKey(alias, options) - .then ((data) => { + .then((data) => { console.info(`callback: exportKeyItem success, data = ${JSON.stringify(data)}`); - exportWrappingKey = data.outData; }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { console.error(`callback: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - -function exportKey(alias, options) { - return new Promise((resolve, reject) => { +function exportKey(alias: string, options: huks.HuksOptions) { + return new Promise((resolve, reject) => { try { - huks.exportKeyItem(alias, options, function (error, data) { + huks.exportKeyItem(alias, options, (error, data) => { if (error) { reject(error); } else { @@ -908,29 +949,27 @@ function exportKey(alias, options) { } }); } catch (error) { - throw(error); + throw (new Error(error)); } }); } - -async function TestImportWrappedFunc(alias, wrappingAlias, options) { +async function TestImportWrappedFunc(alias: string, wrappingAlias: string, options: huks.HuksOptions) { try { await importWrappedKey(alias, wrappingAlias, options) - .then ((data) => { + .then((data) => { console.info(`callback: importWrappedKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`callback: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { console.error(`callback: importWrappedKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - -function importWrappedKey(alias, wrappingAlias, options) { - return new Promise((resolve, reject) => { +function importWrappedKey(alias: string, wrappingAlias: string, options: huks.HuksOptions) { + return new Promise((resolve, reject) => { try { - huks.importWrappedKeyItem(alias, wrappingAlias, options, function (error, data) { + huks.importWrappedKeyItem(alias, wrappingAlias, options, (error, data) => { if (error) { reject(error); } else { @@ -938,16 +977,15 @@ function importWrappedKey(alias, wrappingAlias, options) { } }); } catch (error) { - throw(error); + throw (new Error(error)); } }); } - async function TestImportWrappedKeyFunc( - alias, - wrappingAlias, - genOptions, - importOptions + alias: string, + wrappingAlias: string, + genOptions: huks.HuksOptions, + importOptions: huks.HuksOptions ) { await TestGenFunc(wrappingAlias, genOptions); await TestExportFunc(wrappingAlias, genOptions); @@ -969,67 +1007,66 @@ async function TestImportWrappedKeyFunc( importOptions.inData = inputKey; await TestImportWrappedFunc(alias, wrappingAlias, importOptions); } - function makeGenerateOptions() { - let properties = new Array(); - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_ECC - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 - }; - properties[4] = { - tag: huks.HuksTag.HUKS_TAG_IMPORT_KEY_TYPE, - value: huks.HuksImportKeyType.HUKS_KEY_TYPE_KEY_PAIR, - }; - let options = { + let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_ECC + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP + }, + { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + }, + { + tag: huks.HuksTag.HUKS_TAG_IMPORT_KEY_TYPE, + value: huks.HuksImportKeyType.HUKS_KEY_TYPE_KEY_PAIR, + } + ]; + let options: huks.HuksOptions = { properties: properties }; return options; }; - function makeImportOptions() { - let properties = new Array(); - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_AES - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, - value: huks.HuksCipherMode.HUKS_MODE_CBC - }; - properties[4] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value: huks.HuksKeyPadding.HUKS_PADDING_NONE - }; - properties[5] = { - tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE, - value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING - }; - let options = { + let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_AES + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT + }, + { + tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, + value: huks.HuksCipherMode.HUKS_MODE_CBC + }, + { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_NONE + }, + { + tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE, + value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING + } + ]; + let options: huks.HuksOptions = { properties: properties }; return options; }; - function huksImportWrappedKey() { let genOptions = makeGenerateOptions(); let importOptions = makeImportOptions(); @@ -1081,14 +1118,16 @@ importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, options: HuksOp **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* 处理流程与callback类似,主要差异点为如下函数: */ -async function TestImportWrappedFunc(alias, wrappingAlias, options) { +async function TestImportWrappedFunc(alias: string, wrappingAlias: string, options: huks.HuksOptions) { try { await huks.importWrappedKeyItem(alias, wrappingAlias, options) .then ((data) => { console.info(`promise: importWrappedKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -1134,13 +1173,14 @@ exportKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { if (error) { console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1194,9 +1234,11 @@ exportKeyItem(keyAlias: string, options: HuksOptions) : Promise\ { console.info(`promise: exportKeyItem success, data = ${JSON.stringify(data)}`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -1249,13 +1291,14 @@ getKeyItemProperties(keyAlias: string, options: HuksOptions, callback: AsyncCall **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { +let emptyOptions: huks.HuksOptions = { properties: [] }; try { - huks.getKeyItemProperties(keyAlias, emptyOptions, function (error, data) { + huks.getKeyItemProperties(keyAlias, emptyOptions, (error, data) => { if (error) { console.error(`callback: getKeyItemProperties failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1309,9 +1352,11 @@ getKeyItemProperties(keyAlias: string, options: HuksOptions) : Promise\ { console.info(`promise: getKeyItemProperties success, data = ${JSON.stringify(data)}`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: getKeyItemProperties failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -1364,23 +1409,22 @@ isKeyItemExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\< ```js import huks from '@ohos.security.huks'; import promptAction from '@ohos.promptAction'; - /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { +let emptyOptions: huks.HuksOptions = { properties: [] }; -huks.isKeyItemExist(keyAlias, emptyOptions, function (error, data) { +huks.isKeyItemExist(keyAlias, emptyOptions, (error, data) => { if (data) { - promptAction.showToast({ - message: "keyAlias: " + keyAlias +"is existed!", - duration: 2500, - }) + promptAction.showToast({ + message: "keyAlias: " + keyAlias +"is existed!", + duration: 2500, + }) } else { - promptAction.showToast({ - message: "find key failed,error code: " + error.code + " error msg: " + error.message, - duration: 2500, - }) + promptAction.showToast({ + message: "find key failed,error code: " + error.code + " error msg: " + error.message, + duration: 2500, + }) } }); ``` @@ -1426,24 +1470,25 @@ isKeyItemExist(keyAlias: string, options: HuksOptions) : Promise\ ```js import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; import promptAction from '@ohos.promptAction'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { +let emptyOptions: huks.HuksOptions = { properties: [] }; huks.isKeyItemExist(keyAlias, emptyOptions).then((data) => { promptAction.showToast({ - message: "keyAlias: " + keyAlias +"is existed!", - duration: 500, + message: "keyAlias: " + keyAlias +"is existed!", + duration: 500, }) - }).catch((err)=>{ +}).catch((error: BusinessError)=>{ promptAction.showToast({ - message: "find key failed, error code: " + err.code + " error message: " + err.message, - duration: 6500, + message: "find key failed, error code: " + error.code + " error message: " + error.message, + duration: 6500, }) - }) +}) ``` ## huks.initSession9+ @@ -1790,6 +1835,7 @@ abortSession操作密钥接口,使用Callback回调异步返回结果 。 **示例:** ```js +import huks from '@ohos.security.huks'; /* huks.initSession, huks.updateSession, huks.finishSession为三段式接口,需要一起使用,当 * huks.initSession和huks.updateSession * 以及huks.finishSession操作中的任一阶段发生错误时, @@ -1797,22 +1843,26 @@ abortSession操作密钥接口,使用Callback回调异步返回结果 。 * * 以下以RSA1024密钥的callback功能使用为例 */ -function stringToUint8Array(str) { - let arr = []; +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyDigest | + huks.HuksKeyPadding | huks.HuksCipherMode = huks.HuksKeyAlg.HUKS_ALG_ECC +} +function stringToUint8Array(str: string) { + let arr: number[] = []; for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } let tmpUint8Array = new Uint8Array(arr); return tmpUint8Array; } - let keyAlias = "HuksDemoRSA"; -let properties = new Array(); -let options = { +let properties: HuksProperties[] = [] +let options: huks.HuksOptions = { properties: properties, inData: new Uint8Array(0) }; -let handle; +let handle: number = 0; async function generateKey() { properties[0] = { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, @@ -1838,9 +1888,8 @@ async function generateKey() { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB, } - try { - await huks.generateKeyItem(keyAlias, options, function (error, data) { + await huks.generateKeyItem(keyAlias, options, (error, data) => { if (error) { console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1851,11 +1900,10 @@ async function generateKey() { console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function huksInit() { console.log('enter huksInit'); try { - huks.initSession(keyAlias, options, function (error, data) { + huks.initSession(keyAlias, options, (error, data) => { if (error) { console.error(`callback: initSession failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1867,12 +1915,11 @@ async function huksInit() { console.error(`callback: initSession input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function huksUpdate() { console.log('enter huksUpdate'); options.inData = stringToUint8Array("huksHmacTest"); try { - huks.updateSession(handle, options, function (error, data) { + huks.updateSession(handle, options, (error, data) => { if (error) { console.error(`callback: updateSession failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1883,12 +1930,11 @@ async function huksUpdate() { console.error(`callback: updateSession input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function huksFinish() { console.log('enter huksFinish'); options.inData = new Uint8Array(0); try { - huks.finishSession(handle, options, function (error, data) { + huks.finishSession(handle, options, (error, data) => { if (error) { console.error(`callback: finishSession failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1899,11 +1945,10 @@ async function huksFinish() { console.error(`callback: finishSession input arg invalid, code: ${error.code}, msg: ${error.message}`); } } - async function huksAbort() { console.log('enter huksAbort'); try { - huks.abortSession(handle, options, function (error, data) { + huks.abortSession(handle, options, (error, data) => { if (error) { console.error(`callback: abortSession failed, code: ${error.code}, msg: ${error.message}`); } else { @@ -1954,6 +1999,8 @@ abortSession操作密钥接口,使用Promise方式异步返回结果。 **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* huks.initSession, huks.updateSession, huks.finishSession为三段式接口,需要一起使用,当 * huks.initSession和huks.updateSession * 以及huks.finishSession操作中的任一阶段发生错误时, @@ -1961,8 +2008,15 @@ abortSession操作密钥接口,使用Promise方式异步返回结果。 * * 以下以RSA1024密钥的callback功能使用为例 */ -function stringToUint8Array(str) { - let arr = []; +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyDigest | huks.HuksKeyPadding | huks.HuksKeyGenerateType | + huks.HuksCipherMode = huks.HuksKeyAlg.HUKS_ALG_ECC +} + +function stringToUint8Array(str: string) { + let arr: number[] = []; for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } @@ -1971,12 +2025,13 @@ function stringToUint8Array(str) { } let keyAlias = "HuksDemoRSA"; -let properties = new Array(); -let options = { +let properties: HuksProperties[] = [] +let options: huks.HuksOptions = { properties: properties, inData: new Uint8Array(0) }; -let handle; +let handle: number = 0; + async function generateKey() { properties[0] = { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, @@ -2008,7 +2063,7 @@ async function generateKey() { .then((data) => { console.info(`promise: generateKeyItem success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -2020,11 +2075,11 @@ async function huksInit() { console.log('enter huksInit'); try { await huks.initSession(keyAlias, options) - .then ((data) => { + .then((data) => { console.info(`promise: initSession success, data = ${JSON.stringify(data)}`); - handle = data.handle; + handle = data.handle; }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: initSession key failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -2037,10 +2092,10 @@ async function huksUpdate() { options.inData = stringToUint8Array("huksHmacTest"); try { await huks.updateSession(handle, options) - .then ((data) => { + .then((data) => { console.info(`promise: updateSession success, data = ${JSON.stringify(data)}`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: updateSession failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -2053,10 +2108,10 @@ async function huksFinish() { options.inData = new Uint8Array(0); try { await huks.finishSession(handle, options) - .then ((data) => { + .then((data) => { console.info(`promise: finishSession success, data = ${JSON.stringify(data)}`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: finishSession failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -2068,10 +2123,10 @@ async function huksAbort() { console.log('enter huksAbort'); try { await huks.abortSession(handle, options) - .then ((data) => { + .then((data) => { console.info(`promise: abortSession success`); }) - .catch(error => { + .catch((error: BusinessError) => { console.error(`promise: abortSession failed, code: ${error.code}, msg: ${error.message}`); }); } catch (error) { @@ -2500,35 +2555,43 @@ generateKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { +}); ``` ## huks.generateKey(deprecated) @@ -2559,29 +2622,37 @@ generateKey(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 以生成ECC256密钥为例 */ +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyDigest = huks.HuksKeyAlg.HUKS_ALG_ECC +} + let keyAlias = 'keyAlias'; -let properties = new Array(); -properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_ECC -}; -properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 -}; -properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: -huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | -huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY -}; -properties[3] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 -}; -let options = { - properties: properties +let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_ECC + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY + }, + { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + } +]; +let options: huks.HuksOptions = { + properties: properties }; let result = huks.generateKey(keyAlias, options); ``` @@ -2609,12 +2680,14 @@ deleteKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { +}); ``` ## huks.deleteKey(deprecated) @@ -2645,10 +2718,11 @@ deleteKey(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; let result = huks.deleteKey(keyAlias, emptyOptions); ``` @@ -2676,9 +2750,15 @@ importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { +}); ``` ## huks.importKey(deprecated) @@ -2743,43 +2825,48 @@ importKey(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 以导入AES128为例 */ +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyPadding | huks.HuksCipherMode = huks.HuksKeyAlg.HUKS_ALG_ECC +} let plainTextSize32 = makeRandomArr(32); - -function makeRandomArr(size) { +function makeRandomArr(size: number) { let arr = new Uint8Array(size); for (let i = 0; i < size; i++) { arr[i] = Math.floor(Math.random() * 10); } return arr; }; - /*第一步:生成密钥*/ let keyAlias = 'keyAlias'; -let properties = new Array(); -properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_AES -}; -properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 -}; -properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT -}; -properties[3] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 -}; -properties[4] = { - tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, - value: huks.HuksCipherMode.HUKS_MODE_ECB -}; -let huksoptions = { - properties: properties, - inData: plainTextSize32 +let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_AES + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT + }, + { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 + }, + { + tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, + value: huks.HuksCipherMode.HUKS_MODE_ECB + } +]; +let huksoptions: huks.HuksOptions = { + properties: properties, + inData: plainTextSize32 }; let result = huks.importKey(keyAlias, huksoptions); ``` @@ -2807,12 +2894,14 @@ exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { +}); ``` ## huks.exportKey(deprecated) @@ -2843,10 +2932,11 @@ exportKey(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; let result = huks.exportKey(keyAlias, emptyOptions); ``` @@ -2874,12 +2964,14 @@ getKeyProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; -huks.getKeyProperties(keyAlias, emptyOptions, function (err, data){}); +huks.getKeyProperties(keyAlias, emptyOptions, (err, data) => { +}); ``` ## huks.getKeyProperties(deprecated) @@ -2910,10 +3002,11 @@ getKeyProperties(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; let result = huks.getKeyProperties(keyAlias, emptyOptions); ``` @@ -2941,12 +3034,14 @@ isKeyExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\ { +}); ``` ## huks.isKeyExist(deprecated) @@ -2977,10 +3072,11 @@ isKeyExist(keyAlias: string, options: HuksOptions) : Promise\ **示例:** ```js +import huks from '@ohos.security.huks'; /* 此处options选择emptyOptions来传空 */ let keyAlias = 'keyAlias'; -let emptyOptions = { - properties: [] +let emptyOptions: huks.HuksOptions = { + properties: [] }; let result = huks.isKeyExist(keyAlias, emptyOptions); ``` @@ -3145,93 +3241,100 @@ abort操作密钥接口,使用Callback回调异步返回结果。 **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* huks.init, huks.update, huks.finish为三段式接口,需要一起使用,当huks.init和huks.update * 以及huks.finish操作中的任一阶段发生错误时,都需要调用huks.abort来终止密钥的使用。 * * 以下以RSA1024密钥的callback操作使用为例 */ +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyDigest | huks.HuksKeyPadding = huks.HuksKeyAlg.HUKS_ALG_ECC +} let keyalias = "HuksDemoRSA"; -let properties = new Array(); -let options = { - properties: properties, - inData: new Uint8Array(0) +let properties: HuksProperties[] = []; +let options: huks.HuksOptions = { + properties: properties, + inData: new Uint8Array(0) }; -let handle; +let handle: number = 0; let resultMessage = ""; async function generateKey() { - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_RSA - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value: huks.HuksKeyPadding.HUKS_PADDING_OAEP - }; - properties[4] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 - }; - huks.generateKey(keyalias, options); -} -function stringToUint8Array(str) { - let arr = []; - for (let i = 0, j = str.length; i < j; ++i) { - arr.push(str.charCodeAt(i)); - } - let tmpUint8Array = new Uint8Array(arr); - return tmpUint8Array; + properties[0] = { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_RSA + }; + properties[1] = { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 + }; + properties[2] = { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT + }; + properties[3] = { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_OAEP + }; + properties[4] = { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + }; + huks.generateKey(keyalias, options); +} +function stringToUint8Array(str: string) { + let arr: number[] = []; + for (let i = 0, j = str.length; i < j; ++i) { + arr.push(str.charCodeAt(i)); + } + let tmpUint8Array = new Uint8Array(arr); + return tmpUint8Array; } async function huksInit() { - await huks.init(keyalias, options).then((data) => { - console.log(`test init data: ${JSON.stringify(data)}`); - handle = data.handle; - }).catch((err) => { - console.log("test init err information: " + JSON.stringify(err)) - }) + await huks.init(keyalias, options).then((data) => { + console.log(`test init data: ${JSON.stringify(data)}`); + handle = data.handle; + }).catch((err: BusinessError) => { + console.log("test init err information: " + JSON.stringify(err)) + }) } async function huksUpdate() { options.inData = stringToUint8Array("huksHmacTest"); - await huks.update(handle, options).then((data) => { - if (data.errorCode === 0) { - resultMessage += "update success!"; - } else { - resultMessage += "update fail!"; - } + await huks.update(handle, options.inData, options).then((data) => { + if (data.errorCode === 0) { + resultMessage += "update success!"; + } else { + resultMessage += "update fail!"; + } }); console.log(resultMessage); } function huksFinish() { - options.inData = stringToUint8Array("HuksDemoHMAC"); - huks.finish(handle, options).then((data) => { - if (data.errorCode === 0) { - resultMessage = "finish success!"; - } else { - resultMessage = "finish fail errorCode: " + data.errorCode; - } - }).catch((err) => { - resultMessage = "finish fail, catch errorMessage:" + JSON.stringify(err) - }); - console.log(resultMessage); + options.inData = stringToUint8Array("HuksDemoHMAC"); + huks.finish(handle, options).then((data) => { + if (data.errorCode === 0) { + resultMessage = "finish success!"; + } else { + resultMessage = "finish fail errorCode: " + data.errorCode; + } + }).catch((err: BusinessError) => { + resultMessage = "finish fail, catch errorMessage:" + JSON.stringify(err) + }); + console.log(resultMessage); } async function huksAbort() { - huks.abort(handle, options).then((data) => { - if (data.errorCode === 0) { - resultMessage = "abort success!"; - } else { - resultMessage = "abort fail errorCode: " + data.errorCode; - } - }).catch((err) => { - resultMessage = "abort fail, catch errorMessage:" + JSON.stringify(err) - }); - console.log(resultMessage); + huks.abort(handle, options).then((data) => { + if (data.errorCode === 0) { + resultMessage = "abort success!"; + } else { + resultMessage = "abort fail errorCode: " + data.errorCode; + } + }).catch((err: BusinessError) => { + resultMessage = "abort fail, catch errorMessage:" + JSON.stringify(err) + }); + console.log(resultMessage); } ``` @@ -3263,99 +3366,109 @@ abort操作密钥接口,使用Promise方式异步返回结果。 **示例:** ```js +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; /* huks.init, huks.update, huks.finish为三段式接口,需要一起使用,当huks.init和huks.update * 以及huks.finish操作中的任一阶段发生错误时,都需要调用huks.abort来终止密钥的使用。 * * 以下以RSA1024密钥的promise操作使用为例 */ +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | + huks.HuksKeyPadding | huks.HuksKeyDigest = huks.HuksKeyAlg.HUKS_ALG_ECC +} let keyalias = "HuksDemoRSA"; -let properties = new Array(); -let options = { - properties: properties, - inData: new Uint8Array(0) +let properties: HuksProperties[] = []; +let options: huks.HuksOptions = { + properties: properties, + inData: new Uint8Array(0) }; -let handle; +let handle: number = 0; let resultMessage = ""; -function stringToUint8Array(str) { - let arr = []; - for (let i = 0, j = str.length; i < j; ++i) { - arr.push(str.charCodeAt(i)); - } - let tmpUint8Array = new Uint8Array(arr); - return tmpUint8Array; + +function stringToUint8Array(str: string) { + let arr: number[] = []; + for (let i = 0, j = str.length; i < j; ++i) { + arr.push(str.charCodeAt(i)); + } + let tmpUint8Array = new Uint8Array(arr); + return tmpUint8Array; } async function generateKey() { - properties[0] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_RSA - }; - properties[1] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 - }; - properties[2] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT - }; - properties[3] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value: huks.HuksKeyPadding.HUKS_PADDING_OAEP - }; - properties[4] = { - tag: huks.HuksTag.HUKS_TAG_DIGEST, - value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 - }; - huks.generateKey(keyalias, options, function (err, data) { }); + properties[0] = { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_RSA + }; + properties[1] = { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 + }; + properties[2] = { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT + }; + properties[3] = { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_OAEP + }; + properties[4] = { + tag: huks.HuksTag.HUKS_TAG_DIGEST, + value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 + }; + huks.generateKey(keyalias, options, (err, data) => { + }); } + async function huksInit() { - return new Promise((resolve, reject) => { - huks.init(keyalias, options, async function (err, data) { - if (data.errorCode === 0) { - resultMessage = "init success!" - handle = data.handle; - } else { - resultMessage = "init fail errorCode: " + data.errorCode - } + return new Promise((resolve, reject) => { + huks.init(keyalias, options, async (err, data) => { + if (data.errorCode === 0) { + resultMessage = "init success!" + handle = data.handle; + } else { + resultMessage = "init fail errorCode: " + data.errorCode + } + }); }); - }); } async function huksUpdate() { options.inData = stringToUint8Array("huksHmacTest"); - new Promise((resolve, reject) => { - huks.update(handle, options, function (err, data) { - if (data.errorCode === 0) { - resultMessage += "update success!"; - } else { - resultMessage += "update fail!"; - } - }); + new Promise((resolve, reject) => { + huks.update(handle, options.inData, options, (err, data) => { + if (data.errorCode === 0) { + resultMessage += "update success!"; + } else { + resultMessage += "update fail!"; + } + }); }); console.log(resultMessage); } async function huksFinish() { - options.inData = stringToUint8Array("0"); - new Promise((resolve, reject) => { - huks.finish(handle, options, function (err, data) { - if (data.errorCode === 0) { - resultMessage = "finish success!"; - } else { - resultMessage = "finish fail errorCode: " + data.errorCode; - } + options.inData = stringToUint8Array("0"); + new Promise((resolve, reject) => { + huks.finish(handle, options, (err, data) => { + if (data.errorCode === 0) { + resultMessage = "finish success!"; + } else { + resultMessage = "finish fail errorCode: " + data.errorCode; + } + }); }); - }); } function huksAbort() { - new Promise((resolve, reject) => { - huks.abort(handle, options, function (err, data) { - console.log(`Huks_Demo hmac huksAbort1 data ${JSON.stringify(data)}`); - console.log(`Huks_Demo hmac huksAbort1 err ${JSON.stringify(err)}`); + new Promise((resolve, reject) => { + huks.abort(handle, options, (err, data) => { + console.log(`Huks_Demo hmac huksAbort1 data ${JSON.stringify(data)}`); + console.log(`Huks_Demo hmac huksAbort1 err ${JSON.stringify(err)}`); + }); }); - }); } ``` @@ -3469,4 +3582,4 @@ huks Handle结构体。 | HUKS_ERROR_INVALID_ITERATION | -124 |表示无效的迭代。| | HUKS_ERROR_INVALID_OPERATION | -125 |表示无效操作。| | HUKS_ERROR_INTERNAL_ERROR | -999 |表示内部错误。| -| HUKS_ERROR_UNKNOWN_ERROR | -1000 |表示未知错误。| +| HUKS_ERROR_UNKNOWN_ERROR | -1000 |表示未知错误。| \ No newline at end of file diff --git a/zh-cn/application-dev/security/huks-guidelines.md b/zh-cn/application-dev/security/huks-guidelines.md index 2bc815d539f3ce9423a661404c19fc544cf483b8..b3cd8bab5fe7656a172511cc73e3c1e968c341c9 100644 --- a/zh-cn/application-dev/security/huks-guidelines.md +++ b/zh-cn/application-dev/security/huks-guidelines.md @@ -28,71 +28,80 @@ HUKS提供为业务安全随机生成密钥的能力。通过HUKS生成的密钥 * 以下以生成DH密钥的Callback操作使用为例 */ import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; + +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyDigest = huks.HuksKeyAlg.HUKS_ALG_ECC; +} /* * 确定密钥别名和封装密钥属性参数集 */ let keyAlias = 'dh_key'; -let properties = new Array(); -properties[0] = { +let properties1: HuksProperties[] = [ + { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_DH -} -properties[1] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_AGREE -} -properties[2] = { + }, + { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_DH_KEY_SIZE_2048 -} -properties[3] = { + }, + { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 -} -let huksOptions = { - properties: properties, - inData: new Uint8Array(new Array()) + } +]; + +// let data1 = new Uint8Array(new Array()); +let huksOptions: huks.HuksOptions = { + properties: properties1, + inData: new Uint8Array(new Array()) } /* * 生成密钥 */ -function generateKeyItem(keyAlias: string, huksOptions: huks.HuksOptions) { - return new Promise((resolve, reject) => { - try { - huks.generateKeyItem(keyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throw (error); - } - }); -} - -async function publicGenKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions) { - console.info(`enter callback generateKeyItem`); +function generateKeyItem(keyAlias: string, huksOptions: huks.HuksOptions){ + return new Promise((resolve, reject) => { try { - await generateKeyItem(keyAlias, huksOptions) - .then((data) => { - console.info(`callback: generateKeyItem success, data = ${JSON.stringify(data)}`); - }) - .catch(error => { - console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); - }); + huks.generateKeyItem(keyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + throw (error as Error); } + }); } +async function publicGenKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter callback generateKeyItem`); + try { + await generateKeyItem(keyAlias, huksOptions) + .then((data) => { + console.info(`callback: generateKeyItem success, data = ${JSON.stringify(data)}`); + }) + .catch((error: BusinessError) => { + console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`); + }); + } catch (error) { + console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + } +} async function TestGenKey() { - await publicGenKeyFunc(keyAlias, huksOptions); + await publicGenKeyFunc(keyAlias, huksOptions); } + ``` ## 导入外部密钥 @@ -251,336 +260,352 @@ try { **代码示例:** ```js + /* * 以下以SM2密钥的Callback操作验证为例 */ import huks from '@ohos.security.huks'; - +import { BusinessError } from '@ohos.base'; /* * 确定密钥别名 */ let importAlias = "importAlias"; let wrapAlias = "wrappingKeyAlias"; -let exportKey; +let exportKey: Uint8Array; /* * 加密导入用途的密钥材料原文:转换成HUKS ECC-P-256密钥对格式的密钥材料 */ let inputEccPair = new Uint8Array([ - 0x02, 0x00, 0x00, 0x00, // 密钥算法:huks.HuksKeyAlg.HUKS_ALG_ECC = 2 - 0x00, 0x01, 0x00, 0x00, // 密钥大小(比特):256 - 0x20, 0x00, 0x00, 0x00, // 坐标x长度(字节):32 - 0x20, 0x00, 0x00, 0x00, // 坐标y长度(字节):32 - 0x20, 0x00, 0x00, 0x00, // 坐标z长度(字节):32 - // 坐标x - 0xa5, 0xb8, 0xa3, 0x78, 0x1d, 0x6d, 0x76, 0xe0, 0xb3, 0xf5, 0x6f, 0x43, 0x9d, 0xcf, 0x60, 0xf6, - 0x0b, 0x3f, 0x64, 0x45, 0xa8, 0x3f, 0x1a, 0x96, 0xf1, 0xa1, 0xa4, 0x5d, 0x3e, 0x2c, 0x3f, 0x13, - // 坐标y - 0xd7, 0x81, 0xf7, 0x2a, 0xb5, 0x8d, 0x19, 0x3d, 0x9b, 0x96, 0xc7, 0x6a, 0x10, 0xf0, 0xaa, 0xbc, - 0x91, 0x6f, 0x4d, 0xa7, 0x09, 0xb3, 0x57, 0x88, 0x19, 0x6f, 0x00, 0x4b, 0xad, 0xee, 0x34, 0x35, - // 坐标z - 0xfb, 0x8b, 0x9f, 0x12, 0xa0, 0x83, 0x19, 0xbe, 0x6a, 0x6f, 0x63, 0x2a, 0x7c, 0x86, 0xba, 0xca, - 0x64, 0x0b, 0x88, 0x96, 0xe2, 0xfa, 0x77, 0xbc, 0x71, 0xe3, 0x0f, 0x0f, 0x9e, 0x3c, 0xe5, 0xf9 + 0x02, 0x00, 0x00, 0x00, // 密钥算法:huks.HuksKeyAlg.HUKS_ALG_ECC = 2 + 0x00, 0x01, 0x00, 0x00, // 密钥大小(比特):256 + 0x20, 0x00, 0x00, 0x00, // 坐标x长度(字节):32 + 0x20, 0x00, 0x00, 0x00, // 坐标y长度(字节):32 + 0x20, 0x00, 0x00, 0x00, // 坐标z长度(字节):32 + // 坐标x + 0xa5, 0xb8, 0xa3, 0x78, 0x1d, 0x6d, 0x76, 0xe0, 0xb3, 0xf5, 0x6f, 0x43, 0x9d, 0xcf, 0x60, 0xf6, + 0x0b, 0x3f, 0x64, 0x45, 0xa8, 0x3f, 0x1a, 0x96, 0xf1, 0xa1, 0xa4, 0x5d, 0x3e, 0x2c, 0x3f, 0x13, + // 坐标y + 0xd7, 0x81, 0xf7, 0x2a, 0xb5, 0x8d, 0x19, 0x3d, 0x9b, 0x96, 0xc7, 0x6a, 0x10, 0xf0, 0xaa, 0xbc, + 0x91, 0x6f, 0x4d, 0xa7, 0x09, 0xb3, 0x57, 0x88, 0x19, 0x6f, 0x00, 0x4b, 0xad, 0xee, 0x34, 0x35, + // 坐标z + 0xfb, 0x8b, 0x9f, 0x12, 0xa0, 0x83, 0x19, 0xbe, 0x6a, 0x6f, 0x63, 0x2a, 0x7c, 0x86, 0xba, 0xca, + 0x64, 0x0b, 0x88, 0x96, 0xe2, 0xfa, 0x77, 0xbc, 0x71, 0xe3, 0x0f, 0x0f, 0x9e, 0x3c, 0xe5, 0xf9 ]); +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyDigest | huks.HuksImportKeyType = huks.HuksKeyAlg.HUKS_ALG_ECC; +} + /* * 封装密钥属性参数集 */ // 生成加密导入用途的密钥的属性集 -let properties = new Array(); -properties[0] = { +let propertiesEncrypt: HuksProperties[] = [ + { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_ECC -}; -properties[1] = { + }, + { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 -}; -properties[2] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP -}; -properties[3] = { + }, + { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 -}; -properties[4] = { + }, + { tag: huks.HuksTag.HUKS_TAG_IMPORT_KEY_TYPE, value: huks.HuksImportKeyType.HUKS_KEY_TYPE_KEY_PAIR, + }]; +let huksOptions: huks.HuksOptions = { + properties: propertiesEncrypt, + inData: inputEccPair }; -let huksOptions = { - properties: properties, - inData: inputEccPair -}; + +class HuksImportProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksCipherMode | huks.HuksKeyPadding | huks.HuksUnwrapSuite = huks.HuksKeyAlg.HUKS_ALG_ECC; +} // 待导入密钥的属性集:AES256 -let importProperties = new Array(); -importProperties[0] = { +let importProperties: HuksImportProperties[] = [ + { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES -}; -importProperties[1] = { + }, + { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 -}; -importProperties[2] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT -}; -importProperties[3] = { + }, + { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_CBC -}; -importProperties[4] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_NONE -}; -importProperties[5] = { + }, + { tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE, value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING // 使用“ECDH+AES256GCM”加密导入套件 -}; -let importOptions = { - properties: importProperties, - inData: new Uint8Array(new Array()) + }]; +let importOptions: huks.HuksOptions = { + properties: importProperties, + inData: new Uint8Array(new Array()) }; -// 导出加密导入用途的公钥 -function exportKeyItem(keyAlias, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.exportKeyItem(keyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); - } - }); +class throwObject1{ + isThrow: boolean = false; } -async function publicExportKeyFunc(keyAlias, huksOptions) { - console.info(`enter callback export`); - let throwObject = {isThrow: false}; +// 导出加密导入用途的公钥 +function exportKeyItem(keyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { try { - await exportKeyItem(keyAlias, huksOptions, throwObject) - .then ((data) => { - console.info(`callback: exportKeyItem success, data = ${JSON.stringify(data)}`); - exportKey = data.outData; - }) - .catch(error => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`); - } - }); + huks.exportKeyItem(keyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + throwObject.isThrow = true; + throw (error as Error); } + }); } -// 此处用导入密钥来模拟“生成加密导入用途的密钥” -function importKeyItem(keyAlias, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.importKeyItem(keyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); +async function publicExportKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter callback export`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await exportKeyItem(keyAlias, huksOptions, throwObject) + .then((data) => { + console.info(`callback: exportKeyItem success, data = ${JSON.stringify(data)}`); + exportKey = data.outData as Uint8Array; + }) + .catch((error: BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`); } - }); + }); + } catch (error) { + console.error(`callback: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } -async function publicImportKeyFunc(keyAlias, huksOptions) { - console.info(`enter promise importKeyItem`); - let throwObject = {isThrow: false}; +// 此处用导入密钥来模拟“生成加密导入用途的密钥” +function importKeyItem(keyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { try { - await importKeyItem(keyAlias, huksOptions, throwObject) - .then ((data) => { - console.info(`callback: importKeyItem success, data = ${JSON.stringify(data)}`); - }) - .catch(error => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: importKeyItem failed, code: ${error.code}, msg: ${error.message}`); - } - }); + huks.importKeyItem(keyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: importKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + throwObject.isThrow = true; + throw (error as Error); } + }); } -// 执行加密导入 -async function publicImportWrappedKey(keyAlias, wrappingKeyAlias, huksOptions) { - console.info(`enter callback importWrappedKeyItem`); - var throwObject = {isThrow: false}; - try { - await importWrappedKeyItem(keyAlias, wrappingKeyAlias, huksOptions, throwObject) - .then ((data) => { - console.info(`callback: importWrappedKeyItem success, data = ${JSON.stringify(data)}`); - }) - .catch(error => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`); - } - }); - } catch (error) { - console.error(`callback: importWrappedKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); - } +async function publicImportKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter promise importKeyItem`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await importKeyItem(keyAlias, huksOptions, throwObject) + .then((data) => { + console.info(`callback: importKeyItem success, data = ${JSON.stringify(data)}`); + }) + .catch((error: BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: importKeyItem failed, code: ${error.code}, msg: ${error.message}`); + } + }); + } catch (error) { + console.error(`callback: importKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } -function importWrappedKeyItem(keyAlias, wrappingKeyAlias, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.importWrappedKeyItem(keyAlias, wrappingKeyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); +// 执行加密导入 +async function publicImportWrappedKey(keyAlias: string, wrappingKeyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter callback importWrappedKeyItem`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await importWrappedKeyItem(keyAlias, wrappingKeyAlias, huksOptions, throwObject) + .then((data) => { + console.info(`callback: importWrappedKeyItem success, data = ${JSON.stringify(data)}`); + }) + .catch((error:BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`); } - }); + }); + } catch (error) { + console.error(`callback: importWrappedKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } -// 删除加密导入用途的密钥 -function deleteKeyItem(keyAlias, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.deleteKeyItem(keyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); +function importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { + try { + huks.importWrappedKeyItem(keyAlias, wrappingKeyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); } - }); + }); + } catch (error) { + throwObject.isThrow = true; + throw (error as Error); + } + }); } -async function publicDeleteKeyFunc(keyAlias, huksOptions) { - console.info(`enter callback deleteKeyItem`); - let throwObject = {isThrow: false}; +// 删除加密导入用途的密钥 +function deleteKeyItem(keyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { try { - await deleteKeyItem(keyAlias, huksOptions, throwObject) - .then ((data) => { - console.info(`callback: deleteKeyItem key success, data = ${JSON.stringify(data)}`); - }) - .catch(error => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`); - } - }); + huks.deleteKeyItem(keyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: deletKeeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + throwObject.isThrow = true; + throw (error as Error); } + }); +} + +async function publicDeleteKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter callback deleteKeyItem`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await deleteKeyItem(keyAlias, huksOptions, throwObject) + .then((data) => { + console.info(`callback: deleteKeyItem key success, data = ${JSON.stringify(data)}`); + }) + .catch((error: BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`); + } + }); + } catch (error) { + console.error(`callback: deletKeeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } async function ImportWrappedKeyNormalTest() { - console.info(`enter ImportWrapKey test`); - /* - * 生成加密导入用途的密钥(此处使用导入进行模拟) - */ - await publicImportKeyFunc(wrapAlias, huksOptions); - - /* - * 导出加密导入用途密钥的公钥材料 - */ - await publicExportKeyFunc(wrapAlias, huksOptions); - - /*---------------------------------------------------------------------------------------------- - * 此处省略业务本地生成ECC密钥对、业务本地ECDH密钥协商、业务本地生成密钥加密密钥K3、业务本地加密K1'和K3的流程 - *----------------------------------------------------------------------------------------------*/ - - /* 封装加密导入密钥材料:参考加密导入 - * 拼接importOptions.inData字段,满足以下格式: - * PK2长度(4字节) + PK2的数据 + AAD2的长度(4字节) + AAD2的数据 + - * Nonce2的长度(4字节)+ Nonce2的数据 + AEAD2的长度(4字节) + AEAD2的数据 + - * K3密文的长度(4字节) + K3密文的数据 + AAD3的长度(4字节) + AAD3的数据 + - * Nonce3的长度(4字节) + Nonce3的数据 + AEAD3的长度(4字节) + AEAD3的数据 + - * K1'_size的长度(4字节) + K1'_size + K1'_enc的长度(4字节) + K1'_enc的数据 - */ - let inputKey = new Uint8Array([ - 0x5b, 0x00, 0x00, 0x00, // ECC-P-256 公钥长度(X.509规范DER格式):91 - // ECC-P-256 公钥 - 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, - 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xc0, 0xfe, 0x1c, 0x67, 0xde, - 0x86, 0x0e, 0xfb, 0xaf, 0xb5, 0x85, 0x52, 0xb4, 0x0e, 0x1f, 0x6c, 0x6c, 0xaa, 0xc5, 0xd9, 0xd2, - 0x4d, 0xb0, 0x8a, 0x72, 0x24, 0xa1, 0x99, 0xaf, 0xfc, 0x3e, 0x55, 0x5a, 0xac, 0x99, 0x3d, 0xe8, - 0x34, 0x72, 0xb9, 0x47, 0x9c, 0xa6, 0xd8, 0xfb, 0x00, 0xa0, 0x1f, 0x9f, 0x7a, 0x41, 0xe5, 0x44, - 0x3e, 0xb2, 0x76, 0x08, 0xa2, 0xbd, 0xe9, 0x41, 0xd5, 0x2b, 0x9e, - - 0x10, 0x00, 0x00, 0x00, // AAD2长度:16 - // AAD2 - 0xbf, 0xf9, 0x69, 0x41, 0xf5, 0x49, 0x85, 0x31, 0x35, 0x14, 0x69, 0x12, 0x57, 0x9c, 0xc8, 0xb7, - - 0x10, 0x00, 0x00, 0x00, // Nonce2长度:16 - // Nonce2 - 0x2d, 0xb7, 0xf1, 0x5a, 0x0f, 0xb8, 0x20, 0xc5, 0x90, 0xe5, 0xca, 0x45, 0x84, 0x5c, 0x08, 0x08, - - 0x10, 0x00, 0x00, 0x00, // AEAD2长度:16 - // AEAD2 - 0x43, 0x25, 0x1b, 0x2f, 0x5b, 0x86, 0xd8, 0x87, 0x04, 0x4d, 0x38, 0xc2, 0x65, 0xcc, 0x9e, 0xb7, - - 0x20, 0x00, 0x00, 0x00, // K3密文长度:32 - // K3密文 - 0xf4, 0xe8, 0x93, 0x28, 0x0c, 0xfa, 0x4e, 0x11, 0x6b, 0xe8, 0xbd, 0xa8, 0xe9, 0x3f, 0xa7, 0x8f, - 0x2f, 0xe3, 0xb3, 0xbf, 0xaf, 0xce, 0xe5, 0x06, 0x2d, 0xe6, 0x45, 0x5d, 0x19, 0x26, 0x09, 0xe7, - - 0x10, 0x00, 0x00, 0x00, // AAD3长度:16 - // AAD3 - 0xf4, 0x1e, 0x7b, 0x01, 0x7a, 0x84, 0x36, 0xa4, 0xa8, 0x1c, 0x0d, 0x3d, 0xde, 0x57, 0x66, 0x73, - - 0x10, 0x00, 0x00, 0x00, // Nonce3长度:16 - // Nonce3 - 0xe3, 0xff, 0x29, 0x97, 0xad, 0xb3, 0x4a, 0x2c, 0x50, 0x08, 0xb5, 0x68, 0xe1, 0x90, 0x5a, 0xdc, - - 0x10, 0x00, 0x00, 0x00, // AEAD3长度:16 - // AEAD3 - 0x26, 0xae, 0xdc, 0x4e, 0xa5, 0x6e, 0xb1, 0x38, 0x14, 0x24, 0x47, 0x1c, 0x41, 0x89, 0x63, 0x11, - - 0x04, 0x00, 0x00, 0x00, // “密钥明文材料长度”的长度(字节):4 - // 密钥明文材料的长度:32字节 - 0x20, 0x00, 0x00, 0x00, - - 0x20, 0x00, 0x00, 0x00, // 待导入密钥密文长度(字节):32 - // 待导入密钥密文 - 0x0b, 0xcb, 0xa9, 0xa8, 0x5f, 0x5a, 0x9d, 0xbf, 0xa1, 0xfc, 0x72, 0x74, 0x87, 0x79, 0xf2, 0xf4, - 0x22, 0x0c, 0x8a, 0x4d, 0xd8, 0x7e, 0x10, 0xc8, 0x44, 0x17, 0x95, 0xab, 0x3b, 0xd2, 0x8f, 0x0a - ]); - importOptions.inData = inputKey; - - /* - * 导入封装的加密密钥材料 - */ - await publicImportWrappedKey(importAlias, wrapAlias, importOptions); - - /* - * 删除用于加密导入的密钥 - */ - await publicDeleteKeyFunc(wrapAlias, huksOptions); + console.info(`enter ImportWrapKey test`); + /* + * 生成加密导入用途的密钥(此处使用导入进行模拟) + */ + await publicImportKeyFunc(wrapAlias, huksOptions); + + /* + * 导出加密导入用途密钥的公钥材料 + */ + await publicExportKeyFunc(wrapAlias, huksOptions); + + /*---------------------------------------------------------------------------------------------- + * 此处省略业务本地生成ECC密钥对、业务本地ECDH密钥协商、业务本地生成密钥加密密钥K3、业务本地加密K1'和K3的流程 + *----------------------------------------------------------------------------------------------*/ + + /* 封装加密导入密钥材料:参考加密导入 + * 拼接importOptions.inData字段,满足以下格式: + * PK2长度(4字节) + PK2的数据 + AAD2的长度(4字节) + AAD2的数据 + + * Nonce2的长度(4字节)+ Nonce2的数据 + AEAD2的长度(4字节) + AEAD2的数据 + + * K3密文的长度(4字节) + K3密文的数据 + AAD3的长度(4字节) + AAD3的数据 + + * Nonce3的长度(4字节) + Nonce3的数据 + AEAD3的长度(4字节) + AEAD3的数据 + + * K1'_size的长度(4字节) + K1'_size + K1'_enc的长度(4字节) + K1'_enc的数据 + */ + let inputKey = new Uint8Array([ + 0x5b, 0x00, 0x00, 0x00, // ECC-P-256 公钥长度(X.509规范DER格式):91 + // ECC-P-256 公钥 + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, + 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xc0, 0xfe, 0x1c, 0x67, 0xde, + 0x86, 0x0e, 0xfb, 0xaf, 0xb5, 0x85, 0x52, 0xb4, 0x0e, 0x1f, 0x6c, 0x6c, 0xaa, 0xc5, 0xd9, 0xd2, + 0x4d, 0xb0, 0x8a, 0x72, 0x24, 0xa1, 0x99, 0xaf, 0xfc, 0x3e, 0x55, 0x5a, 0xac, 0x99, 0x3d, 0xe8, + 0x34, 0x72, 0xb9, 0x47, 0x9c, 0xa6, 0xd8, 0xfb, 0x00, 0xa0, 0x1f, 0x9f, 0x7a, 0x41, 0xe5, 0x44, + 0x3e, 0xb2, 0x76, 0x08, 0xa2, 0xbd, 0xe9, 0x41, 0xd5, 0x2b, 0x9e, + + 0x10, 0x00, 0x00, 0x00, // AAD2长度:16 + // AAD2 + 0xbf, 0xf9, 0x69, 0x41, 0xf5, 0x49, 0x85, 0x31, 0x35, 0x14, 0x69, 0x12, 0x57, 0x9c, 0xc8, 0xb7, + + 0x10, 0x00, 0x00, 0x00, // Nonce2长度:16 + // Nonce2 + 0x2d, 0xb7, 0xf1, 0x5a, 0x0f, 0xb8, 0x20, 0xc5, 0x90, 0xe5, 0xca, 0x45, 0x84, 0x5c, 0x08, 0x08, + + 0x10, 0x00, 0x00, 0x00, // AEAD2长度:16 + // AEAD2 + 0x43, 0x25, 0x1b, 0x2f, 0x5b, 0x86, 0xd8, 0x87, 0x04, 0x4d, 0x38, 0xc2, 0x65, 0xcc, 0x9e, 0xb7, + + 0x20, 0x00, 0x00, 0x00, // K3密文长度:32 + // K3密文 + 0xf4, 0xe8, 0x93, 0x28, 0x0c, 0xfa, 0x4e, 0x11, 0x6b, 0xe8, 0xbd, 0xa8, 0xe9, 0x3f, 0xa7, 0x8f, + 0x2f, 0xe3, 0xb3, 0xbf, 0xaf, 0xce, 0xe5, 0x06, 0x2d, 0xe6, 0x45, 0x5d, 0x19, 0x26, 0x09, 0xe7, + + 0x10, 0x00, 0x00, 0x00, // AAD3长度:16 + // AAD3 + 0xf4, 0x1e, 0x7b, 0x01, 0x7a, 0x84, 0x36, 0xa4, 0xa8, 0x1c, 0x0d, 0x3d, 0xde, 0x57, 0x66, 0x73, + + 0x10, 0x00, 0x00, 0x00, // Nonce3长度:16 + // Nonce3 + 0xe3, 0xff, 0x29, 0x97, 0xad, 0xb3, 0x4a, 0x2c, 0x50, 0x08, 0xb5, 0x68, 0xe1, 0x90, 0x5a, 0xdc, + + 0x10, 0x00, 0x00, 0x00, // AEAD3长度:16 + // AEAD3 + 0x26, 0xae, 0xdc, 0x4e, 0xa5, 0x6e, 0xb1, 0x38, 0x14, 0x24, 0x47, 0x1c, 0x41, 0x89, 0x63, 0x11, + + 0x04, 0x00, 0x00, 0x00, // “密钥明文材料长度”的长度(字节):4 + // 密钥明文材料的长度:32字节 + 0x20, 0x00, 0x00, 0x00, + + 0x20, 0x00, 0x00, 0x00, // 待导入密钥密文长度(字节):32 + // 待导入密钥密文 + 0x0b, 0xcb, 0xa9, 0xa8, 0x5f, 0x5a, 0x9d, 0xbf, 0xa1, 0xfc, 0x72, 0x74, 0x87, 0x79, 0xf2, 0xf4, + 0x22, 0x0c, 0x8a, 0x4d, 0xd8, 0x7e, 0x10, 0xc8, 0x44, 0x17, 0x95, 0xab, 0x3b, 0xd2, 0x8f, 0x0a + ]); + importOptions.inData = inputKey; + + /* + * 导入封装的加密密钥材料 + */ + await publicImportWrappedKey(importAlias, wrapAlias, importOptions); + + /* + * 删除用于加密导入的密钥 + */ + await publicDeleteKeyFunc(wrapAlias, huksOptions); } + ``` **调测验证** @@ -2188,7 +2213,13 @@ async function TestGenKeyForFingerprintAccessControl() { 2. 使用密钥-加密场景-加密时不需要进行用户身份认证访问控制 ```js - import huks from '@ohos.security.huks'; +import huks from '@ohos.security.huks'; +import { BusinessError } from '@ohos.base'; + +class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyPadding | huks.HuksCipherMode | Uint8Array = huks.HuksKeyAlg.HUKS_ALG_ECC; +} /* * 确定密钥别名和封装密钥属性参数集 @@ -2196,132 +2227,135 @@ async function TestGenKeyForFingerprintAccessControl() { let srcKeyAlias = 'sm4_key_fingerprint_access'; let cipherInData = 'Hks_SM4_Cipher_Test_101010101010101010110_string'; // 明文数据 let IV = '1234567890123456'; -let handle; -let cipherText; // 加密后的密文数据 +let handle = 0; +let cipherText: Uint8Array; // 加密后的密文数据 -function StringToUint8Array(str) { - let arr = []; - for (let i = 0, j = str.length; i < j; ++i) { - arr.push(str.charCodeAt(i)); - } - return new Uint8Array(arr); +function StringToUint8Array(str: string) { + let arr: number[] = []; + for (let i = 0, j = str.length; i < j; ++i) { + arr.push(str.charCodeAt(i)); + } + return new Uint8Array(arr); } /* 集成生成密钥参数集 & 加密参数集 */ -let propertiesEncrypt = new Array(); -propertiesEncrypt[0] = { +let propertiesEncrypt: HuksProperties[] = [ + { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_SM4, -} -propertiesEncrypt[1] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT, -} -propertiesEncrypt[2] = { + }, + { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128, -} -propertiesEncrypt[3] = { + }, + { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_NONE, -} -propertiesEncrypt[4] = { + }, + { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_CBC, -} -propertiesEncrypt[5] = { + }, + { tag: huks.HuksTag.HUKS_TAG_IV, value: StringToUint8Array(IV), + }]; +let encryptOptions: huks.HuksOptions = { + properties: propertiesEncrypt, + inData: new Uint8Array(new Array()) } -let encryptOptions = { - properties: propertiesEncrypt, - inData: new Uint8Array(new Array()) +class throwObject1{ + isThrow: boolean = false; } - -function initSession(keyAlias, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.initSession(keyAlias, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); - } - }); -} - -async function publicInitFunc(keyAlias, huksOptions) { - console.info(`enter callback doInit`); - let throwObject = {isThrow: false}; +function initSession(keyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { try { - await initSession(keyAlias, huksOptions, throwObject) - .then ((data) => { - console.info(`callback: doInit success, data = ${JSON.stringify(data)}`); - handle = data.handle; - }) - .catch((error) => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: doInit failed, code: ${error.code}, msg: ${error.message}`); - } - }); + huks.initSession(keyAlias, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: doInit input arg invalid, code: ${error.code}, msg: ${error.message}`); + throwObject.isThrow = true; + throw (error as Error); } + }); } -function finishSession(handle, huksOptions, throwObject) { - return new Promise((resolve, reject) => { - try { - huks.finishSession(handle, huksOptions, function (error, data) { - if (error) { - reject(error); - } else { - resolve(data); - } - }); - } catch (error) { - throwObject.isThrow = true; - throw(error); +async function publicInitFunc(keyAlias: string, huksOptions: huks.HuksOptions) { + console.info(`enter callback doInit`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await initSession(keyAlias, huksOptions, throwObject) + .then((data) => { + console.info(`callback: doInit success, data = ${JSON.stringify(data)}`); + handle = data.handle as number; + }) + .catch((error: BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: doInit failed, code: ${error.code}, msg: ${error.message}`); } - }); + }); + } catch (error) { + console.error(`callback: doInit input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } -async function publicFinishFunc(handle, huksOptions) { - console.info(`enter callback doFinish`); - let throwObject = {isThrow: false}; +function finishSession(handle: number, huksOptions: huks.HuksOptions, throwObject: throwObject1) { + return new Promise((resolve, reject) => { try { - await finishSession(handle, huksOptions, throwObject) - .then ((data) => { - cipherText = data.outData; - console.info(`callback: doFinish success, data = ${JSON.stringify(data)}`); - }) - .catch(error => { - if (throwObject.isThrow) { - throw(error); - } else { - console.error(`callback: doFinish failed, code: ${error.code}, msg: ${error.message}`); - } - }); + huks.finishSession(handle, huksOptions, (error, data) => { + if (error) { + reject(error); + } else { + resolve(data); + } + }); } catch (error) { - console.error(`callback: doFinish input arg invalid, code: ${error.code}, msg: ${error.message}`); + throwObject.isThrow = true; + throw (error as Error); } + }); +} + +async function publicFinishFunc(handle: number, huksOptions: huks.HuksOptions) { + console.info(`enter callback doFinish`); + let throwObject: throwObject1 = { isThrow: false }; + try { + await finishSession(handle, huksOptions, throwObject) + .then((data) => { + cipherText = data.outData as Uint8Array; + console.info(`callback: doFinish success, data = ${JSON.stringify(data)}`); + }) + .catch((error: BusinessError) => { + if (throwObject.isThrow) { + throw (error as Error); + } else { + console.error(`callback: doFinish failed, code: ${error.code}, msg: ${error.message}`); + } + }); + } catch (error) { + console.error(`callback: doFinish input arg invalid, code: ${error.code}, msg: ${error.message}`); + } } async function testSm4Cipher() { - /* 初始化密钥会话获取挑战值 */ - await publicInitFunc(srcKeyAlias, encryptOptions); + /* 初始化密钥会话获取挑战值 */ + await publicInitFunc(srcKeyAlias, encryptOptions); - /* 加密 */ - encryptOptions.inData = StringToUint8Array(cipherInData); - await publicFinishFunc(handle, encryptOptions); + /* 加密 */ + encryptOptions.inData = StringToUint8Array(cipherInData); + await publicFinishFunc(handle, encryptOptions); } + ``` 3. 使用密钥-解密场景-解密时需要进行用户身份认证访问控制 diff --git a/zh-cn/device-dev/subsystems/subsys-security-huks-guide.md b/zh-cn/device-dev/subsystems/subsys-security-huks-guide.md index d3e7a7842dad7e6b4bbabf69adcb0e18ea7066f0..b71a2dfccc9fe6293970ba9d1a0e548b47f631ba 100644 --- a/zh-cn/device-dev/subsystems/subsys-security-huks-guide.md +++ b/zh-cn/device-dev/subsystems/subsys-security-huks-guide.md @@ -1347,42 +1347,48 @@ JS测试代码示例如下(仅供参考),如果整个流程能够正常运 2. 使用generateKey接口生成密钥。 ```js - + import { BusinessError } from '@ohos.base'; let aesKeyAlias = 'test_aesKeyAlias'; - let handle; + let handle = 0; let IV = '001122334455'; - let cipherData:Uint8Array; - let plainData:Uint8Array; - + class HuksProperties { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose = huks.HuksKeyAlg.HUKS_ALG_ECC; + } + + class HuksProperties1 { + tag: huks.HuksTag = huks.HuksTag.HUKS_TAG_ALGORITHM; + value: huks.HuksKeyAlg | huks.HuksKeySize | huks.HuksKeyPurpose | huks.HuksKeyPadding | huks.HuksCipherMode | Uint8Array = huks.HuksKeyAlg.HUKS_ALG_ECC; + } + function GetAesGenerateProperties() { - var properties = new Array(); - var index = 0; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_AES - }; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 - }; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | - huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT - } + let properties: HuksProperties[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_AES + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | + huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT + } + ]; return properties; } - async function GenerateAesKey() { - var genProperties = GetAesGenerateProperties(); - var options = { + let genProperties = GetAesGenerateProperties(); + let options: huks.HuksOptions = { properties: genProperties } await huks.generateKeyItem(aesKeyAlias, options).then((data) => { console.log("generateKeyItem success"); - }).catch((err)=>{ + }).catch((error: BusinessError) => { console.log("generateKeyItem failed"); }) } @@ -1393,8 +1399,8 @@ JS测试代码示例如下(仅供参考),如果整个流程能够正常运 ```js let plainText = '123456'; - function StringToUint8Array(str) { - let arr = []; + function StringToUint8Array(str: string) { + let arr: number[] = []; for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } @@ -1402,51 +1408,51 @@ JS测试代码示例如下(仅供参考),如果整个流程能够正常运 } function GetAesEncryptProperties() { - var properties = new Array(); - var index = 0; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_ALGORITHM, - value: huks.HuksKeyAlg.HUKS_ALG_AES - }; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, - value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 - }; - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_PURPOSE, - value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT - } - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_PADDING, - value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 - } - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, - value: huks.HuksCipherMode.HUKS_MODE_CBC - } - properties[index++] = { - tag: huks.HuksTag.HUKS_TAG_IV, - value: StringToUint8Array(IV) - } + let properties: HuksProperties1[] = [ + { + tag: huks.HuksTag.HUKS_TAG_ALGORITHM, + value: huks.HuksKeyAlg.HUKS_ALG_AES + }, + { + tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, + value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 + }, + { + tag: huks.HuksTag.HUKS_TAG_PURPOSE, + value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT + }, + { + tag: huks.HuksTag.HUKS_TAG_PADDING, + value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 + }, + { + tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, + value: huks.HuksCipherMode.HUKS_MODE_CBC + }, + { + tag: huks.HuksTag.HUKS_TAG_IV, + value: StringToUint8Array(IV) + } + ] return properties; } - + async function EncryptData() { - var encryptProperties = GetAesEncryptProperties(); - var options = { - properties:encryptProperties, - inData: StringToUint8Array(plainText) - } - await huks.initSession(aesKeyAlias, options).then((data) => { - handle = data.handle; - }).catch((err)=>{ - console.log("initSession failed"); - }) - await huks.finishSession(handle, options).then((data) => { - console.log("finishSession success"); - cipherData = data.outData - }).catch((err)=>{ - console.log("finishSession failed"); - }) + let encryptProperties = GetAesEncryptProperties(); + let options: huks.HuksOptions = { + properties: encryptProperties, + inData: StringToUint8Array(plainText) + } + await huks.initSession(aesKeyAlias, options).then((data) => { + handle = data.handle; + }).catch((error: BusinessError) => { + console.log("initSession failed"); + }) + await huks.finishSession(handle, options).then((data) => { + console.log("finishSession success"); + }).catch((error: BusinessError) => { + console.log("finishSession failed"); + }) } + ``` \ No newline at end of file