diff --git a/en/application-dev/reference/apis/js-apis-huks.md b/en/application-dev/reference/apis/js-apis-huks.md index 865fc233b0711bda14e5322140e468b86bd3c1c9..cad81d4e80c3303859274b2b79c3258bf8d2556c 100644 --- a/en/application-dev/reference/apis/js-apis-huks.md +++ b/en/application-dev/reference/apis/js-apis-huks.md @@ -75,7 +75,7 @@ Generates a key. This API uses an asynchronous callback to return the result. | -------- | --------------------------- | ---- | --------------------------------------------- | | keyAlias | string | Yes | Alias of the key. | | options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. The algorithm, key purpose, and key length are mandatory.| -| callback | AsyncCallback\ | Yes | Callback that returns no value.| +| callback | AsyncCallback\ | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** @@ -186,7 +186,7 @@ Deletes a key. This API uses an asynchronous callback to return the result. | -------- | --------------------------- | ---- | --------------------------------------------- | | keyAlias | string | Yes | Key alias passed in when the key was generated. | | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | -| callback | AsyncCallback\ | Yes | Callback that returns no value.| +| callback | AsyncCallback\ | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** @@ -289,7 +289,7 @@ Imports a key in plaintext. This API uses an asynchronous callback to return the | -------- | --------------------------- | ---- | --------------------------------------------- | | keyAlias | string | Yes | Alias of the key. | | options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import. The algorithm, key purpose, and key length are mandatory.| -| callback | AsyncCallback\ | Yes | Callback that returns no value.| +| callback | AsyncCallback\ | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** @@ -426,7 +426,7 @@ Obtains the certificate used to verify a key. This API uses an asynchronous call | -------- | ---------------------------------------------------- | ---- | --------------------------------------------- | | keyAlias | string | Yes | Alias of the key. The certificate to be obtained stores the key. | | options | [HuksOptions](#huksoptions) | Yes | Parameters and data required for obtaining the certificate. | -| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult9)> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.| +| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult9)> | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** @@ -553,7 +553,7 @@ Obtains the certificate used to verify a key. This API uses a promise to return | Type | Description | | ---------------------------------------------- | --------------------------------------------- | -| Promise<[HuksReturnResult](#huksreturnresult9)> | Promise used to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.| +| Promise<[HuksReturnResult](#huksreturnresult9)> | Promise used to return the result. If the operation fails, **err** is returned.| **Example** @@ -676,7 +676,7 @@ Imports a wrapped key. This API uses an asynchronous callback to return the resu | keyAlias | string | Yes | Alias of the wrapped key to import. | | wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. | | options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import. The algorithm, key purpose, and key length are mandatory.| -| callback | AsyncCallback\ | Yes | Callback that returns no value.| +| callback | AsyncCallback\ | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** @@ -1097,9 +1097,9 @@ let emptyOptions = { try { huks.isKeyItemExist(keyAlias, emptyOptions, function (error, data) { if (error) { - console.info(`callback: isKeyItemExist success, data = ${JSON.stringify(data)}`); - } else { console.error(`callback: isKeyItemExist failed, code: ${error.code}, msg: ${error.message}`); + } else { + console.info(`callback: isKeyItemExist success, data = ${JSON.stringify(data)}`); } }); } catch (error) { @@ -1312,14 +1312,14 @@ Aborts the use of the key. This API uses an asynchronous callback to return the | -------- | --------------------------- | ---- | ------------------------------------------- | | handle | number | Yes | Handle of the **Abort** operation. | | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation. | -| callback | AsyncCallback\ | Yes | Callback that returns no value.| +| callback | AsyncCallback\ | Yes | Callback invoked to return the result. If the operation fails, **err** is returned.| **Example** ```js /* huks.initSession, huks.updateSession, and huks.finishSession must be used together. * If an error occurs in any of huks.initSession, huks.updateSession, - * and huks.finishSession operations, + * and huks.finishSession operation, * huks.abortSession must be called to terminate the use of the key. * * The following uses the callback of an RSA1024 key as an example. @@ -1469,7 +1469,7 @@ Aborts the use of the key. This API uses a promise to return the result. ```js /* huks.initSession, huks.updateSession, and huks.finishSession must be used together. * If an error occurs in any of huks.initSession, huks.updateSession, - * and huks.finishSession operations, + * and huks.finishSession operation, * huks.abortSession must be called to terminate the use of the key. * * The following uses the callback of an RSA1024 key as an example. @@ -1602,26 +1602,26 @@ For details about the error codes, see [KUKS Error Codes](../errorcodes/errorcod **System capability**: SystemCapability.Security.Huks -| Name | Value| Description | -| ---------------------------------------------- | -------- |--------------------------- | -| HUKS_ERR_CODE_PERMISSION_FAIL | 201 | Permission verification failed. | -| HUKS_ERR_CODE_ILLEGAL_ARGUMENT | 401 | Invalid parameters are detected. | -| HUKS_ERR_CODE_NOT_SUPPORTED_API | 801 | The API is not supported. | -| HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED | 12000001 | The feature is not supported. | -| HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT | 12000002 | Key algorithm parameters are missing. | -| HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT | 12000003 | Invalid key algorithm parameters are detected. | -| HUKS_ERR_CODE_FILE_OPERATION_FAIL | 12000004 | The file operation failed. | -| HUKS_ERR_CODE_COMMUNICATION_FAIL | 12000005 | The communication failed. | -| HUKS_ERR_CODE_CRYPTO_FAIL | 12000006 | Failed to operate the algorithm library. | -| HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED | 12000007 | Failed to access the key because the key has expired.| -| HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED | 12000008 | Failed to access the key because the authentication has failed.| -| HUKS_ERR_CODE_KEY_AUTH_TIME_OUT | 12000009 | Key access timed out.| -| HUKS_ERR_CODE_SESSION_LIMIT | 12000010 | The number of key operation sessions has reached the limit. | -| HUKS_ERR_CODE_ITEM_NOT_EXIST | 12000011 | The target object does not exist. | -| HUKS_ERR_CODE_EXTERNAL_ERROR | 12000012 | An external error occurs. | -| HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST | 12000013 | The credential does not exist. | -| HUKS_ERR_CODE_INSUFFICIENT_MEMORY | 12000014 | The memory is insufficient. | -| HUKS_ERR_CODE_CALL_SERVICE_FAILED | 12000015 | Failed to call other system services. | +| Name | Value| Description | +| ---------------------------------------------- | -------- |--------------------------- | +| HUKS_ERR_CODE_PERMISSION_FAIL | 201 | Permission verification failed. | +| HUKS_ERR_CODE_ILLEGAL_ARGUMENT | 401 | Invalid parameters are detected. | +| HUKS_ERR_CODE_NOT_SUPPORTED_API | 801 | The API is not supported. | +| HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED | 12000001 | The feature is not supported. | +| HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT | 12000002 | Key algorithm parameters are missing. | +| HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT | 12000003 | Invalid key algorithm parameters are detected. | +| HUKS_ERR_CODE_FILE_OPERATION_FAIL | 12000004 | The file operation failed. | +| HUKS_ERR_CODE_COMMUNICATION_FAIL | 12000005 | The communication failed. | +| HUKS_ERR_CODE_CRYPTO_FAIL | 12000006 | Failed to operate the algorithm library. | +| HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED | 12000007 | Failed to access the key because the key has expired.| +| HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED | 12000008 | Failed to access the key because the authentication has failed.| +| HUKS_ERR_CODE_KEY_AUTH_TIME_OUT | 12000009 | Key access timed out.| +| HUKS_ERR_CODE_SESSION_LIMIT | 12000010 | The number of key operation sessions has reached the limit. | +| HUKS_ERR_CODE_ITEM_NOT_EXIST | 12000011 | The target object does not exist. | +| HUKS_ERR_CODE_EXTERNAL_ERROR | 12000012 | An external error occurs. | +| HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST | 12000013 | The credential does not exist. | +| HUKS_ERR_CODE_INSUFFICIENT_MEMORY | 12000014 | The memory is insufficient. | +| HUKS_ERR_CODE_CALL_SERVICE_FAILED | 12000015 | Failed to call other system services. | ## HuksKeyPurpose @@ -1789,7 +1789,7 @@ Enumerates the tag transfer modes. ## HuksUnwrapSuite9+ -Enumerates the algorithm suites required for encrypted imports. +Enumerates the algorithm suites used for importing an encrypted key. **System capability**: SystemCapability.Security.Huks diff --git a/en/application-dev/security/huks-guidelines.md b/en/application-dev/security/huks-guidelines.md index b72be28c24888642d1220779104477d28a170176..e6a18e1bef77969fb5dfde8284a7dc233d3c4254 100644 --- a/en/application-dev/security/huks-guidelines.md +++ b/en/application-dev/security/huks-guidelines.md @@ -6,7 +6,7 @@ OpenHarmony Universal KeyStore (HUKS) provides KeyStore (KS) capabilities for ap > > This document is based on API version 9 and applies only to ArkTS development. -### **Prerequisites** +### Prerequisites The HUKS module must have been imported. @@ -32,14 +32,14 @@ The following lists the mandatory parameters for key generation, including the k | ------------------ | :----------------------------------------------------------- | ------------------------------------------------------------ | | HUKS_ALG_RSA | HUKS_RSA_KEY_SIZE_512 HUKS_RSA_KEY_SIZE_768 HUKS_RSA_KEY_SIZE_1024 HUKS_RSA_KEY_SIZE_2048 HUKS_RSA_KEY_SIZE_3072 HUKS_RSA_KEY_SIZE_4096 | HUKS_KEY_PURPOSE_ENCRYPT HUKS_KEY_PURPOSE_DECRYPT HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | | HUKS_ALG_AES | HUKS_AES_KEY_SIZE_128 HUKS_AES_KEY_SIZE_192 HUKS_AES_KEY_SIZE_256 | HUKS_KEY_PURPOSE_ENCRYPT HUKS_KEY_PURPOSE_DECRYPT HUKS_KEY_PURPOSE_DERIVE | -| HUKS_ALG_ECC | HUKS_ECC_KEY_SIZE_224, HUKS_ECC_KEY_SIZE_256, HUKS_ECC_KEY_SIZE_384, HUKS_ECC_KEY_SIZE_521| HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | +| HUKS_ALG_ECC | HUKS_ECC_KEY_SIZE_224 HUKS_ECC_KEY_SIZE_256 HUKS_ECC_KEY_SIZE_384 HUKS_ECC_KEY_SIZE_521 | HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | | HUKS_ALG_X25519 | HUKS_CURVE25519_KEY_SIZE_256 | HUKS_KEY_PURPOSE_AGREE | | HUKS_ALG_ED25519 | HUKS_CURVE25519_KEY_SIZE_256 | HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | | HUKS_ALG_DSA | HUKS_RSA_KEY_SIZE_1024 | HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | -| HUKS_ALG_DH | HUKS_DH_KEY_SIZE_2048, HUKS_DH_KEY_SIZE_3072, HUKS_DH_KEY_SIZE_4096| HUKS_KEY_PURPOSE_AGREE | -| HUKS_ALG_ECDH | HUKS_ECC_KEY_SIZE_224, HUKS_ECC_KEY_SIZE_256, HUKS_ECC_KEY_SIZE_384, HUKS_ECC_KEY_SIZE_521| HUKS_KEY_PURPOSE_AGREE | +| HUKS_ALG_DH | HUKS_DH_KEY_SIZE_2048 HUKS_DH_KEY_SIZE_3072 HUKS_DH_KEY_SIZE_4096 | HUKS_KEY_PURPOSE_AGREE | +| HUKS_ALG_ECDH | HUKS_ECC_KEY_SIZE_224 HUKS_ECC_KEY_SIZE_256 HUKS_ECC_KEY_SIZE_384 HUKS_ECC_KEY_SIZE_521 | HUKS_KEY_PURPOSE_AGREE | | HUKS_ALG_SM2 | HUKS_SM2_KEY_SIZE_256 | HUKS_KEY_PURPOSE_SIGN HUKS_KEY_PURPOSE_VERIFY | -| HUKS_ALG_SM4 | HUKS_SM4_KEY_SIZE_128 | HUKS_KEY_PURPOSE_ENCRYPT or HUKS_KEY_PURPOSE_DECRYPT | +| HUKS_ALG_SM4 | HUKS_SM4_KEY_SIZE_128 | HUKS_KEY_PURPOSE_ENCRYPT or HUKS_KEY_PURPOSE_DECRYPT | Before you get started, understand the following variables: @@ -2032,7 +2032,9 @@ function deleteKeyItem(keyAlias:string, huksOptions:huks.HuksOptions) { }); } -let signVerifyInData = 'signVerifyInDataForTest'; +let signVerifyInData1 = 'signVerifyInDataForTestFirstText'; +let signVerifyInData2 = 'signVerifyInDataForTestSecondText'; +let signVerifyInData = [signVerifyInData1, signVerifyInData2]; let generateKeyAlias = 'generateKeyAliasForTest'; let importKeyAlias = 'importKeyAliasForTest'; let handle; @@ -2121,8 +2123,10 @@ async function testSm2SignVerify() { await publicInitFunc(generateKeyAlias, signOptions); signHandle = handle; - signOptions.inData = StringToUint8Array(signVerifyInData) - await publicUpdateFunc(signHandle, signOptions); + for (var index = 0; index < signVerifyInData.length; index++) { + signOptions.inData = StringToUint8Array(signVerifyInData[index]); + await publicUpdateFunc(signHandle, signOptions); + } signOptions.inData = new Uint8Array(new Array()); await publicFinishFunc(signHandle, signOptions); @@ -2141,8 +2145,10 @@ async function testSm2SignVerify() { verifyHandle = handle; - verifyOptions.inData = StringToUint8Array(signVerifyInData) - await publicUpdateFunc(verifyHandle, verifyOptions); + for (var index = 0; index < signVerifyInData.length; index++) { + verifyOptions.inData = StringToUint8Array(signVerifyInData[index]); + await publicUpdateFunc(verifyHandle, verifyOptions); + } verifyOptions.inData = signFinishOutData; await publicFinishFunc(verifyHandle, verifyOptions);