From 300458e339b309fcc9ad6013130f26446cdb54fb Mon Sep 17 00:00:00 2001
From: Annie_wang <annie.wangli@huawei.com>
Date: Thu, 17 Aug 2023 11:20:10 +0800
Subject: [PATCH] update docs Signed-off-by: Annie_wang
 <annie.wangli@huawei.com>

---
 .../reference/apis/js-apis-cert.md            | 48 ++++++++++++++++++-
 .../security/cert-guidelines.md               |  6 +--
 .../OpenHarmony_4.0.10.1/changelogs-cert.md   | 35 ++++++++++++++
 3 files changed, 85 insertions(+), 4 deletions(-)
 create mode 100644 en/release-notes/changelogs/OpenHarmony_4.0.10.1/changelogs-cert.md

diff --git a/en/application-dev/reference/apis/js-apis-cert.md b/en/application-dev/reference/apis/js-apis-cert.md
index bd2479de23..a8676acc56 100644
--- a/en/application-dev/reference/apis/js-apis-cert.md
+++ b/en/application-dev/reference/apis/js-apis-cert.md
@@ -553,12 +553,16 @@ cryptoCert.createX509Cert(encodingBlob, function (error, x509Cert) {
 });
 ```
 
-### getSerialNumber
+### getSerialNumber<sup>(deprecated)</sup>
 
 getSerialNumber() : number
 
 Obtains the X.509 certificate serial number.
 
+> **NOTE**
+>
+> This API is supported since API version 9 and deprecated since API version 10. You are advised to use [getCertSerialNumber](#getcertserialnumber10).
+
 **System capability**: SystemCapability.Security.Cert
 
 **Return value**
@@ -589,6 +593,48 @@ cryptoCert.createX509Cert(encodingBlob, function (error, x509Cert) {
 });
 ```
 
+### getCertSerialNumber<sup>10+</sup>
+
+getCertSerialNumber() : bigint
+
+Obtains the X.509 certificate serial number.
+
+**System capability**: SystemCapability.Security.Cert
+
+**Return value**
+
+| Type  | Description              |
+| ------ | ------------------ |
+| bigint | X.509 certificate serial number obtained.|
+
+**Error codes**
+
+| ID| Error Message                                         |
+| -------- | ------------------------------------------------- |
+| 19020002 | runtime error.                                    |
+
+**Example**
+
+```js
+import cryptoCert from '@ohos.security.cert';
+
+// Certificate binary data, which must be set based on the service.
+let encodingData = null;
+let encodingBlob = {
+    data: encodingData,
+    // Set the encoding format, which can be FORMAT_PEM or FORMAT_DER.
+    encodingFormat: cryptoCert.EncodingFormat.FORMAT_PEM
+};
+cryptoCert.createX509Cert(encodingBlob, function (error, x509Cert) {
+    if (error != null) {
+        console.log("createX509Cert failed, errCode: " + error.code + ", errMsg: " + error.message);
+    } else {
+        console.log("createX509Cert success");
+        let serialNumber = x509Cert.getCertSerialNumber();
+    }
+});
+```
+
 ### getIssuerName
 
 getIssuerName() : DataBlob
diff --git a/en/application-dev/security/cert-guidelines.md b/en/application-dev/security/cert-guidelines.md
index 817471a5aa..46f15dd6f7 100644
--- a/en/application-dev/security/cert-guidelines.md
+++ b/en/application-dev/security/cert-guidelines.md
@@ -34,7 +34,7 @@ The table below describes the APIs used in this guide.
 | X509Cert        | getPublicKey() : cryptoFramework.PubKey                       | Obtains the certificate public key.                              |
 | X509Cert        | checkValidityWithDate(date: string) : void                   | Checks the certificate validity period.                             |
 | X509Cert        | getVersion() : number                                        | Obtains the certificate version.                                |
-| X509Cert        | getSerialNumber() : number                                   | Obtains the certificate serial number.                              |
+| X509Cert | getCertSerialNumber() : bigint<sup>10+</sup> | Obtains the certificate serial number.|
 | X509Cert        | getIssuerName() : DataBlob                                   | Obtains the certificate issuer.                          |
 | X509Cert        | getSubjectName() : DataBlob                                  | Obtains the certificate subject.                            |
 | X509Cert        | getNotBeforeTime() : string                                  | Obtains the time from which the certificate takes effect.                      |
@@ -489,7 +489,7 @@ function certChainValidatorSample() {
         data: encodingData,
         // Number of certificates. It is 2 in this example.
         count: 2,
-        // Certificate format. PEM and DER are supported. In this example, the certificate is in PEM format.
+        // Certificate format. Only PEM and DER are supported. In this example, the certificate is in PEM format.
         encodingFormat: cryptoCert.EncodingFormat.FORMAT_PEM
     };
     
@@ -572,4 +572,4 @@ function crlEntrySample() {
         }
     });
 }
-```
+```
\ No newline at end of file
diff --git a/en/release-notes/changelogs/OpenHarmony_4.0.10.1/changelogs-cert.md b/en/release-notes/changelogs/OpenHarmony_4.0.10.1/changelogs-cert.md
new file mode 100644
index 0000000000..2b159c78eb
--- /dev/null
+++ b/en/release-notes/changelogs/OpenHarmony_4.0.10.1/changelogs-cert.md
@@ -0,0 +1,35 @@
+# Security Subsystem Changelog
+
+##  cl.cert.1 X509Cert.getSerialNumber Deprecated
+
+Deprecated **X509Cert.getSerialNumber()** and replaced it with **X509Cert.getCertSerialNumber()**.
+
+**Change Impact**
+
+**X509Cert.getSerialNumber()** is deprecated since API version 10. **X509Cert.getCertSerialNumber()** should be used to replace **X509Cert.getSerialNumber()** in application development. The API function remains unchanged.
+
+**Key API/Component Changes**
+
+API before change:
+
+ ```js
+interface X509Cert {
+  ...
+  getSerialNumber(): number;
+  ...
+}
+ ```
+
+API after change:
+
+ ```js
+interface X509Cert {
+  ...
+  getCertSerialNumber(): bigint;
+  ...
+}
+ ```
+
+**Adaptation Guide**
+
+See [Certificate Development Guide](../../../application-dev/security/cert-guidelines.md) and [Certificate](../../../application-dev/reference/apis/js-apis-cert.md).
-- 
GitLab