Skip to content

D
Docs

OpenHarmony / Docs
大约 1 年 前同步成功

通知 159
Star 292
Fork 28
D
Docs

体验新版 GitCode,发现更多精彩内容 >>

未验证 提交 65ad2d8d 编写于 作者: O openharmony_ci 提交者: Gitee
浏览文件
操作

!5912 [翻译完成】#I5AYBB 

Merge pull request !5912 from Annie_wang/PR5016
上级 17862582 1063681d
隐藏空白更改
内联 并排
Showing with 549 addition and 292 deletion
en/application-dev/reference/apis/js-apis-huks.md
浏览文件 @ 65ad2d8d
# HUKS
> ![icon-note.gif](public_sys-resources/icon-note.gif) **NOTE**<br/>
> ![icon-note.gif](public_sys-resources/icon-note.gif) **NOTE**<br>
>
> The initial APIs of this module are supported since API version 8. Newly added APIs will be marked with a superscript to indicate their earliest API version.
OpenHarmony Universal KeyStore (HUKS) provides KeyStore (KS) capabilities for applications, including key management and key cryptography operations.
HUKS also provides APIs for applications to import or generate keys.
Provides KeyStore (KS) capabilities for applications, including key management and key cryptography operations.
The keys managed by OpenHarmony Universal KeyStore (HUKS) can be imported by applications or generated by calling the HUKS APIs.
## Modules to Import
......@@ -20,73 +20,75 @@ Enumerates the error codes.
| Name | Value | Description|
| -------------------------- | ----- | ---- |
| HUKS_SUCCESS | 0 |Success. |
| HUKS_FAILURE | -1 |Failure. |
| HUKS_ERROR_BAD_STATE | -2 |Incorrect state. |
| HUKS_ERROR_INVALID_ARGUMENT | -3 |Invalid argument. |
| HUKS_ERROR_NOT_SUPPORTED | -4 |Not supported. |
| HUKS_ERROR_NO_PERMISSION | -5 |No permission. |
| HUKS_ERROR_INSUFFICIENT_DATA | -6 |Insufficient data. |
| HUKS_ERROR_BUFFER_TOO_SMALL | -7 |Insufficient buffer. |
| HUKS_ERROR_INSUFFICIENT_MEMORY | -8 |Insufficient memory. |
| HUKS_ERROR_COMMUNICATION_FAILURE | -9 |Communication failure. |
| HUKS_ERROR_STORAGE_FAILURE | -10 |Storage failure. |
| HUKS_ERROR_HARDWARE_FAILURE | -11 |Hardware fault. |
| HUKS_ERROR_ALREADY_EXISTS | -12 |The object already exists. |
| HUKS_ERROR_NOT_EXIST | -13 |The object does not exist. |
| HUKS_ERROR_NULL_POINTER | -14 |Null pointer. |
| HUKS_ERROR_FILE_SIZE_FAIL | -15 |Incorrect file size. |
| HUKS_ERROR_READ_FILE_FAIL | -16 |Failed to read the file. |
| HUKS_ERROR_INVALID_PUBLIC_KEY | -17 |Invalid public key. |
| HUKS_ERROR_INVALID_PRIVATE_KEY | -18 |Invalid private key. |
| HUKS_ERROR_INVALID_KEY_INFO | -19 |Invalid key information. |
| HUKS_ERROR_HASH_NOT_EQUAL | -20 |The hash values are not equal. |
| HUKS_ERROR_MALLOC_FAIL | -21 |MALLOC failed. |
| HUKS_ERROR_WRITE_FILE_FAIL | -22 |Failed to write the file. |
| HUKS_ERROR_REMOVE_FILE_FAIL | -23 |Failed to delete the file. |
| HUKS_ERROR_OPEN_FILE_FAIL | -24 |Failed to open the file. |
| HUKS_ERROR_CLOSE_FILE_FAIL | -25 |Failed to close the file. |
| HUKS_ERROR_MAKE_DIR_FAIL | -26 |Failed to create the directory. |
| HUKS_ERROR_INVALID_KEY_FILE | -27 |Invalid key file. |
| HUKS_ERROR_IPC_MSG_FAIL | -28 |Incorrect IPC information. |
| HUKS_ERROR_REQUEST_OVERFLOWS | -29 |Request overflows. |
| HUKS_ERROR_PARAM_NOT_EXIST | -30 |The parameter does not exist. |
| HUKS_ERROR_CRYPTO_ENGINE_ERROR | -31 |CRYPTO ENGINE error. |
| HUKS_ERROR_COMMUNICATION_TIMEOUT | -32 |Communication timed out. |
| HUKS_ERROR_IPC_INIT_FAIL | -33 |IPC initialization failed. |
| HUKS_ERROR_IPC_DLOPEN_FAIL | -34 |IPC DLOPEN failed. |
| HUKS_ERROR_EFUSE_READ_FAIL | -35 |Failed to read eFUSE. |
| HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST | -36 |New root key material exists. |
| HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL | -37 |Failed to update the root key material. |
| HUKS_ERROR_VERIFICATION_FAILED | -38 |Failed to verify the certificate chain. |
| HUKS_SUCCESS | 0 |Success.|
| HUKS_FAILURE | -1 |Failure.|
| HUKS_ERROR_BAD_STATE | -2 |Incorrect state.|
| HUKS_ERROR_INVALID_ARGUMENT | -3 |Invalid argument.|
| HUKS_ERROR_NOT_SUPPORTED | -4 |Not supported.|
| HUKS_ERROR_NO_PERMISSION | -5 |No permission.|
| HUKS_ERROR_INSUFFICIENT_DATA | -6 |Insufficient data.|
| HUKS_ERROR_BUFFER_TOO_SMALL | -7 |Insufficient buffer.|
| HUKS_ERROR_INSUFFICIENT_MEMORY | -8 |Insufficient memory.|
| HUKS_ERROR_COMMUNICATION_FAILURE | -9 |Communication failure.|
| HUKS_ERROR_STORAGE_FAILURE | -10 |Storage failure.|
| HUKS_ERROR_HARDWARE_FAILURE | -11 |Hardware fault.|
| HUKS_ERROR_ALREADY_EXISTS | -12 |The object already exists.|
| HUKS_ERROR_NOT_EXIST | -13 |The object does not exist.|
| HUKS_ERROR_NULL_POINTER | -14 |Null pointer.|
| HUKS_ERROR_FILE_SIZE_FAIL | -15 |Incorrect file size.|
| HUKS_ERROR_READ_FILE_FAIL | -16 |Failed to read the file.|
| HUKS_ERROR_INVALID_PUBLIC_KEY | -17 |Invalid public key.|
| HUKS_ERROR_INVALID_PRIVATE_KEY | -18 |Invalid private key.|
| HUKS_ERROR_INVALID_KEY_INFO | -19 |Invalid key information.|
| HUKS_ERROR_HASH_NOT_EQUAL | -20 |The hash values are not equal.|
| HUKS_ERROR_MALLOC_FAIL | -21 |MALLOC failed.|
| HUKS_ERROR_WRITE_FILE_FAIL | -22 |Failed to write the file.|
| HUKS_ERROR_REMOVE_FILE_FAIL | -23 |Failed to delete the file.|
| HUKS_ERROR_OPEN_FILE_FAIL | -24 |Failed to open the file.|
| HUKS_ERROR_CLOSE_FILE_FAIL | -25 |Failed to close the file.|
| HUKS_ERROR_MAKE_DIR_FAIL | -26 |Failed to create the directory.|
| HUKS_ERROR_INVALID_KEY_FILE | -27 |Invalid key file.|
| HUKS_ERROR_IPC_MSG_FAIL | -28 |Incorrect IPC information.|
| HUKS_ERROR_REQUEST_OVERFLOWS | -29 |Request overflows.|
| HUKS_ERROR_PARAM_NOT_EXIST | -30 |The parameter does not exist.|
| HUKS_ERROR_CRYPTO_ENGINE_ERROR | -31 |CRYPTO ENGINE error.|
| HUKS_ERROR_COMMUNICATION_TIMEOUT | -32 |Communication timed out.|
| HUKS_ERROR_IPC_INIT_FAIL | -33 |IPC initialization failed.|
| HUKS_ERROR_IPC_DLOPEN_FAIL | -34 |IPC DLOPEN failed.|
| HUKS_ERROR_EFUSE_READ_FAIL | -35 |Failed to read eFUSE.|
| HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST | -36 |New root key material exists.|
| HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL | -37 |Failed to update the root key material.|
| HUKS_ERROR_VERIFICATION_FAILED | -38 |Failed to verify the certificate chain.|
| HUKS_ERROR_CHECK_GET_ALG_FAIL | -100 |Failed to check whether the ALG is obtained. |
| HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL | -101 |Failed to check whether the key size is obtained. |
| HUKS_ERROR_CHECK_GET_PADDING_FAIL | -102 |Failed to check whether padding is obtained. |
| HUKS_ERROR_CHECK_GET_PURPOSE_FAIL | -103 |Failed to check whether the purpose is obtained. |
| HUKS_ERROR_CHECK_GET_DIGEST_FAIL | -104 |Failed to check whether digest is obtained. |
| HUKS_ERROR_CHECK_GET_MODE_FAIL | -105 |Failed to check whether the mode is obtained. |
| HUKS_ERROR_CHECK_GET_NONCE_FAIL | -106 |Failed to check whether the nonce is obtained. |
| HUKS_ERROR_CHECK_GET_AAD_FAIL | -107 |Failed to check whether the AAD is obtained. |
| HUKS_ERROR_CHECK_GET_IV_FAIL | -108 |Failed to check whether the initialization vector (IV) is obtained. |
| HUKS_ERROR_CHECK_GET_AE_TAG_FAIL | -109 |Failed to check whether the AE flag is obtained. |
| HUKS_ERROR_CHECK_GET_SALT_FAIL | -110 |Failed to check whether the SALT is obtained. |
| HUKS_ERROR_CHECK_GET_ITERATION_FAIL | -111 |Failed to check whether the iteration is obtained. |
| HUKS_ERROR_INVALID_ALGORITHM | -112 |Invalid algorithm. |
| HUKS_ERROR_INVALID_KEY_SIZE | -113 |Invalid key size. |
| HUKS_ERROR_INVALID_PADDING | -114 |Invalid padding. |
| HUKS_ERROR_INVALID_PURPOSE | -115 |Invalid purpose. |
| HUKS_ERROR_INVALID_MODE | -116 |Invalid mode. |
| HUKS_ERROR_INVALID_DIGEST | -117 |Invalid digest. |
| HUKS_ERROR_INVALID_SIGNATURE_SIZE | -118 |Invalid signature size. |
| HUKS_ERROR_INVALID_IV | -119 |Invalid IV. |
| HUKS_ERROR_INVALID_AAD | -120 |Invalid AAD. |
| HUKS_ERROR_INVALID_NONCE | -121 |Invalid nonce. |
| HUKS_ERROR_INVALID_AE_TAG | -122 |Invalid AE tag. |
| HUKS_ERROR_INVALID_SALT | -123 |Invalid SALT. |
| HUKS_ERROR_INVALID_ITERATION | -124 |Invalid iteration. |
| HUKS_ERROR_INVALID_OPERATION | -125 |Invalid operation. |
| HUKS_ERROR_INTERNAL_ERROR | -999 |Internal error. |
| HUKS_ERROR_UNKNOWN_ERROR | -1000 |Unknown error. |
| HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL | -101 |Failed to check whether the key size is obtained.|
| HUKS_ERROR_CHECK_GET_PADDING_FAIL | -102 |Failed to check whether padding is obtained.|
| HUKS_ERROR_CHECK_GET_PURPOSE_FAIL | -103 |Failed to check whether the purpose is obtained.|
| HUKS_ERROR_CHECK_GET_DIGEST_FAIL | -104 |Failed to check whether digest is obtained.|
| HUKS_ERROR_CHECK_GET_MODE_FAIL | -105 |Failed to check whether the mode is obtained.|
| HUKS_ERROR_CHECK_GET_NONCE_FAIL | -106 |Failed to check whether the nonce is obtained.|
| HUKS_ERROR_CHECK_GET_AAD_FAIL | -107 |Failed to check whether the AAD is obtained.|
| HUKS_ERROR_CHECK_GET_IV_FAIL | -108 |Failed to check whether the initialization vector (IV) is obtained.|
| HUKS_ERROR_CHECK_GET_AE_TAG_FAIL | -109 |Failed to check whether the AE flag is obtained.|
| HUKS_ERROR_CHECK_GET_SALT_FAIL | -110 |Failed to check whether the SALT is obtained.|
| HUKS_ERROR_CHECK_GET_ITERATION_FAIL | -111 |Failed to check whether the iteration is obtained.|
| HUKS_ERROR_INVALID_ALGORITHM | -112 |Invalid algorithm.|
| HUKS_ERROR_INVALID_KEY_SIZE | -113 |Invalid key size.|
| HUKS_ERROR_INVALID_PADDING | -114 |Invalid padding.|
| HUKS_ERROR_INVALID_PURPOSE | -115 |Invalid purpose.|
| HUKS_ERROR_INVALID_MODE | -116 |Invalid mode.|
| HUKS_ERROR_INVALID_DIGEST | -117 |Invalid digest.|
| HUKS_ERROR_INVALID_SIGNATURE_SIZE | -118 |Invalid signature size.|
| HUKS_ERROR_INVALID_IV | -119 |Invalid IV.|
| HUKS_ERROR_INVALID_AAD | -120 |Invalid AAD.|
| HUKS_ERROR_INVALID_NONCE | -121 |Invalid nonce.|
| HUKS_ERROR_INVALID_AE_TAG | -122 |Invalid AE tag.|
| HUKS_ERROR_INVALID_SALT | -123 |Invalid SALT.|
| HUKS_ERROR_INVALID_ITERATION | -124 |Invalid iteration.|
| HUKS_ERROR_INVALID_OPERATION | -125 |Invalid operation.|
| HUKS_ERROR_INVALID_WRAPPED_FORMAT<sup>9+</sup> | -126 |Incorrect format of the wrapped key being imported.|
| HUKS_ERROR_INVALID_USAGE_OF_KEY<sup>9+</sup> | -127 |Incorrect purpose of the wrapped key being imported.|
| HUKS_ERROR_INTERNAL_ERROR | -999 |Internal error.|
| HUKS_ERROR_UNKNOWN_ERROR | -1000 |Unknown error.|
## HuksKeyPurpose
......@@ -97,13 +99,13 @@ Enumerates the key purposes.
| Name | Value | Description |
| ------------------------ | ---- | -------------------------------- |
| HUKS_KEY_PURPOSE_ENCRYPT | 1 | Used to encrypt plain text. |
| HUKS_KEY_PURPOSE_ENCRYPT | 1 | Used to encrypt plaintext. |
| HUKS_KEY_PURPOSE_DECRYPT | 2 | Used to decrypt cipher text. |
| HUKS_KEY_PURPOSE_SIGN | 4 | Usedd to sign data. |
| HUKS_KEY_PURPOSE_SIGN | 4 | Used to sign data. |
| HUKS_KEY_PURPOSE_VERIFY | 8 | Used to verify the signed data. |
| HUKS_KEY_PURPOSE_DERIVE | 16 | Used to derive a key. |
| HUKS_KEY_PURPOSE_WRAP | 32 | Used for encrypted import. |
| HUKS_KEY_PURPOSE_UNWRAP | 64 | Used for encrypted export. |
| HUKS_KEY_PURPOSE_WRAP | 32 | Used to wrap data. |
| HUKS_KEY_PURPOSE_UNWRAP | 64 | Used for unwrap data. |
| HUKS_KEY_PURPOSE_MAC | 128 | Used to generate a message authentication code (MAC). |
| HUKS_KEY_PURPOSE_AGREE | 256 | Used for key agreement. |
......@@ -115,13 +117,14 @@ Enumerates the digest algorithms.
| Name | Value | Description |
| ---------------------- | ---- | ---------------------------------------- |
| HUKS_DIGEST_NONE | 0 | No digest algorithm. |
| HUKS_DIGEST_MD5 | 1 | MD5. |
| HUKS_DIGEST_SHA1 | 10 | SHA1. |
| HUKS_DIGEST_SHA224 | 11 | SHA-224. |
| HUKS_DIGEST_SHA256 | 12 | SHA-256. |
| HUKS_DIGEST_SHA384 | 13 | SHA-384. |
| HUKS_DIGEST_SHA512 | 14 | SHA-512. |
| HUKS_DIGEST_NONE | 0 | No digest algorithm |
| HUKS_DIGEST_MD5 | 1 | MD5 |
| HUKS_DIGEST_SM3<sup>9+</sup> | 2 | SM3 |
| HUKS_DIGEST_SHA1 | 10 | SHA1 |
| HUKS_DIGEST_SHA224 | 11 | SHA-224 |
| HUKS_DIGEST_SHA256 | 12 | SHA-256 |
| HUKS_DIGEST_SHA384 | 13 | SHA-384 |
| HUKS_DIGEST_SHA512 | 14 | SHA-512 |
## HuksKeyPadding
......@@ -131,11 +134,11 @@ Enumerates the padding algorithms.
| Name | Value | Description |
| ---------------------- | ---- | ---------------------------------------- |
| HUKS_PADDING_NONE | 0 | No padding algorithm. |
| HUKS_PADDING_OAEP | 1 | Optimal Asymmetric Encryption Padding (OAEP). |
| HUKS_PADDING_PSS | 2 | Probabilistic Signature Scheme (PSS). |
| HUKS_PADDING_PKCS1_V1_5 | 3 | PKCS1_V1_5. |
| HUKS_PADDING_PKCS5 | 4 | Public Key Cryptography Standards (PKCS) #5. |
| HUKS_PADDING_NONE | 0 | No padding algorithm |
| HUKS_PADDING_OAEP | 1 | Optimal Asymmetric Encryption Padding (OAEP) |
| HUKS_PADDING_PSS | 2 | Probabilistic Signature Scheme (PSS) |
| HUKS_PADDING_PKCS1_V1_5 | 3 | PKCS1_V1_5 |
| HUKS_PADDING_PKCS5 | 4 | Public Key Cryptography Standards (PKCS) #5 |
| HUKS_PADDING_PKCS7 | 5 | PKCS #7|
## HuksCipherMode
......@@ -146,12 +149,12 @@ Enumerates the cipher modes.
| Name | Value | Description |
| ------------- | ---- | --------------------- |
| HUKS_MODE_ECB | 1 | Electronic Code BLock (ECB) mode. |
| HUKS_MODE_CBC | 2 | Cipher Block Chaining (CBC) mode. |
| HUKS_MODE_CTR | 3 | Counter (CTR) mode. |
| HUKS_MODE_OFB | 4 | Output Feedback (OFB) mode. |
| HUKS_MODE_CCM | 31 | Counter with CBC-MAC (CCM) mode. |
| HUKS_MODE_GCM | 32 | Galois/Counter (GCM) mode. |
| HUKS_MODE_ECB | 1 | Electronic Code Block (ECB) mode |
| HUKS_MODE_CBC | 2 | Cipher Block Chaining (CBC) mode |
| HUKS_MODE_CTR | 3 | Counter (CTR) mode |
| HUKS_MODE_OFB | 4 | Output Feedback (OFB) mode |
| HUKS_MODE_CCM | 31 | Counter with CBC-MAC (CCM) mode |
| HUKS_MODE_GCM | 32 | Galois/Counter (GCM) mode |
## HuksKeySize
......@@ -159,26 +162,28 @@ Enumerates the key sizes.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| ---------------------------- | ---- | ------------------------------------------ |
| HUKS_RSA_KEY_SIZE_512 | 512 | Rivest-Shamir-Adleman (RSA) key of 512 bits. |
| HUKS_RSA_KEY_SIZE_768 | 768 | RSA key of 768 bits. |
| HUKS_RSA_KEY_SIZE_1024 | 1024 | RSA key of 1024 bits. |
| HUKS_RSA_KEY_SIZE_2048 | 2048 | RSA key of 2048 bits. |
| HUKS_RSA_KEY_SIZE_3072 | 3072 | RSA key of 3072 bits. |
| HUKS_RSA_KEY_SIZE_4096 | 4096 | RSA key of 4096 bits. |
| HUKS_ECC_KEY_SIZE_224 | 224 | ECC key of 224 bits. |
| HUKS_ECC_KEY_SIZE_256 | 256 | ECC key of 256 bits. |
| HUKS_ECC_KEY_SIZE_384 | 384 | ECC key of 384 bits. |
| HUKS_ECC_KEY_SIZE_521 | 521 | ECC key of 521 bits. |
| HUKS_AES_KEY_SIZE_128 | 128 | AES key of 128 bits. |
| HUKS_AES_KEY_SIZE_192 | 196 | AES key of 196 bits. |
| HUKS_AES_KEY_SIZE_256 | 256 | AES key of 256 bits. |
| HUKS_AES_KEY_SIZE_512 | 512 | AES key of 512 bits. |
| HUKS_CURVE25519_KEY_SIZE_256 | 256 | Curve25519 key of 256 bits. |
| HUKS_DH_KEY_SIZE_2048 | 2048 | DH key of 2048 bits. |
| HUKS_DH_KEY_SIZE_3072 | 3072 | DH key of 3072 bits. |
| HUKS_DH_KEY_SIZE_4096 | 4096 | DH key of 4096 bits. |
| Name | Value | Description |
| ---------------------------------- | ---- | ------------------------------------------ |
| HUKS_RSA_KEY_SIZE_512 | 512 | Rivest-Shamir-Adleman (RSA) key of 512 bits |
| HUKS_RSA_KEY_SIZE_768 | 768 | RSA key of 768 bits |
| HUKS_RSA_KEY_SIZE_1024 | 1024 | RSA key of 1024 bits |
| HUKS_RSA_KEY_SIZE_2048 | 2048 | RSA key of 2048 bits |
| HUKS_RSA_KEY_SIZE_3072 | 3072 | RSA key of 3072 bits |
| HUKS_RSA_KEY_SIZE_4096 | 4096 | RSA key of 4096 bits |
| HUKS_ECC_KEY_SIZE_224 | 224 | ECC key of 224 bits |
| HUKS_ECC_KEY_SIZE_256 | 256 | ECC key of 256 bits |
| HUKS_ECC_KEY_SIZE_384 | 384 | ECC key of 384 bits |
| HUKS_ECC_KEY_SIZE_521 | 521 | ECC key of 521 bits |
| HUKS_AES_KEY_SIZE_128 | 128 | AES key of 128 bits |
| HUKS_AES_KEY_SIZE_192 | 196 | AES key of 196 bits |
| HUKS_AES_KEY_SIZE_256 | 256 | AES key of 256 bits |
| HUKS_AES_KEY_SIZE_512 | 512 | AES key of 512 bits |
| HUKS_CURVE25519_KEY_SIZE_256 | 256 | Curve25519 key of 256 bits |
| HUKS_DH_KEY_SIZE_2048 | 2048 | DH key of 2048 bits |
| HUKS_DH_KEY_SIZE_3072 | 3072 | DH key of 3072 bits |
| HUKS_DH_KEY_SIZE_4096 | 4096 | DH key of 4096 bits |
| HUKS_SM2_KEY_SIZE_256<sup>9+</sup> | 256 | SM2 key of 256 bits |
| HUKS_SM4_KEY_SIZE_128<sup>9+</sup> | 128 | SM4 key of 128 bits |
## HuksKeyAlg
......@@ -186,19 +191,22 @@ Enumerates the key algorithms.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| ---------------- | ---- | --------------------- |
| HUKS_ALG_RSA | 1 | RSA. |
| HUKS_ALG_ECC | 2 | ECC. |
| HUKS_ALG_DSA | 3 | DSA. |
| HUKS_ALG_AES | 20 | AES. |
| HUKS_ALG_HMAC | 50 | HMAC. |
| HUKS_ALG_HKDF | 51 | HKDF. |
| HUKS_ALG_PBKDF2 | 52 | PBKDF2. |
| HUKS_ALG_ECDH | 100 | ECDH. |
| HUKS_ALG_X25519 | 101 | X25519 algorithm. |
| HUKS_ALG_ED25519 | 102 | ED25519 algorithm. |
| HUKS_ALG_DH | 103 | DH. |
| Name | Value | Description |
| ------------------------- | ---- | --------------------- |
| HUKS_ALG_RSA | 1 | RSA |
| HUKS_ALG_ECC | 2 | ECC |
| HUKS_ALG_DSA | 3 | DSA |
| HUKS_ALG_AES | 20 | AES |
| HUKS_ALG_HMAC | 50 | HMAC |
| HUKS_ALG_HKDF | 51 | HKDF |
| HUKS_ALG_PBKDF2 | 52 | PBKDF2 |
| HUKS_ALG_ECDH | 100 | ECDH |
| HUKS_ALG_X25519 | 101 | X25519 |
| HUKS_ALG_ED25519 | 102 | ED25519 |
| HUKS_ALG_DH | 103 | DH |
| HUKS_ALG_SM2<sup>9+</sup> | 150 | SM2 |
| HUKS_ALG_SM3<sup>9+</sup> | 151 | SM3 |
| HUKS_ALG_SM4<sup>9+</sup> | 152 | SM4 |
## HuksKeyGenerateType
......@@ -208,9 +216,9 @@ Enumerates the key generation types.
| Name | Value | Description |
| ------------------------------ | ---- | ---------------- |
| HUKS_KEY_GENERATE_TYPE_DEFAULT | 0 | Key generated by default. |
| HUKS_KEY_GENERATE_TYPE_DERIVE | 1 | Derived key. |
| HUKS_KEY_GENERATE_TYPE_AGREE | 2 | Key generated by agreement. |
| HUKS_KEY_GENERATE_TYPE_DEFAULT | 0 | Key generated by default.|
| HUKS_KEY_GENERATE_TYPE_DERIVE | 1 | Derived key.|
| HUKS_KEY_GENERATE_TYPE_AGREE | 2 | Key generated by agreement.|
## HuksKeyFlag
......@@ -220,10 +228,10 @@ Enumerates the key generation modes.
| Name | Value | Description |
| -------------------------- | ---- | ------------------------------------ |
| HUKS_KEY_FLAG_IMPORT_KEY | 1 | The key is imported by using the public key import API. |
| HUKS_KEY_FLAG_GENERATE_KEY | 2 | The key is generated by using the private key generation API. |
| HUKS_KEY_FLAG_AGREE_KEY | 3 | The key is generated by using the key agreement API. |
| HUKS_KEY_FLAG_DERIVE_KEY | 4 | The key is generated by using the key derivation API. |
| HUKS_KEY_FLAG_IMPORT_KEY | 1 | The key is imported by using an API. |
| HUKS_KEY_FLAG_GENERATE_KEY | 2 | The key is generated by using an API. |
| HUKS_KEY_FLAG_AGREE_KEY | 3 | The key is generated by using a key agreement API. |
| HUKS_KEY_FLAG_DERIVE_KEY | 4 | The key is derived by using an API. |
## HuksKeyStorageType
......@@ -234,7 +242,7 @@ Enumerates the key storage modes.
| Name | Value | Description |
| ----------------------- | ---- | ------------------------------ |
| HUKS_STORAGE_TEMP | 0 | The key is managed locally. |
| HUKS_STORAGE_PERSISTENT | 1 | The key is managed by the HUKS service. |
| HUKS_STORAGE_PERSISTENT | 1 | The key is managed by the HUKS service.|
## HuksSendType
......@@ -244,8 +252,31 @@ Enumerates the tag transfer modes.
| Name | Value | Description |
| -------------------- | ---- | ----------------- |
| HUKS_SEND_TYPE_ASYNC | 0 | The tag is sent asynchronously. |
| HUKS_SEND_TYPE_SYNC | 1 | The tag is sent synchronously. |
| HUKS_SEND_TYPE_ASYNC | 0 | The tag is sent asynchronously.|
| HUKS_SEND_TYPE_SYNC | 1 | The tag is sent synchronously.|
## HuksUnwrapSuite<sup>9+</sup>
Enumerates the algorithm suites used when a wrapped key is imported.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| ---------------------------------------------- | ---- | ----------------------------------------------------- |
| HUKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING | 1 | Use X25519 for key agreement and then use AES-256 GCM to encrypt the key.|
| HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING | 2 | Use ECDH for key agreement and then use AES-256 GCM to encrypt the key. |
## HuksImportKeyType<sup>9+</sup>
Enumerates the types of the key to import. By default, a public key is imported. This field is not required when a symmetric key is imported.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| ------------------------- | ---- | ------------------------------ |
| HUKS_KEY_TYPE_PUBLIC_KEY | 0 | Public key |
| HUKS_KEY_TYPE_PRIVATE_KEY | 1 | Private key |
| HUKS_KEY_TYPE_KEY_PAIR | 2 | Public and private key pair |
## HuksTagType
......@@ -256,12 +287,12 @@ Enumerates the tag data types.
| Name | Value | Description |
| --------------------- | ------- | --------------------------------------- |
| HUKS_TAG_TYPE_INVALID | 0 << 28 | Invalid tag type. |
| HUKS_TAG_TYPE_INT | 1 << 28 | Number of the int type. |
| HUKS_TAG_TYPE_UINT | 2 << 28 | Number of the uint type. |
| HUKS_TAG_TYPE_ULONG | 3 << 28 | bigint. |
| HUKS_TAG_TYPE_BOOL | 4 << 28 | Boolean. |
| HUKS_TAG_TYPE_BYTES | 5 << 28 | Uint8Array. |
| HUKS_TAG_TYPE_INVALID | 0 << 28 | Invalid tag type |
| HUKS_TAG_TYPE_INT | 1 << 28 | Number of the int type |
| HUKS_TAG_TYPE_UINT | 2 << 28 | Number of the uint type |
| HUKS_TAG_TYPE_ULONG | 3 << 28 | bigint |
| HUKS_TAG_TYPE_BOOL | 4 << 28 | Boolean |
| HUKS_TAG_TYPE_BYTES | 5 << 28 | Uint8Array |
## HuksTag
......@@ -269,84 +300,86 @@ Enumerates the tags used to invoke parameters.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| -------------------------------------- | ---------------------------------------- | -------------------------------------- |
| HUKS_TAG_INVALID | HuksTagType.HUKS_TAG_TYPE_INVALID \| 0 | Invalid tag. |
| HUKS_TAG_ALGORITHM | HUKS_TAG_TYPE_UINT \| 1 | Algorithm. |
| HUKS_TAG_PURPOSE | HuksTagType.HUKS_TAG_TYPE_UINT \| 2 | Purpose of a key. |
| HUKS_TAG_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 3 | Key size. |
| HUKS_TAG_DIGEST | HuksTagType.HUKS_TAG_TYPE_UINT \| 4 | Digest algorithm. |
| HUKS_TAG_PADDING | HuksTagType.HUKS_TAG_TYPE_UINT \| 5 | Padding algorithm. |
| HUKS_TAG_BLOCK_MODE | HuksTagType.HUKS_TAG_TYPE_UINT \| 6 | Cipher mode. |
| HUKS_TAG_KEY_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 7 | Key type. |
| HUKS_TAG_ASSOCIATED_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 8 | Associated authentication data. |
| HUKS_TAG_NONCE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 9 | Field for key encryption and decryption. |
| HUKS_TAG_IV | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10 | IV. |
| HUKS_TAG_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 11 | Information generated during key derivation. |
| HUKS_TAG_SALT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 12 | Salt value used for key derivation. |
| HUKS_TAG_PWD | HuksTagType.HUKS_TAG_TYPE_BYTES \| 13 | Password used for key derivation. |
| HUKS_TAG_ITERATION | HuksTagType.HUKS_TAG_TYPE_UINT \| 14 | Number of iterations for key derivation. |
| HUKS_TAG_KEY_GENERATE_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 15 | Key generation type. |
| HUKS_TAG_DERIVE_MAIN_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 16 | Main key for key derivation. |
| HUKS_TAG_DERIVE_FACTOR | HuksTagType.HUKS_TAG_TYPE_BYTES \| 17 | Factor for key derivation. |
| HUKS_TAG_DERIVE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 18 | Type of the algorithm used for key derivation. |
| HUKS_TAG_AGREE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 19 | Type of the algorithm used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 20 | Alias of the public key during key agreement. |
| HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 21 | Private key alias used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 22 | Public key used in key agreement. |
| HUKS_TAG_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 23 | Key alias. |
| HUKS_TAG_DERIVE_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 24 | Size of the derived key. |
| HUKS_TAG_ACTIVE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 201 | Reserved. |
| HUKS_TAG_ORIGINATION_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 202 | Reserved. |
| HUKS_TAG_USAGE_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 203 | Reserved. |
| HUKS_TAG_CREATION_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 204 | Reserved. |
| HUKS_TAG_ALL_USERS | ksTagType.HUKS_TAG_TYPE_BOOL \| 301 | Reserved. |
| HUKS_TAG_USER_ID | HuksTagType.HUKS_TAG_TYPE_UINT \| 302 | Reserved. |
| HUKS_TAG_NO_AUTH_REQUIRED | HuksTagType.HUKS_TAG_TYPE_BOOL \| 303 | Reserved. |
| HUKS_TAG_USER_AUTH_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 304 | Reserved. |
| HUKS_TAG_AUTH_TIMEOUT | HuksTagType.HUKS_TAG_TYPE_UINT \| 305 | Reserved. |
| HUKS_TAG_AUTH_TOKEN | HuksTagType.HUKS_TAG_TYPE_BYTES \| 306 | Reserved. |
| HUKS_TAG_ATTESTATION_CHALLENGE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 501 | Challenge value used in the attestation. |
| HUKS_TAG_ATTESTATION_APPLICATION_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 502 | Application ID used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_BRAND | HuksTagType.HUKS_TAG_TYPE_BYTES \| 503 | Device brand. |
| HUKS_TAG_ATTESTATION_ID_DEVICE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 504 | Device. |
| HUKS_TAG_ATTESTATION_ID_PRODUCT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 505 | Product. |
| HUKS_TAG_ATTESTATION_ID_SERIAL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 506 | Device SN. |
| HUKS_TAG_ATTESTATION_ID_IMEI | HuksTagType.HUKS_TAG_TYPE_BYTES \| 507 | Device IMEI. |
| HUKS_TAG_ATTESTATION_ID_MEID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 508 | Device MEID. |
| HUKS_TAG_ATTESTATION_ID_MANUFACTURER | HuksTagType.HUKS_TAG_TYPE_BYTES \| 509 | Device manufacturer. |
| HUKS_TAG_ATTESTATION_ID_MODEL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 510 | Device model. |
| HUKS_TAG_ATTESTATION_ID_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 511 | Key alias used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_SOCID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 512 | Device SOCID. |
| HUKS_TAG_ATTESTATION_ID_UDID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 513 | Device UDID. |
| HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 514 | Security credential used for the attestation. |
| HUKS_TAG_ATTESTATION_ID_VERSION_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 515 | Version information used in the attestation. |
| HUKS_TAG_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1001 | Whether to use the alias passed in during key generation. |
| HUKS_TAG_KEY_STORAGE_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1002 | Key storage mode. |
| HUKS_TAG_IS_ALLOWED_WRAP | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1003 | Reserved. |
| HUKS_TAG_KEY_WRAP_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1004 | Reserved. |
| HUKS_TAG_KEY_AUTH_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1005 | Reserved. |
| HUKS_TAG_KEY_ROLE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1006 | Reserved. |
| HUKS_TAG_KEY_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1007 | Flag of the key. |
| HUKS_TAG_IS_ASYNCHRONIZED | HuksTagType.HUKS_TAG_TYPE_UINT \| 1008 | Reserved. |
| HUKS_TAG_SECURE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1009 | Reserved. |
| HUKS_TAG_SECURE_KEY_UUID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1010 | Reserved. |
| HUKS_TAG_KEY_DOMAIN | HuksTagType.HUKS_TAG_TYPE_UINT \| 1011 | Reserved. |
| HUKS_TAG_PROCESS_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10001 | Process name. |
| HUKS_TAG_PACKAGE_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10002 | Reserved. |
| HUKS_TAG_ACCESS_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10003 | Reserved. |
| HUKS_TAG_USES_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10004 | Reserved. |
| HUKS_TAG_CRYPTO_CTX | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10005 | Reserved. |
| HUKS_TAG_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10006 | Reserved. |
| HUKS_TAG_KEY_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10007 | Key version. |
| HUKS_TAG_PAYLOAD_LEN | HuksTagType.HUKS_TAG_TYPE_UINT \| 10008 | Reserved. |
| HUKS_TAG_AE_TAG | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10009 | Reserved. |
| HUKS_TAG_IS_KEY_HANDLE | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10010 | Reserved. |
| HUKS_TAG_OS_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10101 | OS version. |
| HUKS_TAG_OS_PATCHLEVEL | HuksTagType.HUKS_TAG_TYPE_UINT \| 10102 | OS patch level. |
| HUKS_TAG_SYMMETRIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20001 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20002 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20003 | Reserved. |
| Name | Value | Description |
| -------------------------------------------- | ---------------------------------------- | -------------------------------------- |
| HUKS_TAG_INVALID | HuksTagType.HUKS_TAG_TYPE_INVALID \| 0 | Invalid tag. |
| HUKS_TAG_ALGORITHM | HUKS_TAG_TYPE_UINT \| 1 | Algorithm. |
| HUKS_TAG_PURPOSE | HuksTagType.HUKS_TAG_TYPE_UINT \| 2 | Purpose of a key. |
| HUKS_TAG_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 3 | Key size. |
| HUKS_TAG_DIGEST | HuksTagType.HUKS_TAG_TYPE_UINT \| 4 | Digest algorithm. |
| HUKS_TAG_PADDING | HuksTagType.HUKS_TAG_TYPE_UINT \| 5 | Padding algorithm. |
| HUKS_TAG_BLOCK_MODE | HuksTagType.HUKS_TAG_TYPE_UINT \| 6 | Cipher mode. |
| HUKS_TAG_KEY_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 7 | Key type. |
| HUKS_TAG_ASSOCIATED_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 8 | Associated authentication data. |
| HUKS_TAG_NONCE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 9 | Field for key encryption and decryption. |
| HUKS_TAG_IV | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10 | IV. |
| HUKS_TAG_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 11 | Information generated during key derivation. |
| HUKS_TAG_SALT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 12 | Salt value used for key derivation. |
| HUKS_TAG_PWD | HuksTagType.HUKS_TAG_TYPE_BYTES \| 13 | Password used for key derivation. |
| HUKS_TAG_ITERATION | HuksTagType.HUKS_TAG_TYPE_UINT \| 14 | Number of iterations for key derivation. |
| HUKS_TAG_KEY_GENERATE_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 15 | Key generation type. |
| HUKS_TAG_DERIVE_MAIN_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 16 | Main key for key derivation. |
| HUKS_TAG_DERIVE_FACTOR | HuksTagType.HUKS_TAG_TYPE_BYTES \| 17 | Factor for key derivation. |
| HUKS_TAG_DERIVE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 18 | Type of the algorithm used for key derivation. |
| HUKS_TAG_AGREE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 19 | Type of the algorithm used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 20 | Alias of the public key during key agreement. |
| HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 21 | Private key alias used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 22 | Public key used in key agreement. |
| HUKS_TAG_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 23 | Key alias. |
| HUKS_TAG_DERIVE_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 24 | Size of the derived key. |
| HUKS_TAG_IMPORT_KEY_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 25 | Type of the imported key. |
| HUKS_TAG_UNWRAP_ALGORITHM_SUITE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 26 | Algorithm suite used when a wrapped key is imported. |
| HUKS_TAG_ACTIVE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 201 | Reserved. |
| HUKS_TAG_ORIGINATION_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 202 | Reserved. |
| HUKS_TAG_USAGE_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 203 | Reserved. |
| HUKS_TAG_CREATION_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 204 | Reserved. |
| HUKS_TAG_ALL_USERS | ksTagType.HUKS_TAG_TYPE_BOOL \| 301 | Reserved. |
| HUKS_TAG_USER_ID | HuksTagType.HUKS_TAG_TYPE_UINT \| 302 | Reserved. |
| HUKS_TAG_NO_AUTH_REQUIRED | HuksTagType.HUKS_TAG_TYPE_BOOL \| 303 | Reserved. |
| HUKS_TAG_USER_AUTH_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 304 | Reserved. |
| HUKS_TAG_AUTH_TIMEOUT | HuksTagType.HUKS_TAG_TYPE_UINT \| 305 | Reserved. |
| HUKS_TAG_AUTH_TOKEN | HuksTagType.HUKS_TAG_TYPE_BYTES \| 306 | Reserved. |
| HUKS_TAG_ATTESTATION_CHALLENGE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 501 | Challenge value used in the attestation. |
| HUKS_TAG_ATTESTATION_APPLICATION_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 502 | Application ID used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_BRAND | HuksTagType.HUKS_TAG_TYPE_BYTES \| 503 | Device brand. |
| HUKS_TAG_ATTESTATION_ID_DEVICE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 504 | Device. |
| HUKS_TAG_ATTESTATION_ID_PRODUCT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 505 | Product. |
| HUKS_TAG_ATTESTATION_ID_SERIAL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 506 | Device SN. |
| HUKS_TAG_ATTESTATION_ID_IMEI | HuksTagType.HUKS_TAG_TYPE_BYTES \| 507 | Device IMEI. |
| HUKS_TAG_ATTESTATION_ID_MEID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 508 | Device MEID. |
| HUKS_TAG_ATTESTATION_ID_MANUFACTURER | HuksTagType.HUKS_TAG_TYPE_BYTES \| 509 | Device manufacturer. |
| HUKS_TAG_ATTESTATION_ID_MODEL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 510 | Device model. |
| HUKS_TAG_ATTESTATION_ID_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 511 | Key alias used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_SOCID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 512 | Device SOCID. |
| HUKS_TAG_ATTESTATION_ID_UDID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 513 | Device UDID. |
| HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 514 | Security credential used for the attestation. |
| HUKS_TAG_ATTESTATION_ID_VERSION_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 515 | Version information used in the attestation. |
| HUKS_TAG_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1001 | Whether to use the alias passed in during key generation.|
| HUKS_TAG_KEY_STORAGE_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1002 | Key storage mode. |
| HUKS_TAG_IS_ALLOWED_WRAP | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1003 | Reserved. |
| HUKS_TAG_KEY_WRAP_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1004 | Reserved. |
| HUKS_TAG_KEY_AUTH_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1005 | Reserved. |
| HUKS_TAG_KEY_ROLE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1006 | Reserved. |
| HUKS_TAG_KEY_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1007 | Flag of the key. |
| HUKS_TAG_IS_ASYNCHRONIZED | HuksTagType.HUKS_TAG_TYPE_UINT \| 1008 | Reserved. |
| HUKS_TAG_SECURE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1009 | Reserved. |
| HUKS_TAG_SECURE_KEY_UUID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1010 | Reserved. |
| HUKS_TAG_KEY_DOMAIN | HuksTagType.HUKS_TAG_TYPE_UINT \| 1011 | Reserved. |
| HUKS_TAG_PROCESS_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10001 | Process name. |
| HUKS_TAG_PACKAGE_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10002 | Reserved. |
| HUKS_TAG_ACCESS_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10003 | Reserved. |
| HUKS_TAG_USES_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10004 | Reserved. |
| HUKS_TAG_CRYPTO_CTX | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10005 | Reserved. |
| HUKS_TAG_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10006 | Reserved. |
| HUKS_TAG_KEY_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10007 | Key version. |
| HUKS_TAG_PAYLOAD_LEN | HuksTagType.HUKS_TAG_TYPE_UINT \| 10008 | Reserved. |
| HUKS_TAG_AE_TAG | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10009 | Reserved. |
| HUKS_TAG_IS_KEY_HANDLE | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10010 | Reserved. |
| HUKS_TAG_OS_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10101 | OS version. |
| HUKS_TAG_OS_PATCHLEVEL | HuksTagType.HUKS_TAG_TYPE_UINT \| 10102 | OS patch level. |
| HUKS_TAG_SYMMETRIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20001 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20002 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20003 | Reserved. |
## huks.generateKey
......@@ -362,7 +395,7 @@ Generates a key. This API uses an asynchronous callback to return the result.
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code defined in **HuksResult** will be returned. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code defined in **HuksResult** will be returned.|
**Example**
......@@ -402,7 +435,7 @@ huks.generateKey(keyAlias, options, function (err, data){});
generateKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Generates a key. This API uses a promise to return the result.
Generates a key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -411,13 +444,13 @@ Generates a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------ |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
......@@ -463,7 +496,7 @@ Deletes a key. This API uses an asynchronous callback to return the result.
| -------- | ----------------------------------------- | ---- | -------------------------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
......@@ -480,7 +513,7 @@ huks.deleteKey(keyAlias, emptyOptions, function (err, data) {});
deleteKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Deletes a key. This API uses a promise to return the result.
Deletes a key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -488,14 +521,14 @@ Deletes a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ----------------------------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| keyAlias | string | Yes | Key alias passed in when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
......@@ -520,13 +553,13 @@ Obtains the SDK version of the current system.
| Name | Type | Mandatory| Description |
| ------- | ---------- | ---- | ------------------------- |
| options | [HuksOptions](#huksoptions) | Yes | Empty object, which is used to hold the SDK version. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object, which is used to hold the SDK version.|
**Return value**
| Type | Description |
| ------ | ------------- |
| string | SDK version obtained. |
| string | SDK version obtained.|
**Example**
......@@ -542,7 +575,7 @@ var result = huks.getSdkVersion(emptyOptions);
importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Imports a key. This API uses an asynchronous callback to return the result.
Imports a key in plaintext. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
......@@ -550,9 +583,9 @@ Imports a key. This API uses an asynchronous callback to return the result.
| Name | Type | Mandatory| Description |
| -------- | ------------------------ | ---- | ------------------------------------------------- |
| keyAlias | string | Yes | Key alias, which is used to hold the key pair. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key pair to import. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. |
| keyAlias | string | Yes | Alias of the key to import.|
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
......@@ -600,7 +633,7 @@ huks.importKey(keyAlias, options, function (err, data){});
importKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Imports a key. This API uses a promise to return the result.
Imports a key in plaintext. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -608,14 +641,14 @@ Imports a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ------------------------------------ |
| keyAlias | string | Yes | Key alias, which is used to hold the key pair. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key pair to import. |
| keyAlias | string | Yes | Alias of the key to import.|
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
......@@ -661,6 +694,230 @@ var huksoptions = {
var result = huks.importKey(keyAlias, huksoptions);
```
## huks.importWrappedKey<sup>9+</sup>
importWrappedKey(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Imports a wrapped key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ---------------- | ----------------------------------------- | ---- | -------------------------------------------------- |
| keyAlias | string | Yes | Alias of the wrapped key to import. |
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
```js
var exportWrappingKey;
var alias1 = "importAlias";
var alias2 = "wrappingKeyAlias";
async function TestGenFunc(alias, options) {
await genKey(alias, options)
.then((data) => {
console.log(`test genKey data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test genKey err information: ' + JSON.stringify(err));
});
}
function genKey(alias, options) {
return new Promise((resolve, reject) => {
huks.generateKey(alias, options, function (err, data) {
console.log(`test genKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('test genKey err information: ' + JSON.stringify(err));
reject(err);
} else {
resolve(data);
}
});
});
}
async function TestExportFunc(alias, options) {
await exportKey(alias, options)
.then((data) => {
console.log(`test exportKey data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test exportKey err information: ' + JSON.stringify(err));
});
}
function exportKey(alias, options) {
return new Promise((resolve, reject) => {
huks.exportKey(alias, options, function (err, data) {
console.log(`test exportKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('test exportKey err information: ' + JSON.stringify(err));
reject(err);
} else {
exportWrappingKey = data.outData;
resolve(data);
}
});
});
}
async function TestImportWrappedFunc(alias, wrappingAlias, options) {
await importWrappedKey(alias, wrappingAlias, options)
.then((data) => {
console.log(`TestImportWrappedFunc data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test importWrappedKey err information: ' + JSON.stringify(err));
});
}
function importWrappedKey(alias, wrappingAlias, options) {
return new Promise((resolve, reject) => {
huks.importWrappedKey(alias, wrappingAlias, options, function (err, data) {
console.log(`importWrappedKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('importWrappedKey err information: ' + JSON.stringify(err));
reject(err);
} else {
resolve(data);
}
});
});
}
async function TestImportWrappedKeyFunc(
alias,
wrappingAlias,
genOptions,
importOptions
) {
await TestGenFunc(wrappingAlias, genOptions);
await TestExportFunc(wrappingAlias, genOptions);
/*The following operations do not invoke the HUKS APIs, and the specific implementation is not provided here.
* For example, import keyA.
* 1. Use ECC to generate a public and private key pair keyB. The public key is keyB_pub, and the private key is keyB_pri.
* 2. Use keyB_pri and the public key obtained from wrappingAlias to negotiate the shared key share_key.
* 3. Randomly generate a key kek for encrypting keyA using AES-GCM. During the encryption, record nonce1/aad1/ciphertext keyA_enc/encrypted tag1.
* 4. Use the share_key to encrypt kek using AES-GCM. During the encryption, record nonce2/aad2/ciphertext kek_enc/encrypted tag2.
* 5. Generate the importOptions.inData field in the following format:
* keyB_pub length (4 bytes) + keyB_pub + aad2 length (4 bytes) + aad2 +
* nonce2 length (4 bytes) + nonce2 + tag2 length (4 bytes) + tag2 +
* kek_enc length (4 bytes) + kek_enc + aad1 length (4 bytes) + aad1 +
* nonce1 length (4 bytes) + nonce1 + tag1 length (4 bytes) + tag1 +
* Memory occupied by the keyA length (4 bytes) + keyA length + keyA_enc length (4 bytes) + keyA_enc
*/
var inputKey = new Uint8Array([0x02, 0x00, 0x00, 0x00]);
importOptions.inData = inputKey;
await TestImportWrappedFunc(alias, wrappingAlias, importOptions);
}
function makeGenerateOptions() {
var properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
var options = {
properties: properties
};
return options;
};
function makeImportOptions() {
var properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_CBC
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE,
value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING
};
var options = {
properties: properties
};
return options;
};
function huksImportWrappedKey() {
var genOptions = makeGenerateOptions();
var importOptions = makeImportOptions();
TestImportWrappedKeyFunc(
alias1,
alias2,
genOptions,
importOptions
);
}
```
## huks.importWrappedKey<sup>9+</sup>
importWrappedKey(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Imports a wrapped key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ---------------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the wrapped key to import. |
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
```js
/* The process is similar as if a callback is used, except the following:*/
async function TestImportWrappedFunc(alias, wrappingAlias, options) {
var result = await huks.importWrappedKey(alias, wrappingAlias, options);
if (result.errorCode === 0) {
console.log('test importWrappedKey success');
} else {
console.log('test importWrappedKey fail');
}
}
```
## huks.exportKey
exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
......@@ -675,7 +932,7 @@ Exports a key. This API uses an asynchronous callback to return the result.
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.|
**Example**
......@@ -692,7 +949,7 @@ huks.exportKey(keyAlias, emptyOptions, function (err, data){});
exportKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Exports a key. This API uses a promise to return the result.
Exports a key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -700,14 +957,14 @@ Exports a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ----------------------------------- | ------------------------------------------------------------ |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported. |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.|
**Example**
......@@ -734,7 +991,7 @@ Obtains key properties. This API uses an asynchronous callback to return the res
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. **HUKS_SUCCESS** will be returned if the operation is successful; an error code will be returned otherwise. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **errorCode** is **HUKS_SUCCESS**; otherwise, an error code will be returned.|
**Example**
......@@ -751,7 +1008,7 @@ huks.getKeyProperties(keyAlias, emptyOptions, function (err, data){});
getKeyProperties(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Obtains key properties. This API uses a promise to return the result.
Obtains key properties. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -759,14 +1016,14 @@ Obtains key properties. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ------------------ | ------------------------------------------------------------ |
| Promise\<[HuksResult](#huksoptions)> | Promise used to return the result. In the return result, **HUKS_SUCCESS** will be returned for **errorCode** if the operation is successful; an error code will be returned otherwise. **properties** returns the parameters required for generating the key. |
| Promise\<[HuksResult](#huksoptions)> | Promise used to return the result. If the operation is successful, **errorCode** is **HUKS_SUCCESS**; otherwise, an error code will be returned. **properties** returns the parameters required for generating the key.|
**Example**
......@@ -791,9 +1048,9 @@ Checks whether a key exists. This API uses an asynchronous callback to return th
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the key to check. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<boolean> | Yes | Callback used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite. |
| keyAlias | string | Yes | Alias of the key to check.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
| callback | AsyncCallback\<boolean> | Yes | Callback used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.|
**Example**
......@@ -810,7 +1067,7 @@ huks.isKeyExist(keyAlias, emptyOptions, function (err, data){});
isKeyExist(keyAlias: string, options: HuksOptions) : Promise\<boolean>
Checks whether a key exists. This API uses a promise to return the result.
Checks whether a key exists. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -818,14 +1075,14 @@ Checks whether a key exists. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | -------------------------------- |
| keyAlias | string | Yes | Alias of the key to check. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| keyAlias | string | Yes | Alias of the key to check.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ----------------- | --------------------------------------- |
| Promise\<boolean> | Promise used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite. |
| Promise\<boolean> | Promise used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.|
**Example**
......@@ -852,16 +1109,16 @@ Initializes a key. This API uses an asynchronous callback to return the result.
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the target key. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization. |
| callback | AsyncCallback\<[HuksHandle](#hukshandle)> | Yes | Callback used to return the handle of the initialization operation. |
| keyAlias | string | Yes | Alias of the target key.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.|
| callback | AsyncCallback\<[HuksHandle](#hukshandle)> | Yes | Callback used to return the handle of the initialization operation.|
## huks.init
init(keyAlias: string, options: HuksOptions) : Promise\<HuksHandle>
Initializes a key. This API uses a promise to return the result.
Initializes a key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -869,9 +1126,9 @@ Initializes a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the target key. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization. |
| promise | Promise\<[HuksHandle](#hukshandle)> | Yes | Promise used to return the handle of the initialization operation. |
| keyAlias | string | Yes | Alias of the target key.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.|
| promise | Promise\<[HuksHandle](#hukshandle)> | Yes | Promise used to return the handle of the initialization operation.|
## huks.update
......@@ -886,17 +1143,17 @@ Updates a key. This API uses an asynchronous callback to return the result.
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No| Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result. |
| handle | number | Yes | Handle of the **Update** operation.|
| token | Uint8Array | No| Token of the **Update** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.|
## huks.update
update(handle: number, token?: Uint8Array, options: HuksOptions) : Promise\<HuksResult>
Updates a key. This API uses a promise to return the result.
Updates a key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -904,10 +1161,10 @@ Updates a key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No| Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result. |
| handle | number | Yes | Handle of the **Update** operation.|
| token | Uint8Array | No| Token of the **Update** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation.|
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.|
## huks.finish
......@@ -922,16 +1179,16 @@ Completes the key operation and releases resources. This API uses an asynchronou
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result. |
| handle | number | Yes | Handle of the **Finish** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.|
## huks.finish
finish(handle: number, options: HuksOptions) : Promise\<HuksResult>
Completes the key operation and releases resources. This API uses a promise to return the result.
Completes the key operation and releases resources. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -939,9 +1196,9 @@ Completes the key operation and releases resources. This API uses a promise to r
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| promise | Promise\<[HuksResult](#HuksResult)> | Yes| Promise used to return the operation result. |
| handle | number | Yes | Handle of the **Finish** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.|
| promise | Promise\<[HuksResult](#HuksResult)> | Yes| Promise used to return the operation result.|
## huks.abort
......@@ -956,9 +1213,9 @@ Aborts the use of the key. This API uses an asynchronous callback to return the
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Abort** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result. |
| handle | number | Yes | Handle of the **Abort** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.|
**Example**
......@@ -1168,7 +1425,7 @@ struct Index {
abort(handle: number, options: HuksOptions) : Promise\<HuksResult>;
Aborts the use of the key. This API uses a promise to return the result.
Aborts the use of the key. This API uses a promise to return the result asynchronously.
**System capability**: SystemCapability.Security.Huks
......@@ -1176,9 +1433,9 @@ Aborts the use of the key. This API uses a promise to return the result.
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Abort** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation. |
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result. |
| handle | number | Yes | Handle of the **Abort** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.|
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.|
**Example**
......@@ -1399,7 +1656,7 @@ Defines the **param** in the **properties** array of **options** used in the API
| Name| Type | Mandatory| Description |
| ------ | ----------------------------------- | ---- | ---------- |
| tag | HuksTag | Yes | Tag. |
| value | boolean\|number\|bigint\|Uint8Array | Yes | Value of the tag. |
| value | boolean\|number\|bigint\|Uint8Array | Yes | Value of the tag.|
## HuksOptions
......@@ -1409,7 +1666,7 @@ Defines the **options** used in the APIs.
| Name | Type | Mandatory| Description |
| ---------- | ----------------- | ---- | ------------------------ |
| properties | Array\<HuksParam> | No | Array used to hold **HuksParam**. |
| properties | Array\<HuksParam> | No | Array used to hold **HuksParam**.|
| inData | Uint8Array | No | Input data. |
## HuksHandle
......@@ -1418,11 +1675,11 @@ Defines the HUKS handle structure.
**System capability**: SystemCapability.Security.Huks
| Name | Type | Mandatory | Description |
| Name | Type | Mandatory| Description |
| ---------- | ---------------- | ---- | -------- |
| errorCode | number | Yes | Error code. |
| handle | number | Yes| Value of the handle. |
| token | Uint8Array | No| Reserved. |
| errorCode | number | Yes | Error code.|
| handle | number | Yes| Value of the handle.|
| token | Uint8Array | No| Reserved.|
## HuksResult
......@@ -1433,9 +1690,9 @@ Defines the **HuksResult** structure.
| Name | Type | Mandatory | Description |
| Name | Type | Mandatory| Description |
| ---------- | ----------------- | ---- | -------- |
| errorCode | number | Yes | Error code. |
| outData | Uint8Array | No | Output data. |
| outData | Uint8Array | No | Output data.|
| properties | Array\<HuksParam> | No | Properties. |
| certChains | Array\<string> | No | Certificate chain. |
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册