Skip to content

D
Docs

OpenHarmony / Docs
大约 1 年 前同步成功

通知 159
Star 292
Fork 28
D
Docs

体验新版 GitCode,发现更多精彩内容 >>

未验证 提交 7358b18e 编写于 作者: O openharmony_ci 提交者: Gitee
浏览文件
操作

!13629 [翻译完成】#I63HUE 

Merge pull request !13629 from Annie_wang/PR11892B
上级 f37913c7 01ddc4c3
展开全部 隐藏空白更改
内联 并排
Showing with 840 addition and 511 deletion
en/application-dev/security/cryptoFramework-guidelines.md
浏览文件 @ 7358b18e
...@@ -32,8 +32,8 @@ The table below describes the APIs used in this guide. ...@@ -32,8 +32,8 @@ The table below describes the APIs used in this guide.
|AsyKeyGenerator|generateKeyPair() : Promise\<KeyPair>|Generates an asymmetric key pair randomly. This API uses a promise to return the result.| |AsyKeyGenerator|generateKeyPair() : Promise\<KeyPair>|Generates an asymmetric key pair randomly. This API uses a promise to return the result.|
|SymKeyGenerator|generateSymKey(callback : AsyncCallback\<SymKey>) : void|Generates a symmetric key randomly. This API uses an asynchronous callback to return the result.| |SymKeyGenerator|generateSymKey(callback : AsyncCallback\<SymKey>) : void|Generates a symmetric key randomly. This API uses an asynchronous callback to return the result.|
|SymKeyGenerator|generateSymKey() : Promise\<SymKey>|Generates a symmetric key randomly. This API uses a promise to return the result.| |SymKeyGenerator|generateSymKey() : Promise\<SymKey>|Generates a symmetric key randomly. This API uses a promise to return the result.|
| AsyKeyGenerator | convertKey(pubKey : DataBlob, priKey : DataBlob, callback : AsyncCallback\<KeyPair>) : void | Converts binary data into a key pair. This API uses an asynchronous callback to return the result.<br>(**pubKey** or **priKey** can be **null**. That is, you can pass in only **pubKey** or **priKey**. As a result, the return **KeyPair** instance contains only the public or private key.) | | AsyKeyGenerator | convertKey(pubKey : DataBlob, priKey : DataBlob, callback : AsyncCallback\<KeyPair>) : void | Converts binary data into a key pair. This API uses an asynchronous callback to return the result.<br>(**pubKey** or **priKey** can be **null**. That is, you can pass in only **pubKey** or **priKey**. As a result, the return **KeyPair** instance contains only the public or private key.)|
| AsyKeyGenerator | convertKey(pubKey : DataBlob, priKey : DataBlob) : Promise\<KeyPair> | Converts the binary public key and private key data into a key pair. This API uses a promise to return the result.<br>(**pubKey** or **priKey** can be **null**. That is, you can pass in only **pubKey** or **priKey**. As a result, the returned **KeyPair** instance contains only the public or private key.) | | AsyKeyGenerator | convertKey(pubKey : DataBlob, priKey : DataBlob) : Promise\<KeyPair> | Converts the binary data into a key pair. This API uses a promise to return the result.<br>(**pubKey** or **priKey** can be **null**. That is, you can pass in only **pubKey** or **priKey**. As a result, the returned **KeyPair** instance contains only the public or private key.)|
| SymKeyGenerator | convertKey(key : DataBlob, callback : AsyncCallback\<SymKey>) : void| Converts binary data into a symmetric key. This API uses an asynchronous callback to return the result.| | SymKeyGenerator | convertKey(key : DataBlob, callback : AsyncCallback\<SymKey>) : void| Converts binary data into a symmetric key. This API uses an asynchronous callback to return the result.|
| SymKeyGenerator |convertKey(pubKey : DataBlob, priKey : DataBlob) : Promise\<KeyPair>| Converts binary data into a symmetric key. This API uses a promise to return the result.| | SymKeyGenerator |convertKey(pubKey : DataBlob, priKey : DataBlob) : Promise\<KeyPair>| Converts binary data into a symmetric key. This API uses a promise to return the result.|
| Key | getEncoded() : DataBlob; | Obtains the binary data of a key. (The child class instances of **Key** include **SymKey**, **PubKey**, and **PriKey**.)| | Key | getEncoded() : DataBlob; | Obtains the binary data of a key. (The child class instances of **Key** include **SymKey**, **PubKey**, and **PriKey**.)|
...@@ -264,14 +264,14 @@ function stringToUint8Array(str) { ...@@ -264,14 +264,14 @@ function stringToUint8Array(str) {
return new Uint8Array(arr); return new Uint8Array(arr);
} }
// Convert byte streams into strings in plaintext. // Output the byte streams in hexadecimal format.
function uint8ArrayToShowStr(uint8Array) { function uint8ArrayToShowStr(uint8Array) {
return Array.prototype.map return Array.prototype.map
.call(uint8Array, (x) => ('00' + x.toString(16)).slice(-2)) .call(uint8Array, (x) => ('00' + x.toString(16)).slice(-2))
.join(''); .join('');
} }
// Output the byte streams in hexadecimal format. // Convert byte streams into strings in plaintext.
function uint8ArrayToString(array) { function uint8ArrayToString(array) {
let arrayString = ''; let arrayString = '';
for (let i = 0; i < array.length; i++) { for (let i = 0; i < array.length; i++) {
...@@ -383,14 +383,14 @@ function stringToUint8Array(str) { ...@@ -383,14 +383,14 @@ function stringToUint8Array(str) {
return new Uint8Array(arr); return new Uint8Array(arr);
} }
// Convert byte streams into strings in plaintext. // Output the byte streams in hexadecimal format.
function uint8ArrayToShowStr(uint8Array) { function uint8ArrayToShowStr(uint8Array) {
return Array.prototype.map return Array.prototype.map
.call(uint8Array, (x) => ('00' + x.toString(16)).slice(-2)) .call(uint8Array, (x) => ('00' + x.toString(16)).slice(-2))
.join(''); .join('');
} }
// Output the byte streams in hexadecimal format. // Convert byte streams into strings in plaintext.
function uint8ArrayToString(array) { function uint8ArrayToString(array) {
let arrayString = ''; let arrayString = '';
for (let i = 0; i < array.length; i++) { for (let i = 0; i < array.length; i++) {
...@@ -500,7 +500,7 @@ Example 2: Encrypt and decrypt data using an asymmetric key pair. ...@@ -500,7 +500,7 @@ Example 2: Encrypt and decrypt data using an asymmetric key pair.
Call **createCipher()** to create a **Cipher** instance, and set the key and encryption/decryption mode. Call **createCipher()** to create a **Cipher** instance, and set the key and encryption/decryption mode.
3. Perform encryption and decryption operations. 3. Perform encryption and decryption operations.
Call **doFinal()** provided by the **Cipher** instance to encrypt data or decrypt data. Call **doFinal()** provided by the **Cipher** instance to encrypt data or decrypt data.
...@@ -573,38 +573,24 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry ...@@ -573,38 +573,24 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry
|Sign|init(priKey : PriKey) : Promise\<void>|Sets a key and initializes the **Sign** instance. This API uses a promise to return the result.| |Sign|init(priKey : PriKey) : Promise\<void>|Sets a key and initializes the **Sign** instance. This API uses a promise to return the result.|
|Sign|update(data : DataBlob, callback : AsyncCallback\<void>) : void|Updates the data for signing. This API uses an asynchronous callback to return the result.| |Sign|update(data : DataBlob, callback : AsyncCallback\<void>) : void|Updates the data for signing. This API uses an asynchronous callback to return the result.|
|Sign|update(data : DataBlob) : Promise\<void>|Updates the data for signing. This API uses a promise to return the result.| |Sign|update(data : DataBlob) : Promise\<void>|Updates the data for signing. This API uses a promise to return the result.|
|Sign|sign(data : DataBlob, callback : AsyncCallback<DataBlob>) : void|Signs the data. This API uses an asynchronous callback to return the result.| |Sign|sign(data : DataBlob, callback : AsyncCallback\<DataBlob>) : void|Signs the data. This API uses an asynchronous callback to return the result.|
|Sign|sign(data : DataBlob) : Promise<DataBlob>|Signs the data. This API uses a promise to return the result.| |Sign|sign(data : DataBlob) : Promise\<DataBlob>|Signs the data. This API uses a promise to return the result.|
|cryptoFramework|function createVerify(algName : string) : Verify|Creates a **Verify** instance.| |cryptoFramework|function createVerify(algName : string) : Verify|Creates a **Verify** instance.|
|Verify|init(priKey : PriKey, callback : AsyncCallback\<void>) : void|Sets a key and initializes the **Verify** instance. This API uses an asynchronous callback to return the result.| |Verify|init(priKey : PriKey, callback : AsyncCallback\<void>) : void|Sets a key and initializes the **Verify** instance. This API uses an asynchronous callback to return the result.|
|Verify|init(priKey : PriKey) : Promise\<void>|Sets a key and initializes the **Verify** instance. This API uses a promise to return the result.| |Verify|init(priKey : PriKey) : Promise\<void>|Sets a key and initializes the **Verify** instance. This API uses a promise to return the result.|
|Verify|update(data : DataBlob, callback : AsyncCallback\<void>) : void|Updates the data for signature verification. This API uses an asynchronous callback to return the result.| |Verify|update(data : DataBlob, callback : AsyncCallback\<void>) : void|Updates the data for signature verification. This API uses an asynchronous callback to return the result.|
|Verify|update(data : DataBlob) : Promise\<void>|Updates the data for signature verification. This API uses a promise to return the result.| |Verify|update(data : DataBlob) : Promise\<void>|Updates the data for signature verification. This API uses a promise to return the result.|
|Verify|verify(data : DataBlob, signatureData : DataBlob, callback : AsyncCallback<boolean>) : void|Verifies the signature. This API uses an asynchronous callback to return the result.| |Verify|verify(data : DataBlob, signatureData : DataBlob, callback : AsyncCallback\<boolean>) : void|Verifies the signature. This API uses an asynchronous callback to return the result.|
|Verify|verify(data : DataBlob, signatureData : DataBlob) : Promise<boolean>|Verifies the signature. This API uses a promise to return the result.| |Verify|verify(data : DataBlob, signatureData : DataBlob) : Promise\<boolean>|Verifies the signature. This API uses a promise to return the result.|
**How to Develop** **How to Develop**
Example 1: Use RSA to sign data and verify the signature. Example 1: Use RSA to sign data and verify the signature.
1. Generate an RSA key pair. 1. Generate an RSA key pair.<br> Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an RSA asymmetric key pair.
2. Create a **Sign** instance.<br> Call **createSign()** to create a **Sign** instance, initialize the **Sign** instance, and set a private key for signing.
Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an RSA asymmetric key pair. 3. Generate a signature.<br> Call **update()** provided by the **Sign** class to add the data for signing and call **sign()** to generate a signature.
4. Create a **Verify** instance.<br> Call **createVerify()** to create a **Verify** instance, initialize the instance, and set a public key for signature verification.
2. Create a **Sign** instance. 5. Verify the signature.<br> Call **update()** provided by the **Verify** class to add signature data and call **verify()** to verify the signature.
Call **createSign()** to create a **Sign** instance, initialize the **Sign** instance, and set a private key for signing.
3. Generate a signature.
Call **update()** provided by the **Sign** class to add the data for signing and call **sign()** to generate a signature.
4. Create a **Verify** instance.
Call **createVerify()** to create a **Verify** instance, initialize the instance, and set a public key for signature verification.
5. Verify the signature.
Call **update()** provided by the **Verify** class to add signature data and call **verify()** to verify the signature.
```javascript ```javascript
import cryptoFramework from "@ohos.security.cryptoFramework" import cryptoFramework from "@ohos.security.cryptoFramework"
...@@ -684,25 +670,11 @@ function verifyMessageCallback() { ...@@ -684,25 +670,11 @@ function verifyMessageCallback() {
``` ```
Example 2: Using ECC to sign data and verify the signature. Example 2: Using ECC to sign data and verify the signature.
1. Generate an ECC key. 1. Generate an ECC key.<br> Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an ECC asymmetric key pair.
2. Create a **Sign** instance.<br> Call **createSign()** to create a **Sign** instance, initialize the **Sign** instance, and set a private key for signing.
Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an ECC asymmetric key pair. 3. Generate a signature.<br> Call **update()** provided by the **Sign** class to add the data for signing and call **doFinal()** to generate a signature.
4. Create a **Verify** instance.<br> Call **createVerify()** to create a **Verify** instance, initialize the instance, and set a public key for signature verification.
2. Create a **Sign** instance. 5. Verify the signature.<br> Call **update()** provided by the **Verify** class to add signature data and call **doFinal()** to verify the signature.
Call **createSign()** to create a **Sign** instance, initialize the **Sign** instance, and set a private key for signing.
3. Generate a signature.
Call **update()** provided by the **Sign** class to add the data for signing and call **doFinal()** to generate a signature.
4. Create a **Verify** instance.
Call **createVerify()** to create a **Verify** instance, initialize the instance, and set a public key for signature verification.
5. Verify the signature.
Call **update()** provided by the **Verify** class to add signature data and call **doFinal()** to verify the signature.
```javascript ```javascript
import cryptoFramework from "@ohos.security.cryptoFramework" import cryptoFramework from "@ohos.security.cryptoFramework"
...@@ -792,7 +764,7 @@ Typical message digest operations involve the following: ...@@ -792,7 +764,7 @@ Typical message digest operations involve the following:
1. Create an **Md** instance. 1. Create an **Md** instance.
2. Add one or more segments of data for generating a digest. 2. Add one or more segments of data for generating a digest.
3. Compute a digest. 3. Compute a digest.
4. Obtain the algorithm and length of a digest. 4. Obtain the algorithm and length of a digest.
**Available APIs** **Available APIs**
...@@ -802,10 +774,10 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry ...@@ -802,10 +774,10 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry
| Instance | API | Description | | Instance | API | Description |
| --------------- | ------------------------------------------------------------ | -------------------------------------------------- | | --------------- | ------------------------------------------------------------ | -------------------------------------------------- |
| cryptoFramework | function createMd(algName : string) : Md; | Creates an **Md** instance. | | cryptoFramework | function createMd(algName : string) : Md; | Creates an **Md** instance. |
| Md | update(input : DataBlob, callback : AsyncCallback\<void\>) : void; | Updates the data for a digest. This API uses an asynchronous callback to return the result.| | Md | update(input : DataBlob, callback : AsyncCallback\<void>) : void; | Updates the data for a digest. This API uses an asynchronous callback to return the result.|
| Md | update(input : DataBlob) : Promise\<void\>; | Updates the data for a digest. This API uses a promise to return the result. | | Md | update(input : DataBlob) : Promise\<void>; | Updates the data for a digest. This API uses a promise to return the result. |
| Md | digest(callback : AsyncCallback\<DataBlob\>) : void; | Generates the digest. This API uses an asynchronous callback to return the result. | | Md | digest(callback : AsyncCallback\<DataBlob>) : void; | Generates the digest. This API uses an asynchronous callback to return the result. |
| Md | digest() : Promise\<DataBlob\>; | Generates the digest. This API uses a promise to return the result. | | Md | digest() : Promise\<DataBlob>; | Generates the digest. This API uses a promise to return the result. |
| Md | getMdLength() : number; | Obtains the digest length based on the specified digest algorithm. | | Md | getMdLength() : number; | Obtains the digest length based on the specified digest algorithm. |
| Md | readonly algName : string; | Obtains the digest algorithm. | | Md | readonly algName : string; | Obtains the digest algorithm. |
...@@ -907,10 +879,7 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry ...@@ -907,10 +879,7 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry
**How to Develop** **How to Develop**
1. Generate an ECC key. 1. Generate an ECC key.<br> Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an ECC asymmetric key pair.
Call **createAsyKeyGenerator()** to create an **AsyKeyGenerator** instance and generate an ECC asymmetric key pair.
2. Generate a shared secret by using the private and public ECC keys. 2. Generate a shared secret by using the private and public ECC keys.
```javascript ```javascript
...@@ -966,15 +935,15 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry ...@@ -966,15 +935,15 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry
| Instance | API | Description | | Instance | API | Description |
| --------------- | ------------------------------------------------------------ | --------------------------------------------------- | | --------------- | ------------------------------------------------------------ | --------------------------------------------------- |
| cryptoFramework | function createMac(algName : string) : Md; | Creates a **Mac** instance. | | cryptoFramework | function createMac(algName : string) : Mac; | Creates a **Mac** instance. |
| Mac | init(key : SymKey, callback : AsyncCallback\<void\>) : void; | Initializes the MAC operation. This API uses an asynchronous callback to return the result.| | Mac | init(key : SymKey, callback : AsyncCallback\<void>) : void; | Initializes the MAC operation. This API uses an asynchronous callback to return the result.|
| Mac | init(key : SymKey) : Promise\<void\>; | Initializes the MAC operation. This API uses a promise to return the result. | | Mac | init(key : SymKey) : Promise\<void>; | Initializes the MAC operation. This API uses a promise to return the result. |
| Mac | update(input : DataBlob, callback : AsyncCallback\<void\>) : void; | Updates the data for the MAC operation. This API uses an asynchronous callback to return the result. | | Mac | update(input : DataBlob, callback : AsyncCallback\<void>) : void; | Updates the data for the MAC operation. This API uses an asynchronous callback to return the result. |
| Mac | update(input : DataBlob) : Promise\<void\>; | Updates the data for the MAC operation. This API uses a promise to return the result. | | Mac | update(input : DataBlob) : Promise\<void>; | Updates the data for the MAC operation. This API uses a promise to return the result. |
| Mac | doFinal(callback : AsyncCallback\<DataBlob\>) : void; | Finalizes the MAC operation to generate a MAC. This API uses an asynchronous callback to return the result. | | Mac | doFinal(callback : AsyncCallback\<DataBlob>) : void; | Finalizes the MAC operation to generate a MAC. This API uses an asynchronous callback to return the result. |
| Mac | doFinal() : Promise\<DataBlob\>; | Finalizes the MAC operation to generate a MAC. This API uses a promise to return the result. | | Mac | doFinal() : Promise\<DataBlob>; | Finalizes the MAC operation to generate a MAC. This API uses a promise to return the result. |
| Mac | getMacLength() : number; | Obtains the length of the MAC based on the specified algorithm. | | Mac | getMacLength() : number; | Obtains the length of the MAC based on the specified algorithm. |
| Mac | readonly algName : string; | Obtains the algorithm. | | Mac | readonly algName : string; | Obtains the digest algorithm. |
**How to Develop** **How to Develop**
...@@ -1089,8 +1058,8 @@ function doHmacByCallback(algName) { ...@@ -1089,8 +1058,8 @@ function doHmacByCallback(algName) {
Typical random number operations involve the following: Typical random number operations involve the following:
1. Generate a random number. - Generate a random number.
2. Set a seed based on the random number generated. - Set a seed based on the random number generated.
**Available APIs** **Available APIs**
...@@ -1099,10 +1068,9 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry ...@@ -1099,10 +1068,9 @@ For details about the APIs, see [Crypto Framework](../reference/apis/js-apis-cry
| Instance | API | Description | | Instance | API | Description |
| --------------- | ------------------------------------------------------------ | ---------------------------------------------- | | --------------- | ------------------------------------------------------------ | ---------------------------------------------- |
| cryptoFramework | function createRandom() : Random; | Creates a **Random** instance. | | cryptoFramework | function createRandom() : Random; | Creates a **Random** instance. |
| Random | generateRandom(len : number, callback: AsyncCallback\<DataBlob\>) : void; | Generates a random number. This API uses an asynchronous callback to return the result. | | Random | generateRandom(len : number, callback: AsyncCallback\<DataBlob>) : void; | Generates a random number. This API uses an asynchronous callback to return the result. |
| Random | generateRandom(len : number) : Promise\<DataBlob\>; | Generates a random number. This API uses a promise to return the result. | | Random | generateRandom(len : number) : Promise\<DataBlob>; | Generates a random number. This API uses a promise to return the result. |
| Random | setSeed(seed : DataBlob, callback : AsyncCallback\<void\>) : void; | Sets a seed. This API uses an asynchronous callback to return the result.| | Random | setSeed(seed : DataBlob) : void; | Sets a seed. |
| Random | setSeed(seed : DataBlob) : Promise\<void\>; | Sets a seed. This API uses a promise to return the result. |
**How to Develop** **How to Develop**
...@@ -1124,10 +1092,11 @@ function doRandByPromise(len) { ...@@ -1124,10 +1092,11 @@ function doRandByPromise(len) {
var promiseGenerateRand = rand.generateRandom(len); var promiseGenerateRand = rand.generateRandom(len);
promiseGenerateRand.then(randData => { promiseGenerateRand.then(randData => {
console.error("[Promise]: rand result: " + randData.data); console.error("[Promise]: rand result: " + randData.data);
var promiseSetSeed = rand.setSeed(randData); try {
return promiseSetSeed; rand.setSeed(randData);
}).then(() => { } catch (error) {
console.error("[Promise]: setSeed success"); console.log("setSeed failed, errCode: " + error.code + ", errMsg: " + error.message);
}
}).catch(error => { }).catch(error => {
console.error("[Promise]: error: " + error.message); console.error("[Promise]: error: " + error.message);
}); });
...@@ -1146,13 +1115,11 @@ function doRandByCallback(len) { ...@@ -1146,13 +1115,11 @@ function doRandByCallback(len) {
console.error("[Callback]: err: " + err.code); console.error("[Callback]: err: " + err.code);
} else { } else {
console.error("[Callback]: generate random result: " + randData.data); console.error("[Callback]: generate random result: " + randData.data);
rand.setSeed(randData, (err1,) => { try {
if (err1) { rand.setSeed(randData);
console.error("[Callback] err: " + err1.code); } catch (error) {
} else { console.log("setSeed failed, errCode: " + error.code + ", errMsg: " + error.message);
console.error("[Callback]: setSeed success"); }
}
});
} }
}); });
} }
......
en/application-dev/security/cryptoFramework-overview.md
浏览文件 @ 7358b18e
# Crypto Framework Overview # Crypto Framework Overview
The crypto framework shields the implementation differences of third-party cryptographic algorithm libraries and implements encryption and decryption, signing and signature verification, message authentication code (MAC), hash, and secure random number. You can use the APIs provided by this framework to implement cipher development quickly. The cryptographic (crypto for shot) framework shields the implementation differences of third-party cryptographic algorithm libraries and implements encryption and decryption, signing and signature verification, message authentication code (MAC), hash, and secure random number. You can use the APIs provided by this framework to implement cipher development quickly.
## Working Principles ## Working Principles
The crypto framework provides components in the following layers: The crypto framework provides components in the following layers:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册