Skip to content

D
Docs

OpenHarmony / Docs
大约 2 年 前同步成功

通知 161
Star 293
Fork 28
D
Docs
提交 a65f6917 编写于 作者: A Annie_wang
浏览文件
操作

update docs 

Signed-off-by: NAnnie_wang <annie.wangli@huawei.com>
上级 73c6e076
显示空白变更内容
内联 并排
Showing with 2428 addition and 1324 deletion
en/application-dev/reference/apis/js-apis-huks.md
浏览文件 @ a65f6917
...@@ -12,89 +12,1619 @@ The keys managed by OpenHarmony Universal KeyStore (HUKS) can be imported by app ...@@ -12,89 +12,1619 @@ The keys managed by OpenHarmony Universal KeyStore (HUKS) can be imported by app
```js ```js
import huks from '@ohos.security.huks' import huks from '@ohos.security.huks'
``` ```
## HuksErrorCode
Enumerates the error codes. ## HuksParam
Defines the **param** in the **properties** array of **options** used in the APIs.
**System capability**: SystemCapability.Security.Huks
| Name| Type | Mandatory| Description |
| ------ | ----------------------------------- | ---- | ------------ |
| tag | [HuksTag](#hukstag) | Yes | Tag. |
| value | boolean\|number\|bigint\|Uint8Array | Yes | Value of the tag.|
## HuksOptions
Defines the **options** used in the APIs.
**System capability**: SystemCapability.Security.Huks
| Name | Type | Mandatory| Description |
| ---------- | ----------------- | ---- | ------------------------ |
| properties | Array\<[HuksParam](#huksparam)> | No | Properties used to hold the **HuksParam** array.|
| inData | Uint8Array | No | Input data. |
## HuksSessionHandle<sup>9+</sup>
Defines the HUKS handle structure.
**System capability**: SystemCapability.Security.Huks
| Name | Type | Mandatory| Description |
| --------- | ---------- | ---- | ---------------------------------------------------- |
| handle | number | Yes | Value of the handle. |
| challenge | Uint8Array | No | Challenge obtained after the [init](#huksinit) operation.|
## HuksReturnResult<sup>9+</sup>
Defines the **HuksResult** structure.
**System capability**: SystemCapability.Security.Huks
| Name | Type | Mandatory| Description |
| ---------- | ------------------------------- | ---- | ---------------- |
| outData | Uint8Array | No | Output data. |
| properties | Array\<[HuksParam](#huksparam)> | No | Property information. |
| certChains | Array\<string> | No | Certificate chain information.|
## huks.generateKeyItem<sup>9+</sup>
generateKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<void>) : void
Generates a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. |
| callback | AsyncCallback\<void> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.|
**Example**
```js
/* Generate an ECC key of 256 bits. */
let keyAlias = 'keyAlias';
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
let options = {
properties: properties
};
try {
huks.generateKeyItem(keyAlias, options, function (error, data) {
if (error) {
console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: generateKeyItem key success`);
}
});
} catch (error) {
console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.generateKeyItem<sup>9+</sup>
generateKeyItem(keyAlias: string, options: HuksOptions) : Promise\<void>
Generates a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------ |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key.|
**Example**
```js
/* Generate an ECC key of 256 bits. */
let keyAlias = 'keyAlias';
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
let options = {
properties: properties
};
try {
huks.generateKeyItem(keyAlias, options)
.then((data) => {
console.info(`promise: generateKeyItem success`);
})
.catch(error => {
console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.deleteKeyItem<sup>9+</sup>
deleteKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<void>) : void
Deletes a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<void> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.deleteKeyItem(keyAlias, emptyOptions, function (error, data) {
if (error) {
console.error(`callback: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: deleteKeyItem key success`);
}
});
} catch (error) {
console.error(`callback: deleteKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.deleteKeyItem<sup>9+</sup>
deleteKeyItem(keyAlias: string, options: HuksOptions) : Promise\<void>
Deletes a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ----------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.deleteKeyItem(keyAlias, emptyOptions)
.then ((data) => {
console.info(`promise: deleteKeyItem key success`);
})
.catch(error => {
console.error(`promise: deleteKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: deleteKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.getSdkVersion
getSdkVersion(options: HuksOptions) : string
Obtains the SDK version of the current system.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ---------- | ---- | ------------------------- |
| options | [HuksOptions](#huksoptions) | Yes | Empty object, which is used to hold the SDK version.|
**Return value**
| Type | Description |
| ------ | ------------- |
| string | SDK version obtained.|
**Example**
```js
/* Set options to emptyOptions. */
let emptyOptions = {
properties: []
};
let result = huks.getSdkVersion(emptyOptions);
```
## huks.importKeyItem<sup>9+</sup>
importKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<void>) : void
Imports a key in plaintext. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import. |
| callback | AsyncCallback\<void> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.|
**Example**
```js
/* Import an AES key of 256 bits. */
let plainTextSize32 = makeRandomArr(32);
function makeRandomArr(size) {
let arr = new Uint8Array(size);
for (let i = 0; i < size; i++) {
arr[i] = Math.floor(Math.random() * 10);
}
return arr;
};
let keyAlias = 'keyAlias';
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let options = {
properties: properties,
inData: plainTextSize32
};
try {
huks.importKeyItem(keyAlias, options, function (error, data) {
if (error) {
console.error(`callback: importKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: importKeyItem success`);
}
});
} catch (error) {
console.error(`callback: importKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.importKeyItem<sup>9+</sup>
importKeyItem(keyAlias: string, options: HuksOptions) : Promise\<void>
Imports a key in plaintext. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ----------------------------------- |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.|
**Example**
```js
/* Import an AES key of 128 bits. */
let plainTextSize32 = makeRandomArr(32);
function makeRandomArr(size) {
let arr = new Uint8Array(size);
for (let i = 0; i < size; i++) {
arr[i] = Math.floor(Math.random() * 10);
}
return arr;
};
/* Step 1 Generate a key. */
let keyAlias = 'keyAlias';
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let huksoptions = {
properties: properties,
inData: plainTextSize32
};
try {
huks.importKeyItem(keyAlias, huksoptions)
.then ((data) => {
console.info(`promise: importKeyItem success`);
})
.catch(error => {
console.error(`promise: importKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: importKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.attestKeyItem<sup>9+</sup>
attestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksReturnResult>) : void
Obtains the certificate used to verify a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the key. The certificate to be obtained stores the key. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters and data required for obtaining the certificate. |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.|
**Example**
```js
let securityLevel = stringToUint8Array('sec_level');
let challenge = stringToUint8Array('challenge_data');
let versionInfo = stringToUint8Array('version_info');
let keyAliasString = "key attest";
function stringToUint8Array(str) {
let arr = [];
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
let tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array;
}
async function generateKey(alias) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_STORAGE_FLAG,
value: huks.HuksKeyStorageType.HUKS_STORAGE_PERSISTENT
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PSS
};
properties[6] = {
tag: huks.HuksTag.HUKS_TAG_KEY_GENERATE_TYPE,
value: huks.HuksKeyGenerateType.HUKS_KEY_GENERATE_TYPE_DEFAULT
};
properties[7] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let options = {
properties: properties
};
try {
huks.generateKeyItem(alias, options, function (error, data) {
if (error) {
console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: generateKeyItem success`);
}
});
} catch (error) {
console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function attestKey() {
let aliasString = keyAliasString;
let aliasUint8 = stringToUint8Array(aliasString);
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO,
value: securityLevel
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE,
value: challenge
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO,
value: versionInfo
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS,
value: aliasUint8
};
let options = {
properties: properties
};
await generateKey(aliasString);
try {
huks.attestKeyItem(aliasString, options, function (error, data) {
if (error) {
console.error(`callback: attestKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: attestKeyItem success`);
}
});
} catch (error) {
console.error(`callback: attestKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
```
## huks.attestKeyItem<sup>9+</sup>
attestKeyItem(keyAlias: string, options: HuksOptions) : Promise\<HuksReturnResult>
Obtains the certificate used to verify a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------------------ |
| keyAlias | string | Yes | Alias of the key. The certificate to be obtained stores the key.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters and data required for obtaining the certificate. |
**Return value**
| Type | Description |
| ---------------------------------------------- | --------------------------------------------- |
| Promise<[HuksReturnResult](#huksreturnresult)> | Promise used to return the result. If **err** is not returned, the operation is successful. Otherwise, an error occurs.|
**Example**
```js
let securityLevel = stringToUint8Array('sec_level');
let challenge = stringToUint8Array('challenge_data');
let versionInfo = stringToUint8Array('version_info');
let keyAliasString = "key attest";
function stringToUint8Array(str) {
let arr = [];
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
let tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array;
}
async function generateKey(alias) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_STORAGE_FLAG,
value: huks.HuksKeyStorageType.HUKS_STORAGE_PERSISTENT
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PSS
};
properties[6] = {
tag: huks.HuksTag.HUKS_TAG_KEY_GENERATE_TYPE,
value: huks.HuksKeyGenerateType.HUKS_KEY_GENERATE_TYPE_DEFAULT
};
properties[7] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let options = {
properties: properties
};
try {
await huks.generateKeyItem(alias, options)
.then((data) => {
console.info(`promise: generateKeyItem success`);
})
.catch(error => {
console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function attestKey() {
let aliasString = keyAliasString;
let aliasUint8 = stringToUint8Array(aliasString);
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO,
value: securityLevel
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE,
value: challenge
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO,
value: versionInfo
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS,
value: aliasUint8
};
let options = {
properties: properties
};
await generateKey(aliasString);
try {
await huks.attestKeyItem(aliasString, options)
.then ((data) => {
console.info(`promise: attestKeyItem success`);
})
.catch(error => {
console.error(`promise: attestKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: attestKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
```
## huks.importWrappedKeyItem<sup>9+</sup>
importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions, callback: AsyncCallback\<void>) : void
Imports a wrapped key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ---------------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the wrapped key to import. |
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import.|
| callback | AsyncCallback\<void> | Yes | Callback invoked to return the result. If the operation is successful, no **err** value is returned; otherwise, an error code is returned.|
**Example**
```js
import huks from '@ohos.security.huks';
let exportWrappingKey;
let alias1 = "importAlias";
let alias2 = "wrappingKeyAlias";
async function TestGenFunc(alias, options) {
try {
await genKey(alias, options)
.then((data) => {
console.info(`callback: generateKeyItem success`);
})
.catch(error => {
console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
function genKey(alias, options) {
return new Promise((resolve, reject) => {
try {
huks.generateKeyItem(alias, options, function (error, data) {
if (error) {
reject(error);
} else {
resolve(data);
}
});
} catch (error) {
throw(error);
}
});
}
async function TestExportFunc(alias, options) {
try {
await exportKey(alias, options)
.then ((data) => {
console.info(`callback: exportKeyItem success, data = ${JSON.stringify(data)}`);
exportWrappingKey = data.outData;
})
.catch(error => {
console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`callback: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
function exportKey(alias, options) : Promise<huks.HuksReturnResult> {
return new Promise((resolve, reject) => {
try {
huks.exportKeyItem(alias, options, function (error, data) {
if (error) {
reject(error);
} else {
resolve(data);
}
});
} catch (error) {
throw(error);
}
});
}
async function TestImportWrappedFunc(alias, wrappingAlias, options) {
try {
await importWrappedKey(alias, wrappingAlias, options)
.then ((data) => {
console.info(`callback: importWrappedKeyItem success`);
})
.catch(error => {
console.error(`callback: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`callback: importWrappedKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
function importWrappedKey(alias, wrappingAlias, options) {
return new Promise((resolve, reject) => {
try {
huks.importWrappedKeyItem(alias, wrappingAlias, options, function (error, data) {
if (error) {
reject(error);
} else {
resolve(data);
}
});
} catch (error) {
throw(error);
}
});
}
async function TestImportWrappedKeyFunc(
alias,
wrappingAlias,
genOptions,
importOptions
) {
await TestGenFunc(wrappingAlias, genOptions);
await TestExportFunc(wrappingAlias, genOptions);
/*The following operations do not invoke the HUKS APIs, and the specific implementation is not provided here.
* For example, import **keyA**.
* 1. Use ECC to generate a public and private key pair **keyB**. The public key is **keyB_pub**, and the private key is **keyB_pri**.
* 2. Use **keyB_pri** and the public key obtained from **wrappingAlias** to negotiate the shared key **share_key**.
* 3. Randomly generate a key **kek** and use it to encrypt **keyA** with AES-GCM. During the encryption, record **nonce1**, **aad1**, ciphertext **keyA_enc**, and encrypted **tag1**.
* 4. Use **share_key** to encrypt **kek** with AES-GCM. During the encryption, record **nonce2**, **aad2**, ciphertext **kek_enc**, and encrypted **tag2**.
* 5. Generate the **importOptions.inData** field in the following format:
* keyB_pub length (4 bytes) + keyB_pub + aad2 length (4 bytes) + aad2 +
* nonce2 length (4 bytes) + nonce2 + tag2 length (4 bytes) + tag2 +
* kek_enc length (4 bytes) + kek_enc + aad1 length (4 bytes) + aad1 +
* nonce1 length (4 bytes) + nonce1 + tag1 length (4 bytes) + tag1 +
* Memory occupied by the keyA length (4 bytes) + keyA length + keyA_enc length (4 bytes) + keyA_enc
*/
let inputKey = new Uint8Array([0x02, 0x00, 0x00, 0x00]);
importOptions.inData = inputKey;
await TestImportWrappedFunc(alias, wrappingAlias, importOptions);
}
function makeGenerateOptions() {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_IMPORT_KEY_TYPE,
value: huks.HuksImportKeyType.HUKS_KEY_TYPE_KEY_PAIR,
};
let options = {
properties: properties
};
return options;
};
function makeImportOptions() {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_CBC
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_NONE
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE,
value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING
};
let options = {
properties: properties
};
return options;
};
function huksImportWrappedKey() {
let genOptions = makeGenerateOptions();
let importOptions = makeImportOptions();
TestImportWrappedKeyFunc(
alias1,
alias2,
genOptions,
importOptions
);
}
```
## huks.importWrappedKeyItem<sup>9+</sup>
importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions) : Promise\<void>
Imports a wrapped key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ---------------- | --------------------------- | ---- | --------------------------------------------- |
| keyAlias | string | Yes | Alias of the wrapped key to import. |
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import.|
**Example**
```js
/* The process is similar as if a callback is used, except the following:*/
async function TestImportWrappedFunc(alias, wrappingAlias, options) {
try {
await huks.importWrappedKeyItem(alias, wrappingAlias, options)
.then ((data) => {
console.info(`promise: importWrappedKeyItem success`);
})
.catch(error => {
console.error(`promise: importWrappedKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: importWrappedKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
```
## huks.exportKeyItem<sup>9+</sup>
exportKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksReturnResult>) : void
Exports a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs. **outData** contains the public key exported.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.exportKeyItem(keyAlias, emptyOptions, function (error, data) {
if (error) {
console.error(`callback: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: exportKeyItem success, data = ${JSON.stringify(data)}`);
}
});
} catch (error) {
console.error(`callback: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.exportKeyItem<sup>9+</sup>
exportKeyItem(keyAlias: string, options: HuksOptions) : Promise\<HuksReturnResult>
Exports a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | -------------------------------------------- |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
**Return value**
| Type | Description |
| ---------------------------------------------- | ------------------------------------------------------------ |
| Promise<[HuksReturnResult](#huksreturnresult)> | Promise used to return the result. If **err** is not returned, the operation is successful. Otherwise, an error occurs. **outData** contains the public key exported.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.exportKeyItem(keyAlias, emptyOptions)
.then ((data) => {
console.info(`promise: exportKeyItem success, data = ${JSON.stringify(data)}`);
})
.catch(error => {
console.error(`promise: exportKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: exportKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.getKeyItemProperties<sup>9+</sup>
getKeyItemProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksReturnResult>) : void
Obtains key properties. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result. If **errorCode** is **HUKS_SUCCESS**, the operation is successful. Otherwise, an error occurs.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.getKeyItemProperties(keyAlias, emptyOptions, function (error, data) {
if (error) {
console.error(`callback: getKeyItemProperties failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: getKeyItemProperties success, data = ${JSON.stringify(data)}`);
}
});
} catch (error) {
console.error(`callback: getKeyItemProperties input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.getKeyItemProperties<sup>9+</sup>
getKeyItemProperties(keyAlias: string, options: HuksOptions) : Promise\<HuksReturnResult>
Obtains key properties. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | -------------------------------------------- |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
**Return value**
| Type | Description |
| ----------------------------------------------- | ------------------------------------------------------------ |
| Promise\<[HuksReturnResult](#huksreturnresult)> | Promise used to return the result. If **err** is not returned, the operation is successful. Otherwise, an error occurs. **properties** returns the parameters required for generating the key.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.getKeyItemProperties(keyAlias, emptyOptions)
.then ((data) => {
console.info(`promise: getKeyItemProperties success, data = ${JSON.stringify(data)}`);
})
.catch(error => {
console.error(`promise: getKeyItemProperties failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: getKeyItemProperties input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.isKeyItemExist<sup>9+</sup>
isKeyItemExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<boolean>) : void
Checks whether a key exists. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | --------------------------------------- |
| keyAlias | string | Yes | Alias of the key to check. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<boolean> | Yes | Callback invoked to return the result. The value **TRUE** means that the key exists, and **FALSE** means the opposite.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.isKeyItemExist(keyAlias, emptyOptions, function (error, data) {
if (error) {
console.info(`callback: isKeyItemExist success, data = ${JSON.stringify(data)}`);
} else {
console.error(`callback: isKeyItemExist failed, code: ${error.code}, msg: ${error.message}`);
}
});
} catch (error) {
console.error(`promise: isKeyItemExist input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.isKeyItemExist<sup>9+</sup>
isKeyItemExist(keyAlias: string, options: HuksOptions) : Promise\<boolean>
Checks whether a key exists. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------ |
| keyAlias | string | Yes | Alias of the key to check. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ----------------- | --------------------------------------- |
| Promise\<boolean> | Promise used to return the result. The value **TRUE** means that the key exists, and **FALSE** means the opposite.|
**Example**
```js
/* Set options to emptyOptions. */
let keyAlias = 'keyAlias';
let emptyOptions = {
properties: []
};
try {
huks.isKeyItemExist(keyAlias, emptyOptions)
.then ((data) => {
console.info(`promise: isKeyItemExist success, data = ${JSON.stringify(data)}`);
})
.catch(error => {
console.error(`promise: isKeyItemExist failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: isKeyItemExist input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
```
## huks.initSession<sup>9+</sup>
initSession(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksSessionHandle>) : void
Initializes the data for a key operation. This API uses an asynchronous callback to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------------------- | ---- | ---------------------------------------------------- |
| keyAlias | string | Yes | Alias of the target key. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization. |
| callback | AsyncCallback\<[HuksSessionHandle](#hukssessionhandle)> | Yes | Callback invoked to return the key operation handle.|
## huks.initSession<sup>9+</sup>
initSession(keyAlias: string, options: HuksOptions) : Promise\<HuksSessionHandle>
Initializes the data for a key operation. This API uses a promise to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------------- | ---- | ------------------------------------------------ |
| keyAlias | string | Yes | Alias of the target key. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization. |
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksSessionHandle](#hukssessionhandle)> | Promise used to return the key operation handle.|
## huks.updateSession<sup>9+</sup>
updateSession(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksReturnResult>) : void
Updates the key operation by segment. This API uses an asynchronous callback to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result.|
## huks.updateSession<sup>9+</sup>
updateSession(handle: number, options: HuksOptions, token: Uint8Array, callback: AsyncCallback\<HuksReturnResult>) : void
Updates the key operation by segment. This API uses an asynchronous callback to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| token | Uint8Array | Yes | Token of the **Update** operation. |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result.|
## huks.updateSession<sup>9+</sup>
updateSession(handle: number, options: HuksOptions, token?: Uint8Array) : Promise\<HuksReturnResult>
Updates the key operation data by segment. This API uses a promise to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ---------------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise<[HuksReturnResult](#huksreturnresult)> | Promise used to return the result.|
## huks.finishSession<sup>9+</sup>
finishSession(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksReturnResult>) : void
Completes the key operation and releases resources. This API uses an asynchronous callback to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| token | Uint8Array | Yes | Token for the **Finish** operation. |
| callback | AsyncCallback<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result.|
## huks.finishSession<sup>9+</sup>
finishSession(handle: number, options: HuksOptions, token: Uint8Array, callback: AsyncCallback\<HuksReturnResult>) : void
Completes the key operation and releases resources. This API uses an asynchronous callback to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
| Name | Value | Description| **Parameters**
| -------------------------- | ----- | ---- |
| HUKS_SUCCESS | 0 |Success.| | Name | Type | Mandatory| Description |
| HUKS_FAILURE | -1 |Failure.| | -------- | ----------------------------------------------------- | ---- | -------------------------------------------- |
| HUKS_ERROR_BAD_STATE | -2 |Incorrect state.| | handle | number | Yes | Handle of the **Finish** operation. |
| HUKS_ERROR_INVALID_ARGUMENT | -3 |Invalid argument.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| HUKS_ERROR_NOT_SUPPORTED | -4 |Not supported.| | token | Uint8Array | Yes | Token for the **Finish** operation. |
| HUKS_ERROR_NO_PERMISSION | -5 |No permission.| | callback | AsyncCallback\<[HuksReturnResult](#huksreturnresult)> | Yes | Callback invoked to return the result.|
| HUKS_ERROR_INSUFFICIENT_DATA | -6 |Insufficient data.|
| HUKS_ERROR_BUFFER_TOO_SMALL | -7 |Insufficient buffer.|
| HUKS_ERROR_INSUFFICIENT_MEMORY | -8 |Insufficient memory.| ## huks.finishSession<sup>9+</sup>
| HUKS_ERROR_COMMUNICATION_FAILURE | -9 |Communication failure.|
| HUKS_ERROR_STORAGE_FAILURE | -10 |Storage failure.| finishSession(handle: number, options: HuksOptions, token?: Uint8Array) : Promise\<HuksReturnResult>
| HUKS_ERROR_HARDWARE_FAILURE | -11 |Hardware fault.|
| HUKS_ERROR_ALREADY_EXISTS | -12 |The object already exists.| Completes the key operation and releases resources. This API uses a promise to return the result. **huks.initSession**, **huks.updateSession**, and **huks.finishSession** must be used together.
| HUKS_ERROR_NOT_EXIST | -13 |The object does not exist.|
| HUKS_ERROR_NULL_POINTER | -14 |Null pointer.| **System capability**: SystemCapability.Security.Huks
| HUKS_ERROR_FILE_SIZE_FAIL | -15 |Incorrect file size.|
| HUKS_ERROR_READ_FILE_FAIL | -16 |Failed to read the file.| **Parameters**
| HUKS_ERROR_INVALID_PUBLIC_KEY | -17 |Invalid public key.|
| HUKS_ERROR_INVALID_PRIVATE_KEY | -18 |Invalid private key.| | Name | Type | Mandatory| Description |
| HUKS_ERROR_INVALID_KEY_INFO | -19 |Invalid key information.| | ------- | ----------------------------------------------- | ---- | ----------------------------------- |
| HUKS_ERROR_HASH_NOT_EQUAL | -20 |The hash values are not equal.| | handle | number | Yes | Handle of the **Finish** operation. |
| HUKS_ERROR_MALLOC_FAIL | -21 |MALLOC failed.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| HUKS_ERROR_WRITE_FILE_FAIL | -22 |Failed to write the file.| | token | Uint8Array | No | Token for the **Finish** operation. |
| HUKS_ERROR_REMOVE_FILE_FAIL | -23 |Failed to delete the file.|
| HUKS_ERROR_OPEN_FILE_FAIL | -24 |Failed to open the file.| **Return value**
| HUKS_ERROR_CLOSE_FILE_FAIL | -25 |Failed to close the file.|
| HUKS_ERROR_MAKE_DIR_FAIL | -26 |Failed to create the directory.| | Type | Description |
| HUKS_ERROR_INVALID_KEY_FILE | -27 |Invalid key file.| | ----------------------------------- | -------------------------------------------------- |
| HUKS_ERROR_IPC_MSG_FAIL | -28 |Incorrect IPC information.| | Promise\<[HuksReturnResult](#huksreturnresult)> | Promise used to return the result.|
| HUKS_ERROR_REQUEST_OVERFLOWS | -29 |Request overflows.|
| HUKS_ERROR_PARAM_NOT_EXIST | -30 |The parameter does not exist.|
| HUKS_ERROR_CRYPTO_ENGINE_ERROR | -31 |CRYPTO ENGINE error.| ## huks.abortSession<sup>9+</sup>
| HUKS_ERROR_COMMUNICATION_TIMEOUT | -32 |Communication timed out.|
| HUKS_ERROR_IPC_INIT_FAIL | -33 |IPC initialization failed.| abortSession(handle: number, options: HuksOptions, callback: AsyncCallback\<void>) : void
| HUKS_ERROR_IPC_DLOPEN_FAIL | -34 |IPC DLOPEN failed.|
| HUKS_ERROR_EFUSE_READ_FAIL | -35 |Failed to read eFUSE.| Aborts the use of the key. This API uses an asynchronous callback to return the result.
| HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST | -36 |New root key material exists.|
| HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL | -37 |Failed to update the root key material.| **System capability**: SystemCapability.Security.Huks
| HUKS_ERROR_VERIFICATION_FAILED | -38 |Failed to verify the certificate chain.|
| HUKS_ERROR_GET_USERIAM_SECINFO_FAILED<sup>9+</sup> | -40 |Failed to obtain the security attribute information of the user.| **Parameters**
| HUKS_ERROR_GET_USERIAM_AUTHINFO_FAILED<sup>9+</sup> | -41 |Failed to obtain the authentication information of the user.|
| HUKS_ERROR_USER_AUTH_TYPE_NOT_SUPPORT<sup>9+</sup> | -42 |The access control of the current authentication type is not supported.| | Name | Type | Mandatory| Description |
| HUKS_ERROR_KEY_AUTH_FAILED<sup>9+</sup> | -43 |The access control authentication has failed.| | -------- | --------------------------- | ---- | ------------------------------------------- |
| HUKS_ERROR_DEVICE_NO_CREDENTIAL<sup>9+</sup> | -44 |No credential has been enrolled for the device.| | handle | number | Yes | Handle of the **Abort** operation. |
| HUKS_ERROR_CHECK_GET_ALG_FAIL | -100 |Failed to check whether the ALG is obtained. | | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation. |
| HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL | -101 |Failed to check whether the key size is obtained.| | callback | AsyncCallback\<void> | Yes | Callback invoked to return the result.|
| HUKS_ERROR_CHECK_GET_PADDING_FAIL | -102 |Failed to check whether padding is obtained.|
| HUKS_ERROR_CHECK_GET_PURPOSE_FAIL | -103 |Failed to check whether the purpose is obtained.| **Example**
| HUKS_ERROR_CHECK_GET_DIGEST_FAIL | -104 |Failed to check whether digest is obtained.|
| HUKS_ERROR_CHECK_GET_MODE_FAIL | -105 |Failed to check whether the mode is obtained.| ```js
| HUKS_ERROR_CHECK_GET_NONCE_FAIL | -106 |Failed to check whether the nonce is obtained.| /* huks.initSession, huks.updateSession, and huks.finishSession must be used together.
| HUKS_ERROR_CHECK_GET_AAD_FAIL | -107 |Failed to check whether the AAD is obtained.| * If an error occurs in any of huks.initSession, huks.updateSession,
| HUKS_ERROR_CHECK_GET_IV_FAIL | -108 |Failed to check whether the initialization vector (IV) is obtained.| * and huks.finishSession operation,
| HUKS_ERROR_CHECK_GET_AE_TAG_FAIL | -109 |Failed to check whether the AE flag is obtained.| * huks.abortSession must be called to terminate the use of the key.
| HUKS_ERROR_CHECK_GET_SALT_FAIL | -110 |Failed to check whether the SALT is obtained.| *
| HUKS_ERROR_CHECK_GET_ITERATION_FAIL | -111 |Failed to check whether the iteration is obtained.| * The following uses the callback of an RSA1024 key as an example.
| HUKS_ERROR_INVALID_ALGORITHM | -112 |Invalid algorithm.| */
| HUKS_ERROR_INVALID_KEY_SIZE | -113 |Invalid key size.| function stringToUint8Array(str) {
| HUKS_ERROR_INVALID_PADDING | -114 |Invalid padding.| let arr = [];
| HUKS_ERROR_INVALID_PURPOSE | -115 |Invalid purpose.| for (let i = 0, j = str.length; i < j; ++i) {
| HUKS_ERROR_INVALID_MODE | -116 |Invalid mode.| arr.push(str.charCodeAt(i));
| HUKS_ERROR_INVALID_DIGEST | -117 |Invalid digest.| }
| HUKS_ERROR_INVALID_SIGNATURE_SIZE | -118 |Invalid signature size.| let tmpUint8Array = new Uint8Array(arr);
| HUKS_ERROR_INVALID_IV | -119 |Invalid IV.| return tmpUint8Array;
| HUKS_ERROR_INVALID_AAD | -120 |Invalid AAD.| }
| HUKS_ERROR_INVALID_NONCE | -121 |Invalid nonce.|
| HUKS_ERROR_INVALID_AE_TAG | -122 |Invalid AE tag.| let keyAlias = "HuksDemoRSA";
| HUKS_ERROR_INVALID_SALT | -123 |Invalid SALT.| let properties = new Array();
| HUKS_ERROR_INVALID_ITERATION | -124 |Invalid iteration.| let options = {
| HUKS_ERROR_INVALID_OPERATION | -125 |Invalid operation.| properties: properties,
| HUKS_ERROR_INVALID_WRAPPED_FORMAT<sup>9+</sup> | -126 |Incorrect format of the wrapped key being imported.| inData: new Uint8Array(0)
| HUKS_ERROR_INVALID_USAGE_OF_KEY<sup>9+</sup> | -127 |Incorrect purpose of the wrapped key being imported.| };
| HUKS_ERROR_INTERNAL_ERROR | -999 |Internal error.| let handle;
| HUKS_ERROR_UNKNOWN_ERROR | -1000 |Unknown error.| async function generateKey() {
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB,
}
try {
await huks.generateKeyItem(keyAlias, options, function (error, data) {
if (error) {
console.error(`callback: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: generateKeyItem success`);
}
});
} catch (error) {
console.error(`callback: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksInit() {
console.log('enter huksInit');
try {
huks.initSession(keyAlias, options, function (error, data) {
if (error) {
console.error(`callback: initSession failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: initSession success, data = ${JSON.stringify(data)}`);
handle = data.handle;
}
});
} catch (error) {
console.error(`callback: initSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksUpdate() {
console.log('enter huksUpdate');
options.inData = stringToUint8Array("huksHmacTest");
try {
huks.updateSession(handle, options, function (error, data) {
if (error) {
console.error(`callback: updateSession failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: updateSession success, data = ${JSON.stringify(data)}`);
}
});
} catch (error) {
console.error(`callback: updateSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksFinish() {
console.log('enter huksFinish');
options.inData = new Uint8Array(0);
try {
huks.finishSession(handle, options, function (error, data) {
if (error) {
console.error(`callback: finishSession failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: finishSession success, data = ${JSON.stringify(data)}`);
}
});
} catch (error) {
console.error(`callback: finishSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksAbort() {
console.log('enter huksAbort');
try {
huks.abortSession(handle, options, function (error, data) {
if (error) {
console.error(`callback: abortSession failed, code: ${error.code}, msg: ${error.message}`);
} else {
console.info(`callback: abortSession success`);
}
});
} catch (error) {
console.error(`callback: abortSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
```
## huks.abortSession<sup>9+</sup>
abortSession(handle: number, options: HuksOptions) : Promise\<void>;
Aborts the use of the key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | --------------------------- | ---- | ------------------------------------------- |
| handle | number | Yes | Handle of the **Abort** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation. |
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<void> | Promise used to return the result.|
**Example**
```js
/* huks.initSession, huks.updateSession, and huks.finishSession must be used together.
* If an error occurs in any of huks.initSession, huks.updateSession,
* and huks.finishSession operation,
* huks.abortSession must be called to terminate the use of the key.
*
* The following uses the callback of an RSA1024 key as an example.
*/
function stringToUint8Array(str) {
let arr = [];
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
let tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array;
}
let keyAlias = "HuksDemoRSA";
let properties = new Array();
let options = {
properties: properties,
inData: new Uint8Array(0)
};
let handle;
async function generateKey() {
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB,
}
try {
await huks.generateKeyItem(keyAlias, options)
.then((data) => {
console.info(`promise: generateKeyItem success`);
})
.catch(error => {
console.error(`promise: generateKeyItem failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: generateKeyItem input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksInit() {
console.log('enter huksInit');
try {
await huks.initSession(keyAlias, options)
.then ((data) => {
console.info(`promise: initSession success, data = ${JSON.stringify(data)}`);
handle = data.handle;
})
.catch(error => {
console.error(`promise: initSession key failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: initSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksUpdate() {
console.log('enter huksUpdate');
options.inData = stringToUint8Array("huksHmacTest");
try {
await huks.updateSession(handle, options)
.then ((data) => {
console.info(`promise: updateSession success, data = ${JSON.stringify(data)}`);
})
.catch(error => {
console.error(`promise: updateSession failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: updateSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksFinish() {
console.log('enter huksFinish');
options.inData = new Uint8Array(0);
try {
await huks.finishSession(handle, options)
.then ((data) => {
console.info(`promise: finishSession success, data = ${JSON.stringify(data)}`);
})
.catch(error => {
console.error(`promise: finishSession failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: finishSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
async function huksAbort() {
console.log('enter huksAbort');
try {
await huks.abortSession(keyAlias, options)
.then ((data) => {
console.info(`promise: abortSession success`);
})
.catch(error => {
console.error(`promise: abortSession failed, code: ${error.code}, msg: ${error.message}`);
});
} catch (error) {
console.error(`promise: abortSession input arg invalid, code: ${error.code}, msg: ${error.message}`);
}
}
```
## HuksExceptionErrCode<sup>9+</sup>
Enumerates the error codes.
For details about the error codes, see [KUKS Error Codes](../errorcodes/errorcode-huks.md).
**System capability**: SystemCapability.Security.Huks
| Name | Description | Error Code |
| ---------------------------------------------- | --------------------------- | -------- |
| HUKS_ERR_CODE_PERMISSION_FAIL | Permission verification failed. | 201 |
| HUKS_ERR_CODE_ILLEGAL_ARGUMENT | Invalid parameters are detected. | 401 |
| HUKS_ERR_CODE_NOT_SUPPORTED_API | The API is not supported. | 801 |
| HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED | The feature is not supported. | 12000001 |
| HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT | Key algorithm parameters are missing. | 12000002 |
| HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT | Invalid key algorithm parameters are detected. | 12000003 |
| HUKS_ERR_CODE_FILE_OPERATION_FAIL | The file operation failed. | 12000004 |
| HUKS_ERR_CODE_COMMUNICATION_FAIL | The communication failed. | 12000005 |
| HUKS_ERR_CODE_CRYPTO_FAIL | Failed to operate the algorithm library. | 12000006 |
| HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED | Failed to access the key because the key has expired.| 12000007 |
| HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED | Failed to access the key because the authentication has failed.| 12000008 |
| HUKS_ERR_CODE_KEY_AUTH_TIME_OUT | Key access timed out.| 12000009 |
| HUKS_ERR_CODE_SESSION_LIMIT | The number of key operation sessions has reached the limit. | 12000010 |
| HUKS_ERR_CODE_ITEM_NOT_EXIST | The target object does not exist. | 12000011 |
| HUKS_ERR_CODE_EXTERNAL_ERROR | An external error occurs. | 12000012 |
| HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST | The credential does not exist. | 12000013 |
| HUKS_ERR_CODE_INSUFFICIENT_MEMORY | The memory is insufficient. | 12000014 |
| HUKS_ERR_CODE_CALL_SERVICE_FAILED | Failed to call other system services. | 12000015 |
## HuksKeyPurpose ## HuksKeyPurpose
...@@ -104,13 +1634,13 @@ Enumerates the key purposes. ...@@ -104,13 +1634,13 @@ Enumerates the key purposes.
| Name | Value | Description | | Name | Value | Description |
| ------------------------ | ---- | -------------------------------- | | ------------------------ | ---- | -------------------------------- |
| HUKS_KEY_PURPOSE_ENCRYPT | 1 | Used to encrypt plaintext.| | HUKS_KEY_PURPOSE_ENCRYPT | 1 | Used to encrypt the plaintext.|
| HUKS_KEY_PURPOSE_DECRYPT | 2 | Used to decrypt the cipher text.| | HUKS_KEY_PURPOSE_DECRYPT | 2 | Used to decrypt the cipher text.|
| HUKS_KEY_PURPOSE_SIGN | 4 | Used to sign data. | | HUKS_KEY_PURPOSE_SIGN | 4 | Used for signing. |
| HUKS_KEY_PURPOSE_VERIFY | 8 | Used to verify the signed data. | | HUKS_KEY_PURPOSE_VERIFY | 8 | Used to verify the signature. |
| HUKS_KEY_PURPOSE_DERIVE | 16 | Used to derive a key. | | HUKS_KEY_PURPOSE_DERIVE | 16 | Used to derive a key. |
| HUKS_KEY_PURPOSE_WRAP | 32 | Used to wrap a key. | | HUKS_KEY_PURPOSE_WRAP | 32 | Used for an encrypted export. |
| HUKS_KEY_PURPOSE_UNWRAP | 64 | Used to unwrap a key. | | HUKS_KEY_PURPOSE_UNWRAP | 64 | Used for an encrypted import. |
| HUKS_KEY_PURPOSE_MAC | 128 | Used to generate a message authentication code (MAC). | | HUKS_KEY_PURPOSE_MAC | 128 | Used to generate a message authentication code (MAC). |
| HUKS_KEY_PURPOSE_AGREE | 256 | Used for key agreement. | | HUKS_KEY_PURPOSE_AGREE | 256 | Used for key agreement. |
...@@ -125,7 +1655,7 @@ Enumerates the digest algorithms. ...@@ -125,7 +1655,7 @@ Enumerates the digest algorithms.
| HUKS_DIGEST_NONE | 0 | No digest algorithm| | HUKS_DIGEST_NONE | 0 | No digest algorithm|
| HUKS_DIGEST_MD5 | 1 | MD5| | HUKS_DIGEST_MD5 | 1 | MD5|
| HUKS_DIGEST_SM3<sup>9+</sup> | 2 | SM3| | HUKS_DIGEST_SM3<sup>9+</sup> | 2 | SM3|
| HUKS_DIGEST_SHA1 | 10 | SHA1| | HUKS_DIGEST_SHA1 | 10 | SHA-1|
| HUKS_DIGEST_SHA224 | 11 | SHA-224| | HUKS_DIGEST_SHA224 | 11 | SHA-224|
| HUKS_DIGEST_SHA256 | 12 | SHA-256| | HUKS_DIGEST_SHA256 | 12 | SHA-256|
| HUKS_DIGEST_SHA384 | 13 | SHA-384| | HUKS_DIGEST_SHA384 | 13 | SHA-384|
...@@ -142,8 +1672,8 @@ Enumerates the padding algorithms. ...@@ -142,8 +1672,8 @@ Enumerates the padding algorithms.
| HUKS_PADDING_NONE | 0 | No padding algorithm| | HUKS_PADDING_NONE | 0 | No padding algorithm|
| HUKS_PADDING_OAEP | 1 | Optimal Asymmetric Encryption Padding (OAEP)| | HUKS_PADDING_OAEP | 1 | Optimal Asymmetric Encryption Padding (OAEP)|
| HUKS_PADDING_PSS | 2 | Probabilistic Signature Scheme (PSS)| | HUKS_PADDING_PSS | 2 | Probabilistic Signature Scheme (PSS)|
| HUKS_PADDING_PKCS1_V1_5 | 3 | PKCS1_V1_5| | HUKS_PADDING_PKCS1_V1_5 | 3 | Public Key Cryptography Standards (PKCS) #1 v1.5|
| HUKS_PADDING_PKCS5 | 4 | Public Key Cryptography Standards (PKCS) #5| | HUKS_PADDING_PKCS5 | 4 | PKCS #5|
| HUKS_PADDING_PKCS7 | 5 | PKCS #7| | HUKS_PADDING_PKCS7 | 5 | PKCS #7|
## HuksCipherMode ## HuksCipherMode
...@@ -154,7 +1684,7 @@ Enumerates the cipher modes. ...@@ -154,7 +1684,7 @@ Enumerates the cipher modes.
| Name | Value | Description | | Name | Value | Description |
| ------------- | ---- | --------------------- | | ------------- | ---- | --------------------- |
| HUKS_MODE_ECB | 1 | Electronic Code BLock (ECB) mode| | HUKS_MODE_ECB | 1 | Electronic Code Block (ECB) mode|
| HUKS_MODE_CBC | 2 | Cipher Block Chaining (CBC) mode| | HUKS_MODE_CBC | 2 | Cipher Block Chaining (CBC) mode|
| HUKS_MODE_CTR | 3 | Counter (CTR) mode| | HUKS_MODE_CTR | 3 | Counter (CTR) mode|
| HUKS_MODE_OFB | 4 | Output Feedback (OFB) mode| | HUKS_MODE_OFB | 4 | Output Feedback (OFB) mode|
...@@ -175,20 +1705,20 @@ Enumerates the key sizes. ...@@ -175,20 +1705,20 @@ Enumerates the key sizes.
| HUKS_RSA_KEY_SIZE_2048 | 2048 | RSA key of 2048 bits | | HUKS_RSA_KEY_SIZE_2048 | 2048 | RSA key of 2048 bits |
| HUKS_RSA_KEY_SIZE_3072 | 3072 | RSA key of 3072 bits | | HUKS_RSA_KEY_SIZE_3072 | 3072 | RSA key of 3072 bits |
| HUKS_RSA_KEY_SIZE_4096 | 4096 | RSA key of 4096 bits | | HUKS_RSA_KEY_SIZE_4096 | 4096 | RSA key of 4096 bits |
| HUKS_ECC_KEY_SIZE_224 | 224 | ECC key of 224 bits | | HUKS_ECC_KEY_SIZE_224 | 224 | Elliptic Curve Cryptography (ECC) key of 224 bits |
| HUKS_ECC_KEY_SIZE_256 | 256 | ECC key of 256 bits | | HUKS_ECC_KEY_SIZE_256 | 256 | ECC key of 256 bits |
| HUKS_ECC_KEY_SIZE_384 | 384 | ECC key of 384 bits | | HUKS_ECC_KEY_SIZE_384 | 384 | ECC key of 384 bits |
| HUKS_ECC_KEY_SIZE_521 | 521 | ECC key of 521 bits | | HUKS_ECC_KEY_SIZE_521 | 521 | ECC key of 521 bits |
| HUKS_AES_KEY_SIZE_128 | 128 | AES key of 128 bits | | HUKS_AES_KEY_SIZE_128 | 128 | Advanced Encryption Standard (AES) key of 128 bits |
| HUKS_AES_KEY_SIZE_192 | 196 | AES key of 196 bits | | HUKS_AES_KEY_SIZE_192 | 196 | AES key of 196 bits |
| HUKS_AES_KEY_SIZE_256 | 256 | AES key of 256 bits | | HUKS_AES_KEY_SIZE_256 | 256 | AES key of 256 bits |
| HUKS_AES_KEY_SIZE_512 | 512 | AES key of 512 bits | | HUKS_AES_KEY_SIZE_512 | 512 | AES key of 512 bits |
| HUKS_CURVE25519_KEY_SIZE_256 | 256 | Curve25519 key of 256 bits| | HUKS_CURVE25519_KEY_SIZE_256 | 256 | Curve25519 key of 256 bits|
| HUKS_DH_KEY_SIZE_2048 | 2048 | DH key of 2048 bits | | HUKS_DH_KEY_SIZE_2048 | 2048 | Diffie-Hellman (DH) key of 2048 bits |
| HUKS_DH_KEY_SIZE_3072 | 3072 | DH key of 3072 bits | | HUKS_DH_KEY_SIZE_3072 | 3072 | DH key of 3072 bits |
| HUKS_DH_KEY_SIZE_4096 | 4096 | DH key of 4096 bits | | HUKS_DH_KEY_SIZE_4096 | 4096 | DH key of 4096 bits |
| HUKS_SM2_KEY_SIZE_256<sup>9+</sup> | 256 | SM2 key of 256 bits | | HUKS_SM2_KEY_SIZE_256<sup>9+</sup> | 256 | ShangMi2 (SM2) key of 256 bits |
| HUKS_SM4_KEY_SIZE_128<sup>9+</sup> | 128 | SM4 key of 128 bits | | HUKS_SM4_KEY_SIZE_128<sup>9+</sup> | 128 | ShangMi4 (SM4) key of 128 bits |
## HuksKeyAlg ## HuksKeyAlg
...@@ -233,10 +1763,10 @@ Enumerates the key generation modes. ...@@ -233,10 +1763,10 @@ Enumerates the key generation modes.
| Name | Value | Description | | Name | Value | Description |
| -------------------------- | ---- | ------------------------------------ | | -------------------------- | ---- | ------------------------------------ |
| HUKS_KEY_FLAG_IMPORT_KEY | 1 | The key is imported by using an API. | | HUKS_KEY_FLAG_IMPORT_KEY | 1 | Import a key using an API. |
| HUKS_KEY_FLAG_GENERATE_KEY | 2 | The key is generated by using an API. | | HUKS_KEY_FLAG_GENERATE_KEY | 2 | Generate a key by using an API. |
| HUKS_KEY_FLAG_AGREE_KEY | 3 | The key is generated by using a key agreement API.| | HUKS_KEY_FLAG_AGREE_KEY | 3 | Generate a key by using a key agreement API.|
| HUKS_KEY_FLAG_DERIVE_KEY | 4 | The key is derived by using an API.| | HUKS_KEY_FLAG_DERIVE_KEY | 4 | Derive a key by using an API.|
## HuksKeyStorageType ## HuksKeyStorageType
...@@ -262,7 +1792,7 @@ Enumerates the tag transfer modes. ...@@ -262,7 +1792,7 @@ Enumerates the tag transfer modes.
## HuksUnwrapSuite<sup>9+</sup> ## HuksUnwrapSuite<sup>9+</sup>
Enumerates the algorithm suites used when a wrapped key is imported. Enumerates the algorithm suites required for encrypted imports.
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -303,8 +1833,8 @@ Enumerates the access control types. ...@@ -303,8 +1833,8 @@ Enumerates the access control types.
| Name | Value | Description | | Name | Value | Description |
| --------------------------------------- | ---- | ------------------------------------------------ | | --------------------------------------- | ---- | ------------------------------------------------ |
| HUKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD | 1 | The key is invalid after the password is cleared. | | HUKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD | 1 | The key becomes invalid after the password is cleared. |
| HUKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL | 2 | The key is invalid after a new biometric feature is added.| | HUKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL | 2 | The key becomes invalid after a new biometric feature is added.|
## HuksChallengeType<sup>9+</sup> ## HuksChallengeType<sup>9+</sup>
...@@ -326,10 +1856,10 @@ Enumerates the positions of the 8-byte valid value in a custom challenge generat ...@@ -326,10 +1856,10 @@ Enumerates the positions of the 8-byte valid value in a custom challenge generat
| Name | Value | Description | | Name | Value | Description |
| ------------------------------- | ---- | ------------------------------ | | ------------------------------- | ---- | ------------------------------ |
| HUKS_CHALLENGE_POS_0 | 0 | Bytes 0 to 7 indicate the valid challenge of the key.| | HUKS_CHALLENGE_POS_0 | 0 | Bytes 0 to 7.|
| HUKS_CHALLENGE_POS_1 | 1 | Bytes 8 to 15 indicate the valid challenge of the key.| | HUKS_CHALLENGE_POS_1 | 1 | Bytes 8 to 15.|
| HUKS_CHALLENGE_POS_2 | 2 | Bytes 16 to 23 indicate the valid challenge of the key.| | HUKS_CHALLENGE_POS_2 | 2 | Bytes 16 to 23.|
| HUKS_CHALLENGE_POS_3 | 3 | Bytes 24 to 31 indicate the valid challenge of the key.| | HUKS_CHALLENGE_POS_3 | 3 | Bytes 24 to 31.|
## HuksSecureSignType<sup>9+</sup> ## HuksSecureSignType<sup>9+</sup>
...@@ -339,7 +1869,7 @@ Defines the signature type of the key generated or imported. ...@@ -339,7 +1869,7 @@ Defines the signature type of the key generated or imported.
| Name | Value | Description | | Name | Value | Description |
| ------------------------------ | ---- | ------------------------------------------------------------ | | ------------------------------ | ---- | ------------------------------------------------------------ |
| HUKS_SECURE_SIGN_WITH_AUTHINFO | 1 | The signature carries authentication information. This field is specified when a key is generated or imported. When the key is used to sign data, the data will be added with the authentication information and then be signed.| | HUKS_SECURE_SIGN_WITH_AUTHINFO | 1 | The signature carries authentication information. This field is specified when a key is generated or imported. When the key is used for signing, the data will be added with the authentication information and then be signed.|
## HuksTagType ## HuksTagType
...@@ -347,7 +1877,6 @@ Enumerates the tag data types. ...@@ -347,7 +1877,6 @@ Enumerates the tag data types.
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
| Name | Value | Description | | Name | Value | Description |
| --------------------- | ------- | --------------------------------------- | | --------------------- | ------- | --------------------------------------- |
| HUKS_TAG_TYPE_INVALID | 0 << 28 | Invalid tag type. | | HUKS_TAG_TYPE_INVALID | 0 << 28 | Invalid tag type. |
...@@ -355,875 +1884,405 @@ Enumerates the tag data types. ...@@ -355,875 +1884,405 @@ Enumerates the tag data types.
| HUKS_TAG_TYPE_UINT | 2 << 28 | Number of the uint type.| | HUKS_TAG_TYPE_UINT | 2 << 28 | Number of the uint type.|
| HUKS_TAG_TYPE_ULONG | 3 << 28 | BigInt. | | HUKS_TAG_TYPE_ULONG | 3 << 28 | BigInt. |
| HUKS_TAG_TYPE_BOOL | 4 << 28 | Boolean. | | HUKS_TAG_TYPE_BOOL | 4 << 28 | Boolean. |
| HUKS_TAG_TYPE_BYTES | 5 << 28 | Uint8Array. | | HUKS_TAG_TYPE_BYTES | 5 << 28 | Uint8Array. |
## HuksTag
Enumerates the tags used to invoke parameters.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description |
| -------------------------------------------- | ---------------------------------------- | -------------------------------------- |
| HUKS_TAG_INVALID | HuksTagType.HUKS_TAG_TYPE_INVALID \| 0 | Invalid tag. |
| HUKS_TAG_ALGORITHM | HUKS_TAG_TYPE_UINT \| 1 | Algorithm. |
| HUKS_TAG_PURPOSE | HuksTagType.HUKS_TAG_TYPE_UINT \| 2 | Purpose of a key. |
| HUKS_TAG_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 3 | Key size. |
| HUKS_TAG_DIGEST | HuksTagType.HUKS_TAG_TYPE_UINT \| 4 | Digest algorithm. |
| HUKS_TAG_PADDING | HuksTagType.HUKS_TAG_TYPE_UINT \| 5 | Padding algorithm. |
| HUKS_TAG_BLOCK_MODE | HuksTagType.HUKS_TAG_TYPE_UINT \| 6 | Cipher mode. |
| HUKS_TAG_KEY_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 7 | Key type. |
| HUKS_TAG_ASSOCIATED_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 8 | Associated authentication data. |
| HUKS_TAG_NONCE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 9 | Field for key encryption and decryption. |
| HUKS_TAG_IV | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10 | IV. |
| HUKS_TAG_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 11 | Information generated during key derivation. |
| HUKS_TAG_SALT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 12 | Salt value used for key derivation. |
| HUKS_TAG_PWD | HuksTagType.HUKS_TAG_TYPE_BYTES \| 13 | Password used for key derivation. |
| HUKS_TAG_ITERATION | HuksTagType.HUKS_TAG_TYPE_UINT \| 14 | Number of iterations for key derivation. |
| HUKS_TAG_KEY_GENERATE_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 15 | Key generation type. |
| HUKS_TAG_DERIVE_MAIN_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 16 | Main key for key derivation. |
| HUKS_TAG_DERIVE_FACTOR | HuksTagType.HUKS_TAG_TYPE_BYTES \| 17 | Factor for key derivation. |
| HUKS_TAG_DERIVE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 18 | Type of the algorithm used for key derivation. |
| HUKS_TAG_AGREE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 19 | Type of the algorithm used for key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 20 | Public key alias used in key agreement. |
| HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 21 | Private key alias used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 22 | Public key used in key agreement. |
| HUKS_TAG_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 23 | Key alias. |
| HUKS_TAG_DERIVE_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 24 | Size of the derived key. |
| HUKS_TAG_IMPORT_KEY_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 25 | Type of the imported key. |
| HUKS_TAG_UNWRAP_ALGORITHM_SUITE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 26 | Algorithm suite used when a wrapped key is imported. |
| HUKS_TAG_ACTIVE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 201 | Reserved. |
| HUKS_TAG_ORIGINATION_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 202 | Reserved. |
| HUKS_TAG_USAGE_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 203 | Reserved. |
| HUKS_TAG_CREATION_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 204 | Reserved. |
| HUKS_TAG_ALL_USERS | ksTagType.HUKS_TAG_TYPE_BOOL \| 301 | Reserved. |
| HUKS_TAG_USER_ID | HuksTagType.HUKS_TAG_TYPE_UINT \| 302 | Reserved. |
| HUKS_TAG_NO_AUTH_REQUIRED | HuksTagType.HUKS_TAG_TYPE_BOOL \| 303 | Reserved. |
| HUKS_TAG_USER_AUTH_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 304 | User authentication type. For details, see [HuksUserAuthType](#huksuserauthtype9). This parameter must be set together with [HuksAuthAccessType](#huksauthaccesstype9). You can set a maximum of two user authentication types at a time. For example, if **HuksAuthAccessType** is **HKS_SECURE_ACCESS_INVALID_NEW_BIO_ENROLL**, you can set the authentication type to **HKS_USER_AUTH_TYPE_FACE**, **HKS_USER_AUTH_TYPE_FINGERPRINT**, or their combination.|
| HUKS_TAG_AUTH_TIMEOUT | HuksTagType.HUKS_TAG_TYPE_UINT \| 305 | Reserved. |
| HUKS_TAG_AUTH_TOKEN | HuksTagType.HUKS_TAG_TYPE_BYTES \| 306 | Reserved. |
| HUKS_TAG_KEY_AUTH_ACCESS_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 307 | Access control type. For details, see [HuksAuthAccessType](#huksauthaccesstype9). This parameter must be set together with [HuksUserAuthType](#huksuserauthtype9).|
| HUKS_TAG_KEY_SECURE_SIGN_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 308 | Signature type of the key generated or imported.|
| HUKS_TAG_CHALLENGE_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 309 | Type of the challenge generated for a key. For details, see [HuksChallengeType](#hukschallengetype9).|
| HUKS_TAG_CHALLENGE_POS<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 310 | Position of the 8-byte valid value in a custom challenge. For details, see [HuksChallengePosition](#hukschallengeposition9).|
| HUKS_TAG_ATTESTATION_CHALLENGE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 501 | Challenge value used in the attestation. |
| HUKS_TAG_ATTESTATION_APPLICATION_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 502 | Application ID used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_BRAND | HuksTagType.HUKS_TAG_TYPE_BYTES \| 503 | Brand of the device. |
| HUKS_TAG_ATTESTATION_ID_DEVICE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 504 | Device ID. |
| HUKS_TAG_ATTESTATION_ID_PRODUCT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 505 | Product name of the device. |
| HUKS_TAG_ATTESTATION_ID_SERIAL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 506 | Device SN. |
| HUKS_TAG_ATTESTATION_ID_IMEI | HuksTagType.HUKS_TAG_TYPE_BYTES \| 507 | Device IMEI. |
| HUKS_TAG_ATTESTATION_ID_MEID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 508 | Device MEID. |
| HUKS_TAG_ATTESTATION_ID_MANUFACTURER | HuksTagType.HUKS_TAG_TYPE_BYTES \| 509 | Device manufacturer. |
| HUKS_TAG_ATTESTATION_ID_MODEL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 510 | Device model. |
| HUKS_TAG_ATTESTATION_ID_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 511 | Key alias used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_SOCID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 512 | Device SOCID. |
| HUKS_TAG_ATTESTATION_ID_UDID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 513 | Device UDID. |
| HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 514 | Security credential used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_VERSION_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 515 | Version information used in the attestation. |
| HUKS_TAG_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1001 | Whether to use the alias passed in during key generation.|
| HUKS_TAG_KEY_STORAGE_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1002 | Key storage mode. |
| HUKS_TAG_IS_ALLOWED_WRAP | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1003 | Reserved. |
| HUKS_TAG_KEY_WRAP_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1004 | Reserved. |
| HUKS_TAG_KEY_AUTH_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1005 | Reserved. |
| HUKS_TAG_KEY_ROLE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1006 | Reserved. |
| HUKS_TAG_KEY_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1007 | Flag of the key. |
| HUKS_TAG_IS_ASYNCHRONIZED | HuksTagType.HUKS_TAG_TYPE_UINT \| 1008 | Reserved. |
| HUKS_TAG_SECURE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1009 | Reserved. |
| HUKS_TAG_SECURE_KEY_UUID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1010 | Reserved. |
| HUKS_TAG_KEY_DOMAIN | HuksTagType.HUKS_TAG_TYPE_UINT \| 1011 | Reserved. |
| HUKS_TAG_PROCESS_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10001 | Process name. |
| HUKS_TAG_PACKAGE_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10002 | Reserved. |
| HUKS_TAG_ACCESS_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10003 | Reserved. |
| HUKS_TAG_USES_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10004 | Reserved. |
| HUKS_TAG_CRYPTO_CTX | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10005 | Reserved. |
| HUKS_TAG_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10006 | Reserved. |
| HUKS_TAG_KEY_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10007 | Key version. |
| HUKS_TAG_PAYLOAD_LEN | HuksTagType.HUKS_TAG_TYPE_UINT \| 10008 | Reserved. |
| HUKS_TAG_AE_TAG | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10009 | Reserved. |
| HUKS_TAG_IS_KEY_HANDLE | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10010 | Reserved. |
| HUKS_TAG_OS_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10101 | OS version. |
| HUKS_TAG_OS_PATCHLEVEL | HuksTagType.HUKS_TAG_TYPE_UINT \| 10102 | OS patch level. |
| HUKS_TAG_SYMMETRIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20001 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20002 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20003 | Reserved. |
## huks.generateKey
generateKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Generates a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code defined in **HuksResult** will be returned.|
**Example**
```js
/* Generate an RSA key of 512 bits. */
var keyAlias = 'keyAlias';
var properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_512
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_OAEP
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
var options = {
properties: properties
};
huks.generateKey(keyAlias, options, function (err, data){});
```
## huks.generateKey
generateKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Generates a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------ |
| keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
```js
/* Generate an ECC key of 256 bits. */
var keyAlias = 'keyAlias';
var properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
var options = {
properties: properties
};
var result = huks.generateKey(keyAlias, options);
```
## huks.deleteKey
deleteKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Deletes a key. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | -------------------------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
```js
/* Set options to emptyOptions. */
var keyAlias = 'keyAlias';
var emptyOptions = {
properties: []
};
huks.deleteKey(keyAlias, emptyOptions, function (err, data) {});
```
## huks.deleteKey
deleteKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Deletes a key. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ----------------------------------------------------- |
| keyAlias | string | Yes | Key alias passed in when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example**
```js
/* Set options to emptyOptions. */
var keyAlias = 'keyAlias';
var emptyOptions = {
properties: []
};
var result = huks.deleteKey(keyAlias, emptyOptions);
```
## huks.getSdkVersion
getSdkVersion(options: HuksOptions) : string
Obtains the SDK version of the current system.
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ---------- | ---- | ------------------------- |
| options | [HuksOptions](#huksoptions) | Yes | Empty object, which is used to hold the SDK version.|
**Return value** ## HuksTag
| Type | Description | Enumerates the tags used to invoke parameters.
| ------ | ------------- |
| string | SDK version obtained.|
**Example** **System capability**: SystemCapability.Security.Huks
```js | Name | Value | Description |
/* Set options to emptyOptions. */ | -------------------------------------------- | ---------------------------------------- | -------------------------------------- |
var emptyOptions = { | HUKS_TAG_INVALID | HuksTagType.HUKS_TAG_TYPE_INVALID \| 0 | Invalid tag. |
properties: [] | HUKS_TAG_ALGORITHM | HUKS_TAG_TYPE_UINT \| 1 | Algorithm. |
}; | HUKS_TAG_PURPOSE | HuksTagType.HUKS_TAG_TYPE_UINT \| 2 | Purpose of the key. |
var result = huks.getSdkVersion(emptyOptions); | HUKS_TAG_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 3 | Key size. |
``` | HUKS_TAG_DIGEST | HuksTagType.HUKS_TAG_TYPE_UINT \| 4 | Digest algorithm. |
| HUKS_TAG_PADDING | HuksTagType.HUKS_TAG_TYPE_UINT \| 5 | Padding algorithm. |
| HUKS_TAG_BLOCK_MODE | HuksTagType.HUKS_TAG_TYPE_UINT \| 6 | Cipher mode. |
| HUKS_TAG_KEY_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 7 | Key type. |
| HUKS_TAG_ASSOCIATED_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 8 | Associated authentication data. |
| HUKS_TAG_NONCE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 9 | Field for key encryption and decryption. |
| HUKS_TAG_IV | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10 | IV. |
| HUKS_TAG_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 11 | Information generated during key derivation. |
| HUKS_TAG_SALT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 12 | Salt value used for key derivation. |
| HUKS_TAG_PWD | HuksTagType.HUKS_TAG_TYPE_BYTES \| 13 | Password used for key derivation. |
| HUKS_TAG_ITERATION | HuksTagType.HUKS_TAG_TYPE_UINT \| 14 | Number of iterations for key derivation. |
| HUKS_TAG_KEY_GENERATE_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 15 | Key generation type. |
| HUKS_TAG_DERIVE_MAIN_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 16 | Main key for key derivation. |
| HUKS_TAG_DERIVE_FACTOR | HuksTagType.HUKS_TAG_TYPE_BYTES \| 17 | Factor for key derivation. |
| HUKS_TAG_DERIVE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 18 | Type of the algorithm used for key derivation. |
| HUKS_TAG_AGREE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 19 | Type of the algorithm used for key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 20 | Public key alias used in key agreement. |
| HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 21 | Private key alias used in key agreement. |
| HUKS_TAG_AGREE_PUBLIC_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 22 | Public key used in key agreement. |
| HUKS_TAG_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 23 | Key alias. |
| HUKS_TAG_DERIVE_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 24 | Size of the derived key. |
| HUKS_TAG_IMPORT_KEY_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 25 | Type of the imported key. |
| HUKS_TAG_UNWRAP_ALGORITHM_SUITE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 26 | Algorithm suite required for encrypted imports. |
| HUKS_TAG_ACTIVE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 201 | Reserved. |
| HUKS_TAG_ORIGINATION_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 202 | Reserved. |
| HUKS_TAG_USAGE_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 203 | Reserved. |
| HUKS_TAG_CREATION_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 204 | Reserved. |
| HUKS_TAG_ALL_USERS | ksTagType.HUKS_TAG_TYPE_BOOL \| 301 | Reserved. |
| HUKS_TAG_USER_ID | HuksTagType.HUKS_TAG_TYPE_UINT \| 302 | Reserved. |
| HUKS_TAG_NO_AUTH_REQUIRED | HuksTagType.HUKS_TAG_TYPE_BOOL \| 303 | Reserved. |
| HUKS_TAG_USER_AUTH_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 304 | User authentication type. For details, see [HuksUserAuthType](#huksuserauthtype9). This parameter must be set together with [HuksAuthAccessType](#huksauthaccesstype9). You can set a maximum of two user authentication types at a time. For example, if **HuksAuthAccessType** is **HKS_SECURE_ACCESS_INVALID_NEW_BIO_ENROLL**, you can set two of **HKS_USER_AUTH_TYPE_FACE**, **HKS_USER_AUTH_TYPE_FINGERPRINT**, and **HKS_USER_AUTH_TYPE_FACE\**.| HKS_USER_AUTH_TYPE_FINGERPRINT |
| HUKS_TAG_AUTH_TIMEOUT | HuksTagType.HUKS_TAG_TYPE_UINT \| 305 | Reserved. |
| HUKS_TAG_AUTH_TOKEN | HuksTagType.HUKS_TAG_TYPE_BYTES \| 306 | Reserved. |
| HUKS_TAG_KEY_AUTH_ACCESS_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 307 | Access control type. For details, see [HuksAuthAccessType](#huksauthaccesstype9). This parameter must be set together with [HuksUserAuthType](#huksuserauthtype9).|
| HUKS_TAG_KEY_SECURE_SIGN_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 308 | Signature type of the key generated or imported.|
| HUKS_TAG_CHALLENGE_TYPE<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 309 | Type of the challenge generated for a key. For details, see [HuksChallengeType](#hukschallengetype9).|
| HUKS_TAG_CHALLENGE_POS<sup>9+</sup> | HuksTagType.HUKS_TAG_TYPE_UINT \| 310 | Position of the 8-byte valid value in a custom challenge. For details, see [HuksChallengePosition](#hukschallengeposition9).|
| HUKS_TAG_ATTESTATION_CHALLENGE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 501 | Challenge value used in the attestation. |
| HUKS_TAG_ATTESTATION_APPLICATION_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 502 | Application ID used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_BRAND | HuksTagType.HUKS_TAG_TYPE_BYTES \| 503 | Brand of the device. |
| HUKS_TAG_ATTESTATION_ID_DEVICE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 504 | ID of the device. |
| HUKS_TAG_ATTESTATION_ID_PRODUCT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 505 | Product name of the device. |
| HUKS_TAG_ATTESTATION_ID_SERIAL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 506 | SN of the device. |
| HUKS_TAG_ATTESTATION_ID_IMEI | HuksTagType.HUKS_TAG_TYPE_BYTES \| 507 | International mobile equipment identity (IMEI) of the device. |
| HUKS_TAG_ATTESTATION_ID_MEID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 508 | Mobile equipment identity (MEID) of the device. |
| HUKS_TAG_ATTESTATION_ID_MANUFACTURER | HuksTagType.HUKS_TAG_TYPE_BYTES \| 509 | Manufacturer of the device. |
| HUKS_TAG_ATTESTATION_ID_MODEL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 510 | Device model. |
| HUKS_TAG_ATTESTATION_ID_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 511 | Key alias used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_SOCID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 512 | System-on-a-chip (SoCID) of the device. |
| HUKS_TAG_ATTESTATION_ID_UDID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 513 | Unique device identifier (UDID) of the device. |
| HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 514 | Security level used in the attestation. |
| HUKS_TAG_ATTESTATION_ID_VERSION_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 515 | Version information used in the attestation. |
| HUKS_TAG_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1001 | Whether to use the alias passed in during key generation.|
| HUKS_TAG_KEY_STORAGE_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1002 | Key storage mode. |
| HUKS_TAG_IS_ALLOWED_WRAP | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1003 | Reserved. |
| HUKS_TAG_KEY_WRAP_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1004 | Reserved. |
| HUKS_TAG_KEY_AUTH_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1005 | Reserved. |
| HUKS_TAG_KEY_ROLE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1006 | Reserved. |
| HUKS_TAG_KEY_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1007 | Flag of the key. |
| HUKS_TAG_IS_ASYNCHRONIZED | HuksTagType.HUKS_TAG_TYPE_UINT \| 1008 | Reserved. |
| HUKS_TAG_SECURE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1009 | Reserved. |
| HUKS_TAG_SECURE_KEY_UUID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1010 | Reserved. |
| HUKS_TAG_KEY_DOMAIN | HuksTagType.HUKS_TAG_TYPE_UINT \| 1011 | Reserved. |
| HUKS_TAG_PROCESS_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10001 | Process name. |
| HUKS_TAG_PACKAGE_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10002 | Reserved. |
| HUKS_TAG_ACCESS_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10003 | Reserved. |
| HUKS_TAG_USES_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10004 | Reserved. |
| HUKS_TAG_CRYPTO_CTX | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10005 | Reserved. |
| HUKS_TAG_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10006 | Reserved. |
| HUKS_TAG_KEY_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10007 | Key version. |
| HUKS_TAG_PAYLOAD_LEN | HuksTagType.HUKS_TAG_TYPE_UINT \| 10008 | Reserved. |
| HUKS_TAG_AE_TAG | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10009 | Reserved. |
| HUKS_TAG_IS_KEY_HANDLE | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10010 | Reserved. |
| HUKS_TAG_OS_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10101 | OS version. |
| HUKS_TAG_OS_PATCHLEVEL | HuksTagType.HUKS_TAG_TYPE_UINT \| 10102 | OS patch level. |
| HUKS_TAG_SYMMETRIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20001 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20002 | Reserved. |
| HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20003 | Reserved. |
## huks.importKey ## huks.generateKey<sup>(deprecated)</sup>
importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void generateKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Imports a key in plaintext. This API uses an asynchronous callback to return the result. Generates a key. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.generateKeyItem<sup>9+</sup>](#huksgeneratekeyitem9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ------------------------ | ---- | ------------------------------------------------- | | -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Alias of the key to import.| | keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.| | options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. For details about other results, see HuksResult.|
**Example** **Example**
```js ```js
/* Import an AES key of 256 bits. */ /* Generate an RSA key of 512 bits. */
var plainTextSize32 = makeRandomArr(32); let keyAlias = 'keyAlias';
function makeRandomArr(size) { let properties = new Array();
var arr = new Uint8Array(size);
for (var i = 0; i < size; i++) {
arr[i] = Math.floor(Math.random() * 10);
}
return arr;
};
var keyAlias = 'keyAlias';
var properties = new Array();
properties[0] = { properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM, tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES value: huks.HuksKeyAlg.HUKS_ALG_RSA
}; };
properties[1] = { properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_512
}; };
properties[2] = { properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE, tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
}; };
properties[3] = { properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING, tag: huks.HuksTag.HUKS_TAG_PADDING,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP
}; };
properties[4] = { properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksCipherMode.HUKS_MODE_ECB value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
}; };
var options = { let options = {
properties: properties, properties: properties
inData: plainTextSize32
}; };
huks.importKey(keyAlias, options, function (err, data){}); huks.generateKey(keyAlias, options, function (err, data){});
``` ```
## huks.importKey ## huks.generateKey<sup>(deprecated)</sup>
importKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> generateKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Imports a key in plaintext. This API uses a promise to return the result. Generates a key. This API uses a promise to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.generateKeyItem<sup>9+</sup>](#huksgeneratekeyitem9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ------------------------------------ | | -------- | --------------------------- | ---- | ------------------------ |
| keyAlias | string | Yes | Alias of the key to import.| | keyAlias | string | Yes | Alias of the key. |
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.| | options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key.|
**Return value** **Return value**
| Type | Description | | Type | Description |
| ----------------------------------- | -------------------------------------------------- | | ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| | Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs.|
**Example** **Example**
```js ```js
/* Import an AES key of 128 bits. */ /* Generate an ECC key of 256 bits. */
var plainTextSize32 = makeRandomArr(32); let keyAlias = 'keyAlias';
let properties = new Array();
function makeRandomArr(size) {
var arr = new Uint8Array(size);
for (var i = 0; i < size; i++) {
arr[i] = Math.floor(Math.random() * 10);
}
return arr;
};
/* Step 1 Generate a key. */
var keyAlias = 'keyAlias';
var properties = new Array();
properties[0] = { properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM, tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES value: huks.HuksKeyAlg.HUKS_ALG_ECC
}; };
properties[1] = { properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
}; };
properties[2] = { properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE, tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT value:
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
}; };
properties[3] = { properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING, tag: huks.HuksTag.HUKS_TAG_DIGEST,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
}; };
var huksoptions = { let options = {
properties: properties, properties: properties
inData: plainTextSize32
}; };
var result = huks.importKey(keyAlias, huksoptions); let result = huks.generateKey(keyAlias, options);
``` ```
## huks.attestkey<sup>9+</sup>
attestKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void ## huks.deleteKey<sup>(deprecated)</sup>
Obtains the certificate used to verify a key. This API uses an asynchronous callback to return the result. deleteKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Deletes a key. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.deleteKeyItem<sup>9+</sup>](#huksdeletekeyitem9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ---------------- | ----------------------------------------- | ---- | -------------------------------------------------- | | -------- | ----------------------------------------- | ---- | -------------------------------------------------- |
| keyAlias | string | Yes | Alias of the key. The certificate to be obtained stores the key. | | keyAlias | string | Yes | Key alias passed in when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters and data required for obtaining the certificate. | | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs.|
**Example** **Example**
```js ```js
let securityLevel = stringToUint8Array('sec_level'); /* Set options to emptyOptions. */
let challenge = stringToUint8Array('challenge_data'); let keyAlias = 'keyAlias';
let versionInfo = stringToUint8Array('version_info'); let emptyOptions = {
let keyAliasString = "key attest"; properties: []
};
function stringToUint8Array(str) { huks.deleteKey(keyAlias, emptyOptions, function (err, data) {});
var arr = [];
for (var i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
var tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array;
}
function printLog(...data) {
console.error(data.toString());
}
async function generateKey(alias) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_STORAGE_FLAG,
value: huks.HuksKeyStorageType.HUKS_STORAGE_PERSISTENT
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PSS
};
properties[6] = {
tag: huks.HuksTag.HUKS_TAG_KEY_GENERATE_TYPE,
value: huks.HuksKeyGenerateType.HUKS_KEY_GENERATE_TYPE_DEFAULT
};
properties[7] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let options = {
properties: properties
};
await huks.generateKey(alias, options).then(async (data) => {
console.error(`generateKey data ${JSON.stringify(data)}`);
}).catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
});;
}
async function attestKey() {
let aliasString = keyAliasString;
let aliasUint8 = stringToUint8Array(aliasString);
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO,
value: securityLevel
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE,
value: challenge
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO,
value: versionInfo
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS,
value: aliasUint8
};
let options = {
properties: properties
};
await generateKey(aliasString);
huks.attestKey(aliasString, options, function (err, data) {
printLog(`key attest result : ${JSON.stringify(data)}`);
});
}
``` ```
## huks.attestkey<sup>9+</sup> ## huks.deleteKey<sup>(deprecated)</sup>
deleteKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
attestKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> Deletes a key. This API uses a promise to return the result.
Obtains the certificate used to verify a key. This API uses a promise to return the result. > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.deleteKeyItem<sup>9+</sup>](#huksdeletekeyitem9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ---------------- | ----------------------------------------- | ---- | -------------------------------------------------- | | -------- | ----------- | ---- | ----------------------------------------------------- |
| keyAlias | string | Yes | Alias of the key. The certificate to be obtained stores the key. | | keyAlias | string | Yes | Key alias passed in when the key was generated.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters and data required for obtaining the certificate. | | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
**Return value** **Return value**
| Type | Description | | Type | Description |
| ----------------------------------- | -------------------------------------------------- | | ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| | Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs.|
**Example** **Example**
```js ```js
let securityLevel = stringToUint8Array('sec_level'); /* Set options to emptyOptions. */
let challenge = stringToUint8Array('challenge_data'); let keyAlias = 'keyAlias';
let versionInfo = stringToUint8Array('version_info'); let emptyOptions = {
let keyAliasString = "key attest"; properties: []
};
function stringToUint8Array(str) { let result = huks.deleteKey(keyAlias, emptyOptions);
var arr = []; ```
for (var i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
var tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array;
}
function printLog(...data) {
console.error(data.toString());
}
async function generateKey(alias) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_RSA
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_STORAGE_FLAG,
value: huks.HuksKeyStorageType.HUKS_STORAGE_PERSISTENT
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_PSS
};
properties[6] = {
tag: huks.HuksTag.HUKS_TAG_KEY_GENERATE_TYPE,
value: huks.HuksKeyGenerateType.HUKS_KEY_GENERATE_TYPE_DEFAULT
};
properties[7] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let options = {
properties: properties
};
await huks.generateKey(alias, options).then(async (data) => {
console.error(`generateKey data ${JSON.stringify(data)}`);
}).catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
});;
}
async function attestKey() { ## huks.importKey<sup>(deprecated)</sup>
let aliasString = keyAliasString;
let aliasUint8 = stringToUint8Array(aliasString);
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO,
value: securityLevel
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_CHALLENGE,
value: challenge
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_VERSION_INFO,
value: versionInfo
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_ATTESTATION_ID_ALIAS,
value: aliasUint8
};
let options = {
properties: properties
};
await generateKey(aliasString);
huks.attestKey(aliasString, options)
.then((data) => {
console.log(`test attestKey data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test attestKey information: ' + JSON.stringify(err));
});
}
```
## huks.importWrappedKey<sup>9+</sup> importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
importWrappedKey(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void Imports a key in plaintext. This API uses an asynchronous callback to return the result.
Imports a wrapped key. This API uses an asynchronous callback to return the result. > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.importKeyItem<sup>9+</sup>](#huksimportkeyitem9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ---------------- | ----------------------------------------- | ---- | -------------------------------------------------- | | -------- | ------------------------ | ---- | ------------------------------------------------- |
| keyAlias | string | Yes | Alias of the wrapped key to import. | | keyAlias | string | Yes | Alias of the key.|
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. | | options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.|
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import. | | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.|
**Example** **Example**
```js ```js
var exportWrappingKey; /* Import an AES key of 256 bits. */
var alias1 = "importAlias"; let plainTextSize32 = makeRandomArr(32);
var alias2 = "wrappingKeyAlias"; function makeRandomArr(size) {
let arr = new Uint8Array(size);
async function TestGenFunc(alias, options) { for (let i = 0; i < size; i++) {
await genKey(alias, options) arr[i] = Math.floor(Math.random() * 10);
.then((data) => {
console.log(`test genKey data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test genKey err information: ' + JSON.stringify(err));
});
}
function genKey(alias, options) {
return new Promise((resolve, reject) => {
huks.generateKey(alias, options, function (err, data) {
console.log(`test genKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('test genKey err information: ' + JSON.stringify(err));
reject(err);
} else {
resolve(data);
}
});
});
}
async function TestExportFunc(alias, options) {
await exportKey(alias, options)
.then((data) => {
console.log(`test exportKey data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test exportKey err information: ' + JSON.stringify(err));
});
}
function exportKey(alias, options) {
return new Promise((resolve, reject) => {
huks.exportKey(alias, options, function (err, data) {
console.log(`test exportKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('test exportKey err information: ' + JSON.stringify(err));
reject(err);
} else {
exportWrappingKey = data.outData;
resolve(data);
}
});
});
}
async function TestImportWrappedFunc(alias, wrappingAlias, options) {
await importWrappedKey(alias, wrappingAlias, options)
.then((data) => {
console.log(`TestImportWrappedFunc data: ${JSON.stringify(data)}`);
})
.catch((err) => {
console.log('test importWrappedKey err information: ' + JSON.stringify(err));
});
}
function importWrappedKey(alias, wrappingAlias, options) {
return new Promise((resolve, reject) => {
huks.importWrappedKey(alias, wrappingAlias, options, function (err, data) {
console.log(`importWrappedKey data: ${JSON.stringify(data)}`);
if (err.code !== 0) {
console.log('importWrappedKey err information: ' + JSON.stringify(err));
reject(err);
} else {
resolve(data);
} }
}); return arr;
});
}
async function TestImportWrappedKeyFunc(
alias,
wrappingAlias,
genOptions,
importOptions
) {
await TestGenFunc(wrappingAlias, genOptions);
await TestExportFunc(wrappingAlias, genOptions);
/*The following operations do not invoke the HUKS APIs, and the specific implementation is not provided here.
* For example, import **keyA**.
* 1. Use ECC to generate a public and private key pair **keyB**. The public key is **keyB_pub**, and the private key is **keyB_pri**.
* 2. Use **keyB_pri** and the public key obtained from **wrappingAlias** to negotiate the shared key **share_key**.
* 3. Randomly generate a key **kek** and use it to encrypt **keyA** with AES-GCM. During the encryption, record **nonce1**, **aad1**, ciphertext **keyA_enc**, and encrypted **tag1**.
* 4. Use **share_key** to encrypt **kek** with AES-GCM. During the encryption, record **nonce2**, ** aad2**, ciphertext **kek_enc**, and encrypted **tag2**.
* 5. Generate the **importOptions.inData** field in the following format:
* keyB_pub length (4 bytes) + keyB_pub + aad2 length (4 bytes) + aad2 +
* nonce2 length (4 bytes) + nonce2 + tag2 length (4 bytes) + tag2 +
* kek_enc length (4 bytes) + kek_enc + aad1 length (4 bytes) + aad1 +
* nonce1 length (4 bytes) + nonce1 + tag1 length (4 bytes) + tag1 +
* Memory occupied by the keyA length (4 bytes) + keyA length + keyA_enc length (4 bytes) + keyA_enc
*/
var inputKey = new Uint8Array([0x02, 0x00, 0x00, 0x00]);
importOptions.inData = inputKey;
await TestImportWrappedFunc(alias, wrappingAlias, importOptions);
}
function makeGenerateOptions() {
var properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_UNWRAP
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
};
var options = {
properties: properties
};
return options;
}; };
let keyAlias = 'keyAlias';
function makeImportOptions() { let properties = new Array();
var properties = new Array(); properties[0] = {
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM, tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES value: huks.HuksKeyAlg.HUKS_ALG_AES
}; };
properties[1] = { properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256
}; };
properties[2] = { properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE, tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT value:
}; huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
properties[3] = { };
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_CBC value: huks.HuksCipherMode.HUKS_MODE_ECB
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_UNWRAP_ALGORITHM_SUITE,
value: huks.HuksUnwrapSuite.HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING
};
var options = {
properties: properties
};
return options;
}; };
let options = {
function huksImportWrappedKey() { properties: properties,
var genOptions = makeGenerateOptions(); inData: plainTextSize32
var importOptions = makeImportOptions(); };
TestImportWrappedKeyFunc( huks.importKey(keyAlias, options, function (err, data){});
alias1,
alias2,
genOptions,
importOptions
);
}
``` ```
## huks.importWrappedKey<sup>9+</sup> ## huks.importKey<sup>(deprecated)</sup>
importKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
importWrappedKey(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions) : Promise\<HuksResult> Imports a key in plaintext. This API uses a promise to return the result.
Imports a wrapped key. This API uses a promise to return the result. > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.importKeyItem<sup>9+</sup>](#huksimportkeyitem9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ---------------- | --------------------------- | ---- | --------------------------------------------- | | -------- | ----------- | ---- | ------------------------------------ |
| keyAlias | string | Yes | Alias of the wrapped key to import. | | keyAlias | string | Yes | Alias of the key.|
| wrappingKeyAlias | string | Yes | Alias of the data used to unwrap the key imported. | | options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key to import.|
| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and the wrapped key to import.|
**Return value** **Return value**
| Type | Description | | Type | Description |
| ----------------------------------- | -------------------------------------------------- | | ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| | Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs.|
**Example** **Example**
```js ```js
/* The process is similar as if a callback is used, except the following:*/ /* Import an AES key of 128 bits. */
async function TestImportWrappedFunc(alias, wrappingAlias, options) { let plainTextSize32 = makeRandomArr(32);
var result = await huks.importWrappedKey(alias, wrappingAlias, options);
if (result.errorCode === 0) { function makeRandomArr(size) {
console.log('test importWrappedKey success'); let arr = new Uint8Array(size);
} else { for (let i = 0; i < size; i++) {
console.log('test importWrappedKey fail'); arr[i] = Math.floor(Math.random() * 10);
} }
} return arr;
};
/* Step 1 Generate a key. */
let keyAlias = 'keyAlias';
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_ECB
};
let huksoptions = {
properties: properties,
inData: plainTextSize32
};
let result = huks.importKey(keyAlias, huksoptions);
``` ```
## huks.exportKey
## huks.exportKey<sup>(deprecated)</sup>
exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Exports a key. This API uses an asynchronous callback to return the result. Exports a key. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.exportKeyItem<sup>9+</sup>](#huksexportkeyitem9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1232,25 +2291,27 @@ Exports a key. This API uses an asynchronous callback to return the result. ...@@ -1232,25 +2291,27 @@ Exports a key. This API uses an asynchronous callback to return the result.
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ | | -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. | | keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs. **outData** contains the public key exported.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
huks.exportKey(keyAlias, emptyOptions, function (err, data){}); huks.exportKey(keyAlias, emptyOptions, function (err, data){});
``` ```
## huks.exportKey ## huks.exportKey<sup>(deprecated)</sup>
exportKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> exportKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Exports a key. This API uses a promise to return the result. Exports a key. This API uses a promise to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.exportKeyItem<sup>9+</sup>](#huksexportkeyitem9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1264,25 +2325,28 @@ Exports a key. This API uses a promise to return the result. ...@@ -1264,25 +2325,28 @@ Exports a key. This API uses a promise to return the result.
| Type | Description | | Type | Description |
| ----------------------------------- | ------------------------------------------------------------ | | ----------------------------------- | ------------------------------------------------------------ |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.| | Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs. **outData** contains the public key exported.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
var result = huks.exportKey(keyAlias, emptyOptions); let result = huks.exportKey(keyAlias, emptyOptions);
``` ```
## huks.getKeyProperties
## huks.getKeyProperties<sup>(deprecated)</sup>
getKeyProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void getKeyProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Obtains key properties. This API uses an asynchronous callback to return the result. Obtains key properties. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.getKeyItemProperties<sup>9+</sup>](#huksgetkeyitemproperties9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1291,25 +2355,27 @@ Obtains key properties. This API uses an asynchronous callback to return the res ...@@ -1291,25 +2355,27 @@ Obtains key properties. This API uses an asynchronous callback to return the res
| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ | | -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ |
| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. | | keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. |
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **errorCode** is **HUKS_SUCCESS**; otherwise, an error code will be returned.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result. If **errorCode** is **HUKS_SUCCESS**, the operation is successful. Otherwise, an error occurs.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
huks.getKeyProperties(keyAlias, emptyOptions, function (err, data){}); huks.getKeyProperties(keyAlias, emptyOptions, function (err, data){});
``` ```
## huks.getKeyProperties ## huks.getKeyProperties<sup>(deprecated)</sup>
getKeyProperties(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> getKeyProperties(keyAlias: string, options: HuksOptions) : Promise\<HuksResult>
Obtains key properties. This API uses a promise to return the result. Obtains key properties. This API uses a promise to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.getKeyItemProperties<sup>9+</sup>](#huksgetkeyitemproperties9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1323,25 +2389,28 @@ Obtains key properties. This API uses a promise to return the result. ...@@ -1323,25 +2389,28 @@ Obtains key properties. This API uses a promise to return the result.
| Type | Description | | Type | Description |
| ------------------ | ------------------------------------------------------------ | | ------------------ | ------------------------------------------------------------ |
| Promise\<[HuksResult](#huksoptions)> | Promise used to return the result. If the operation is successful, **errorCode** is **HUKS_SUCCESS**; otherwise, an error code will be returned. **properties** returns the parameters required for generating the key.| | Promise\<[HuksResult](#huksoptions)> | Promise used to return the result. If **HUKS_SUCCESS** is returned, the operation is successful. Otherwise, an error occurs. **properties** returns the parameters required for generating the key.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
var result = huks.getKeyProperties(keyAlias, emptyOptions); let result = huks.getKeyProperties(keyAlias, emptyOptions);
``` ```
## huks.isKeyExist
## huks.isKeyExist<sup>(deprecated)</sup>
isKeyExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<boolean>) : void isKeyExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<boolean>) : void
Checks whether a key exists. This API uses an asynchronous callback to return the result. Checks whether a key exists. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.isKeyItemExist<sup>9+</sup>](#huksiskeyitemexist9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1350,25 +2419,27 @@ Checks whether a key exists. This API uses an asynchronous callback to return th ...@@ -1350,25 +2419,27 @@ Checks whether a key exists. This API uses an asynchronous callback to return th
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the key to check.| | keyAlias | string | Yes | Alias of the key to check.|
| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| | options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).|
| callback | AsyncCallback\<boolean> | Yes | Callback used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.| | callback | AsyncCallback\<boolean> | Yes | Callback invoked to return the result. The value **TRUE** means that the key exists, and **FALSE** means the opposite.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
huks.isKeyExist(keyAlias, emptyOptions, function (err, data){}); huks.isKeyExist(keyAlias, emptyOptions, function (err, data){});
``` ```
## huks.isKeyExist ## huks.isKeyExist<sup>(deprecated)</sup>
isKeyExist(keyAlias: string, options: HuksOptions) : Promise\<boolean> isKeyExist(keyAlias: string, options: HuksOptions) : Promise\<boolean>
Checks whether a key exists. This API uses a promise to return the result. Checks whether a key exists. This API uses a promise to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.isKeyItemExist<sup>9+</sup>](#huksiskeyitemexist9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1382,26 +2453,26 @@ Checks whether a key exists. This API uses a promise to return the result. ...@@ -1382,26 +2453,26 @@ Checks whether a key exists. This API uses a promise to return the result.
| Type | Description | | Type | Description |
| ----------------- | --------------------------------------- | | ----------------- | --------------------------------------- |
| Promise\<boolean> | Promise used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.| | Promise\<boolean> | Promise used to return the result. The value **TRUE** means that the key exists, and **FALSE** means the opposite.|
**Example** **Example**
```js ```js
/* Set options to emptyOptions. */ /* Set options to emptyOptions. */
var keyAlias = 'keyAlias'; let keyAlias = 'keyAlias';
var emptyOptions = { let emptyOptions = {
properties: [] properties: []
}; };
var result = huks.isKeyExist(keyAlias, emptyOptions); let result = huks.isKeyExist(keyAlias, emptyOptions);
``` ```
## huks.init<sup>(deprecated)</sup>
## huks.init
init(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksHandle>) : void init(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksHandle>) : void
Initializes the data for a key operation. This API uses an asynchronous callback to return the result. Initializes the data for a key operation. This API uses an asynchronous callback to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.initSession<sup>9+</sup>](#huksinitsession9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1411,14 +2482,16 @@ Initializes the data for a key operation. This API uses an asynchronous callback ...@@ -1411,14 +2482,16 @@ Initializes the data for a key operation. This API uses an asynchronous callback
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the target key.| | keyAlias | string | Yes | Alias of the target key.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.| | options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.|
| callback | AsyncCallback\<[HuksHandle](#hukshandle)> | Yes | Callback used to return the handle of the initialization operation.| | callback | AsyncCallback\<[HuksHandle](#hukshandle)> | Yes | Callback invoked to return the key operation handle.|
## huks.init ## huks.init<sup>(deprecated)</sup>
init(keyAlias: string, options: HuksOptions) : Promise\<HuksHandle> init(keyAlias: string, options: HuksOptions) : Promise\<HuksHandle>
Initializes the data for a key operation. This API uses a promise to return the result. Initializes the data for a key operation. This API uses a promise to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.initSession<sup>9+</sup>](#huksinitsession9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1428,16 +2501,21 @@ Initializes the data for a key operation. This API uses a promise to return the ...@@ -1428,16 +2501,21 @@ Initializes the data for a key operation. This API uses a promise to return the
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| keyAlias | string | Yes | Alias of the target key.| | keyAlias | string | Yes | Alias of the target key.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.| | options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.|
| promise | Promise\<[HuksHandle](#hukshandle)> | Yes | Promise used to return the handle of the initialization operation.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksHandle](#hukshandle)> | Promise used to return the key operation handle.|
## huks.update<sup>(deprecated)</sup> ## huks.update<sup>(deprecated)</sup>
update(handle: number, token?: Uint8Array, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void update(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Updates the key operation data by segment. This API uses an asynchronous callback to return the result. Updates the key operation by segment. This API uses an asynchronous callback to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.update<sup>9+</sup>](#huksupdate9-1). > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.updateSession<sup>9+</sup>](#huksupdatesession9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1446,34 +2524,16 @@ Updates the key operation data by segment. This API uses an asynchronous callbac ...@@ -1446,34 +2524,16 @@ Updates the key operation data by segment. This API uses an asynchronous callbac
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | -------------------------------------------- | | -------- | ----------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. | | handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. | | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the operation result.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result.|
## huks.update<sup>(deprecated)</sup> ## huks.update<sup>(deprecated)</sup>
update(handle: number, token?: Uint8Array, options: HuksOptions) : Promise\<HuksResult> update(handle: number, options: HuksOptions, token: Uint8Array, callback: AsyncCallback\<HuksResult>) : void
Updates the key operation data by segment. This API uses a promise to return the result.
> **NOTE**<br>This API is discarded since API version 9. You are advised to use [huks.update<sup>9+</sup>](#huksupdate9-2).
**System capability**: SystemCapability.Security.Huks
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ----------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| promise | Promise\<[HuksResult](#huksresult)> | Yes | Callback used to return the operation result.|
## huks.update<sup>9+</sup>
update(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void Updates the key operation by segment. This API uses an asynchronous callback to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
Updates the key operation by segment. This API uses an asynchronous callback to return the result. > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.updateSession<sup>9+</sup>](#huksupdatesession9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1482,49 +2542,42 @@ Updates the key operation by segment. This API uses an asynchronous callback to ...@@ -1482,49 +2542,42 @@ Updates the key operation by segment. This API uses an asynchronous callback to
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | -------------------------------------------- | | -------- | ----------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. | | handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. | | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the operation result.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback invoked to return the result.|
## huks.update<sup>(deprecated)</sup>
## huks.update<sup>9+</sup> update(handle: number, options: HuksOptions, token?: Uint8Array) : Promise\<HuksResult>
update(handle: number, options: HuksOptions, token: Uint8Array, callback: AsyncCallback\<HuksResult>) : void Updates the key operation by segment. This API uses a promise to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
Updates the key operation by segment. This API uses an asynchronous callback to return the result. > **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.updateSession<sup>9+</sup>](#huksupdatesession9-2).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | -------------------------------------------- | | ------- | ----------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. | | handle | number | Yes | Handle of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. | | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| token | Uint8Array | Yes | Token of the **Update** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the operation result.|
## huks.update<sup>9+</sup>
update(handle: number, options: HuksOptions, token?: Uint8Array) : Promise\<HuksResult>
Updates the key operation by segment. This API uses a promise to return the result. **Return value**
**System capability**: SystemCapability.Security.Huks
**Parameters** | Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result.|
| Name | Type | Mandatory| Description |
| ------- | ----------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Update** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation. |
| token | Uint8Array | No | Token of the **Update** operation. |
| promise | Promise\<[HuksResult](#huksresult)> | Yes | Promise used to return the operation result.|
## huks.finish ## huks.finish<sup>(deprecated)</sup>
finish(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void finish(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Completes the key operation and releases resources. This API uses an asynchronous callback to return the result. Completes the key operation and releases resources. This API uses an asynchronous callback to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.finishSession<sup>9+</sup>](#huksfinishsession9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1534,14 +2587,16 @@ Completes the key operation and releases resources. This API uses an asynchronou ...@@ -1534,14 +2587,16 @@ Completes the key operation and releases resources. This API uses an asynchronou
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation.| | handle | number | Yes | Handle of the **Finish** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback invoked to return the result.|
## huks.finish ## huks.finish<sup>(deprecated)</sup>
finish(handle: number, options: HuksOptions) : Promise\<HuksResult> finish(handle: number, options: HuksOptions) : Promise\<HuksResult>
Completes the key operation and releases resources. This API uses a promise to return the result. Completes the key operation and releases resources. This API uses a promise to return the result. **huks.init**, **huks.update**, and **huks.finish** must be used together.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.finishSession<sup>9+</sup>](#huksfinishsession9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
...@@ -1551,49 +2606,22 @@ Completes the key operation and releases resources. This API uses a promise to r ...@@ -1551,49 +2606,22 @@ Completes the key operation and releases resources. This API uses a promise to r
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation.| | handle | number | Yes | Handle of the **Finish** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.|
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.|
## huks.finish<sup>9+</sup>
finish(handle: number, options: HuksOptions, token: Uint8Array, callback: AsyncCallback\<HuksResult>) : void
Completes the key operation and releases resources. This API uses an asynchronous callback to return the result.
**System capability**: SystemCapability.Security.Huks **Return value**
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------------- | ---- | -------------------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| token | Uint8Array | Yes | Token for the **Finish** operation. |
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the operation result.|
## huks.finish<sup>9+</sup>
finish(handle: number, options: HuksOptions, token?: Uint8Array) : Promise\<HuksResult>
Completes the key operation and releases resources. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.Huks
**Parameters** | Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result.|
| Name | Type | Mandatory| Description |
| ------- | ----------------------------------- | ---- | ----------------------------------- |
| handle | number | Yes | Handle of the **Finish** operation. |
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation. |
| token | Uint8Array | No | Token for the **Finish** operation. |
| promise | Promise\<[HuksResult](#huksresult)> | Yes | Promise used to return the operation result.|
## huks.abort ## huks.abort<sup>(deprecated)</sup>
abort(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void abort(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void
Aborts the use of the key. This API uses an asynchronous callback to return the result. Aborts the use of the key. This API uses an asynchronous callback to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.abortSession<sup>9+</sup>](#huksabortsession9).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1602,7 +2630,7 @@ Aborts the use of the key. This API uses an asynchronous callback to return the ...@@ -1602,7 +2630,7 @@ Aborts the use of the key. This API uses an asynchronous callback to return the
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Abort** operation.| | handle | number | Yes | Handle of the **Abort** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.|
| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.| | callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback invoked to return the result.|
**Example** **Example**
...@@ -1612,27 +2640,14 @@ Aborts the use of the key. This API uses an asynchronous callback to return the ...@@ -1612,27 +2640,14 @@ Aborts the use of the key. This API uses an asynchronous callback to return the
* *
* The following uses the callback of an RSA 1024-bit key as an example. * The following uses the callback of an RSA 1024-bit key as an example.
*/ */
import router from '@system.router'; let keyalias = "HuksDemoRSA";
import huks from '@ohos.security.huks'; let properties = new Array();
let options = {
async function routePage() {
let options = {
uri: 'pages/second'
}
try {
await router.push(options)
} catch (err) {
console.error(`fail callback, code: ${err.code}, msg: ${err.msg}`)
}
}
var keyalias = "HuksDemoRSA";
var properties = new Array();
var options = {
properties: properties, properties: properties,
inData: new Uint8Array(0) inData: new Uint8Array(0)
}; };
var handle; let handle;
var resultMessage = ""; let resultMessage = "";
async function generateKey() { async function generateKey() {
properties[0] = { properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM, tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
...@@ -1657,11 +2672,11 @@ async function generateKey() { ...@@ -1657,11 +2672,11 @@ async function generateKey() {
huks.generateKey(keyalias, options); huks.generateKey(keyalias, options);
} }
function stringToUint8Array(str) { function stringToUint8Array(str) {
var arr = []; let arr = [];
for (var i = 0, j = str.length; i < j; ++i) { for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i)); arr.push(str.charCodeAt(i));
} }
var tmpUint8Array = new Uint8Array(arr); let tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array; return tmpUint8Array;
} }
async function huksInit() { async function huksInit() {
...@@ -1708,112 +2723,16 @@ async function huksAbort() { ...@@ -1708,112 +2723,16 @@ async function huksAbort() {
}); });
console.log(resultMessage); console.log(resultMessage);
} }
@Entry
@Component
struct Index {
build() {
Flex({ direction: FlexDirection.Column, alignItems: ItemAlign.Center, justifyContent: FlexAlign.Center }) {
Text('Hello World')
.fontSize(50)
.fontWeight(FontWeight.Bold)
Button() {
Text('Tocallback')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
routePage()
})
Button() {
Text('generateKey')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
generateKey()
})
Button() {
Text('Init')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksInit()
})
Button() {
Text('Update')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksUpdate()
})
Button() {
Text('Finish')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksFinish()
})
Button() {
Text('Abort')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksAbort()
})
}
.width('100%')
.height('100%')
}
}
``` ```
## huks.abort ## huks.abort<sup>(deprecated)</sup>
abort(handle: number, options: HuksOptions) : Promise\<HuksResult>; abort(handle: number, options: HuksOptions) : Promise\<HuksResult>;
Aborts the use of the key. This API uses a promise to return the result. Aborts the use of the key. This API uses a promise to return the result.
> **NOTE**<br>This API is deprecated since API version 9. You are advised to use [huks.abortSession<sup>9+</sup>](#huksabortsession9-1).
**System capability**: SystemCapability.Security.Huks **System capability**: SystemCapability.Security.Huks
**Parameters** **Parameters**
...@@ -1822,7 +2741,12 @@ Aborts the use of the key. This API uses a promise to return the result. ...@@ -1822,7 +2741,12 @@ Aborts the use of the key. This API uses a promise to return the result.
| -------- | ---------------------- | ---- | ------------------------------------- | | -------- | ---------------------- | ---- | ------------------------------------- |
| handle | number | Yes | Handle of the **Abort** operation.| | handle | number | Yes | Handle of the **Abort** operation.|
| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.| | options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.|
| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.|
**Return value**
| Type | Description |
| ----------------------------------- | -------------------------------------------------- |
| Promise\<[HuksResult](#huksresult)> | Promise used to return the result.|
**Example** **Example**
...@@ -1832,34 +2756,20 @@ Aborts the use of the key. This API uses a promise to return the result. ...@@ -1832,34 +2756,20 @@ Aborts the use of the key. This API uses a promise to return the result.
* *
* The following uses the promise of an RSA 1024-bit key as an example. * The following uses the promise of an RSA 1024-bit key as an example.
*/ */
import router from '@system.router'; let keyalias = "HuksDemoRSA";
import huks from '@ohos.security.huks'; let properties = new Array();
let options = {
async function routePage() {
let options = {
uri: 'pages/second'
}
try {
await router.push(options)
} catch (err) {
console.error(`fail callback, code: ${err.code}, msg: ${err.msg}`)
}
}
var keyalias = "HuksDemoRSA";
var properties = new Array();
var options = {
properties: properties, properties: properties,
inData: new Uint8Array(0) inData: new Uint8Array(0)
}; };
var handle; let handle;
var resultMessage = ""; let resultMessage = "";
function stringToUint8Array(str) { function stringToUint8Array(str) {
var arr = []; let arr = [];
for (var i = 0, j = str.length; i < j; ++i) { for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i)); arr.push(str.charCodeAt(i));
} }
var tmpUint8Array = new Uint8Array(arr); let tmpUint8Array = new Uint8Array(arr);
return tmpUint8Array; return tmpUint8Array;
} }
...@@ -1890,7 +2800,7 @@ async function huksInit() { ...@@ -1890,7 +2800,7 @@ async function huksInit() {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
huks.init(keyalias, options, async function (err, data) { huks.init(keyalias, options, async function (err, data) {
if (data.errorCode === 0) { if (data.errorCode === 0) {
resultMessage = "Initialization successful!" resultMessage = "init success!"
handle = data.handle; handle = data.handle;
} else { } else {
resultMessage = "init fail errorCode: " + data.errorCode resultMessage = "init fail errorCode: " + data.errorCode
...@@ -1935,128 +2845,10 @@ function huksAbort() { ...@@ -1935,128 +2845,10 @@ function huksAbort() {
}); });
}); });
} }
@Entry
@Component
struct Index {
build() {
Flex({ direction: FlexDirection.Column, alignItems: ItemAlign.Center, justifyContent: FlexAlign.Center }) {
Text('Hello World')
.fontSize(50)
.fontWeight(FontWeight.Bold)
Button() {
Text('to Promise')
.fontSize(20)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
router.back()
})
Button() {
Text('generateKey')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
generateKey()
})
Button() {
Text('Init')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksInit()
})
Button() {
Text('Update')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksUpdate()
})
Button() {
Text('Finish')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksFinish()
})
Button() {
Text('Abort')
.fontSize(25)
.fontWeight(FontWeight.Bold)
}.type(ButtonType.Capsule)
.margin({
top: 20
})
.width('50%')
.height('10%')
.backgroundColor('#0D9FFB')
.onClick(() => {
huksAbort()
})
}
.width('100%')
.height('100%')
}
}
``` ```
## HuksParam
Defines the **param** in the **properties** array of **options** used in the APIs.
**System capability**: SystemCapability.Security.Huks
| Name| Type | Mandatory| Description |
| ------ | ----------------------------------- | ---- | ------------ |
| tag | [HuksTag](#hukstag) | Yes | Tag. |
| value | boolean\|number\|bigint\|Uint8Array | Yes | Value of the tag.|
## HuksOptions
Defines the **options** used in the APIs.
**System capability**: SystemCapability.Security.Huks
| Name | Type | Mandatory| Description |
| ---------- | ----------------- | ---- | ------------------------ |
| properties | Array\<[HuksParam](#huksparam)> | No | Array used to hold **HuksParam**.|
| inData | Uint8Array | No | Input data. |
## HuksHandle ## HuksHandle<sup>(deprecated)</sup>
Defines the HUKS handle structure. Defines the HUKS handle structure.
...@@ -2069,7 +2861,7 @@ Defines the HUKS handle structure. ...@@ -2069,7 +2861,7 @@ Defines the HUKS handle structure.
| token | Uint8Array | No| Challenge obtained after the [init](#huksinit) operation.| | token | Uint8Array | No| Challenge obtained after the [init](#huksinit) operation.|
## HuksResult ## HuksResult<sup>(deprecated)</sup>
Defines the **HuksResult** structure. Defines the **HuksResult** structure.
...@@ -2083,3 +2875,87 @@ Defines the **HuksResult** structure. ...@@ -2083,3 +2875,87 @@ Defines the **HuksResult** structure.
| outData | Uint8Array | No | Output data. | | outData | Uint8Array | No | Output data. |
| properties | Array\<[HuksParam](#huksparam)> | No | Property information. | | properties | Array\<[HuksParam](#huksparam)> | No | Property information. |
| certChains | Array\<string> | No | Certificate chain information.| | certChains | Array\<string> | No | Certificate chain information.|
## HuksErrorCode<sup>(deprecated)</sup>
Enumerates the error codes.
**System capability**: SystemCapability.Security.Huks
| Name | Value | Description|
| -------------------------- | ----- | ---- |
| HUKS_SUCCESS | 0 |Success.|
| HUKS_FAILURE | -1 |Failure.|
| HUKS_ERROR_BAD_STATE | -2 |Incorrect state.|
| HUKS_ERROR_INVALID_ARGUMENT | -3 |Invalid argument.|
| HUKS_ERROR_NOT_SUPPORTED | -4 |Not supported.|
| HUKS_ERROR_NO_PERMISSION | -5 |No permission.|
| HUKS_ERROR_INSUFFICIENT_DATA | -6 |Insufficient data.|
| HUKS_ERROR_BUFFER_TOO_SMALL | -7 |Insufficient buffer.|
| HUKS_ERROR_INSUFFICIENT_MEMORY | -8 |Insufficient memory.|
| HUKS_ERROR_COMMUNICATION_FAILURE | -9 |Communication failure.|
| HUKS_ERROR_STORAGE_FAILURE | -10 |Insufficient storage space.|
| HUKS_ERROR_HARDWARE_FAILURE | -11 |Hardware fault.|
| HUKS_ERROR_ALREADY_EXISTS | -12 |The object already exists.|
| HUKS_ERROR_NOT_EXIST | -13 |The object does not exist.|
| HUKS_ERROR_NULL_POINTER | -14 |Null pointer.|
| HUKS_ERROR_FILE_SIZE_FAIL | -15 |Incorrect file size.|
| HUKS_ERROR_READ_FILE_FAIL | -16 |Failed to read the file.|
| HUKS_ERROR_INVALID_PUBLIC_KEY | -17 |Invalid public key.|
| HUKS_ERROR_INVALID_PRIVATE_KEY | -18 |Invalid private key.|
| HUKS_ERROR_INVALID_KEY_INFO | -19 |Invalid key information.|
| HUKS_ERROR_HASH_NOT_EQUAL | -20 |The hash values are not equal.|
| HUKS_ERROR_MALLOC_FAIL | -21 |MALLOC failed.|
| HUKS_ERROR_WRITE_FILE_FAIL | -22 |Failed to write the file.|
| HUKS_ERROR_REMOVE_FILE_FAIL | -23 |Failed to delete the file.|
| HUKS_ERROR_OPEN_FILE_FAIL | -24 |Failed to open the file.|
| HUKS_ERROR_CLOSE_FILE_FAIL | -25 |Failed to close the file.|
| HUKS_ERROR_MAKE_DIR_FAIL | -26 |Failed to create the directory.|
| HUKS_ERROR_INVALID_KEY_FILE | -27 |Invalid key file.|
| HUKS_ERROR_IPC_MSG_FAIL | -28 |Incorrect IPC information.|
| HUKS_ERROR_REQUEST_OVERFLOWS | -29 |Request overflows.|
| HUKS_ERROR_PARAM_NOT_EXIST | -30 |The parameter does not exist.|
| HUKS_ERROR_CRYPTO_ENGINE_ERROR | -31 |CRYPTO ENGINE error.|
| HUKS_ERROR_COMMUNICATION_TIMEOUT | -32 |Communication timed out.|
| HUKS_ERROR_IPC_INIT_FAIL | -33 |IPC initialization failed.|
| HUKS_ERROR_IPC_DLOPEN_FAIL | -34 |IPC DLOPEN failed.|
| HUKS_ERROR_EFUSE_READ_FAIL | -35 |Failed to read eFUSE.|
| HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST | -36 |New root key material exists.|
| HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL | -37 |Failed to update the root key material.|
| HUKS_ERROR_VERIFICATION_FAILED | -38 |Failed to verify the certificate chain.|
| HUKS_ERROR_GET_USERIAM_SECINFO_FAILED<sup>9+</sup> | -40 |Failed to obtain the security attribute information of the user.|
| HUKS_ERROR_GET_USERIAM_AUTHINFO_FAILED<sup>9+</sup> | -41 |Failed to obtain the authentication information of the user.|
| HUKS_ERROR_USER_AUTH_TYPE_NOT_SUPPORT<sup>9+</sup> | -42 |The access control of the current authentication type is not supported.|
| HUKS_ERROR_KEY_AUTH_FAILED<sup>9+</sup> | -43 |The access control authentication has failed.|
| HUKS_ERROR_DEVICE_NO_CREDENTIAL<sup>9+</sup> | -44 |No credential has been enrolled for the device.|
| HUKS_ERROR_CHECK_GET_ALG_FAIL | -100 |Failed to obtain the ALG. |
| HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL | -101 |Failed to obtain the key size.|
| HUKS_ERROR_CHECK_GET_PADDING_FAIL | -102 |Failed to obtain the padding algorithm.|
| HUKS_ERROR_CHECK_GET_PURPOSE_FAIL | -103 |Failed to obtain the key purpose.|
| HUKS_ERROR_CHECK_GET_DIGEST_FAIL | -104 |Failed to obtain the digest algorithm.|
| HUKS_ERROR_CHECK_GET_MODE_FAIL | -105 |Failed to obtain the cipher mode.|
| HUKS_ERROR_CHECK_GET_NONCE_FAIL | -106 |Failed to obtain the nonce.|
| HUKS_ERROR_CHECK_GET_AAD_FAIL | -107 |Failed to obtain the AAD.|
| HUKS_ERROR_CHECK_GET_IV_FAIL | -108 |Failed to obtain the initialization vector (IV).|
| HUKS_ERROR_CHECK_GET_AE_TAG_FAIL | -109 |Failed to obtain the AE flag.|
| HUKS_ERROR_CHECK_GET_SALT_FAIL | -110 |Failed to obtain the salt value.|
| HUKS_ERROR_CHECK_GET_ITERATION_FAIL | -111 |Failed to obtain the number of iterations.|
| HUKS_ERROR_INVALID_ALGORITHM | -112 |Invalid algorithm.|
| HUKS_ERROR_INVALID_KEY_SIZE | -113 |Invalid key size.|
| HUKS_ERROR_INVALID_PADDING | -114 |Invalid padding algorithm.|
| HUKS_ERROR_INVALID_PURPOSE | -115 |Invalid key purpose.|
| HUKS_ERROR_INVALID_MODE | -116 |Invalid cipher mode.|
| HUKS_ERROR_INVALID_DIGEST | -117 |Invalid digest algorithm.|
| HUKS_ERROR_INVALID_SIGNATURE_SIZE | -118 |Invalid signature size.|
| HUKS_ERROR_INVALID_IV | -119 |Invalid IV.|
| HUKS_ERROR_INVALID_AAD | -120 |Invalid AAD.|
| HUKS_ERROR_INVALID_NONCE | -121 |Invalid nonce.|
| HUKS_ERROR_INVALID_AE_TAG | -122 |Invalid AE tag.|
| HUKS_ERROR_INVALID_SALT | -123 |Invalid salt value.|
| HUKS_ERROR_INVALID_ITERATION | -124 |Invalid iteration count.|
| HUKS_ERROR_INVALID_OPERATION | -125 |Invalid operation.|
| HUKS_ERROR_INVALID_WRAPPED_FORMAT<sup>9+</sup> | -126 |Incorrect format of the wrapped key being imported.|
| HUKS_ERROR_INVALID_USAGE_OF_KEY<sup>9+</sup> | -127 |Incorrect purpose of the wrapped key being imported.|
| HUKS_ERROR_INTERNAL_ERROR | -999 |Internal error.|
| HUKS_ERROR_UNKNOWN_ERROR | -1000 |Unknown error.|
en/application-dev/reference/apis/js-apis-wifi.md
浏览文件 @ a65f6917
...@@ -302,7 +302,7 @@ Represents the WLAN configuration. ...@@ -302,7 +302,7 @@ Represents the WLAN configuration.
## IpType<sup>7+</sup> ## IpType<sup>7+</sup>
Enumerate the IP address types. Enumerates the IP address types.
**System API**: This is a system API. **System API**: This is a system API.
...@@ -1851,7 +1851,7 @@ Unregisters the WLAN state change events. ...@@ -1851,7 +1851,7 @@ Unregisters the WLAN state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **wifiStateChange**.| | type | string | Yes| Event type. The value is **wifiStateChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the WLAN state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the WLAN state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
**Example** **Example**
```js ```js
...@@ -1909,7 +1909,7 @@ Unregisters the WLAN connection state change events. ...@@ -1909,7 +1909,7 @@ Unregisters the WLAN connection state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **wifiConnectionChange**.| | type | string | Yes| Event type. The value is **wifiConnectionChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the WLAN connection state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the WLAN connection state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('wifiScanStateChange')<sup>7+</sup> ## wifi.on('wifiScanStateChange')<sup>7+</sup>
...@@ -1952,7 +1952,7 @@ Unregisters the WLAN scan state change events. ...@@ -1952,7 +1952,7 @@ Unregisters the WLAN scan state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **wifiScanStateChange**.| | type | string | Yes| Event type. The value is **wifiScanStateChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the WLAN scan state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the WLAN scan state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('wifiRssiChange')<sup>7+</sup> ## wifi.on('wifiRssiChange')<sup>7+</sup>
...@@ -1988,7 +1988,7 @@ Unregisters the RSSI change events. ...@@ -1988,7 +1988,7 @@ Unregisters the RSSI change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **wifiRssiChange**.| | type | string | Yes| Event type. The value is **wifiRssiChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the RSSI. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the RSSI. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('hotspotStateChange')<sup>7+</sup> ## wifi.on('hotspotStateChange')<sup>7+</sup>
...@@ -2033,7 +2033,7 @@ Unregisters the hotspot state change events. ...@@ -2033,7 +2033,7 @@ Unregisters the hotspot state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **hotspotStateChange**.| | type | string | Yes| Event type. The value is **hotspotStateChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the hotspot state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the hotspot state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pStateChange')<sup>8+</sup> ## wifi.on('p2pStateChange')<sup>8+</sup>
...@@ -2078,7 +2078,7 @@ Unregisters the P2P state change events. ...@@ -2078,7 +2078,7 @@ Unregisters the P2P state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pStateChange**.| | type | string | Yes| Event type. The value is **p2pStateChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the P2P state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the P2P state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pConnectionChange')<sup>8+</sup> ## wifi.on('p2pConnectionChange')<sup>8+</sup>
...@@ -2114,7 +2114,7 @@ Unregisters the P2P connection state change events. ...@@ -2114,7 +2114,7 @@ Unregisters the P2P connection state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pConnectionChange**.| | type | string | Yes| Event type. The value is **p2pConnectionChange**.|
| callback | Callback&lt;[WifiP2pLinkedInfo](#wifip2plinkedinfo8)&gt; | No| Callback used to return the P2P connection state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;[WifiP2pLinkedInfo](#wifip2plinkedinfo8)&gt; | No| Callback for the P2P connection state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pDeviceChange')<sup>8+</sup> ## wifi.on('p2pDeviceChange')<sup>8+</sup>
...@@ -2150,7 +2150,7 @@ Unregisters the P2P device state change events. ...@@ -2150,7 +2150,7 @@ Unregisters the P2P device state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pDeviceChange**.| | type | string | Yes| Event type. The value is **p2pDeviceChange**.|
| callback | Callback&lt;[WifiP2pDevice](#wifip2pdevice8)&gt; | No| Callback used to return the P2P device state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;[WifiP2pDevice](#wifip2pdevice8)&gt; | No| Callback for the P2P device state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pPeerDeviceChange')<sup>8+</sup> ## wifi.on('p2pPeerDeviceChange')<sup>8+</sup>
...@@ -2186,7 +2186,7 @@ Unregisters the P2P peer device state change events. ...@@ -2186,7 +2186,7 @@ Unregisters the P2P peer device state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pPeerDeviceChange**.| | type | string | Yes| Event type. The value is **p2pPeerDeviceChange**.|
| callback | Callback&lt;[WifiP2pDevice[]](#wifip2pdevice8)&gt; | No| Callback used to return the peer device state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;[WifiP2pDevice[]](#wifip2pdevice8)&gt; | No| Callback for the peer device state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pPersistentGroupChange')<sup>8+</sup> ## wifi.on('p2pPersistentGroupChange')<sup>8+</sup>
...@@ -2222,7 +2222,7 @@ Unregisters the P2P persistent group state change events. ...@@ -2222,7 +2222,7 @@ Unregisters the P2P persistent group state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pPersistentGroupChange**.| | type | string | Yes| Event type. The value is **p2pPersistentGroupChange**.|
| callback | Callback&lt;void&gt; | No| Callback used to return the P2P persistent group state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;void&gt; | No| Callback for the P2P persistent group state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
## wifi.on('p2pDiscoveryChange')<sup>8+</sup> ## wifi.on('p2pDiscoveryChange')<sup>8+</sup>
...@@ -2265,4 +2265,4 @@ Unregisters the P2P device discovery state change events. ...@@ -2265,4 +2265,4 @@ Unregisters the P2P device discovery state change events.
| **Name**| **Type**| **Mandatory**| **Description**| | **Name**| **Type**| **Mandatory**| **Description**|
| -------- | -------- | -------- | -------- | | -------- | -------- | -------- | -------- |
| type | string | Yes| Event type. The value is **p2pDiscoveryChange**.| | type | string | Yes| Event type. The value is **p2pDiscoveryChange**.|
| callback | Callback&lt;number&gt; | No| Callback used to return the P2P device discovery state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.| | callback | Callback&lt;number&gt; | No| Callback for the P2P device discovery state. If this parameter is not specified, all callbacks associated with the specified event will be unregistered.|
en/application-dev/reference/errorcodes/errorcode-huks.md 0 → 100644
浏览文件 @ a65f6917
# HUKS Error Codes
## 12000001 Feature Not Supported
**Error Message**
`${messageInfo}` is not supported.
**Possible Causes**
The API is supported, but certain features in the API, such as the algorithm, are not supported.
**Procedure**
Modify the parameters and use the features supported.
## 12000002 Missing Key Algorithm Parameter
**Error Message**
Failed to obtain `${messageInfo}`. It is not set in ParamSet.
**Possible Causes**
The key parameter is not set.
**Procedure**
1. Determine the missing parameter from the error message.
2. Set the parameter.
## 12000003 Invalid Key Algorithm Parameter
**Error Message**
Invalid `${messageInfo}`.
**Possible Causes**
An invalid parameter is found.
**Procedure**
1. Determine the invalid parameter from the error message.
2. Correct the invalid parameter.
## 12000004 File Error
**Error Message**
Failed to read the file.
Failed to write the file.
**Possible Causes**
The file operation failed.
**Procedure**
1. Check whether the disk space is used up and whether the file system is abnormal.
2. Clear the disk space.
## 12000005 IPC Error
**Error Message**
IPC timed out.
Failed to obtain messages from IPC.
**Possible Causes**
IPC failed.
**Procedure**
Locate and rectify the IPC failure.
## 12000006 Algorithm Library Operation Failed
**Error Message**
Crypto engine error.
**Possible Causes**
The algorithm library operation fails. The possible causes include the following:
1. The encryption and decryption on the algorithm library failed due to incorrect ciphertext data.
2. Incorrect key parameters exist.
**Procedure**
1. Check and correct the ciphertext data.
2. Check and correct the key parameters.
## 12000007 Failed to Access the Key Due to Invalidated Credential
**Error Message**
This credential is invalidated permanently.
**Possible Causes**
The possible causes include the following:
1. The key is configured with the user access control attribute and becomes invalid after the password is cleared.
2. The key is configured with the user access control attribute and becomes invalid after a new biometric feature is enrolled.
**Procedure**
1. Locate the cause of the authentication failure based on the log.
2. If the authentication fails due to the access control attribute configured, the key cannot be used any more.
## 12000008 Failed to Access the Key Due to a Failure in Authentication Token Verification
**Error Message**
The authentication token verification failed.
**Possible Causes**
The authentication token verification failed due to an incorrect challenge value.
**Procedure**
1. Check whether the challenge for userIAM authentication is correctly assembled.
2. If the challenge value is incorrect, modify the assembly mode, use the bytes generated by HUKS to assembly challenge value, and pass it to userIAM for authentication.
## 12000009 Key Access Timed Out
**Error Message**
The Authentication token timed out.
**Possible Causes**
The authentication failed because the authentication token timed out.
**Procedure**
The difference between the current time and the authentication token generation time must be less than the timeout interval. Otherwise, the access will be rejected.
## 12000010 Key Operation Sessions Reaches the Limit
**Error Message**
The number of key operation sessions has reached the limit.
**Possible Causes**
The number of concurrent key operation sessions has reached the maximum (15).
**Procedure**
1. Check whether there are multiple key session operations (**init** operations) for the same application. If yes, modify the code to avoid concurrent invoking.
2. If the key operation sessions are set up for different applications, wait until the sessions are released.
## 12000011 The Entity Does Not Exist
**Error Message**
The entity does not exist.
**Possible Causes**
The key corresponding to the key alias does not exist.
**Procedure**
1. Check whether the key alias is misspelled.
2. Check whether the key corresponding to the key alias is successfully generated.
## 12000012 External Error
**Error Message**
External error `${messageInfo}`.
**Possible Causes**
An external error, such as a hardware fault or file error occurs.
**Procedure**
Provide the error code and log information to the related party.
## 12000013 The Credential Does Not Exist
**Error Message**
The credential does not exist.
**Possible Causes**
The credential, such as the PIN, fingerprint, or face image, is not enrolled.
**Procedure**
Enroll the credential or change the authentication type bound to the key.
## 12000014 Insufficient Memory
**Error Message**
Memory is insufficient.
**Possible Causes**
The system memory is insufficient.
**Procedure**
Release memory or restart the device.
## 12000015 Failed to Invoke Other System Services
**Error Message**
Failed to call the `${messageInfo}` service to do `${messageInfo}`.
**Possible Causes**
The called system service has not started.
**Procedure**
Wait for the system service to start and call the API again.
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册