Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Docs
提交
bc197f3f
D
Docs
项目概览
OpenHarmony
/
Docs
大约 1 年 前同步成功
通知
159
Star
292
Fork
28
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
Docs
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
bc197f3f
编写于
8月 17, 2022
作者:
scrawman
提交者:
Gitee
8月 17, 2022
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
update zh-cn/device-dev/subsystems/subsys-security-huks-guide.md.
Signed-off-by:
zqr2001
<
1805768383@qq.com
>
上级
e9d843eb
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
327 addition
and
327 deletion
+327
-327
zh-cn/device-dev/subsystems/subsys-security-huks-guide.md
zh-cn/device-dev/subsystems/subsys-security-huks-guide.md
+327
-327
未找到文件。
zh-cn/device-dev/subsystems/subsys-security-huks-guide.md
浏览文件 @
bc197f3f
...
...
@@ -597,125 +597,125 @@ Hdi接口到HUKS Core的适配在以下目录中:
return
HKS_FAILURE
;
}
if
(
handle
->
size
<
sizeof
(
uint64_t
))
{
HKS_LOG_E
(
"handle size is too small, size : %u"
,
handle
->
size
);
return
HKS_ERROR_INSUFFICIENT_MEMORY
;
}
//解密密钥文件
struct
HuksKeyNode
*
keyNode
=
HksCreateKeyNode
(
key
,
paramSet
);
if
(
keyNode
==
NULL
||
handle
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_ERROR_BAD_STATE
;
}
//通过handle向session中存储信息,供Update/Finish使用。使得外部可以通过同个handle分多次进行同一密钥操作。
handle
->
size
=
sizeof
(
uint64_t
);
(
void
)
memcpy_s
(
handle
->
data
,
handle
->
size
,
&
(
keyNode
->
handle
),
handle
->
size
);
//从参数中提取出算法
int32_t
ret
=
GetPurposeAndAlgorithm
(
paramSet
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
return
ret
;
}
//检查密钥参数
ret
=
HksCoreSecureAccessInitParams
(
keyNode
,
paramSet
,
token
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"init secure access params failed"
);
HksDeleteKeyNode
(
keyNode
->
handle
);
return
ret
;
}
//通过密钥使用目的获取对应的算法库处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreInitHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreInitHandler
[
i
].
pur
==
pur
)
{
HKS_LOG_E
(
"Core HksCoreInit [pur] = %d, pur = %d"
,
g_hksCoreInitHandler
[
i
].
pur
,
pur
);
ret
=
g_hksCoreInitHandler
[
i
].
handler
(
keyNode
,
paramSet
,
alg
);
break
;
}
}
//异常结果检查
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"CoreInit failed, ret : %d"
,
ret
);
if
(
handle
->
size
<
sizeof
(
uint64_t
))
{
HKS_LOG_E
(
"handle size is too small, size : %u"
,
handle
->
size
);
return
HKS_ERROR_INSUFFICIENT_MEMORY
;
}
//解密密钥文件
struct
HuksKeyNode
*
keyNode
=
HksCreateKeyNode
(
key
,
paramSet
);
if
(
keyNode
==
NULL
||
handle
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_ERROR_BAD_STATE
;
}
//通过handle向session中存储信息,供Update/Finish使用。使得外部可以通过同个handle分多次进行同一密钥操作。
handle
->
size
=
sizeof
(
uint64_t
);
(
void
)
memcpy_s
(
handle
->
data
,
handle
->
size
,
&
(
keyNode
->
handle
),
handle
->
size
);
//从参数中提取出算法
int32_t
ret
=
GetPurposeAndAlgorithm
(
paramSet
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
return
ret
;
}
//检查密钥参数
ret
=
HksCoreSecureAccessInitParams
(
keyNode
,
paramSet
,
token
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"init secure access params failed"
);
HksDeleteKeyNode
(
keyNode
->
handle
);
return
ret
;
}
//通过密钥使用目的获取对应的算法库处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreInitHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreInitHandler
[
i
].
pur
==
pur
)
{
HKS_LOG_E
(
"Core HksCoreInit [pur] = %d, pur = %d"
,
g_hksCoreInitHandler
[
i
].
pur
,
pur
);
ret
=
g_hksCoreInitHandler
[
i
].
handler
(
keyNode
,
paramSet
,
alg
);
break
;
}
}
//异常结果检查
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"CoreInit failed, ret : %d"
,
ret
);
return
ret
;
}
if
(
i
==
size
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"don't found purpose, pur : %u"
,
pur
);
return
HKS_FAILURE
;
}
HKS_LOG_D
(
"HksCoreInit in Core end"
);
return
ret
;
}
if
(
i
==
size
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"don't found purpose, pur : %u"
,
pur
);
return
HKS_FAILURE
;
}
HKS_LOG_D
(
"HksCoreInit in Core end"
);
return
ret
;
}
```
2.
在执行密钥操作前通过句柄获得上下文信息,执行密钥操作时放入分片数据并取回密钥操作结果或者追加数据。
```
c
//三段式Update接口
int32_t
HksCoreUpdate
(
const
struct
HksBlob
*
handle
,
const
struct
HksParamSet
*
paramSet
,
const
struct
HksBlob
*
inData
,
struct
HksBlob
*
outData
)
{
HKS_LOG_D
(
"HksCoreUpdate in Core start"
);
uint32_t
pur
=
0
;
uint32_t
alg
=
0
;
//检查参数
if
(
handle
==
NULL
||
paramSet
==
NULL
||
inData
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_FAILURE
;
}
uint64_t
sessionId
;
struct
HuksKeyNode
*
keyNode
=
NULL
;
//根据handle获取本次三段式操作需要的上下文
int32_t
ret
=
GetParamsForUpdateAndFinish
(
handle
,
&
sessionId
,
&
keyNode
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"GetParamsForCoreUpdate failed"
);
return
ret
;
}
//校验密钥参数
ret
=
HksCoreSecureAccessVerifyParams
(
keyNode
,
paramSet
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"HksCoreUpdate secure access verify failed"
);
return
ret
;
}
//调用对应的算法库密钥处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreUpdateHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreUpdateHandler
[
i
].
pur
==
pur
)
{
struct
HksBlob
appendInData
=
{
0
,
NULL
};
ret
=
HksCoreAppendAuthInfoBeforeUpdate
(
keyNode
,
pur
,
paramSet
,
inData
,
&
appendInData
);
```
c
//三段式Update接口
int32_t
HksCoreUpdate
(
const
struct
HksBlob
*
handle
,
const
struct
HksParamSet
*
paramSet
,
const
struct
HksBlob
*
inData
,
struct
HksBlob
*
outData
)
{
HKS_LOG_D
(
"HksCoreUpdate in Core start"
);
uint32_t
pur
=
0
;
uint32_t
alg
=
0
;
//检查参数
if
(
handle
==
NULL
||
paramSet
==
NULL
||
inData
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_FAILURE
;
}
uint64_t
sessionId
;
struct
HuksKeyNode
*
keyNode
=
NULL
;
//根据handle获取本次三段式操作需要的上下文
int32_t
ret
=
GetParamsForUpdateAndFinish
(
handle
,
&
sessionId
,
&
keyNode
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"GetParamsForCoreUpdate failed"
);
return
ret
;
}
//校验密钥参数
ret
=
HksCoreSecureAccessVerifyParams
(
keyNode
,
paramSet
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"HksCoreUpdate secure access verify failed"
);
return
ret
;
}
//调用对应的算法库密钥处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreUpdateHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreUpdateHandler
[
i
].
pur
==
pur
)
{
struct
HksBlob
appendInData
=
{
0
,
NULL
};
ret
=
HksCoreAppendAuthInfoBeforeUpdate
(
keyNode
,
pur
,
paramSet
,
inData
,
&
appendInData
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"before update: append auth info failed"
);
break
;
}
ret
=
g_hksCoreUpdateHandler
[
i
].
handler
(
keyNode
,
paramSet
,
appendInData
.
data
==
NULL
?
inData
:
&
appendInData
,
outData
,
alg
);
if
(
appendInData
.
data
!=
NULL
)
{
HKS_FREE_BLOB
(
appendInData
);
}
break
;
}
}
//异常结果检查
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"before update: append auth info failed"
);
break
;
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"CoreUpdate failed, ret : %d"
,
ret
);
return
ret
;
}
ret
=
g_hksCoreUpdateHandler
[
i
].
handler
(
keyNode
,
paramSet
,
appendInData
.
data
==
NULL
?
inData
:
&
appendInData
,
outData
,
alg
);
if
(
appendInData
.
data
!=
NULL
)
{
HKS_FREE_BLOB
(
appendInData
);
if
(
i
==
size
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"don't found purpose, pur : %u"
,
pur
);
return
HKS_FAILURE
;
}
break
;
return
ret
;
}
}
//异常结果检查
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
keyNode
->
handle
);
HKS_LOG_E
(
"CoreUpdate failed, ret : %d"
,
ret
);
return
ret
;
}
if
(
i
==
size
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"don't found purpose, pur : %u"
,
pur
);
return
HKS_FAILURE
;
}
return
ret
;
}
```
```
3.
结束密钥操作并取回结果,销毁句柄。
...
...
@@ -724,63 +724,63 @@ return ret;
int32_t
HksCoreFinish
(
const
struct
HksBlob
*
handle
,
const
struct
HksParamSet
*
paramSet
,
const
struct
HksBlob
*
inData
,
struct
HksBlob
*
outData
)
{
HKS_LOG_D
(
"HksCoreFinish in Core start"
);
uint32_t
pur
=
0
;
uint32_t
alg
=
0
;
//检查参数
if
(
handle
==
NULL
||
paramSet
==
NULL
||
inData
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_FAILURE
;
}
uint64_t
sessionId
;
struct
HuksKeyNode
*
keyNode
=
NULL
;
//根据handle获取本次三段式操作需要的上下文
int32_t
ret
=
GetParamsForUpdateAndFinish
(
handle
,
&
sessionId
,
&
keyNode
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"GetParamsForCoreUpdate failed"
);
return
ret
;
}
//校验密钥参数
ret
=
HksCoreSecureAccessVerifyParams
(
keyNode
,
paramSet
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"HksCoreFinish secure access verify failed"
);
return
ret
;
}
//调用对应的算法库密钥处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreFinishHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreFinishHandler
[
i
].
pur
==
pur
)
{
uint32_t
outDataBufferSize
=
(
outData
==
NULL
)
?
0
:
outData
->
size
;
struct
HksBlob
appendInData
=
{
0
,
NULL
};
ret
=
HksCoreAppendAuthInfoBeforeFinish
(
keyNode
,
pur
,
paramSet
,
inData
,
&
appendInData
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"before finish: append auth info failed"
);
break
;
}
ret
=
g_hksCoreFinishHandler
[
i
].
handler
(
keyNode
,
paramSet
,
appendInData
.
data
==
NULL
?
inData
:
&
appendInData
,
outData
,
alg
);
if
(
appendInData
.
data
!=
NULL
)
{
HKS_FREE_BLOB
(
appendInData
);
}
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_D
(
"HksCoreFinish in Core start"
);
uint32_t
pur
=
0
;
uint32_t
alg
=
0
;
//检查参数
if
(
handle
==
NULL
||
paramSet
==
NULL
||
inData
==
NULL
)
{
HKS_LOG_E
(
"the pointer param entered is invalid"
);
return
HKS_FAILURE
;
}
uint64_t
sessionId
;
struct
HuksKeyNode
*
keyNode
=
NULL
;
//根据handle获取本次三段式操作需要的上下文
int32_t
ret
=
GetParamsForUpdateAndFinish
(
handle
,
&
sessionId
,
&
keyNode
,
&
pur
,
&
alg
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"GetParamsForCoreUpdate failed"
);
return
ret
;
}
//校验密钥参数
ret
=
HksCoreSecureAccessVerifyParams
(
keyNode
,
paramSet
);
if
(
ret
!=
HKS_SUCCESS
)
{
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_E
(
"HksCoreFinish secure access verify failed"
);
return
ret
;
}
//调用对应的算法库密钥处理函数
uint32_t
i
;
uint32_t
size
=
HKS_ARRAY_SIZE
(
g_hksCoreFinishHandler
);
for
(
i
=
0
;
i
<
size
;
i
++
)
{
if
(
g_hksCoreFinishHandler
[
i
].
pur
==
pur
)
{
uint32_t
outDataBufferSize
=
(
outData
==
NULL
)
?
0
:
outData
->
size
;
struct
HksBlob
appendInData
=
{
0
,
NULL
};
ret
=
HksCoreAppendAuthInfoBeforeFinish
(
keyNode
,
pur
,
paramSet
,
inData
,
&
appendInData
);
if
(
ret
!=
HKS_SUCCESS
)
{
HKS_LOG_E
(
"before finish: append auth info failed"
);
break
;
}
ret
=
g_hksCoreFinishHandler
[
i
].
handler
(
keyNode
,
paramSet
,
appendInData
.
data
==
NULL
?
inData
:
&
appendInData
,
outData
,
alg
);
if
(
appendInData
.
data
!=
NULL
)
{
HKS_FREE_BLOB
(
appendInData
);
}
if
(
ret
!=
HKS_SUCCESS
)
{
break
;
}
//添加密钥操作结束标签
ret
=
HksCoreAppendAuthInfoAfterFinish
(
keyNode
,
pur
,
paramSet
,
outDataBufferSize
,
outData
);
break
;
}
//添加密钥操作结束标签
ret
=
HksCoreAppendAuthInfoAfterFinish
(
keyNode
,
pur
,
paramSet
,
outDataBufferSize
,
outData
);
break
;
}
}
if
(
i
==
size
)
{
HKS_LOG_E
(
"don't found purpose, pur : %d"
,
pur
);
ret
=
HKS_FAILURE
;
}
//删除对应的session
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_D
(
"HksCoreFinish in Core end"
);
return
ret
;
if
(
i
==
size
)
{
HKS_LOG_E
(
"don't found purpose, pur : %d"
,
pur
);
ret
=
HKS_FAILURE
;
}
//删除对应的session
HksDeleteKeyNode
(
sessionId
);
HKS_LOG_D
(
"HksCoreFinish in Core end"
);
return
ret
;
}
```
...
...
@@ -796,176 +796,176 @@ JS测试代码示例如下,如果整个流程能够正常运行,代表能力
1.
引入HUKS模块,设定密钥操作的参数
```
js
import
huks
from
'
@ohos.security.huks
'
;
let
handle
;
let
IV
=
'
0000000000000000
'
;
let
cipherInData
=
'
Hks_AES_Cipher_Test_101010101010101010110_string
'
;
let
srcKeyAlias
=
'
huksCipherAesSrcKeyAlias
'
;
let
encryptUpdateResult
=
new
Array
()
let
decryptUpdateResult
=
new
Array
()
let
properties
=
new
Array
();
properties
[
0
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_ALGORITHM
,
value
:
huks
.
HuksKeyAlg
.
HUKS_ALG_AES
,
}
properties
[
1
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_ENCRYPT
|
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_DECRYPT
,
}
properties
[
2
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_KEY_SIZE
,
value
:
huks
.
HuksKeySize
.
HUKS_AES_KEY_SIZE_128
,
}
properties
[
3
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_BLOCK_MODE
,
value
:
huks
.
HuksCipherMode
.
HUKS_MODE_CBC
,
}
properties
[
4
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PADDING
,
value
:
huks
.
HuksKeyPadding
.
HUKS_PADDING_NONE
,
}
let
HuksOptions
=
{
properties
:
properties
,
inData
:
new
Uint8Array
(
new
Array
())
}
```
```
js
import
huks
from
'
@ohos.security.huks
'
;
let
handle
;
let
IV
=
'
0000000000000000
'
;
let
cipherInData
=
'
Hks_AES_Cipher_Test_101010101010101010110_string
'
;
let
srcKeyAlias
=
'
huksCipherAesSrcKeyAlias
'
;
let
encryptUpdateResult
=
new
Array
()
let
decryptUpdateResult
=
new
Array
()
let
properties
=
new
Array
();
properties
[
0
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_ALGORITHM
,
value
:
huks
.
HuksKeyAlg
.
HUKS_ALG_AES
,
}
properties
[
1
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_ENCRYPT
|
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_DECRYPT
,
}
properties
[
2
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_KEY_SIZE
,
value
:
huks
.
HuksKeySize
.
HUKS_AES_KEY_SIZE_128
,
}
properties
[
3
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_BLOCK_MODE
,
value
:
huks
.
HuksCipherMode
.
HUKS_MODE_CBC
,
}
properties
[
4
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PADDING
,
value
:
huks
.
HuksKeyPadding
.
HUKS_PADDING_NONE
,
}
let
HuksOptions
=
{
properties
:
properties
,
inData
:
new
Uint8Array
(
new
Array
())
}
```
2.
生成密钥并执行加密操作
```
js
/* 生成密钥 */
await
huks
.
generateKey
(
srcKeyAlias
,
HuksOptions
).
then
((
data
)
=>
{
console
.
log
(
`test generateKey data:
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test generateKey err information:
'
+
JSON
.
stringify
(
err
));
});
/* 构造加密参数 */
let
propertiesEncrypt
=
new
Array
();
propertiesEncrypt
[
0
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_ALGORITHM
,
value
:
huks
.
HuksKeyAlg
.
HUKS_ALG_AES
,
}
propertiesEncrypt
[
1
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_ENCRYPT
,
}
propertiesEncrypt
[
2
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_KEY_SIZE
,
value
:
huks
.
HuksKeySize
.
HUKS_AES_KEY_SIZE_128
,
}
propertiesEncrypt
[
3
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PADDING
,
value
:
huks
.
HuksKeyPadding
.
HUKS_PADDING_NONE
,
}
propertiesEncrypt
[
4
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_BLOCK_MODE
,
value
:
huks
.
HuksCipherMode
.
HUKS_MODE_CBC
,
}
propertiesEncrypt
[
5
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_DIGEST
,
value
:
huks
.
HuksKeyDigest
.
HUKS_DIGEST_NONE
,
}
propertiesEncrypt
[
6
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_IV
,
value
:
this
.
stringToUint8Array
(
IV
)
}
let
encryptOptions
=
{
properties
:
propertiesEncrypt
,
inData
:
new
Uint8Array
(
new
Array
())
}
/* 进行密钥加密操作 */
await
huks
.
init
(
srcKeyAlias
,
encryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test init data:
${
JSON
.
stringify
(
data
)}
`
);
handle
=
data
.
handle
;
}).
catch
((
err
)
=>
{
console
.
log
(
'
test init err information:
'
+
JSON
.
stringify
(
err
));
});
encryptOptions
.
inData
=
this
.
stringToUint8Array
(
cipherInData
)
await
huks
.
update
(
handle
,
encryptOptions
).
then
(
async
(
data
)
=>
{
console
.
log
(
`test update data
${
JSON
.
stringify
(
data
)}
`
);
encryptUpdateResult
=
Array
.
from
(
data
.
outData
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test update err information:
'
+
err
);
});
encryptOptions
.
inData
=
new
Uint8Array
(
new
Array
());
await
huks
.
finish
(
handle
,
encryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test finish data:
${
JSON
.
stringify
(
data
)}
`
);
let
finishData
=
this
.
uint8ArrayToString
(
new
Uint8Array
(
encryptUpdateResult
));
if
(
finishData
===
cipherInData
)
{
console
.
log
(
'
test finish encrypt err
'
);
}
else
{
console
.
log
(
'
test finish encrypt success
'
);
```
js
/* 生成密钥 */
await
huks
.
generateKey
(
srcKeyAlias
,
HuksOptions
).
then
((
data
)
=>
{
console
.
log
(
`test generateKey data:
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test generateKey err information:
'
+
JSON
.
stringify
(
err
));
});
/* 构造加密参数 */
let
propertiesEncrypt
=
new
Array
();
propertiesEncrypt
[
0
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_ALGORITHM
,
value
:
huks
.
HuksKeyAlg
.
HUKS_ALG_AES
,
}
propertiesEncrypt
[
1
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_ENCRYPT
,
}
propertiesEncrypt
[
2
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_KEY_SIZE
,
value
:
huks
.
HuksKeySize
.
HUKS_AES_KEY_SIZE_128
,
}
propertiesEncrypt
[
3
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PADDING
,
value
:
huks
.
HuksKeyPadding
.
HUKS_PADDING_NONE
,
}
propertiesEncrypt
[
4
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_BLOCK_MODE
,
value
:
huks
.
HuksCipherMode
.
HUKS_MODE_CBC
,
}
propertiesEncrypt
[
5
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_DIGEST
,
value
:
huks
.
HuksKeyDigest
.
HUKS_DIGEST_NONE
,
}
propertiesEncrypt
[
6
]
=
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_IV
,
value
:
this
.
stringToUint8Array
(
IV
)
}
let
encryptOptions
=
{
properties
:
propertiesEncrypt
,
inData
:
new
Uint8Array
(
new
Array
())
}
/* 进行密钥加密操作 */
await
huks
.
init
(
srcKeyAlias
,
encryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test init data:
${
JSON
.
stringify
(
data
)}
`
);
handle
=
data
.
handle
;
}).
catch
((
err
)
=>
{
console
.
log
(
'
test finish err information:
'
+
JSON
.
stringify
(
err
));
});
```
console
.
log
(
'
test init err information:
'
+
JSON
.
stringify
(
err
));
});
encryptOptions
.
inData
=
this
.
stringToUint8Array
(
cipherInData
)
await
huks
.
update
(
handle
,
encryptOptions
).
then
(
async
(
data
)
=>
{
console
.
log
(
`test update data
${
JSON
.
stringify
(
data
)}
`
);
encryptUpdateResult
=
Array
.
from
(
data
.
outData
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test update err information:
'
+
err
);
});
encryptOptions
.
inData
=
new
Uint8Array
(
new
Array
());
await
huks
.
finish
(
handle
,
encryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test finish data:
${
JSON
.
stringify
(
data
)}
`
);
let
finishData
=
this
.
uint8ArrayToString
(
new
Uint8Array
(
encryptUpdateResult
));
if
(
finishData
===
cipherInData
)
{
console
.
log
(
'
test finish encrypt err
'
);
}
else
{
console
.
log
(
'
test finish encrypt success
'
);
}
}).
catch
((
err
)
=>
{
console
.
log
(
'
test finish err information:
'
+
JSON
.
stringify
(
err
));
});
```
3.
执行解密操作并删除密钥
```
js
/* 修改加密参数集为解密参数集 */
propertiesEncrypt
.
splice
(
1
,
1
,
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_DECRYPT
,
});
let
decryptOptions
=
{
properties
:
propertiesEncrypt
,
inData
:
new
Uint8Array
(
new
Array
())
}
/* 进行解密操作 */
await
huks
.
init
(
srcKeyAlias
,
decryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test init data:
${
JSON
.
stringify
(
data
)}
`
);
handle
=
data
.
handle
;
}).
catch
((
err
)
=>
{
console
.
log
(
'
test init err information:
'
+
JSON
.
stringify
(
err
));
});
decryptOptions
.
inData
=
new
Uint8Array
(
encryptUpdateResult
);
await
huks
.
update
(
handle
,
decryptOptions
).
then
(
async
(
data
)
=>
{
console
.
log
(
`test update data
${
JSON
.
stringify
(
data
)}
`
);
decryptUpdateResult
=
Array
.
from
(
data
.
outData
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test update err information:
'
+
err
);
});
decryptOptions
.
inData
=
new
Uint8Array
(
new
Array
());
await
huks
.
finish
(
handle
,
decryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test finish data:
${
JSON
.
stringify
(
data
)}
`
);
let
finishData
=
this
.
uint8ArrayToString
(
new
Uint8Array
(
decryptUpdateResult
));
if
(
finishData
===
cipherInData
)
{
console
.
log
(
'
test finish decrypt success
'
);
}
else
{
console
.
log
(
'
test finish decrypt err
'
);
```
js
/* 修改加密参数集为解密参数集 */
propertiesEncrypt
.
splice
(
1
,
1
,
{
tag
:
huks
.
HuksTag
.
HUKS_TAG_PURPOSE
,
value
:
huks
.
HuksKeyPurpose
.
HUKS_KEY_PURPOSE_DECRYPT
,
});
let
decryptOptions
=
{
properties
:
propertiesEncrypt
,
inData
:
new
Uint8Array
(
new
Array
())
}
}).
catch
((
err
)
=>
{
console
.
log
(
'
test finish err information:
'
+
JSON
.
stringify
(
err
));
});
//删除密钥
await
huks
.
deleteKey
(
srcKeyAlias
,
HuksOptions
).
then
((
data
)
=>
{
console
.
log
(
`test deleteKey data:
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test deleteKey err information:
'
+
JSON
.
stringify
(
err
));
/* 进行解密操作 */
await
huks
.
init
(
srcKeyAlias
,
decryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test init data:
${
JSON
.
stringify
(
data
)}
`
);
handle
=
data
.
handle
;
}).
catch
((
err
)
=>
{
console
.
log
(
'
test init err information:
'
+
JSON
.
stringify
(
err
));
});
},
stringToUint8Array
(
str
)
{
var
arr
=
[];
for
(
var
i
=
0
,
j
=
str
.
length
;
i
<
j
;
++
i
)
{
arr
.
push
(
str
.
charCodeAt
(
i
));
}
return
new
Uint8Array
(
arr
);
},
uint8ArrayToString
(
fileData
)
{
var
dataString
=
''
;
for
(
var
i
=
0
;
i
<
fileData
.
length
;
i
++
)
{
dataString
+=
String
.
fromCharCode
(
fileData
[
i
]);
decryptOptions
.
inData
=
new
Uint8Array
(
encryptUpdateResult
);
await
huks
.
update
(
handle
,
decryptOptions
).
then
(
async
(
data
)
=>
{
console
.
log
(
`test update data
${
JSON
.
stringify
(
data
)}
`
);
decryptUpdateResult
=
Array
.
from
(
data
.
outData
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test update err information:
'
+
err
);
});
decryptOptions
.
inData
=
new
Uint8Array
(
new
Array
());
await
huks
.
finish
(
handle
,
decryptOptions
).
then
((
data
)
=>
{
console
.
log
(
`test finish data:
${
JSON
.
stringify
(
data
)}
`
);
let
finishData
=
this
.
uint8ArrayToString
(
new
Uint8Array
(
decryptUpdateResult
));
if
(
finishData
===
cipherInData
)
{
console
.
log
(
'
test finish decrypt success
'
);
}
else
{
console
.
log
(
'
test finish decrypt err
'
);
}
}).
catch
((
err
)
=>
{
console
.
log
(
'
test finish err information:
'
+
JSON
.
stringify
(
err
));
});
//删除密钥
await
huks
.
deleteKey
(
srcKeyAlias
,
HuksOptions
).
then
((
data
)
=>
{
console
.
log
(
`test deleteKey data:
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
console
.
log
(
'
test deleteKey err information:
'
+
JSON
.
stringify
(
err
));
});
},
stringToUint8Array
(
str
)
{
var
arr
=
[];
for
(
var
i
=
0
,
j
=
str
.
length
;
i
<
j
;
++
i
)
{
arr
.
push
(
str
.
charCodeAt
(
i
));
}
return
new
Uint8Array
(
arr
);
},
uint8ArrayToString
(
fileData
)
{
var
dataString
=
''
;
for
(
var
i
=
0
;
i
<
fileData
.
length
;
i
++
)
{
dataString
+=
String
.
fromCharCode
(
fileData
[
i
]);
}
return
dataString
;
}
return
dataString
;
}
```
\ No newline at end of file
```
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录