1# HUKS 2 3>  **NOTE**<br/> 4> 5> The initial APIs of this module are supported since API version 8. Newly added APIs will be marked with a superscript to indicate their earliest API version. 6 7Openharmony Universal KeyStore (HUKS) provides KeyStore (KS) capabilities for applications, including key management and key cryptography operations. 8HUKS also provides APIs for applications to import or generate keys. 9 10## Modules to Import 11 12```js 13import huks from '@ohos.security.huks' 14``` 15## HuksErrorCode 16 17Enumerates the error codes. 18 19**System capability**: SystemCapability.Security.Huks 20 21| Name | Value | Description| 22| -------------------------- | ----- | ---- | 23| HUKS_SUCCESS | 0 |Success.| 24| HUKS_FAILURE | -1 |Failure.| 25| HUKS_ERROR_BAD_STATE | -2 |Incorrect state.| 26| HUKS_ERROR_INVALID_ARGUMENT | -3 |Invalid argument.| 27| HUKS_ERROR_NOT_SUPPORTED | -4 |Not supported.| 28| HUKS_ERROR_NO_PERMISSION | -5 |No permission.| 29| HUKS_ERROR_INSUFFICIENT_DATA | -6 |Insufficient data.| 30| HUKS_ERROR_BUFFER_TOO_SMALL | -7 |Insufficient buffer.| 31| HUKS_ERROR_INSUFFICIENT_MEMORY | -8 |Insufficient memory.| 32| HUKS_ERROR_COMMUNICATION_FAILURE | -9 |Communication failure.| 33| HUKS_ERROR_STORAGE_FAILURE | -10 |Storage failure.| 34| HUKS_ERROR_HARDWARE_FAILURE | -11 |Hardware fault.| 35| HUKS_ERROR_ALREADY_EXISTS | -12 |The object already exists.| 36| HUKS_ERROR_NOT_EXIST | -13 |The object does not exist.| 37| HUKS_ERROR_NULL_POINTER | -14 |Null pointer.| 38| HUKS_ERROR_FILE_SIZE_FAIL | -15 |Incorrect file size.| 39| HUKS_ERROR_READ_FILE_FAIL | -16 |Failed to read the file.| 40| HUKS_ERROR_INVALID_PUBLIC_KEY | -17 |Invalid public key.| 41| HUKS_ERROR_INVALID_PRIVATE_KEY | -18 |Invalid private key.| 42| HUKS_ERROR_INVALID_KEY_INFO | -19 |Invalid key information.| 43| HUKS_ERROR_HASH_NOT_EQUAL | -20 |The hash values are not equal.| 44| HUKS_ERROR_MALLOC_FAIL | -21 |MALLOC failed.| 45| HUKS_ERROR_WRITE_FILE_FAIL | -22 |Failed to write the file.| 46| HUKS_ERROR_REMOVE_FILE_FAIL | -23 |Failed to delete the file.| 47| HUKS_ERROR_OPEN_FILE_FAIL | -24 |Failed to open the file.| 48| HUKS_ERROR_CLOSE_FILE_FAIL | -25 |Failed to close the file.| 49| HUKS_ERROR_MAKE_DIR_FAIL | -26 |Failed to create the directory.| 50| HUKS_ERROR_INVALID_KEY_FILE | -27 |Invalid key file.| 51| HUKS_ERROR_IPC_MSG_FAIL | -28 |Incorrect IPC information.| 52| HUKS_ERROR_REQUEST_OVERFLOWS | -29 |Request overflows.| 53| HUKS_ERROR_PARAM_NOT_EXIST | -30 |The parameter does not exist.| 54| HUKS_ERROR_CRYPTO_ENGINE_ERROR | -31 |CRYPTO ENGINE error.| 55| HUKS_ERROR_COMMUNICATION_TIMEOUT | -32 |Communication timed out.| 56| HUKS_ERROR_IPC_INIT_FAIL | -33 |IPC initialization failed.| 57| HUKS_ERROR_IPC_DLOPEN_FAIL | -34 |IPC DLOPEN failed.| 58| HUKS_ERROR_EFUSE_READ_FAIL | -35 |Failed to read eFUSE.| 59| HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST | -36 |New root key material exists.| 60| HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL | -37 |Failed to update the root key material.| 61| HUKS_ERROR_VERIFICATION_FAILED | -38 |Failed to verify the certificate chain.| 62| HUKS_ERROR_CHECK_GET_ALG_FAIL | -100 |Failed to check whether the ALG is obtained. | 63| HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL | -101 |Failed to check whether the key size is obtained.| 64| HUKS_ERROR_CHECK_GET_PADDING_FAIL | -102 |Failed to check whether padding is obtained.| 65| HUKS_ERROR_CHECK_GET_PURPOSE_FAIL | -103 |Failed to check whether the purpose is obtained.| 66| HUKS_ERROR_CHECK_GET_DIGEST_FAIL | -104 |Failed to check whether digest is obtained.| 67| HUKS_ERROR_CHECK_GET_MODE_FAIL | -105 |Failed to check whether the mode is obtained.| 68| HUKS_ERROR_CHECK_GET_NONCE_FAIL | -106 |Failed to check whether the nonce is obtained.| 69| HUKS_ERROR_CHECK_GET_AAD_FAIL | -107 |Failed to check whether the AAD is obtained.| 70| HUKS_ERROR_CHECK_GET_IV_FAIL | -108 |Failed to check whether the initialization vector (IV) is obtained.| 71| HUKS_ERROR_CHECK_GET_AE_TAG_FAIL | -109 |Failed to check whether the AE flag is obtained.| 72| HUKS_ERROR_CHECK_GET_SALT_FAIL | -110 |Failed to check whether the SALT is obtained.| 73| HUKS_ERROR_CHECK_GET_ITERATION_FAIL | -111 |Failed to check whether the iteration is obtained.| 74| HUKS_ERROR_INVALID_ALGORITHM | -112 |Invalid algorithm.| 75| HUKS_ERROR_INVALID_KEY_SIZE | -113 |Invalid key size.| 76| HUKS_ERROR_INVALID_PADDING | -114 |Invalid padding.| 77| HUKS_ERROR_INVALID_PURPOSE | -115 |Invalid purpose.| 78| HUKS_ERROR_INVALID_MODE | -116 |Invalid mode.| 79| HUKS_ERROR_INVALID_DIGEST | -117 |Invalid digest.| 80| HUKS_ERROR_INVALID_SIGNATURE_SIZE | -118 |Invalid signature size.| 81| HUKS_ERROR_INVALID_IV | -119 |Invalid IV.| 82| HUKS_ERROR_INVALID_AAD | -120 |Invalid AAD.| 83| HUKS_ERROR_INVALID_NONCE | -121 |Invalid nonce.| 84| HUKS_ERROR_INVALID_AE_TAG | -122 |Invalid AE tag.| 85| HUKS_ERROR_INVALID_SALT | -123 |Invalid SALT.| 86| HUKS_ERROR_INVALID_ITERATION | -124 |Invalid iteration.| 87| HUKS_ERROR_INVALID_OPERATION | -125 |Invalid operation.| 88| HUKS_ERROR_INTERNAL_ERROR | -999 |Internal error.| 89| HUKS_ERROR_UNKNOWN_ERROR | -1000 |Unknown error.| 90 91 92## HuksKeyPurpose 93 94Enumerates the key purposes. 95 96**System capability**: SystemCapability.Security.Huks 97 98| Name | Value | Description | 99| ------------------------ | ---- | -------------------------------- | 100| HUKS_KEY_PURPOSE_ENCRYPT | 1 | The key is used to encrypt plain text.| 101| HUKS_KEY_PURPOSE_DECRYPT | 2 | The key is used to decrypt the cipher text.| 102| HUKS_KEY_PURPOSE_SIGN | 4 | The key is used to sign data. | 103| HUKS_KEY_PURPOSE_VERIFY | 8 | The key is used to verify the signed data. | 104| HUKS_KEY_PURPOSE_DERIVE | 16 | The key is used to derive a key. | 105| HUKS_KEY_PURPOSE_WRAP | 32 | The key is used for encrypted import. | 106| HUKS_KEY_PURPOSE_UNWRAP | 64 | The key is used for encrypted export. | 107| HUKS_KEY_PURPOSE_MAC | 128 | The key is used to generate a message authentication code (MAC). | 108| HUKS_KEY_PURPOSE_AGREE | 256 | The key is used for key agreement. | 109 110## HuksKeyDigest 111 112Enumerates the digest algorithms. 113 114**System capability**: SystemCapability.Security.Huks 115 116| Name | Value | Description | 117| ---------------------- | ---- | ---------------------------------------- | 118| HUKS_DIGEST_NONE | 0 | No digest algorithm.| 119| HUKS_DIGEST_MD5 | 1 | MD5.| 120| HUKS_DIGEST_SHA1 | 10 | SHA1.| 121| HUKS_DIGEST_SHA224 | 11 | SHA-224.| 122| HUKS_DIGEST_SHA256 | 12 | SHA-256.| 123| HUKS_DIGEST_SHA384 | 13 | SHA-384.| 124| HUKS_DIGEST_SHA512 | 14 | SHA-512.| 125 126## HuksKeyPadding 127 128Enumerates the padding algorithms. 129 130**System capability**: SystemCapability.Security.Huks 131 132| Name | Value | Description | 133| ---------------------- | ---- | ---------------------------------------- | 134| HUKS_PADDING_NONE | 0 | No padding algorithm.| 135| HUKS_PADDING_OAEP | 1 | Optimal Asymmetric Encryption Padding (OAEP).| 136| HUKS_PADDING_PSS | 2 | Probabilistic Signature Scheme (PSS).| 137| HUKS_PADDING_PKCS1_V1_5 | 3 | PKCS1_V1_5.| 138| HUKS_PADDING_PKCS5 | 4 | Public Key Cryptography Standards (PKCS) #5.| 139| HUKS_PADDING_PKCS7 | 5 | PKCS #7| 140 141## HuksCipherMode 142 143Enumerates the cipher modes. 144 145**System capability**: SystemCapability.Security.Huks 146 147| Name | Value | Description | 148| ------------- | ---- | --------------------- | 149| HUKS_MODE_ECB | 1 | Electronic Code BLock (ECB) mode.| 150| HUKS_MODE_CBC | 2 | Cipher Block Chaining (CBC) mode.| 151| HUKS_MODE_CTR | 3 | Counter (CTR) mode.| 152| HUKS_MODE_OFB | 4 | Output Feedback (OFB) mode.| 153| HUKS_MODE_CCM | 31 | Counter with CBC-MAC (CCM) mode.| 154| HUKS_MODE_GCM | 32 | Galois/Counter (GCM) mode.| 155 156## HuksKeySize 157 158Enumerates the key sizes. 159 160**System capability**: SystemCapability.Security.Huks 161 162| Name | Value | Description | 163| ---------------------------- | ---- | ------------------------------------------ | 164| HUKS_RSA_KEY_SIZE_512 | 512 | Rivest-Shamir-Adleman (RSA) key of 512 bits. | 165| HUKS_RSA_KEY_SIZE_768 | 768 | RSA key of 768 bits. | 166| HUKS_RSA_KEY_SIZE_1024 | 1024 | RSA key of 1024 bits. | 167| HUKS_RSA_KEY_SIZE_2048 | 2048 | RSA key of 2048 bits. | 168| HUKS_RSA_KEY_SIZE_3072 | 3072 | RSA key of 3072 bits. | 169| HUKS_RSA_KEY_SIZE_4096 | 4096 | RSA key of 4096 bits. | 170| HUKS_ECC_KEY_SIZE_224 | 224 | ECC key of 224 bits. | 171| HUKS_ECC_KEY_SIZE_256 | 256 | ECC key of 256 bits. | 172| HUKS_ECC_KEY_SIZE_384 | 384 | ECC key of 384 bits. | 173| HUKS_ECC_KEY_SIZE_521 | 521 | ECC key of 521 bits. | 174| HUKS_AES_KEY_SIZE_128 | 128 | AES key of 128 bits. | 175| HUKS_AES_KEY_SIZE_192 | 196 | AES key of 196 bits. | 176| HUKS_AES_KEY_SIZE_256 | 256 | AES key of 256 bits. | 177| HUKS_AES_KEY_SIZE_512 | 512 | AES key of 512 bits. | 178| HUKS_CURVE25519_KEY_SIZE_256 | 256 | Curve25519 key of 256 bits.| 179| HUKS_DH_KEY_SIZE_2048 | 2048 | DH key of 2048 bits. | 180| HUKS_DH_KEY_SIZE_3072 | 3072 | DH key of 3072 bits. | 181| HUKS_DH_KEY_SIZE_4096 | 4096 | DH key of 4096 bits. | 182 183## HuksKeyAlg 184 185Enumerates the key algorithms. 186 187**System capability**: SystemCapability.Security.Huks 188 189| Name | Value | Description | 190| ---------------- | ---- | --------------------- | 191| HUKS_ALG_RSA | 1 | RSA. | 192| HUKS_ALG_ECC | 2 | ECC. | 193| HUKS_ALG_DSA | 3 | DSA. | 194| HUKS_ALG_AES | 20 | AES. | 195| HUKS_ALG_HMAC | 50 | HMAC. | 196| HUKS_ALG_HKDF | 51 | HKDF. | 197| HUKS_ALG_PBKDF2 | 52 | PBKDF2. | 198| HUKS_ALG_ECDH | 100 | ECDH. | 199| HUKS_ALG_X25519 | 101 | X25519 algorithm. | 200| HUKS_ALG_ED25519 | 102 | ED25519 algorithm.| 201| HUKS_ALG_DH | 103 | DH. | 202 203## HuksKeyGenerateType 204 205Enumerates the key generation types. 206 207**System capability**: SystemCapability.Security.Huks 208 209| Name | Value | Description | 210| ------------------------------ | ---- | ---------------- | 211| HUKS_KEY_GENERATE_TYPE_DEFAULT | 0 | Key generated by default.| 212| HUKS_KEY_GENERATE_TYPE_DERIVE | 1 | Derived key.| 213| HUKS_KEY_GENERATE_TYPE_AGREE | 2 | Key generated by agreement.| 214 215## HuksKeyFlag 216 217Enumerates the key generation modes. 218 219**System capability**: SystemCapability.Security.Huks 220 221| Name | Value | Description | 222| -------------------------- | ---- | ------------------------------------ | 223| HUKS_KEY_FLAG_IMPORT_KEY | 1 | The key is imported by using the public key import API. | 224| HUKS_KEY_FLAG_GENERATE_KEY | 2 | The key is generated by using the private key generation API. | 225| HUKS_KEY_FLAG_AGREE_KEY | 3 | The key is generated by using the key agreement API.| 226| HUKS_KEY_FLAG_DERIVE_KEY | 4 | The key is generated by using the key derivation API.| 227 228## HuksKeyStorageType 229 230Enumerates the key storage modes. 231 232**System capability**: SystemCapability.Security.Huks 233 234| Name | Value | Description | 235| ----------------------- | ---- | ------------------------------ | 236| HUKS_STORAGE_TEMP | 0 | The key is managed locally. | 237| HUKS_STORAGE_PERSISTENT | 1 | The key is managed by the HUKS service.| 238 239## HuksSendType 240 241Enumerates the tag transfer modes. 242 243**System capability**: SystemCapability.Security.Huks 244 245| Name | Value | Description | 246| -------------------- | ---- | ----------------- | 247| HUKS_SEND_TYPE_ASYNC | 0 | The tag is sent asynchronously.| 248| HUKS_SEND_TYPE_SYNC | 1 | The tag is sent synchronously.| 249 250## HuksTagType 251 252Enumerates the tag data types. 253 254**System capability**: SystemCapability.Security.Huks 255 256 257| Name | Value | Description | 258| --------------------- | ------- | --------------------------------------- | 259| HUKS_TAG_TYPE_INVALID | 0 << 28 | Invalid tag type. | 260| HUKS_TAG_TYPE_INT | 1 << 28 | Number of the int type. | 261| HUKS_TAG_TYPE_UINT | 2 << 28 | Number of the uint type.| 262| HUKS_TAG_TYPE_ULONG | 3 << 28 | bigint. | 263| HUKS_TAG_TYPE_BOOL | 4 << 28 | Boolean. | 264| HUKS_TAG_TYPE_BYTES | 5 << 28 | Uint8Array. | 265 266## HuksTag 267 268Enumerates the tags used to invoke parameters. 269 270**System capability**: SystemCapability.Security.Huks 271 272| Name | Value | Description | 273| -------------------------------------- | ---------------------------------------- | -------------------------------------- | 274| HUKS_TAG_INVALID | HuksTagType.HUKS_TAG_TYPE_INVALID \| 0 | Invalid tag. | 275| HUKS_TAG_ALGORITHM | HUKS_TAG_TYPE_UINT \| 1 | Indicates the algorithm. | 276| HUKS_TAG_PURPOSE | HuksTagType.HUKS_TAG_TYPE_UINT \| 2 | Indicates the purpose of a key. | 277| HUKS_TAG_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 3 | Indicates the key size. | 278| HUKS_TAG_DIGEST | HuksTagType.HUKS_TAG_TYPE_UINT \| 4 | Indicates the digest algorithm. | 279| HUKS_TAG_PADDING | HuksTagType.HUKS_TAG_TYPE_UINT \| 5 | Indicates the padding algorithm. | 280| HUKS_TAG_BLOCK_MODE | HuksTagType.HUKS_TAG_TYPE_UINT \| 6 | Indicates the cipher mode. | 281| HUKS_TAG_KEY_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 7 | Indicates the key type. | 282| HUKS_TAG_ASSOCIATED_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 8 | Indicates the associated authentication data. | 283| HUKS_TAG_NONCE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 9 | Indicates the field for key encryption and decryption. | 284| HUKS_TAG_IV | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10 | Indicates the IV. | 285| HUKS_TAG_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 11 | Indicates the information generated during key derivation. | 286| HUKS_TAG_SALT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 12 | Indicates the salt value used for key derivation. | 287| HUKS_TAG_PWD | HuksTagType.HUKS_TAG_TYPE_BYTES \| 13 | Indicates the password used for key derivation. | 288| HUKS_TAG_ITERATION | HuksTagType.HUKS_TAG_TYPE_UINT \| 14 | Indicates the number of iterations for key derivation. | 289| HUKS_TAG_KEY_GENERATE_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 15 | Indicates the key generation type. | 290| HUKS_TAG_DERIVE_MAIN_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 16 | Indicates the main key for key derivation. | 291| HUKS_TAG_DERIVE_FACTOR | HuksTagType.HUKS_TAG_TYPE_BYTES \| 17 | Indicates the factor for key derivation. | 292| HUKS_TAG_DERIVE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 18 | Indicates the type of the algorithm used for key derivation. | 293| HUKS_TAG_AGREE_ALG | HuksTagType.HUKS_TAG_TYPE_UINT \| 19 | Indicates the type of the algorithm used in key agreement. | 294| HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 20 | Indicates the alias of the public key during key agreement. | 295| HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 21 | Indicates the private key alias used in key agreement. | 296| HUKS_TAG_AGREE_PUBLIC_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 22 | Indicates the public key used in key agreement. | 297| HUKS_TAG_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 23 | Indicates the key alias. | 298| HUKS_TAG_DERIVE_KEY_SIZE | HuksTagType.HUKS_TAG_TYPE_UINT \| 24 | Indicates the size of the derived key. | 299| HUKS_TAG_ACTIVE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 201 | Reserved. | 300| HUKS_TAG_ORIGINATION_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 202 | Reserved. | 301| HUKS_TAG_USAGE_EXPIRE_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 203 | Reserved. | 302| HUKS_TAG_CREATION_DATETIME | HuksTagType.HUKS_TAG_TYPE_ULONG \| 204 | Reserved. | 303| HUKS_TAG_ALL_USERS | ksTagType.HUKS_TAG_TYPE_BOOL \| 301 | Reserved. | 304| HUKS_TAG_USER_ID | HuksTagType.HUKS_TAG_TYPE_UINT \| 302 | Reserved. | 305| HUKS_TAG_NO_AUTH_REQUIRED | HuksTagType.HUKS_TAG_TYPE_BOOL \| 303 | Reserved. | 306| HUKS_TAG_USER_AUTH_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 304 | Reserved. | 307| HUKS_TAG_AUTH_TIMEOUT | HuksTagType.HUKS_TAG_TYPE_UINT \| 305 | Reserved. | 308| HUKS_TAG_AUTH_TOKEN | HuksTagType.HUKS_TAG_TYPE_BYTES \| 306 | Reserved. | 309| HUKS_TAG_ATTESTATION_CHALLENGE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 501 | Indicates the challenge value used in the attestation. | 310| HUKS_TAG_ATTESTATION_APPLICATION_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 502 | Indicates the application ID used in the attestation. | 311| HUKS_TAG_ATTESTATION_ID_BRAND | HuksTagType.HUKS_TAG_TYPE_BYTES \| 503 | Indicates the device brand. | 312| HUKS_TAG_ATTESTATION_ID_DEVICE | HuksTagType.HUKS_TAG_TYPE_BYTES \| 504 | Indicates the device. | 313| HUKS_TAG_ATTESTATION_ID_PRODUCT | HuksTagType.HUKS_TAG_TYPE_BYTES \| 505 | Indicates the product. | 314| HUKS_TAG_ATTESTATION_ID_SERIAL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 506 | Indicates the device SN. | 315| HUKS_TAG_ATTESTATION_ID_IMEI | HuksTagType.HUKS_TAG_TYPE_BYTES \| 507 | Indicates the device IMEI. | 316| HUKS_TAG_ATTESTATION_ID_MEID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 508 | Indicates the device MEID. | 317| HUKS_TAG_ATTESTATION_ID_MANUFACTURER | HuksTagType.HUKS_TAG_TYPE_BYTES \| 509 | Indicates the device manufacturer. | 318| HUKS_TAG_ATTESTATION_ID_MODEL | HuksTagType.HUKS_TAG_TYPE_BYTES \| 510 | Indicates the device model. | 319| HUKS_TAG_ATTESTATION_ID_ALIAS | HuksTagType.HUKS_TAG_TYPE_BYTES \| 511 | Indicates the key alias used in the attestation. | 320| HUKS_TAG_ATTESTATION_ID_SOCID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 512 | Indicates the device SOCID. | 321| HUKS_TAG_ATTESTATION_ID_UDID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 513 | Indicates the device UDID. | 322| HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 514 | Indicates the security credential used for the attestation. | 323| HUKS_TAG_ATTESTATION_ID_VERSION_INFO | HuksTagType.HUKS_TAG_TYPE_BYTES \| 515 | Indicates the version information used in the attestation. | 324| HUKS_TAG_IS_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1001 | Indicates whether to use the alias passed in during key generation.| 325| HUKS_TAG_KEY_STORAGE_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1002 | Indicates the key storage mode. | 326| HUKS_TAG_IS_ALLOWED_WRAP | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1003 | Reserved. | 327| HUKS_TAG_KEY_WRAP_TYPE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1004 | Reserved. | 328| HUKS_TAG_KEY_AUTH_ID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1005 | Reserved. | 329| HUKS_TAG_KEY_ROLE | HuksTagType.HUKS_TAG_TYPE_UINT \| 1006 | Reserved. | 330| HUKS_TAG_KEY_FLAG | HuksTagType.HUKS_TAG_TYPE_UINT \| 1007 | Indicates the flag of the key. | 331| HUKS_TAG_IS_ASYNCHRONIZED | HuksTagType.HUKS_TAG_TYPE_UINT \| 1008 | Reserved. | 332| HUKS_TAG_SECURE_KEY_ALIAS | HuksTagType.HUKS_TAG_TYPE_BOOL \| 1009 | Reserved. | 333| HUKS_TAG_SECURE_KEY_UUID | HuksTagType.HUKS_TAG_TYPE_BYTES \| 1010 | Reserved. | 334| HUKS_TAG_KEY_DOMAIN | HuksTagType.HUKS_TAG_TYPE_UINT \| 1011 | Reserved. | 335| HUKS_TAG_PROCESS_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10001 | Indicates the process name. | 336| HUKS_TAG_PACKAGE_NAME | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10002 | Reserved. | 337| HUKS_TAG_ACCESS_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10003 | Reserved. | 338| HUKS_TAG_USES_TIME | HuksTagType.HUKS_TAG_TYPE_UINT \| 10004 | Reserved. | 339| HUKS_TAG_CRYPTO_CTX | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10005 | Reserved. | 340| HUKS_TAG_KEY | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10006 | Reserved. | 341| HUKS_TAG_KEY_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10007 | Indicates the key version. | 342| HUKS_TAG_PAYLOAD_LEN | HuksTagType.HUKS_TAG_TYPE_UINT \| 10008 | Reserved. | 343| HUKS_TAG_AE_TAG | HuksTagType.HUKS_TAG_TYPE_BYTES \| 10009 | Reserved. | 344| HUKS_TAG_IS_KEY_HANDLE | HuksTagType.HUKS_TAG_TYPE_ULONG \| 10010 | Reserved. | 345| HUKS_TAG_OS_VERSION | HuksTagType.HUKS_TAG_TYPE_UINT \| 10101 | Indicates the operating system version. | 346| HUKS_TAG_OS_PATCHLEVEL | HuksTagType.HUKS_TAG_TYPE_UINT \| 10102 | Indicates the operating system patch level. | 347| HUKS_TAG_SYMMETRIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20001 | Reserved. | 348| HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20002 | Reserved. | 349| HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA | HuksTagType.HUKS_TAG_TYPE_BYTES \| 20003 | Reserved. | 350 351## huks.generateKey 352 353generateKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 354 355Generates a key. This API uses an asynchronous callback to return the result. 356 357**System capability**: SystemCapability.Security.Huks 358 359**Parameters** 360 361| Name | Type | Mandatory| Description | 362| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ | 363| keyAlias | string | Yes | Alias of the key. | 364| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key. | 365| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code defined in **HuksResult** will be returned.| 366 367**Example** 368 369```js 370/* Generate an RSA key of 512 bits. */ 371var keyAlias = 'keyAlias'; 372var properties = new Array(); 373properties[0] = { 374 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 375 value: huks.HuksKeyAlg.HUKS_ALG_RSA 376}; 377properties[1] = { 378 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 379 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_512 380}; 381properties[2] = { 382 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 383 value: 384huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 385huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 386}; 387properties[3] = { 388 tag: huks.HuksTag.HUKS_TAG_PADDING, 389 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 390}; 391properties[4] = { 392 tag: huks.HuksTag.HUKS_TAG_DIGEST, 393 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 394}; 395var options = { 396 properties: properties 397}; 398huks.generateKey(keyAlias, options, function (err, data){}); 399``` 400 401## huks.generateKey 402 403generateKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> 404 405Generates a key. This API uses a promise to return the result. 406 407**System capability**: SystemCapability.Security.Huks 408 409**Parameters** 410 411| Name | Type | Mandatory| Description | 412| -------- | --------------------------- | ---- | ------------------------ | 413| keyAlias | string | Yes | Alias of the key. | 414| options | [HuksOptions](#huksoptions) | Yes | Tags required for generating the key.| 415 416**Return value** 417 418| Type | Description | 419| ----------------------------------- | -------------------------------------------------- | 420| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| 421 422**Example** 423 424```js 425/* Generate an ECC key of 256 bits. */ 426var keyAlias = 'keyAlias'; 427var properties = new Array(); 428properties[0] = { 429 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 430 value: huks.HuksKeyAlg.HUKS_ALG_ECC 431}; 432properties[1] = { 433 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 434 value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256 435}; 436properties[2] = { 437 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 438 value: 439huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 440huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 441}; 442properties[3] = { 443 tag: huks.HuksTag.HUKS_TAG_DIGEST, 444 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 445}; 446var options = { 447 properties: properties 448}; 449var result = huks.generateKey(keyAlias, options); 450``` 451 452## huks.deleteKey 453 454deleteKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 455 456Deletes a key. This API uses an asynchronous callback to return the result. 457 458**System capability**: SystemCapability.Security.Huks 459 460**Parameters** 461 462| Name | Type | Mandatory| Description | 463| -------- | ----------------------------------------- | ---- | -------------------------------------------------- | 464| keyAlias | string | Yes | Key alias passed in when the key was generated. | 465| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | 466| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| 467 468**Example** 469 470```js 471/* Set options to emptyOptions. */ 472var keyAlias = 'keyAlias'; 473var emptyOptions = { 474 properties: [] 475}; 476huks.deleteKey(keyAlias, emptyOptions, function (err, data) {}); 477``` 478 479## huks.deleteKey 480 481deleteKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> 482 483Deletes a key. This API uses a promise to return the result. 484 485**System capability**: SystemCapability.Security.Huks 486 487**Parameters** 488 489| Name | Type | Mandatory| Description | 490| -------- | ----------- | ---- | ----------------------------------------------------- | 491| keyAlias | string | Yes | Key alias passed in when the key was generated.| 492| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| 493 494**Return value** 495 496| Type | Description | 497| ----------------------------------- | -------------------------------------------------- | 498| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| 499 500**Example** 501 502```js 503/* Set options to emptyOptions. */ 504var keyAlias = 'keyAlias'; 505var emptyOptions = { 506 properties: [] 507}; 508var result = huks.deleteKey(keyAlias, emptyOptions); 509``` 510 511## huks.getSdkVersion 512 513getSdkVersion(options: HuksOptions) : string 514 515Obtains the SDK version of the current system. 516 517**System capability**: SystemCapability.Security.Huks 518 519**Parameters** 520 521| Name | Type | Mandatory| Description | 522| ------- | ---------- | ---- | ------------------------- | 523| options | [HuksOptions](#huksoptions) | Yes | Empty object, which is used to hold the SDK version.| 524 525**Return value** 526 527| Type | Description | 528| ------ | ------------- | 529| string | SDK version obtained.| 530 531**Example** 532 533```js 534/* Set options to emptyOptions. */ 535var emptyOptions = { 536 properties: [] 537}; 538var result = huks.getSdkVersion(emptyOptions); 539``` 540 541## huks.importKey 542 543importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 544 545Imports a key. This API uses an asynchronous callback to return the result. 546 547**System capability**: SystemCapability.Security.Huks 548 549**Parameters** 550 551| Name | Type | Mandatory| Description | 552| -------- | ------------------------ | ---- | ------------------------------------------------- | 553| keyAlias | string | Yes | Key alias, which is used to hold the key pair.| 554| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key pair to import.| 555| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| 556 557**Example** 558 559```js 560/* Import an AES key of 256 bits. */ 561var plainTextSize32 = makeRandomArr(32); 562function makeRandomArr(size) { 563 var arr = new Uint8Array(size); 564 for (var i = 0; i < size; i++) { 565 arr[i] = Math.floor(Math.random() * 10); 566 } 567 return arr; 568}; 569var keyAlias = 'keyAlias'; 570var properties = new Array(); 571properties[0] = { 572 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 573 value: huks.HuksKeyAlg.HUKS_ALG_AES 574}; 575properties[1] = { 576 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 577 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 578}; 579properties[2] = { 580 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 581 value: 582huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 583}; 584properties[3] = { 585 tag: huks.HuksTag.HUKS_TAG_PADDING, 586 value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 587}; 588properties[4] = { 589 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 590 value: huks.HuksCipherMode.HUKS_MODE_ECB 591}; 592var options = { 593 properties: properties, 594 inData: plainTextSize32 595}; 596huks.importKey(keyAlias, options, function (err, data){}); 597``` 598 599## huks.importKey 600 601importKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> 602 603Imports a key. This API uses a promise to return the result. 604 605**System capability**: SystemCapability.Security.Huks 606 607**Parameters** 608 609| Name | Type | Mandatory| Description | 610| -------- | ----------- | ---- | ------------------------------------ | 611| keyAlias | string | Yes | Key alias, which is used to hold the key pair.| 612| options | [HuksOptions](#huksoptions) | Yes | Tags required for the import and key pair to import.| 613 614**Return value** 615 616| Type | Description | 617| ----------------------------------- | -------------------------------------------------- | 618| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned.| 619 620**Example** 621 622```js 623/* Import an AES key of 128 bits. */ 624var plainTextSize32 = makeRandomArr(32); 625 626function makeRandomArr(size) { 627 var arr = new Uint8Array(size); 628 for (var i = 0; i < size; i++) { 629 arr[i] = Math.floor(Math.random() * 10); 630 } 631 return arr; 632}; 633 634/* Step 1 Generate a key. */ 635var keyAlias = 'keyAlias'; 636var properties = new Array(); 637properties[0] = { 638 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 639 value: huks.HuksKeyAlg.HUKS_ALG_AES 640}; 641properties[1] = { 642 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 643 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 644}; 645properties[2] = { 646 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 647 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 648}; 649properties[3] = { 650 tag: huks.HuksTag.HUKS_TAG_PADDING, 651 value:huks.HuksKeyPadding.HUKS_PADDING_PKCS7 652}; 653properties[4] = { 654 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 655 value: huks.HuksCipherMode.HUKS_MODE_ECB 656}; 657var huksoptions = { 658 properties: properties, 659 inData: plainTextSize32 660}; 661var result = huks.importKey(keyAlias, huksoptions); 662``` 663 664## huks.exportKey 665 666exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 667 668Exports a key. This API uses an asynchronous callback to return the result. 669 670**System capability**: SystemCapability.Security.Huks 671 672**Parameters** 673 674| Name | Type | Mandatory| Description | 675| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ | 676| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. | 677| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | 678| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.| 679 680**Example** 681 682```js 683/* Set options to emptyOptions. */ 684var keyAlias = 'keyAlias'; 685var emptyOptions = { 686 properties: [] 687}; 688huks.exportKey(keyAlias, emptyOptions, function (err, data){}); 689``` 690 691## huks.exportKey 692 693exportKey(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> 694 695Exports a key. This API uses a promise to return the result. 696 697**System capability**: SystemCapability.Security.Huks 698 699**Parameters** 700 701| Name | Type | Mandatory| Description | 702| -------- | ----------- | ---- | ------------------------------------------------------------ | 703| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.| 704| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| 705 706**Return value** 707 708| Type | Description | 709| ----------------------------------- | ------------------------------------------------------------ | 710| Promise\<[HuksResult](#huksresult)> | Promise used to return the result. If the operation is successful, **HUKS_SUCCESS** will be returned. If the operation fails, an error code will be returned. **outData** contains the public key exported.| 711 712**Example** 713 714```js 715/* Set options to emptyOptions. */ 716var keyAlias = 'keyAlias'; 717var emptyOptions = { 718 properties: [] 719}; 720var result = huks.exportKey(keyAlias, emptyOptions); 721``` 722 723## huks.getKeyProperties 724 725getKeyProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 726 727Obtains key properties. This API uses an asynchronous callback to return the result. 728 729**System capability**: SystemCapability.Security.Huks 730 731**Parameters** 732 733| Name | Type | Mandatory| Description | 734| -------- | ----------------------------------------- | ---- | ------------------------------------------------------------ | 735| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated. | 736| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty). | 737| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes | Callback used to return the result. **HUKS_SUCCESS** will be returned if the operation is successful; an error code will be returned otherwise.| 738 739**Example** 740 741```js 742/* Set options to emptyOptions. */ 743var keyAlias = 'keyAlias'; 744var emptyOptions = { 745 properties: [] 746}; 747huks.getKeyProperties(keyAlias, emptyOptions, function (err, data){}); 748``` 749 750## huks.getKeyProperties 751 752getKeyProperties(keyAlias: string, options: HuksOptions) : Promise\<HuksResult> 753 754Obtains key properties. This API uses a promise to return the result. 755 756**System capability**: SystemCapability.Security.Huks 757 758**Parameters** 759 760| Name | Type | Mandatory| Description | 761| -------- | ----------- | ---- | ------------------------------------------------------------ | 762| keyAlias | string | Yes | Key alias, which must be the same as the alias used when the key was generated.| 763| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| 764 765**Return value** 766 767| Type | Description | 768| ------------------ | ------------------------------------------------------------ | 769| Promise\<[HuksResult](#huksoptions)> | Promise used to return the result. In the return result, **HUKS_SUCCESS** will be returned for **errorCode** if the operation is successful; an error code will be returned otherwise. **properties** returns the parameters required for generating the key.| 770 771**Example** 772 773```js 774/* Set options to emptyOptions. */ 775var keyAlias = 'keyAlias'; 776var emptyOptions = { 777 properties: [] 778}; 779var result = huks.getKeyProperties(keyAlias, emptyOptions); 780``` 781 782## huks.isKeyExist 783 784isKeyExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<boolean>) : void 785 786Checks whether a key exists. This API uses an asynchronous callback to return the result. 787 788**System capability**: SystemCapability.Security.Huks 789 790**Parameters** 791 792| Name | Type | Mandatory| Description | 793| -------- | ---------------------- | ---- | ------------------------------------- | 794| keyAlias | string | Yes | Alias of the key to check.| 795| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| 796| callback | AsyncCallback\<boolean> | Yes | Callback used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.| 797 798**Example** 799 800```js 801/* Set options to emptyOptions. */ 802var keyAlias = 'keyAlias'; 803var emptyOptions = { 804 properties: [] 805}; 806huks.isKeyExist(keyAlias, emptyOptions, function (err, data){}); 807``` 808 809## huks.isKeyExist 810 811isKeyExist(keyAlias: string, options: HuksOptions) : Promise\<boolean> 812 813Checks whether a key exists. This API uses a promise to return the result. 814 815**System capability**: SystemCapability.Security.Huks 816 817**Parameters** 818 819| Name | Type | Mandatory| Description | 820| -------- | ----------- | ---- | -------------------------------- | 821| keyAlias | string | Yes | Alias of the key to check.| 822| options | [HuksOptions](#huksoptions) | Yes | Empty object (leave this parameter empty).| 823 824**Return value** 825 826| Type | Description | 827| ----------------- | --------------------------------------- | 828| Promise\<boolean> | Promise used to return the result. **TRUE** means that the key exists; **FALSE** means the opposite.| 829 830**Example** 831 832```js 833/* Set options to emptyOptions. */ 834var keyAlias = 'keyAlias'; 835var emptyOptions = { 836 properties: [] 837}; 838var result = huks.isKeyExist(keyAlias, emptyOptions); 839``` 840 841 842 843## huks.init 844 845init(keyAlias: string, options: HuksOptions, callback: AsyncCallback\<HuksHandle>) : void 846 847Initializes a key. This API uses an asynchronous callback to return the result. 848 849**System capability**: SystemCapability.Security.Huks 850 851**Parameters** 852 853| Name | Type | Mandatory| Description | 854| -------- | ---------------------- | ---- | ------------------------------------- | 855| keyAlias | string | Yes | Alias of the target key.| 856| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.| 857| callback | AsyncCallback\<[HuksHandle](#hukshandle)> | Yes | Callback used to return the handle of the initialization operation.| 858 859 860## huks.init 861 862init(keyAlias: string, options: HuksOptions) : Promise\<HuksHandle> 863 864Initializes a key. This API uses a promise to return the result. 865 866**System capability**: SystemCapability.Security.Huks 867 868**Parameters** 869 870| Name | Type | Mandatory| Description | 871| -------- | ---------------------- | ---- | ------------------------------------- | 872| keyAlias | string | Yes | Alias of the target key.| 873| options | [HuksOptions](#huksoptions) | Yes | Parameters used for initialization.| 874| promise | Promise\<[HuksHandle](#hukshandle)> | Yes | Promise used to return the handle of the initialization operation.| 875 876 877## huks.update 878 879update(handle: number, token?: Uint8Array, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 880 881Updates a key. This API uses an asynchronous callback to return the result. 882 883**System capability**: SystemCapability.Security.Huks 884 885**Parameters** 886 887| Name | Type | Mandatory| Description | 888| -------- | ---------------------- | ---- | ------------------------------------- | 889| handle | number | Yes | Handle of the **Update** operation.| 890| token | Uint8Array | No| Token of the **Update** operation.| 891| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation.| 892| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.| 893 894 895## huks.update 896 897update(handle: number, token?: Uint8Array, options: HuksOptions) : Promise\<HuksResult> 898 899Updates a key. This API uses a promise to return the result. 900 901**System capability**: SystemCapability.Security.Huks 902 903**Parameters** 904 905| Name | Type | Mandatory| Description | 906| -------- | ---------------------- | ---- | ------------------------------------- | 907| handle | number | Yes | Handle of the **Update** operation.| 908| token | Uint8Array | No| Token of the **Update** operation.| 909| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Update** operation.| 910| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.| 911 912 913## huks.finish 914 915finish(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 916 917Completes the key operation and releases resources. This API uses an asynchronous callback to return the result. 918 919**System capability**: SystemCapability.Security.Huks 920 921**Parameters** 922 923| Name | Type | Mandatory| Description | 924| -------- | ---------------------- | ---- | ------------------------------------- | 925| handle | number | Yes | Handle of the **Finish** operation.| 926| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.| 927| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.| 928 929 930## huks.finish 931 932finish(handle: number, options: HuksOptions) : Promise\<HuksResult> 933 934Completes the key operation and releases resources. This API uses a promise to return the result. 935 936**System capability**: SystemCapability.Security.Huks 937 938**Parameters** 939 940| Name | Type | Mandatory| Description | 941| -------- | ---------------------- | ---- | ------------------------------------- | 942| handle | number | Yes | Handle of the **Finish** operation.| 943| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Finish** operation.| 944| promise | Promise\<[HuksResult](#HuksResult)> | Yes| Promise used to return the operation result.| 945 946 947## huks.abort 948 949abort(handle: number, options: HuksOptions, callback: AsyncCallback\<HuksResult>) : void 950 951Aborts the use of the key. This API uses an asynchronous callback to return the result. 952 953**System capability**: SystemCapability.Security.Huks 954 955**Parameters** 956 957| Name | Type | Mandatory| Description | 958| -------- | ---------------------- | ---- | ------------------------------------- | 959| handle | number | Yes | Handle of the **Abort** operation.| 960| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.| 961| callback | AsyncCallback\<[HuksResult](#huksresult)> | Yes| Callback used to return the operation result.| 962 963**Example** 964 965```js 966/* huks.init, huks.update, and huks.finish must be used together. 967 * If an error occurs in any of them, huks.abort must be called to terminate the use of the key. 968 * 969 * The following uses the callback of an RSA 1024-bit key as an example. 970 */ 971import router from '@system.router'; 972import huks from '@ohos.security.huks'; 973 974async function routePage() { 975 let options = { 976 uri: 'pages/second' 977 } 978 try { 979 await router.push(options) 980 } catch (err) { 981 console.error(`fail callback, code: ${err.code}, msg: ${err.msg}`) 982 } 983} 984var keyalias = "HuksDemoRSA"; 985var properties = new Array(); 986var options = { 987 properties: properties, 988 inData: new Uint8Array(0) 989}; 990var handle; 991var resultMessage = ""; 992async function generateKey() { 993 properties[0] = { 994 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 995 value: huks.HuksKeyAlg.HUKS_ALG_RSA 996 }; 997 properties[1] = { 998 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 999 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 1000 }; 1001 properties[2] = { 1002 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1003 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 1004 }; 1005 properties[3] = { 1006 tag: huks.HuksTag.HUKS_TAG_PADDING, 1007 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 1008 }; 1009 properties[4] = { 1010 tag: huks.HuksTag.HUKS_TAG_DIGEST, 1011 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 1012 }; 1013 huks.generateKey(keyalias, options); 1014} 1015function stringToUint8Array(str) { 1016 var arr = []; 1017 for (var i = 0, j = str.length; i < j; ++i) { 1018 arr.push(str.charCodeAt(i)); 1019 } 1020 var tmpUint8Array = new Uint8Array(arr); 1021 return tmpUint8Array; 1022} 1023async function huksInit() { 1024 await huks.init(keyalias, options).then((data) => { 1025 console.log(`test init data: ${JSON.stringify(data)}`); 1026 handle = data.handle; 1027 }).catch((err) => { 1028 console.log("test init err information: " + JSON.stringify(err)) 1029 }) 1030} 1031async function huksUpdate() { 1032 options.inData = stringToUint8Array("huksHmacTest"); 1033 await huks.update(handle, options).then((data) => { 1034 if (data.errorCode === 0) { 1035 resultMessage += "update success!"; 1036 } else { 1037 resultMessage += "update fail!"; 1038 } 1039 }); 1040 console.log(resultMessage); 1041} 1042function huksFinish() { 1043 options.inData = stringToUint8Array("HuksDemoHMAC"); 1044 huks.finish(handle, options).then((data) => { 1045 if (data.errorCode === 0) { 1046 resultMessage = "finish success!"; 1047 } else { 1048 resultMessage = "finish fail errorCode: " + data.errorCode; 1049 } 1050 }).catch((err) => { 1051 resultMessage = "Failed to complete the key operation. catch errorMessage:" + JSON.stringify(err) 1052 }); 1053 console.log(resultMessage); 1054} 1055async function huksAbort() { 1056 huks.abort(handle, options).then((data) => { 1057 if (data.errorCode === 0) { 1058 resultMessage = "abort success!"; 1059 } else { 1060 resultMessage = "abort fail errorCode: " + data.errorCode; 1061 } 1062 }).catch((err) => { 1063 resultMessage = "Failed to abort the use of the key. catch errorMessage:" + JSON.stringify(err) 1064 }); 1065 console.log(resultMessage); 1066} 1067 1068@Entry 1069@Component 1070struct Index { 1071 build() { 1072 Flex({ direction: FlexDirection.Column, alignItems: ItemAlign.Center, justifyContent: FlexAlign.Center }) { 1073 Text('Hello World') 1074 .fontSize(50) 1075 .fontWeight(FontWeight.Bold) 1076 Button() { 1077 Text('Tocallback') 1078 .fontSize(25) 1079 .fontWeight(FontWeight.Bold) 1080 }.type(ButtonType.Capsule) 1081 .margin({ 1082 top: 20 1083 }) 1084 .width('50%') 1085 .height('10%') 1086 .backgroundColor('#0D9FFB') 1087 .onClick(() => { 1088 routePage() 1089 }) 1090 Button() { 1091 Text('generateKey') 1092 .fontSize(25) 1093 .fontWeight(FontWeight.Bold) 1094 }.type(ButtonType.Capsule) 1095 .margin({ 1096 top: 20 1097 }) 1098 .width('50%') 1099 .height('10%') 1100 .backgroundColor('#0D9FFB') 1101 .onClick(() => { 1102 generateKey() 1103 }) 1104 Button() { 1105 Text('Init') 1106 .fontSize(25) 1107 .fontWeight(FontWeight.Bold) 1108 }.type(ButtonType.Capsule) 1109 .margin({ 1110 top: 20 1111 }) 1112 .width('50%') 1113 .height('10%') 1114 .backgroundColor('#0D9FFB') 1115 .onClick(() => { 1116 huksInit() 1117 }) 1118 Button() { 1119 Text('Update') 1120 .fontSize(25) 1121 .fontWeight(FontWeight.Bold) 1122 }.type(ButtonType.Capsule) 1123 .margin({ 1124 top: 20 1125 }) 1126 .width('50%') 1127 .height('10%') 1128 .backgroundColor('#0D9FFB') 1129 .onClick(() => { 1130 huksUpdate() 1131 }) 1132 Button() { 1133 Text('Finish') 1134 .fontSize(25) 1135 .fontWeight(FontWeight.Bold) 1136 }.type(ButtonType.Capsule) 1137 .margin({ 1138 top: 20 1139 }) 1140 .width('50%') 1141 .height('10%') 1142 .backgroundColor('#0D9FFB') 1143 .onClick(() => { 1144 huksFinish() 1145 }) 1146 Button() { 1147 Text('Abort') 1148 .fontSize(25) 1149 .fontWeight(FontWeight.Bold) 1150 }.type(ButtonType.Capsule) 1151 .margin({ 1152 top: 20 1153 }) 1154 .width('50%') 1155 .height('10%') 1156 .backgroundColor('#0D9FFB') 1157 .onClick(() => { 1158 huksAbort() 1159 }) 1160 } 1161 .width('100%') 1162 .height('100%') 1163 } 1164} 1165``` 1166 1167## huks.abort 1168 1169abort(handle: number, options: HuksOptions) : Promise\<HuksResult>; 1170 1171Aborts the use of the key. This API uses a promise to return the result. 1172 1173**System capability**: SystemCapability.Security.Huks 1174 1175**Parameters** 1176 1177| Name | Type | Mandatory| Description | 1178| -------- | ---------------------- | ---- | ------------------------------------- | 1179| handle | number | Yes | Handle of the **Abort** operation.| 1180| options | [HuksOptions](#huksoptions) | Yes | Parameters of the **Abort** operation.| 1181| promise | Promise\<[HuksResult](#huksresult)> | Yes| Promise used to return the operation result.| 1182 1183**Example** 1184 1185```js 1186/* huks.init, huks.update, and huks.finish must be used together. 1187 * If an error occurs in any of them, huks.abort must be called to terminate the use of the key. 1188 * 1189 * The following uses the promise of an RSA 1024-bit key as an example. 1190 */ 1191import router from '@system.router'; 1192import huks from '@ohos.security.huks'; 1193 1194async function routePage() { 1195 let options = { 1196 uri: 'pages/second' 1197 } 1198 try { 1199 await router.push(options) 1200 } catch (err) { 1201 console.error(`fail callback, code: ${err.code}, msg: ${err.msg}`) 1202 } 1203} 1204 1205var keyalias = "HuksDemoRSA"; 1206var properties = new Array(); 1207var options = { 1208 properties: properties, 1209 inData: new Uint8Array(0) 1210}; 1211var handle; 1212var resultMessage = ""; 1213function stringToUint8Array(str) { 1214 var arr = []; 1215 for (var i = 0, j = str.length; i < j; ++i) { 1216 arr.push(str.charCodeAt(i)); 1217 } 1218 var tmpUint8Array = new Uint8Array(arr); 1219 return tmpUint8Array; 1220} 1221 1222async function generateKey() { 1223 properties[0] = { 1224 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 1225 value: huks.HuksKeyAlg.HUKS_ALG_RSA 1226 }; 1227 properties[1] = { 1228 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 1229 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_1024 1230 }; 1231 properties[2] = { 1232 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1233 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 1234 }; 1235 properties[3] = { 1236 tag: huks.HuksTag.HUKS_TAG_PADDING, 1237 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 1238 }; 1239 properties[4] = { 1240 tag: huks.HuksTag.HUKS_TAG_DIGEST, 1241 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 1242 }; 1243 huks.generateKey(keyalias, options, function (err, data) { }); 1244} 1245async function huksInit() { 1246 return new Promise((resolve, reject) => { 1247 huks.init(keyalias, options, async function (err, data) { 1248 if (data.errorCode === 0) { 1249 resultMessage = "Initialization successful!" 1250 handle = data.handle; 1251 } else { 1252 resultMessage = "init fail errorCode: " + data.errorCode 1253 } 1254 }); 1255 }); 1256} 1257 1258async function huksUpdate() { 1259 options.inData = stringToUint8Array("huksHmacTest"); 1260 new Promise((resolve, reject) => { 1261 huks.update(handle, options, function (err, data) { 1262 if (data.errorCode === 0) { 1263 resultMessage += "update success!"; 1264 } else { 1265 resultMessage += "update fail!"; 1266 } 1267 }); 1268 }); 1269 console.log(resultMessage); 1270 1271} 1272 1273async function huksFinish() { 1274 options.inData = stringToUint8Array("0"); 1275 new Promise((resolve, reject) => { 1276 huks.finish(handle, options, function (err, data) { 1277 if (data.errorCode === 0) { 1278 resultMessage = "finish success!"; 1279 } else { 1280 resultMessage = "finish fail errorCode: " + data.errorCode; 1281 } 1282 }); 1283 }); 1284} 1285 1286function huksAbort() { 1287 new Promise((resolve, reject) => { 1288 huks.abort(handle, options, function (err, data) { 1289 console.log(`Huks_Demo hmac huksAbort1 data ${JSON.stringify(data)}`); 1290 console.log(`Huks_Demo hmac huksAbort1 err ${JSON.stringify(err)}`); 1291 }); 1292 }); 1293} 1294@Entry 1295@Component 1296struct Index { 1297 build() { 1298 Flex({ direction: FlexDirection.Column, alignItems: ItemAlign.Center, justifyContent: FlexAlign.Center }) { 1299 Text('Hello World') 1300 .fontSize(50) 1301 .fontWeight(FontWeight.Bold) 1302 Button() { 1303 Text('to Promise') 1304 .fontSize(20) 1305 .fontWeight(FontWeight.Bold) 1306 }.type(ButtonType.Capsule) 1307 .margin({ 1308 top: 20 1309 }) 1310 .width('50%') 1311 .height('10%') 1312 .backgroundColor('#0D9FFB') 1313 .onClick(() => { 1314 router.back() 1315 }) 1316 Button() { 1317 Text('generateKey') 1318 .fontSize(25) 1319 .fontWeight(FontWeight.Bold) 1320 }.type(ButtonType.Capsule) 1321 .margin({ 1322 top: 20 1323 }) 1324 .width('50%') 1325 .height('10%') 1326 .backgroundColor('#0D9FFB') 1327 .onClick(() => { 1328 generateKey() 1329 }) 1330 Button() { 1331 Text('Init') 1332 .fontSize(25) 1333 .fontWeight(FontWeight.Bold) 1334 }.type(ButtonType.Capsule) 1335 .margin({ 1336 top: 20 1337 }) 1338 .width('50%') 1339 .height('10%') 1340 .backgroundColor('#0D9FFB') 1341 .onClick(() => { 1342 huksInit() 1343 }) 1344 Button() { 1345 Text('Update') 1346 .fontSize(25) 1347 .fontWeight(FontWeight.Bold) 1348 }.type(ButtonType.Capsule) 1349 .margin({ 1350 top: 20 1351 }) 1352 .width('50%') 1353 .height('10%') 1354 .backgroundColor('#0D9FFB') 1355 .onClick(() => { 1356 huksUpdate() 1357 }) 1358 Button() { 1359 Text('Finish') 1360 .fontSize(25) 1361 .fontWeight(FontWeight.Bold) 1362 }.type(ButtonType.Capsule) 1363 .margin({ 1364 top: 20 1365 }) 1366 .width('50%') 1367 .height('10%') 1368 .backgroundColor('#0D9FFB') 1369 .onClick(() => { 1370 huksFinish() 1371 }) 1372 Button() { 1373 Text('Abort') 1374 .fontSize(25) 1375 .fontWeight(FontWeight.Bold) 1376 }.type(ButtonType.Capsule) 1377 .margin({ 1378 top: 20 1379 }) 1380 .width('50%') 1381 .height('10%') 1382 .backgroundColor('#0D9FFB') 1383 .onClick(() => { 1384 huksAbort() 1385 }) 1386 } 1387 .width('100%') 1388 .height('100%') 1389 } 1390} 1391``` 1392 1393## HuksParam 1394 1395Defines the **param** in the **properties** array of **options** used in the APIs. 1396 1397**System capability**: SystemCapability.Security.Huks 1398 1399| Name| Type | Mandatory| Description | 1400| ------ | ----------------------------------- | ---- | ---------- | 1401| tag | HuksTag | Yes | Tag. | 1402| value | boolean\|number\|bigint\|Uint8Array | Yes | Value of the tag.| 1403 1404## HuksOptions 1405 1406Defines the **options** used in the APIs. 1407 1408**System capability**: SystemCapability.Security.Huks 1409 1410| Name | Type | Mandatory| Description | 1411| ---------- | ----------------- | ---- | ------------------------ | 1412| properties | Array\<HuksParam> | No | Array used to hold **HuksParam**.| 1413| inData | Uint8Array | No | Input data. | 1414 1415## HuksHandle 1416 1417Defines the HUKS handle structure. 1418 1419**System capability**: SystemCapability.Security.Huks 1420 1421| Name | Type | Mandatory| Description | 1422| ---------- | ---------------- | ---- | -------- | 1423| errorCode | number | Yes | Error code.| 1424| handle | number | Yes| Value of the handle.| 1425| token | Uint8Array | No| Reserved.| 1426 1427 1428## HuksResult 1429 1430Defines the **HuksResult** structure. 1431 1432**System capability**: SystemCapability.Security.Huks 1433 1434 1435 1436| Name | Type | Mandatory| Description | 1437| ---------- | ----------------- | ---- | -------- | 1438| errorCode | number | Yes | Error code. | 1439| outData | Uint8Array | No | Output data.| 1440| properties | Array\<HuksParam> | No | Properties. | 1441| certChains | Array\<string> | No | Reserved. | 1442
