1# HUKS Overview 2 3## Introduction 4 5OpenHarmony Universal KeyStore (HUKS) provides KeyStore (KS) capabilities for applications, including key management and key cryptography operations. HUKS also provides APIs for applications to import or generate keys. 6 7## Basic Concepts 8 9- HUKS provides key management functions, including encryption and decryption, signing and signature verification, key agreement and derivation, and Hash-based Message Authentication Code (HMAC) calculation. 10- HUKS supports the following algorithms: AES and RSA in encryption and decryption, RSA, ECC, DSA, and ED25519 in signing and signature verification, PBKDF2 in key derivation, and DH, ECDH, and X25519 in key agreement. 11- HUKS uses the OpenSSL and Mbed TLS algorithm libraries. 12 13## Working Principles 14 15HUKS manages keys through the following APIs in an Init-Update-Finish model: 16 17- **InitSession**: reads the key, creates a session ID, and returns the session ID to the caller. 18 19- **UpdateSession**: updates data by segment based on the session ID obtained by **InitSession()**. 20 21- **FinishSession**: processes all the data transferred to HUKS and then releases resources. 22 23> **NOTICE**<br> 24> **AbortSession()** must be called to terminate the use of the key when an error occurs in any of **InitSession()**, **UpdateSession()**, and **FinishSession()**. 25 26## Constraints 27N/A 28