1/* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16import {AsyncCallback, Callback} from './basic'; 17import cryptoFramework from '@ohos.security.cryptoFramework' 18 19/** 20 * Provides a set of cert operation, shields the underlying differences, 21 * encapsulates the relevant algorithm library, and provides a unified functional interface upward. 22 * @namespace cert 23 * @syscap SystemCapability.Security.Cert 24 * @since 9 25 */ 26declare namespace cert { 27 /** 28 * Enum for result code 29 * @enum {number} 30 * @syscap SystemCapability.Security.Cert 31 * @since 9 32 */ 33 enum CertResult { 34 /** Indicates that input parameters is invalid. 35 * @since 9 36 */ 37 INVALID_PARAMS = 401, 38 39 /** Indicates that function or algorithm is not supported. 40 * @syscap SystemCapability.Security.Cert 41 * @since 9 42 */ 43 NOT_SUPPORT = 801, 44 45 /** Indicates the memory error. 46 * @syscap SystemCapability.Security.Cert 47 * @since 9 48 */ 49 ERR_OUT_OF_MEMORY = 19020001, 50 51 /** Indicates that runtime error. 52 * @syscap SystemCapability.Security.Cert 53 * @since 9 54 */ 55 ERR_RUNTIME_ERROR = 19020002, 56 57 /** Indicates the crypto operation error. 58 * @syscap SystemCapability.Security.Cert 59 * @since 9 60 */ 61 ERR_CRYPTO_OPERATION = 19030001, 62 63 /* Indicates that the certificate signature verification failed. 64 * @syscap SystemCapability.Security.Cert 65 * @since 9 66 */ 67 ERR_CERT_SIGNATURE_FAILURE = 19030002, 68 69 /* Indicates that the certificate has not taken effect. 70 * @syscap SystemCapability.Security.Cert 71 * @since 9 72 */ 73 ERR_CERT_NOT_YET_VALID = 19030003, 74 75 /* Indicates that the certificate has expired. 76 * @syscap SystemCapability.Security.Cert 77 * @since 9 78 */ 79 ERR_CERT_HAS_EXPIRED = 19030004, 80 81 /* Indicates that we failed to obtain the certificate issuer.. 82 * @syscap SystemCapability.Security.Cert 83 * @since 9 84 */ 85 ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 19030005, 86 87 /* The key cannot be used for signing a certificate. 88 * @syscap SystemCapability.Security.Cert 89 * @since 9 90 */ 91 ERR_KEYUSAGE_NO_CERTSIGN = 19030006, 92 93 /* The key cannot be used for digital signature. 94 * @syscap SystemCapability.Security.Cert 95 * @since 9 96 */ 97 ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = 19030007, 98 } 99 100 /** 101 * Provides the data blob type. 102 * @typedef DataBlob 103 * @syscap SystemCapability.Security.Cert 104 * @since 9 105 */ 106 interface DataBlob { 107 data : Uint8Array; 108 } 109 110 /** 111 * Provides the data array type. 112 * @typedef DataArray 113 * @syscap SystemCapability.Security.Cert 114 * @since 9 115 */ 116 interface DataArray { 117 data : Array<Uint8Array>; 118 } 119 120 /** 121 * Enum for supported cert encoding format. 122 * @enum {number} 123 * @syscap SystemCapability.Security.Cert 124 * @since 9 125 */ 126 enum EncodingFormat { 127 /** 128 * The value of cert DER format. 129 * @syscap SystemCapability.Security.Cert 130 * @since 9 131 */ 132 FORMAT_DER = 0, 133 134 /** 135 * The value of cert PEM format. 136 * @syscap SystemCapability.Security.Cert 137 * @since 9 138 */ 139 FORMAT_PEM = 1, 140 } 141 142 /** 143 * Provides the cert encoding blob type. 144 * @typedef EncodingBlob 145 * @syscap SystemCapability.Security.Cert 146 * @since 9 147 */ 148 interface EncodingBlob { 149 /** 150 * The data input. 151 * @type { Uint8Array } 152 * @syscap SystemCapability.Security.Cert 153 * @since 9 154 */ 155 data : Uint8Array; 156 /** 157 * The data encoding format. 158 * @type { EncodingFormat } 159 * @syscap SystemCapability.Security.Cert 160 * @since 9 161 */ 162 encodingFormat : EncodingFormat; 163 } 164 165 /** 166 * Provides the cert chain data type. 167 * @typedef CertChainData 168 * @syscap SystemCapability.Security.Cert 169 * @since 9 170 */ 171 interface CertChainData { 172 /** 173 * The data input. 174 * @type { Uint8Array } 175 * @syscap SystemCapability.Security.Cert 176 * @since 9 177 */ 178 data: Uint8Array; 179 /** 180 * The number of certs. 181 * @type { number } 182 * @syscap SystemCapability.Security.Cert 183 * @since 9 184 */ 185 count : number; 186 /** 187 * The data encoding format. 188 * @type { EncodingFormat } 189 * @syscap SystemCapability.Security.Cert 190 * @since 9 191 */ 192 encodingFormat: EncodingFormat; 193 } 194 195 /** 196 * Provides the x509 cert type. 197 * @typedef X509Cert 198 * @syscap SystemCapability.Security.Cert 199 * @since 9 200 */ 201 interface X509Cert { 202 /** 203 * Verify the X509 cert. 204 * @param { cryptoFramework.PubKey } key - public key to verify cert. 205 * @param { AsyncCallback<void> } callback - the callback of verify. 206 * @throws { BusinessError } 401 - invalid parameters. 207 * @throws { BusinessError } 19030001 - crypto operation error. 208 * @syscap SystemCapability.Security.Cert 209 * @since 9 210 */ 211 verify(key : cryptoFramework.PubKey, callback : AsyncCallback<void>) : void; 212 213 /** 214 * Verify the X509 cert. 215 * @param { cryptoFramework.PubKey } key - public key to verify cert. 216 * @returns { Promise<void> } the promise returned by the function. 217 * @throws { BusinessError } 401 - invalid parameters. 218 * @throws { BusinessError } 19030001 - crypto operation error. 219 * @syscap SystemCapability.Security.Cert 220 * @since 9 221 */ 222 verify(key : cryptoFramework.PubKey) : Promise<void>; 223 224 /** 225 * Get X509 cert encoded data. 226 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 227 * @throws { BusinessError } 401 - invalid parameters. 228 * @throws { BusinessError } 19020001 - memory error. 229 * @throws { BusinessError } 19020002 - runtime error. 230 * @throws { BusinessError } 19030001 - crypto operation error. 231 * @syscap SystemCapability.Security.Cert 232 * @since 9 233 */ 234 getEncoded(callback : AsyncCallback<EncodingBlob>) : void; 235 236 /** 237 * Get X509 cert encoded data. 238 * @returns { Promise<EncodingBlob> } the promise of X509 cert encoded data. 239 * @throws { BusinessError } 401 - invalid parameters. 240 * @throws { BusinessError } 19020001 - memory error. 241 * @throws { BusinessError } 19020002 - runtime error. 242 * @throws { BusinessError } 19030001 - crypto operation error. 243 * @syscap SystemCapability.Security.Cert 244 * @since 9 245 */ 246 getEncoded() : Promise<EncodingBlob>; 247 248 /** 249 * Get X509 cert public key. 250 * @returns { cryptoFramework.PubKey } X509 cert pubKey. 251 * @throws { BusinessError } 19020001 - memory error. 252 * @throws { BusinessError } 19030001 - crypto operation error. 253 * @syscap SystemCapability.Security.Cert 254 * @since 9 255 */ 256 getPublicKey() : cryptoFramework.PubKey; 257 258 /** 259 * Check the X509 cert validity with date. 260 * @param date Indicates the cert date. 261 * @throws { BusinessError } 401 - invalid parameters. 262 * @throws { BusinessError } 19020001 - memory error. 263 * @throws { BusinessError } 19030001 - crypto operation error. 264 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 265 * @throws { BusinessError } 19030004 - the certificate has expired. 266 * @syscap SystemCapability.Security.Cert 267 * @since 9 268 */ 269 checkValidityWithDate(date: string) : void; 270 271 /** 272 * Get X509 cert version. 273 * @returns { number } X509 cert version. 274 * @syscap SystemCapability.Security.Cert 275 * @since 9 276 */ 277 getVersion() : number; 278 279 /** 280 * Get X509 cert serial number. 281 * 282 * @returns { number } X509 cert serial number. 283 * @syscap SystemCapability.Security.Cert 284 * @since 9 285 */ 286 getSerialNumber() : number; 287 288 /** 289 * Get X509 cert issuer name. 290 * @returns { DataBlob } X509 cert issuer name. 291 * @throws { BusinessError } 19020001 - memory error. 292 * @throws { BusinessError } 19020002 - runtime error. 293 * @throws { BusinessError } 19030001 - crypto operation error. 294 * @syscap SystemCapability.Security.Cert 295 * @since 9 296 */ 297 getIssuerName() : DataBlob; 298 299 /** 300 * Get X509 cert subject name. 301 * @returns { DataBlob } X509 cert subject name. 302 * @throws { BusinessError } 19020001 - memory error. 303 * @throws { BusinessError } 19020002 - runtime error. 304 * @throws { BusinessError } 19030001 - crypto operation error. 305 * @syscap SystemCapability.Security.Cert 306 * @since 9 307 */ 308 getSubjectName() : DataBlob; 309 310 /** 311 * Get X509 cert not before time. 312 * @returns { string } X509 cert not before time. 313 * @throws { BusinessError } 19020001 - memory error. 314 * @throws { BusinessError } 19020002 - runtime error. 315 * @throws { BusinessError } 19030001 - crypto operation error. 316 * @syscap SystemCapability.Security.Cert 317 * @since 9 318 */ 319 getNotBeforeTime() : string; 320 321 /** 322 * Get X509 cert not after time. 323 * @returns { string } X509 cert not after time. 324 * @throws { BusinessError } 19020001 - memory error. 325 * @throws { BusinessError } 19020002 - runtime error. 326 * @throws { BusinessError } 19030001 - crypto operation error. 327 * @syscap SystemCapability.Security.Cert 328 * @since 9 329 */ 330 getNotAfterTime() : string; 331 332 /** 333 * Get X509 cert signature. 334 * @returns { DataBlob } X509 cert signature. 335 * @throws { BusinessError } 19020001 - memory error. 336 * @throws { BusinessError } 19020002 - runtime error. 337 * @throws { BusinessError } 19030001 - crypto operation error. 338 * @syscap SystemCapability.Security.Cert 339 * @since 9 340 */ 341 getSignature() : DataBlob; 342 343 /** 344 * Get X509 cert signature's algorithm name. 345 * @returns { string } X509 cert signature's algorithm name. 346 * @throws { BusinessError } 19020001 - memory error. 347 * @throws { BusinessError } 19020002 - runtime error. 348 * @throws { BusinessError } 19030001 - crypto operation error. 349 * @syscap SystemCapability.Security.Cert 350 * @since 9 351 */ 352 getSignatureAlgName() : string; 353 354 /** 355 * Get X509 cert signature's algorithm oid. 356 * @returns { string } X509 cert signature's algorithm oid. 357 * @throws { BusinessError } 19020001 - memory error. 358 * @throws { BusinessError } 19020002 - runtime error. 359 * @throws { BusinessError } 19030001 - crypto operation error. 360 * @syscap SystemCapability.Security.Cert 361 * @since 9 362 */ 363 getSignatureAlgOid() : string; 364 365 /** 366 * Get X509 cert signature's algorithm name. 367 * @returns { DataBlob } X509 cert signature's algorithm name. 368 * @throws { BusinessError } 801 - this operation is not supported. 369 * @throws { BusinessError } 19020001 - memory error. 370 * @throws { BusinessError } 19020002 - runtime error. 371 * @throws { BusinessError } 19030001 - crypto operation error. 372 * @syscap SystemCapability.Security.Cert 373 * @since 9 374 */ 375 getSignatureAlgParams() : DataBlob; 376 377 /** 378 * Get X509 cert key usage. 379 * @returns { DataBlob } X509 cert key usage. 380 * @throws { BusinessError } 19020001 - memory error. 381 * @throws { BusinessError } 19030001 - crypto operation error. 382 * @syscap SystemCapability.Security.Cert 383 * @since 9 384 */ 385 getKeyUsage() : DataBlob; 386 387 /** 388 * Get X509 cert extended key usage. 389 * @returns { DataArray } X509 cert extended key usage. 390 * @throws { BusinessError } 19020001 - memory error. 391 * @throws { BusinessError } 19020002 - runtime error. 392 * @throws { BusinessError } 19030001 - crypto operation error. 393 * @syscap SystemCapability.Security.Cert 394 * @since 9 395 */ 396 getExtKeyUsage() : DataArray; 397 398 /** 399 * Get X509 cert basic constraints path len. 400 * @returns { number } X509 cert basic constraints path len. 401 * @syscap SystemCapability.Security.Cert 402 * @since 9 403 */ 404 getBasicConstraints() : number; 405 406 /** 407 * Get X509 cert subject alternative name. 408 * @returns { DataArray } X509 cert subject alternative name. 409 * @throws { BusinessError } 19020001 - memory error. 410 * @throws { BusinessError } 19020002 - runtime error. 411 * @throws { BusinessError } 19030001 - crypto operation error. 412 * @syscap SystemCapability.Security.Cert 413 * @since 9 414 */ 415 getSubjectAltNames() : DataArray; 416 417 /** 418 * Get X509 cert issuer alternative name. 419 * @returns { DataArray } X509 cert issuer alternative name. 420 * @throws { BusinessError } 19020001 - memory error. 421 * @throws { BusinessError } 19020002 - runtime error. 422 * @throws { BusinessError } 19030001 - crypto operation error. 423 * @syscap SystemCapability.Security.Cert 424 * @since 9 425 */ 426 getIssuerAltNames() : DataArray; 427 } 428 429 /** 430 * Provides the x509 cert func. 431 * @param { EncodingBlob } inStream - indicate the input cert data. 432 * @param { AsyncCallback<X509Cert> } callback - the callback of createX509Cert. 433 * @throws { BusinessError } 401 - invalid parameters. 434 * @throws { BusinessError } 801 - this operation is not supported. 435 * @throws { BusinessError } 19020001 - memory error. 436 * @syscap SystemCapability.Security.Cert 437 * @since 9 438 */ 439 function createX509Cert(inStream : EncodingBlob, callback : AsyncCallback<X509Cert>) : void; 440 441 /** 442 * Provides the x509 cert func. 443 * @param { EncodingBlob } inStream - indicate the input cert data. 444 * @returns { Promise<X509Cert> } the promise of X509 cert instance. 445 * @throws { BusinessError } 401 - invalid parameters. 446 * @throws { BusinessError } 801 - this operation is not supported. 447 * @throws { BusinessError } 19020001 - memory error. 448 * @syscap SystemCapability.Security.Cert 449 * @since 9 450 */ 451 function createX509Cert(inStream : EncodingBlob) : Promise<X509Cert>; 452 453 /** 454 * Interface of X509CrlEntry. 455 * @typedef X509CrlEntry 456 * @syscap SystemCapability.Security.Cert 457 * @since 9 458 */ 459 interface X509CrlEntry { 460 /** 461 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 462 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 463 * @throws { BusinessError } 401 - invalid parameters. 464 * @throws { BusinessError } 19020001 - memory error. 465 * @throws { BusinessError } 19020002 - runtime error. 466 * @throws { BusinessError } 19030001 - crypto operation error. 467 * @syscap SystemCapability.Security.Cert 468 * @since 9 469 */ 470 getEncoded(callback : AsyncCallback<EncodingBlob>) : void; 471 472 /** 473 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 474 * @returns { Promise<EncodingBlob> } the promise of crl entry blob data. 475 * @throws { BusinessError } 401 - invalid parameters. 476 * @throws { BusinessError } 19020001 - memory error. 477 * @throws { BusinessError } 19020002 - runtime error. 478 * @throws { BusinessError } 19030001 - crypto operation error. 479 * @syscap SystemCapability.Security.Cert 480 * @since 9 481 */ 482 getEncoded() : Promise<EncodingBlob>; 483 484 /** 485 * Get the serial number from this x509crl entry. 486 * @returns serial number of crl entry. 487 * @syscap SystemCapability.Security.Cert 488 * @since 9 489 */ 490 getSerialNumber() : number; 491 492 /** 493 * Get the issuer of the x509 certificate described by this entry. 494 * @returns DataBlob of issuer. 495 * @throws { BusinessError } 801 - this operation is not supported. 496 * @throws { BusinessError } 19020001 - memory error. 497 * @throws { BusinessError } 19020002 - runtime error. 498 * @syscap SystemCapability.Security.Cert 499 * @since 9 500 */ 501 getCertIssuer() : DataBlob; 502 503 /** 504 * Get the revocation date from x509crl entry. 505 * @returns string of revocation date. 506 * @throws { BusinessError } 19020001 - memory error. 507 * @throws { BusinessError } 19020002 - runtime error. 508 * @throws { BusinessError } 19030001 - crypto operation error. 509 * @syscap SystemCapability.Security.Cert 510 * @since 9 511 */ 512 getRevocationDate() : string; 513 } 514 515 /** 516 * Interface of X509Crl. 517 * @typedef X509Crl 518 * @syscap SystemCapability.Security.Cert 519 * @since 9 520 */ 521 interface X509Crl { 522 /** 523 * Check if the given certificate is on this CRL. 524 * @param { X509Cert } cert - input cert data. 525 * @returns {boolean} result of Check cert is revoked or not. 526 * @throws { BusinessError } 401 - invalid parameters. 527 * @syscap SystemCapability.Security.Cert 528 * @since 9 529 */ 530 isRevoked(cert : X509Cert) : boolean; 531 532 /** 533 * Returns the type of this CRL. 534 * @returns string of crl type. 535 * @syscap SystemCapability.Security.Cert 536 * @since 9 537 */ 538 getType() : string; 539 540 /** 541 * Get the der coding format. 542 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 543 * @throws { BusinessError } 401 - invalid parameters. 544 * @throws { BusinessError } 19020001 - memory error. 545 * @throws { BusinessError } 19020002 - runtime error. 546 * @throws { BusinessError } 19030001 - crypto operation error. 547 * @syscap SystemCapability.Security.Cert 548 * @since 9 549 */ 550 getEncoded(callback : AsyncCallback<EncodingBlob>) : void; 551 552 /** 553 * Get the der coding format. 554 * @returns {Promise<EncodingBlob>} the promise of crl blob data. 555 * @throws { BusinessError } 401 - invalid parameters. 556 * @throws { BusinessError } 19020001 - memory error. 557 * @throws { BusinessError } 19020002 - runtime error. 558 * @throws { BusinessError } 19030001 - crypto operation error. 559 * @syscap SystemCapability.Security.Cert 560 * @since 9 561 */ 562 getEncoded() : Promise<EncodingBlob>; 563 564 /** 565 * Use the public key to verify the signature of CRL. 566 * @param { cryptoFramework.PubKey } key - input public Key. 567 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 568 * @returns verify result. 569 * @throws { BusinessError } 401 - invalid parameters. 570 * @throws { BusinessError } 19030001 - crypto operation error. 571 * @syscap SystemCapability.Security.Cert 572 * @since 9 573 */ 574 verify(key : cryptoFramework.PubKey, callback : AsyncCallback<void>) : void; 575 576 /** 577 * Use the public key to verify the signature of CRL. 578 * @param { cryptoFramework.PubKey } key - input public Key. 579 * @returns {Promise<void>} the promise returned by the function. 580 * @throws { BusinessError } 401 - invalid parameters. 581 * @throws { BusinessError } 19030001 - crypto operation error. 582 * @syscap SystemCapability.Security.Cert 583 * @since 9 584 */ 585 verify(key : cryptoFramework.PubKey) : Promise<void>; 586 587 /** 588 * Get version number from CRL. 589 * @returns version of crl. 590 * @syscap SystemCapability.Security.Cert 591 * @since 9 592 */ 593 getVersion() : number; 594 595 /** 596 * Get the issuer name from CRL. Issuer means the entity that signs and publishes the CRL. 597 * @returns issuer name of crl. 598 * @throws { BusinessError } 19020001 - memory error. 599 * @throws { BusinessError } 19020002 - runtime error. 600 * @throws { BusinessError } 19030001 - crypto operation error. 601 * @syscap SystemCapability.Security.Cert 602 * @since 9 603 */ 604 getIssuerName() : DataBlob; 605 606 /** 607 * Get lastUpdate value from CRL. 608 * @returns last update of crl. 609 * @throws { BusinessError } 19020001 - memory error. 610 * @throws { BusinessError } 19020002 - runtime error. 611 * @throws { BusinessError } 19030001 - crypto operation error. 612 * @syscap SystemCapability.Security.Cert 613 * @since 9 614 */ 615 getLastUpdate() : string; 616 617 /** 618 * Get nextUpdate value from CRL. 619 * @returns next update of crl. 620 * @throws { BusinessError } 19020001 - memory error. 621 * @throws { BusinessError } 19020002 - runtime error. 622 * @throws { BusinessError } 19030001 - crypto operation error. 623 * @syscap SystemCapability.Security.Cert 624 * @since 9 625 */ 626 getNextUpdate() : string; 627 628 /** 629 * This method can be used to find CRL entries in specified CRLs. 630 * @param { number } serialNumber - serial number of crl. 631 * @returns next update of crl. 632 * @throws { BusinessError } 401 - invalid parameters. 633 * @throws { BusinessError } 19020001 - memory error. 634 * @throws { BusinessError } 19030001 - crypto operation error. 635 * @syscap SystemCapability.Security.Cert 636 * @since 9 637 */ 638 getRevokedCert(serialNumber : number) : X509CrlEntry; 639 640 /** 641 * This method can be used to find CRL entries in specified cert. 642 * @param { X509Cert } cert - cert of x509. 643 * @returns X509CrlEntry instance. 644 * @throws { BusinessError } 401 - invalid parameters. 645 * @throws { BusinessError } 19020001 - memory error. 646 * @throws { BusinessError } 19030001 - crypto operation error. 647 * @syscap SystemCapability.Security.Cert 648 * @since 9 649 */ 650 getRevokedCertWithCert(cert : X509Cert) : X509CrlEntry; 651 652 /** 653 * Get all entries in this CRL. 654 * @param { AsyncCallback<Array<X509CrlEntry>> } callback - the callback of getRevokedCerts. 655 * @throws { BusinessError } 401 - invalid parameters. 656 * @throws { BusinessError } 19020001 - memory error. 657 * @throws { BusinessError } 19030001 - crypto operation error. 658 * @syscap SystemCapability.Security.Cert 659 * @since 9 660 */ 661 getRevokedCerts(callback : AsyncCallback<Array<X509CrlEntry>>) : void; 662 663 /** 664 * Get all entries in this CRL. 665 * @returns { Promise<Array<X509CrlEntry>> } the promise of X509CrlEntry instance. 666 * @throws { BusinessError } 401 - invalid parameters. 667 * @throws { BusinessError } 19020001 - memory error. 668 * @throws { BusinessError } 19030001 - crypto operation error. 669 * @syscap SystemCapability.Security.Cert 670 * @since 9 671 */ 672 getRevokedCerts() : Promise<Array<X509CrlEntry>>; 673 674 /** 675 * Get the CRL information encoded by Der from this CRL. 676 * @returns DataBlob of tbs info. 677 * @throws { BusinessError } 19020001 - memory error. 678 * @throws { BusinessError } 19020002 - runtime error. 679 * @throws { BusinessError } 19030001 - crypto operation error. 680 * @syscap SystemCapability.Security.Cert 681 * @since 9 682 */ 683 getTbsInfo() : DataBlob; 684 685 /** 686 * Get signature value from CRL. 687 * @returns DataBlob of signature. 688 * @throws { BusinessError } 19020001 - memory error. 689 * @throws { BusinessError } 19020002 - runtime error. 690 * @throws { BusinessError } 19030001 - crypto operation error. 691 * @syscap SystemCapability.Security.Cert 692 * @since 9 693 */ 694 getSignature() : DataBlob; 695 696 /** 697 * Get the signature algorithm name of the CRL signature algorithm. 698 * @returns string of signature algorithm name. 699 * @throws { BusinessError } 19020001 - memory error. 700 * @throws { BusinessError } 19020002 - runtime error. 701 * @throws { BusinessError } 19030001 - crypto operation error. 702 * @syscap SystemCapability.Security.Cert 703 * @since 9 704 */ 705 getSignatureAlgName() : string; 706 707 /** 708 * Get the signature algorithm oid string from CRL. 709 * @returns string of signature algorithm oid. 710 * @throws { BusinessError } 19020001 - memory error. 711 * @throws { BusinessError } 19020002 - runtime error. 712 * @throws { BusinessError } 19030001 - crypto operation error. 713 * @syscap SystemCapability.Security.Cert 714 * @since 9 715 */ 716 getSignatureAlgOid() : string; 717 718 /** 719 * Get the der encoded signature algorithm parameters from the CRL signature algorithm. 720 * @returns DataBlob of signature algorithm params. 721 * @throws { BusinessError } 801 - this operation is not supported. 722 * @throws { BusinessError } 19020001 - memory error. 723 * @throws { BusinessError } 19020002 - runtime error. 724 * @throws { BusinessError } 19030001 - crypto operation error. 725 * @syscap SystemCapability.Security.Cert 726 * @since 9 727 */ 728 getSignatureAlgParams() : DataBlob; 729 } 730 731 /** 732 * Provides the x509 CRL func. 733 * @param {EncodingBlob} inStream - indicates the input CRL data. 734 * @param { AsyncCallback<X509Crl> } callback - the callback of createX509Crl to return x509 CRL instance. 735 * @throws { BusinessError } 401 - invalid parameters. 736 * @throws { BusinessError } 801 - this operation is not supported. 737 * @throws { BusinessError } 19020001 - memory error. 738 * @syscap SystemCapability.Security.Cert 739 * @since 9 740 */ 741 function createX509Crl(inStream : EncodingBlob, callback : AsyncCallback<X509Crl>) : void; 742 743 /** 744 * Provides the x509 CRL func. 745 * @param {EncodingBlob} inStream - indicates the input CRL data. 746 * @returns { Promise<X509Crl> } the promise of x509 CRL instance. 747 * @throws { BusinessError } 401 - invalid parameters. 748 * @throws { BusinessError } 801 - this operation is not supported. 749 * @throws { BusinessError } 19020001 - memory error. 750 * @syscap SystemCapability.Security.Cert 751 * @since 9 752 */ 753 function createX509Crl(inStream : EncodingBlob) : Promise<X509Crl>; 754 755 /** 756 * Certification chain validator. 757 * @typedef CertChainValidator 758 * @syscap SystemCapability.Security.Cert 759 * @since 9 760 */ 761 interface CertChainValidator { 762 /** 763 * Validate the cert chain. 764 * @param { CertChainData } certChain - indicate the cert chain validator data. 765 * @param { AsyncCallback<void> } callback - the callback of validate. 766 * @throws { BusinessError } 401 - invalid parameters. 767 * @throws { BusinessError } 19020001 - memory error. 768 * @throws { BusinessError } 19020002 - runtime error. 769 * @throws { BusinessError } 19030001 - crypto operation error. 770 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 771 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 772 * @throws { BusinessError } 19030004 - the certificate has expired. 773 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 774 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 775 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 776 * @syscap SystemCapability.Security.Cert 777 * @since 9 778 */ 779 validate(certChain : CertChainData, callback : AsyncCallback<void>) : void; 780 781 /** 782 * Validate the cert chain. 783 * @param { CertChainData } certChain - indicate the cert chain validator data. 784 * @returns { Promise<void> } the promise returned by the function. 785 * @throws { BusinessError } 401 - invalid parameters. 786 * @throws { BusinessError } 19020001 - memory error. 787 * @throws { BusinessError } 19020002 - runtime error. 788 * @throws { BusinessError } 19030001 - crypto operation error. 789 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 790 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 791 * @throws { BusinessError } 19030004 - the certificate has expired. 792 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 793 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 794 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 795 * @syscap SystemCapability.Security.Cert 796 * @since 9 797 */ 798 validate(certChain : CertChainData) : Promise<void>; 799 800 /** 801 * The cert chain related algorithm. 802 * @type { string } 803 * @readonly 804 * @syscap SystemCapability.Security.Cert 805 * @since 9 806 */ 807 readonly algorithm : string; 808 } 809 810 /** 811 * Provides the cert chain validator func. 812 * @param { string } algorithm - indicates the cert chain validator type. 813 * @returns the cert chain validator instance. 814 * @throws { BusinessError } 401 - invalid parameters. 815 * @throws { BusinessError } 801 - this operation is not supported. 816 * @throws { BusinessError } 19020001 - memory error. 817 * @throws { BusinessError } 19020002 - runtime error. 818 * @throws { BusinessError } 19030001 - crypto operation error. 819 * @syscap SystemCapability.Security.Cert 820 * @since 9 821 */ 822 function createCertChainValidator(algorithm :string) : CertChainValidator; 823} 824 825export default cert; 826