1# @ohos.security.cert (证书模块) 2 3证书算法库框架提供证书相关接口。其中,依赖加解密算法库框架的基础算法能力的部分,详细接口说明可参考[cryptoFramework API参考](js-apis-cryptoFramework.md)。 4 5> **说明:** 6> 7> 本模块首批接口从API version 9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 8 9## 导入模块 10 11```ts 12import certFramework from '@ohos.security.cert'; 13import cryptoFramework from '@ohos.security.cryptoFramework'; 14``` 15 16## CertResult 17 18 表示执行结果的枚举。 19 20 **系统能力:** SystemCapability.Security.Cert 21 22| 名称 | 值 | 说明 | 23| --------------------------------------| -------- | -----------------------------| 24| INVALID_PARAMS | 401 | 非法入参。 | 25| NOT_SUPPORT | 801 | 操作不支持。 | 26| ERR_OUT_OF_MEMORY | 19020001 | 内存错误。 | 27| ERR_RUNTIME_ERROR | 19020002 | 运行时外部错误。 | 28| ERR_CRYPTO_OPERATION | 19030001 | 调用三方算法库API出错。 | 29| ERR_CERT_SIGNATURE_FAILURE | 19030002 | 证书签名验证错误。 | 30| ERR_CERT_NOT_YET_VALID | 19030003 | 证书尚未生效。 | 31| ERR_CERT_HAS_EXPIRED | 19030004 | 证书过期。 | 32| ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY | 19030005 | 无法获取证书的颁发者。 | 33| ERR_KEYUSAGE_NO_CERTSIGN | 19030006 | 证书的秘钥用途不含证书签名。 | 34| ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE | 19030007 | 证书的秘钥用途不含数字签名。 | 35 36## DataBlob 37buffer数组。 38 **系统能力:** SystemCapability.Security.Cert 39| 名称 | 类型 | 可读 | 可写 | 说明 | 40| -------------- | -------------- | ---- | ---- | ----------------| 41| data | Uint8Array | 是 | 是 | 数据。 | 42 43## DataArray 44 45buffer数组的列表。 46 **系统能力:** SystemCapability.Security.Cert 47| 名称 | 类型 | 可读 | 可写 | 说明 | 48| -------------- | -------------- | ---- | ---- | ----------------| 49| data | Uint8Array | 是 | 是 | 数据列表。 | 50 51## EncodingFormat 52 53 表示证书编码格式的枚举。 54 55 **系统能力:** SystemCapability.Security.Cert 56 57| 名称 | 值 | 说明 | 58| ---------- | ------ | --------- | 59| FORMAT_DER | 0 | DER格式。 | 60| FORMAT_PEM | 1 | PEM格式。 | 61 62## CertItemType<sup>10+</sup> 63 64 表示获取证书字段的枚举。 65 66 **系统能力:** SystemCapability.Security.Cert 67 68| 名称 | 值 | 说明 | 69| -------------------------------- | ---- | ------------------------------ | 70| CERT_ITEM_TYPE_TBS | 0 | 表示获取证书的待签名信息。 | 71| CERT_ITEM_TYPE_PUBLIC_KEY | 1 | 表示获取证书的公钥信息。 | 72| CERT_ITEM_TYPE_ISSUER_UNIQUE_ID | 2 | 表示获取证书的颁发者唯一编号。 | 73| CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID | 3 | 表示获取证书的主体唯一编号。 | 74| CERT_ITEM_TYPE_EXTENSIONS | 4 | 表示获取证书的扩展域信息。 | 75 76## ExtensionOidType<sup>10+</sup> 77 78 表示获取扩展域中对象标识符类型的枚举。 79 80 **系统能力:** SystemCapability.Security.Cert 81 82| 名称 | 值 | 说明 | 83| ----------------------------- | ---- | --------------------------------------------- | 84| EXTENSION_OID_TYPE_ALL | 0 | 表示获取扩展域中所有的对象标识符。 | 85| EXTENSION_OID_TYPE_CRITICAL | 1 | 表示获取扩展域中critical为true的对象标识符。 | 86| EXTENSION_OID_TYPE_UNCRITICAL | 2 | 表示获取扩展域中critical为false的对象标识符。 | 87 88## ExtensionEntryType<sup>10+</sup> 89 90 表示获取扩展域中对象类型的枚举。 91 92 **系统能力:** SystemCapability.Security.Cert 93 94| 名称 | 值 | 说明 | 95| ----------------------------------- | ---- | ---------------------------- | 96| EXTENSION_ENTRY_TYPE_ENTRY | 0 | 表示获取整个对象。 | 97| EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL | 1 | 表示获取对象的critical属性。 | 98| EXTENSION_ENTRY_TYPE_ENTRY_VALUE | 2 | 表示获取对象的数据。 | 99 100## EncodingBlob 101 102带编码格式的证书二进制数组。 103 104### 属性 105 106**系统能力:** SystemCapability.Security.Cert 107 108| 名称 | 类型 | 可读 | 可写 | 说明 | 109| -------------- | --------------------------------- | ---- | ---- | ------------------------------ | 110| data | Uint8Array | 是 | 是 | 传入的证书数据。 | 111| encodingFormat | [EncodingFormat](#encodingformat) | 是 | 是 | 指明证书编码格式。 | 112 113 114## CertChainData 115 116证书链数据,在证书链校验时,作为入参传入。 117 118### 属性 119 120**系统能力:** SystemCapability.Security.Cert 121 122| 名称 | 类型 | 可读 | 可写 | 说明 | 123| -------------- | --------------------------------- | ---- | ---- | ------------------------------------------------------------ | 124| data | Uint8Array | 是 | 是 | 证书数据,按照长度(2字节)-数据的形式传入,如:08ABCDEFGH07ABCDEFG,第一本证书,前2个字节表示证书的长度为8字节,后面附加8字节的证书数据;第2本证书前2个字节表示证书的长度为7字节,后面附加7字节的证书数据。 | 125| count | number | 是 | 是 | 传入的数据中,包含的证书数量。 | 126| encodingFormat | [EncodingFormat](#encodingformat) | 是 | 是 | 指明证书编码格式。 | 127 128 129## cryptoCert.createX509Cert 130 131createX509Cert(inStream : EncodingBlob, callback : AsyncCallback\<X509Cert>) : void 132 133表示创建X509证书对象,使用Callback回调异步返回结果。 134 135**系统能力:** SystemCapability.Security.Cert 136 137**参数:** 138 139| 参数名 | 类型 | 必填 | 说明 | 140| -------- | ------------------------------------- | ---- | -------------------------- | 141| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据 | 142| callback | AsyncCallback\<[X509Cert](#x509cert)> | 是 | 回调函数。表示X509证书对象 | 143 144**错误码:** 145 146以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 147 148| 错误码ID | 错误信息 | 149| -------- | ------------- | 150| 19020001 | memory error. | 151 152**示例:** 153 154```ts 155import certFramework from '@ohos.security.cert'; 156 157// string转Uint8Array 158function stringToUint8Array(str: string): Uint8Array { 159 let arr: Array<number> = []; 160 for (let i = 0, j = str.length; i < j; i++) { 161 arr.push(str.charCodeAt(i)); 162 } 163 return new Uint8Array(arr); 164} 165 166// 证书二进制数据,需业务自行赋值 167let certData = '-----BEGIN CERTIFICATE-----\n' + 168 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 169 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 170 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 171 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 172 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 173 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 174 'Qw==\n' + 175 '-----END CERTIFICATE-----\n'; 176 177let encodingBlob: certFramework.EncodingBlob = { 178 data: stringToUint8Array(certData), 179 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 180 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 181}; 182 183certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 184 if (error != null) { 185 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 186 } else { 187 console.log('createX509Cert success'); 188 } 189}); 190``` 191 192## cryptoCert.createX509Cert 193 194createX509Cert(inStream : EncodingBlob) : Promise\<X509Cert> 195 196表示创建X509证书对象,使用Promise方式异步返回结果。 197 198**系统能力:** SystemCapability.Security.Cert 199 200**参数:** 201 202| 参数名 | 类型 | 必填 | 说明 | 203| -------- | ----------------------------- | ---- | ------------------ | 204| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据 | 205 206**返回值:** 207 208| 类型 | 说明 | 209| ------- | ---------------- | 210| Promise\<[X509Cert](#x509cert)> | 表示X509证书对象 | 211 212**错误码:** 213 214以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 215 216| 错误码ID | 错误信息 | 217| -------- | ------------- | 218| 19020001 | memory error. | 219 220**示例:** 221 222```ts 223import certFramework from '@ohos.security.cert'; 224import { BusinessError } from '@ohos.base'; 225 226// string转Uint8Array 227function stringToUint8Array(str: string): Uint8Array { 228 let arr: Array<number> = []; 229 for (let i = 0, j = str.length; i < j; i++) { 230 arr.push(str.charCodeAt(i)); 231 } 232 return new Uint8Array(arr); 233} 234 235// 证书二进制数据,需业务自行赋值 236let certData = '-----BEGIN CERTIFICATE-----\n' + 237 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 238 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 239 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 240 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 241 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 242 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 243 'Qw==\n' + 244 '-----END CERTIFICATE-----\n'; 245 246let encodingBlob: certFramework.EncodingBlob = { 247 data: stringToUint8Array(certData), 248 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 249 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 250}; 251 252certFramework.createX509Cert(encodingBlob).then(x509Cert => { 253 console.log('createX509Cert success'); 254}).catch((error: BusinessError) => { 255 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 256}); 257``` 258 259## X509Cert 260 261X509证书类。 262 263### verify 264 265verify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 266 267表示对证书验签,使用Callback回调异步返回结果。 268 269**系统能力:** SystemCapability.Security.Cert 270 271**参数:** 272 273| 参数名 | 类型 | 必填 | 说明 | 274| -------- | --------------------- | ---- | ------------------------------------------------------------ | 275| key | cryptoFramework.PubKey | 是 | 用于验签的公钥对象 | 276| callback | AsyncCallback\<void> | 是 | 回调函数。使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,不为null表示失败 | 277 278**错误码:** 279 280以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 281 282| 错误码ID | 错误信息 | 283| -------- | ------------------ | 284| 19030001 | crypto operation error. | 285 286**示例:** 287 288```ts 289import certFramework from '@ohos.security.cert'; 290import { BusinessError } from '@ohos.base'; 291 292// string转Uint8Array 293function stringToUint8Array(str: string): Uint8Array { 294 let arr: Array<number> = []; 295 for (let i = 0, j = str.length; i < j; i++) { 296 arr.push(str.charCodeAt(i)); 297 } 298 return new Uint8Array(arr); 299} 300 301// 证书二进制数据,需业务自行赋值 302let certData = '-----BEGIN CERTIFICATE-----\n' + 303 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 304 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 305 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 306 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 307 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 308 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 309 'Qw==\n' + 310 '-----END CERTIFICATE-----\n'; 311 312let encodingBlob: certFramework.EncodingBlob = { 313 data: stringToUint8Array(certData), 314 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 315 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 316}; 317 318certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 319 if (error != null) { 320 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 321 } else { 322 console.log('createX509Cert success'); 323 324 // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey 325 try { 326 let pubKey = x509Cert.getPublicKey(); 327 328 // 验证证书签名 329 x509Cert.verify(pubKey, (err, data) => { 330 if (err == null) { 331 console.log('verify success'); 332 } else { 333 console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 334 } 335 }); 336 } catch (error) { 337 let e: BusinessError = error as BusinessError; 338 console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 339 } 340 } 341}); 342``` 343 344### verify 345 346verify(key : cryptoFramework.PubKey) : Promise\<void> 347 348表示对证书验签,使用Promise方式异步返回结果。 349 350**系统能力:** SystemCapability.Security.Cert 351 352**参数:** 353 354| 参数名 | 类型 | 必填 | 说明 | 355| ------ | ------ | ---- | ------------------ | 356| key | cryptoFramework.PubKey | 是 | 用于验签的公钥对象 | 357 358**返回值:** 359 360| 类型 | 说明 | 361| -------------- | ----------- | 362| Promise\<void> | Promise对象 | 363 364**错误码:** 365 366以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 367 368| 错误码ID | 错误信息 | 369| -------- | ------------------ | 370| 19030001 | crypto operation error. | 371 372**示例:** 373 374```ts 375import certFramework from '@ohos.security.cert'; 376import { BusinessError } from '@ohos.base'; 377 378// string转Uint8Array 379function stringToUint8Array(str: string): Uint8Array { 380 let arr: Array<number> = []; 381 for (let i = 0, j = str.length; i < j; i++) { 382 arr.push(str.charCodeAt(i)); 383 } 384 return new Uint8Array(arr); 385} 386 387// 证书二进制数据,需业务自行赋值 388let certData = '-----BEGIN CERTIFICATE-----\n' + 389 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 390 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 391 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 392 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 393 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 394 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 395 'Qw==\n' + 396 '-----END CERTIFICATE-----\n'; 397 398let encodingBlob: certFramework.EncodingBlob = { 399 data: stringToUint8Array(certData), 400 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 401 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 402}; 403 404certFramework.createX509Cert(encodingBlob).then(x509Cert => { 405 console.log('createX509Cert success'); 406 407 try { 408 // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey 409 let pubKey = x509Cert.getPublicKey(); 410 x509Cert.verify(pubKey).then(result => { 411 console.log('verify success'); 412 }).catch((error: BusinessError) => { 413 console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 414 }); 415 } catch (err) { 416 console.error('get public key failed'); 417 } 418}).catch((error: BusinessError) => { 419 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 420}); 421``` 422 423### getEncoded 424 425getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 426 427表示获取X509证书序列化数据,使用Callback回调异步返回结果。 428 429**系统能力:** SystemCapability.Security.Cert 430 431**参数**: 432 433| 参数名 | 类型 | 必填 | 说明 | 434| -------- | --------------------------------------------- | ---- | -------------------------------- | 435| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数。表示X509证书序列化数据 | 436 437**错误码:** 438 439以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 440 441| 错误码ID | 错误信息 | 442| -------- | ------------------------------------------------- | 443| 19020001 | memory error. | 444| 19020002 | runtime error. | 445| 19030001 | crypto operation error.| 446 447**示例:** 448 449```ts 450import certFramework from '@ohos.security.cert'; 451 452// string转Uint8Array 453function stringToUint8Array(str: string): Uint8Array { 454 let arr: Array<number> = []; 455 for (let i = 0, j = str.length; i < j; i++) { 456 arr.push(str.charCodeAt(i)); 457 } 458 return new Uint8Array(arr); 459} 460 461// 证书二进制数据,需业务自行赋值 462let certData = '-----BEGIN CERTIFICATE-----\n' + 463 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 464 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 465 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 466 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 467 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 468 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 469 'Qw==\n' + 470 '-----END CERTIFICATE-----\n'; 471 472let encodingBlob: certFramework.EncodingBlob = { 473 data: stringToUint8Array(certData), 474 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 475 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 476}; 477 478certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 479 if (error != null) { 480 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 481 } else { 482 console.log('createX509Cert success'); 483 x509Cert.getEncoded((error, data) => { 484 if (error != null) { 485 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 486 } else { 487 console.log('getEncoded success'); 488 } 489 }); 490 } 491}); 492``` 493 494### getEncoded 495 496getEncoded() : Promise\<EncodingBlob> 497 498表示获取X509证书序列化数据,使用Promise方式异步返回结果。 499 500**系统能力:** SystemCapability.Security.Cert 501 502**返回值**: 503 504| 类型 | 说明 | 505| --------------------------------------- | ---------------------- | 506| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书序列化数据 | 507 508**错误码:** 509 510以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 511 512| 错误码ID | 错误信息 | 513| -------- | ------------------------------------------------- | 514| 19020001 | memory error. | 515| 19020002 | runtime error. | 516| 19030001 | crypto operation error.| 517 518**示例:** 519 520```ts 521import certFramework from '@ohos.security.cert'; 522import { BusinessError } from '@ohos.base'; 523 524// string转Uint8Array 525function stringToUint8Array(str: string): Uint8Array { 526 let arr: Array<number> = []; 527 for (let i = 0, j = str.length; i < j; i++) { 528 arr.push(str.charCodeAt(i)); 529 } 530 return new Uint8Array(arr); 531} 532 533// 证书二进制数据,需业务自行赋值 534let certData = '-----BEGIN CERTIFICATE-----\n' + 535 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 536 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 537 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 538 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 539 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 540 '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 541 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 542 '-----END CERTIFICATE-----\n'; 543 544// 证书二进制数据,需业务自行赋值 545let encodingBlob: certFramework.EncodingBlob = { 546 data: stringToUint8Array(certData), 547 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 548 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 549}; 550certFramework.createX509Cert(encodingBlob).then(x509Cert => { 551 console.log('createX509Cert success'); 552 x509Cert.getEncoded().then(result => { 553 console.log('getEncoded success'); 554 }).catch((error: BusinessError) => { 555 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 556 }); 557}).catch((error: BusinessError) => { 558 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 559}); 560``` 561 562### getPublicKey 563 564getPublicKey() : cryptoFramework.PubKey 565 566表示获取X509证书公钥。 567 568**系统能力:** SystemCapability.Security.Cert 569 570**返回值**: 571 572| 类型 | 说明 | 573| ------ | ---------------- | 574| cryptoFramework.PubKey | X509证书公钥对象:仅用于X509Cert的verify接口 | 575 576**错误码:** 577 578以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 579 580| 错误码ID | 错误信息 | 581| -------- | ------------------------------------------------- | 582| 19020001 | memory error. | 583| 19030001 | crypto operation error.| 584 585**示例:** 586 587```ts 588import certFramework from '@ohos.security.cert'; 589import { BusinessError } from '@ohos.base'; 590 591// string转Uint8Array 592function stringToUint8Array(str: string): Uint8Array { 593 let arr: Array<number> = []; 594 for (let i = 0, j = str.length; i < j; i++) { 595 arr.push(str.charCodeAt(i)); 596 } 597 return new Uint8Array(arr); 598} 599 600// 证书二进制数据,需业务自行赋值 601let certData = '-----BEGIN CERTIFICATE-----\n' + 602 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 603 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 604 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 605 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 606 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 607 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 608 'Qw==\n' + 609 '-----END CERTIFICATE-----\n'; 610 611let encodingBlob: certFramework.EncodingBlob = { 612 data: stringToUint8Array(certData), 613 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 614 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 615}; 616 617certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 618 if (error != null) { 619 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 620 } else { 621 console.log('createX509Cert success'); 622 try { 623 let pubKey = x509Cert.getPublicKey(); 624 } catch (error) { 625 let e: BusinessError = error as BusinessError; 626 console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 627 } 628 } 629}); 630``` 631 632### checkValidityWithDate 633 634checkValidityWithDate(date: string) : void 635 636表示检查X509证书有效期。 637 638**系统能力:** SystemCapability.Security.Cert 639 640**参数**: 641 642| 参数名 | 类型 | 必填 | 说明 | 643| -------- | -------------- | ---- | ---------- | 644| date | string | 是 | 日期(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间必须以Z结尾:表示标准时间) | 645 646**错误码:** 647 648以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 649 650| 错误码ID | 错误信息 | 651| -------- | ------------------------------------------------- | 652| 19020001 | memory error. | 653| 19030001 | crypto operation error.| 654| 19030003 | the certificate has not taken effect. | 655| 19030004 | the certificate has expired.| 656 657**示例:** 658 659```ts 660import certFramework from '@ohos.security.cert'; 661import { BusinessError } from '@ohos.base'; 662 663// string转Uint8Array 664function stringToUint8Array(str: string): Uint8Array { 665 let arr: Array<number> = []; 666 for (let i = 0, j = str.length; i < j; i++) { 667 arr.push(str.charCodeAt(i)); 668 } 669 return new Uint8Array(arr); 670} 671 672// 证书二进制数据,需业务自行赋值 673let certData = '-----BEGIN CERTIFICATE-----\n' + 674 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 675 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 676 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 677 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 678 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 679 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 680 'Qw==\n' + 681 '-----END CERTIFICATE-----\n'; 682 683let encodingBlob: certFramework.EncodingBlob = { 684 data: stringToUint8Array(certData), 685 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 686 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 687}; 688 689certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 690 if (error != null) { 691 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 692 } else { 693 console.log('createX509Cert success'); 694 695 let date = '231001000001Z'; 696 // Verify the certificate validity period. 697 try { 698 x509Cert.checkValidityWithDate(date); 699 } catch (error) { 700 let e: BusinessError = error as BusinessError; 701 console.error('checkValidityWithDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 702 } 703 } 704}); 705``` 706 707### getVersion 708 709getVersion() : number 710 711表示获取X509证书版本。 712 713**系统能力:** SystemCapability.Security.Cert 714 715**返回值**: 716 717| 类型 | 说明 | 718| ------ | ---------------- | 719| number | 表示X509证书版本 | 720 721**示例:** 722 723```ts 724import certFramework from '@ohos.security.cert'; 725 726// string转Uint8Array 727function stringToUint8Array(str: string): Uint8Array { 728 let arr: Array<number> = []; 729 for (let i = 0, j = str.length; i < j; i++) { 730 arr.push(str.charCodeAt(i)); 731 } 732 return new Uint8Array(arr); 733} 734 735// 证书二进制数据,需业务自行赋值 736let certData = '-----BEGIN CERTIFICATE-----\n' + 737 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 738 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 739 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 740 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 741 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 742 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 743 'Qw==\n' + 744 '-----END CERTIFICATE-----\n'; 745 746let encodingBlob: certFramework.EncodingBlob = { 747 data: stringToUint8Array(certData), 748 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 749 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 750}; 751certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 752 if (error != null) { 753 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 754 } else { 755 console.log('createX509Cert success'); 756 let version = x509Cert.getVersion(); 757 } 758}); 759``` 760 761### getSerialNumber<sup>(deprecated)</sup> 762 763getSerialNumber() : number 764 765表示获取X509证书序列号。 766 767> **说明:** 768> 769> 从API version 9开始支持,从API version 10开始废弃,建议使用[getCertSerialNumber](#getcertserialnumber10)替代。 770 771**系统能力:** SystemCapability.Security.Cert 772 773**返回值**: 774 775| 类型 | 说明 | 776| ------ | ------------------ | 777| number | 表示X509证书序列号 | 778 779**示例:** 780 781```ts 782import certFramework from '@ohos.security.cert'; 783 784// string转Uint8Array 785function stringToUint8Array(str: string): Uint8Array { 786 let arr: Array<number> = []; 787 for (let i = 0, j = str.length; i < j; i++) { 788 arr.push(str.charCodeAt(i)); 789 } 790 return new Uint8Array(arr); 791} 792 793// 证书二进制数据,需业务自行赋值 794let certData = '-----BEGIN CERTIFICATE-----\n' + 795 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 796 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 797 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 798 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 799 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 800 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 801 'Qw==\n' + 802 '-----END CERTIFICATE-----\n'; 803 804let encodingBlob: certFramework.EncodingBlob = { 805 data: stringToUint8Array(certData), 806 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 807 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 808}; 809 810certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 811 if (error != null) { 812 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 813 } else { 814 console.log('createX509Cert success'); 815 let serialNumber = x509Cert.getSerialNumber(); 816 } 817}); 818``` 819 820### getCertSerialNumber<sup>10+</sup> 821 822getCertSerialNumber() : bigint 823 824表示获取X509证书序列号。 825 826**系统能力:** SystemCapability.Security.Cert 827 828**返回值**: 829 830| 类型 | 说明 | 831| ------ | ------------------ | 832| bigint | 表示X509证书序列号 | 833 834**错误码:** 835 836以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 837 838| 错误码ID | 错误信息 | 839| -------- | ------------------------------------------------- | 840| 19020002 | runtime error. | 841 842**示例:** 843 844```ts 845import certFramework from '@ohos.security.cert'; 846import { BusinessError } from '@ohos.base'; 847 848// string转Uint8Array 849function stringToUint8Array(str: string): Uint8Array { 850 let arr: Array<number> = []; 851 for (let i = 0, j = str.length; i < j; i++) { 852 arr.push(str.charCodeAt(i)); 853 } 854 return new Uint8Array(arr); 855} 856 857// 证书二进制数据,需业务自行赋值 858let certData = '-----BEGIN CERTIFICATE-----\n' + 859 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 860 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 861 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 862 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 863 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 864 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 865 'Qw==\n' + 866 '-----END CERTIFICATE-----\n'; 867 868let encodingBlob: certFramework.EncodingBlob = { 869 data: stringToUint8Array(certData), 870 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 871 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 872}; 873 874certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 875 if (error != null) { 876 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 877 } else { 878 console.log('createX509Cert success'); 879 try { 880 let serialNumber = x509Cert.getCertSerialNumber(); 881 } catch (err) { 882 let e: BusinessError = err as BusinessError; 883 console.error('getCertSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 884 } 885 } 886}); 887``` 888 889### getIssuerName 890 891getIssuerName() : DataBlob 892 893表示获取X509证书颁发者名称。 894 895**系统能力:** SystemCapability.Security.Cert 896 897**返回值**: 898 899| 类型 | 说明 | 900| --------------------- | ---------------------- | 901| [DataBlob](#datablob) | 表示X509证书颁发者名称 | 902 903**错误码:** 904 905以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 906 907| 错误码ID | 错误信息 | 908| -------- | ------------------------------------------------- | 909| 19020001 | memory error. | 910| 19020002 | runtime error. | 911| 19030001 | crypto operation error.| 912 913**示例:** 914 915```ts 916import certFramework from '@ohos.security.cert'; 917import { BusinessError } from '@ohos.base'; 918 919// string转Uint8Array 920function stringToUint8Array(str: string): Uint8Array { 921 let arr: Array<number> = []; 922 for (let i = 0, j = str.length; i < j; i++) { 923 arr.push(str.charCodeAt(i)); 924 } 925 return new Uint8Array(arr); 926} 927 928// 证书二进制数据,需业务自行赋值 929let certData = '-----BEGIN CERTIFICATE-----\n' + 930 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 931 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 932 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 933 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 934 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 935 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 936 'Qw==\n' + 937 '-----END CERTIFICATE-----\n'; 938 939let encodingBlob: certFramework.EncodingBlob = { 940 data: stringToUint8Array(certData), 941 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 942 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 943}; 944 945certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 946 if (error != null) { 947 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 948 } else { 949 console.log('createX509Cert success'); 950 try { 951 let issuerName = x509Cert.getIssuerName(); 952 } catch (err) { 953 let e: BusinessError = err as BusinessError; 954 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 955 } 956 } 957}); 958``` 959 960### getSubjectName 961 962getSubjectName() : DataBlob 963 964表示获取X509证书主体名称。 965 966**系统能力:** SystemCapability.Security.Cert 967 968**返回值**: 969 970| 类型 | 说明 | 971| --------------------- | -------------------- | 972| [DataBlob](#datablob) | 表示X509证书主体名称 | 973 974**错误码:** 975 976以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 977 978| 错误码ID | 错误信息 | 979| -------- | ------------------------------------------------- | 980| 19020001 | memory error. | 981| 19020002 | runtime error. | 982| 19030001 | crypto operation error.| 983 984**示例:** 985 986```ts 987import certFramework from '@ohos.security.cert'; 988import { BusinessError } from '@ohos.base'; 989 990// string转Uint8Array 991function stringToUint8Array(str: string): Uint8Array { 992 let arr: Array<number> = []; 993 for (let i = 0, j = str.length; i < j; i++) { 994 arr.push(str.charCodeAt(i)); 995 } 996 return new Uint8Array(arr); 997} 998 999// 证书二进制数据,需业务自行赋值 1000let certData = '-----BEGIN CERTIFICATE-----\n' + 1001 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1002 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1003 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1004 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1005 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1006 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1007 'Qw==\n' + 1008 '-----END CERTIFICATE-----\n'; 1009 1010let encodingBlob: certFramework.EncodingBlob = { 1011 data: stringToUint8Array(certData), 1012 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1013 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1014}; 1015 1016certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1017 if (error != null) { 1018 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1019 } else { 1020 console.log('createX509Cert success'); 1021 try { 1022 let subjectName = x509Cert.getSubjectName(); 1023 } catch (err) { 1024 let e: BusinessError = err as BusinessError; 1025 console.error('getSubjectName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1026 } 1027 } 1028}); 1029``` 1030 1031### getNotBeforeTime 1032 1033getNotBeforeTime() : string 1034 1035表示获取X509证书有效期起始时间。 1036 1037**系统能力:** SystemCapability.Security.Cert 1038 1039**返回值**: 1040 1041| 类型 | 说明 | 1042| ------ | ------------------------------------------------------------ | 1043| string | 表示X509证书有效期起始时间(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间以Z结尾:表示标准时间) | 1044 1045**错误码:** 1046 1047以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1048 1049| 错误码ID | 错误信息 | 1050| -------- | ------------------------------------------------- | 1051| 19020001 | memory error. | 1052| 19020002 | runtime error. | 1053| 19030001 | crypto operation error.| 1054 1055**示例:** 1056 1057```ts 1058import certFramework from '@ohos.security.cert'; 1059import { BusinessError } from '@ohos.base'; 1060 1061// string转Uint8Array 1062function stringToUint8Array(str: string): Uint8Array { 1063 let arr: Array<number> = []; 1064 for (let i = 0, j = str.length; i < j; i++) { 1065 arr.push(str.charCodeAt(i)); 1066 } 1067 return new Uint8Array(arr); 1068} 1069 1070// 证书二进制数据,需业务自行赋值 1071let certData = '-----BEGIN CERTIFICATE-----\n' + 1072 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1073 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1074 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1075 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1076 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1077 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1078 'Qw==\n' + 1079 '-----END CERTIFICATE-----\n'; 1080 1081let encodingBlob: certFramework.EncodingBlob = { 1082 data: stringToUint8Array(certData), 1083 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1084 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1085}; 1086 1087certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1088 if (error != null) { 1089 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1090 } else { 1091 console.log('createX509Cert success'); 1092 try { 1093 let notBefore = x509Cert.getNotBeforeTime(); 1094 } catch (err) { 1095 let e: BusinessError = err as BusinessError; 1096 console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1097 } 1098 } 1099}); 1100``` 1101 1102### getNotAfterTime 1103 1104getNotAfterTime() : string 1105 1106表示获取X509证书有效期截止时间。 1107 1108**系统能力:** SystemCapability.Security.Cert 1109 1110**返回值**: 1111 1112| 类型 | 说明 | 1113| ------ | ------------------------------------------------------------ | 1114| string | 表示X509证书有效期截止时间(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间以Z结尾:表示标准时间) | 1115 1116**错误码:** 1117 1118以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1119 1120| 错误码ID | 错误信息 | 1121| -------- | ------------------------------------------------- | 1122| 19020001 | memory error. | 1123| 19020002 | runtime error. | 1124| 19030001 | crypto operation error.| 1125 1126**示例:** 1127 1128```ts 1129import certFramework from '@ohos.security.cert'; 1130 1131import { BusinessError } from '@ohos.base'; 1132 1133// string转Uint8Array 1134function stringToUint8Array(str: string): Uint8Array { 1135 let arr: Array<number> = []; 1136 for (let i = 0, j = str.length; i < j; i++) { 1137 arr.push(str.charCodeAt(i)); 1138 } 1139 return new Uint8Array(arr); 1140} 1141 1142// 证书二进制数据,需业务自行赋值 1143let certData = '-----BEGIN CERTIFICATE-----\n' + 1144 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1145 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1146 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1147 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1148 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1149 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1150 'Qw==\n' + 1151 '-----END CERTIFICATE-----\n'; 1152 1153let encodingBlob: certFramework.EncodingBlob = { 1154 data: stringToUint8Array(certData), 1155 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1156 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1157}; 1158 1159certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1160 if (error != null) { 1161 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1162 } else { 1163 console.log('createX509Cert success'); 1164 try { 1165 let notAfter = x509Cert.getNotAfterTime(); 1166 } catch (err) { 1167 let e: BusinessError = err as BusinessError; 1168 console.error('getNotAfterTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1169 } 1170 } 1171}); 1172``` 1173 1174### getSignature 1175 1176getSignature() : DataBlob 1177 1178表示获取X509证书签名数据。 1179 1180**系统能力:** SystemCapability.Security.Cert 1181 1182**返回值**: 1183 1184| 类型 | 说明 | 1185| --------------------- | -------------------- | 1186| [DataBlob](#datablob) | 表示X509证书签名数据 | 1187 1188**错误码:** 1189 1190以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1191 1192| 错误码ID | 错误信息 | 1193| -------- | ------------------------------------------------- | 1194| 19020001 | memory error. | 1195| 19020002 | runtime error. | 1196| 19030001 | crypto operation error.| 1197 1198**示例:** 1199 1200```ts 1201import certFramework from '@ohos.security.cert'; 1202 1203import { BusinessError } from '@ohos.base'; 1204 1205// string转Uint8Array 1206function stringToUint8Array(str: string): Uint8Array { 1207 let arr: Array<number> = []; 1208 for (let i = 0, j = str.length; i < j; i++) { 1209 arr.push(str.charCodeAt(i)); 1210 } 1211 return new Uint8Array(arr); 1212} 1213 1214// 证书二进制数据,需业务自行赋值 1215let certData = '-----BEGIN CERTIFICATE-----\n' + 1216 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1217 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1218 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1219 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1220 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1221 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1222 'Qw==\n' + 1223 '-----END CERTIFICATE-----\n'; 1224 1225let encodingBlob: certFramework.EncodingBlob = { 1226 data: stringToUint8Array(certData), 1227 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1228 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1229}; 1230 1231certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1232 if (error != null) { 1233 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1234 } else { 1235 console.log('createX509Cert success'); 1236 try { 1237 let signature = x509Cert.getSignature(); 1238 } catch (err) { 1239 let e: BusinessError = err as BusinessError; 1240 console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1241 } 1242 } 1243}); 1244``` 1245 1246### getSignatureAlgName 1247 1248getSignatureAlgName() : string 1249 1250表示获取X509证书签名算法名称。 1251 1252**系统能力:** SystemCapability.Security.Cert 1253 1254**返回值**: 1255 1256| 类型 | 说明 | 1257| ------ | ------------------------ | 1258| string | 表示X509证书签名算法名称 | 1259 1260**错误码:** 1261 1262以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1263 1264| 错误码ID | 错误信息 | 1265| -------- | ------------------------------------------------- | 1266| 19020001 | memory error. | 1267| 19020002 | runtime error. | 1268| 19030001 | crypto operation error.| 1269 1270**示例:** 1271 1272```ts 1273import certFramework from '@ohos.security.cert'; 1274 1275import { BusinessError } from '@ohos.base'; 1276 1277// string转Uint8Array 1278function stringToUint8Array(str: string): Uint8Array { 1279 let arr: Array<number> = []; 1280 for (let i = 0, j = str.length; i < j; i++) { 1281 arr.push(str.charCodeAt(i)); 1282 } 1283 return new Uint8Array(arr); 1284} 1285 1286// 证书二进制数据,需业务自行赋值 1287let certData = '-----BEGIN CERTIFICATE-----\n' + 1288 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1289 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1290 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1291 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1292 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1293 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1294 'Qw==\n' + 1295 '-----END CERTIFICATE-----\n'; 1296 1297let encodingBlob: certFramework.EncodingBlob = { 1298 data: stringToUint8Array(certData), 1299 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1300 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1301}; 1302 1303certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1304 if (error != null) { 1305 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1306 } else { 1307 console.log('createX509Cert success'); 1308 try { 1309 let sigAlgName = x509Cert.getSignatureAlgName(); 1310 } catch (err) { 1311 let e: BusinessError = err as BusinessError; 1312 console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1313 } 1314 } 1315}); 1316``` 1317 1318### getSignatureAlgOid 1319 1320getSignatureAlgOid() : string 1321 1322表示获取X509证书签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 1323 1324**系统能力:** SystemCapability.Security.Cert 1325 1326**返回值**: 1327 1328| 类型 | 说明 | 1329| ------ | --------------------------------- | 1330| string | 表示X509证书签名算法对象标志符OID | 1331 1332**错误码:** 1333 1334以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1335 1336| 错误码ID | 错误信息 | 1337| -------- | ------------------------------------------------- | 1338| 19020001 | memory error. | 1339| 19020002 | runtime error. | 1340| 19030001 | crypto operation error.| 1341 1342**示例:** 1343 1344```ts 1345import certFramework from '@ohos.security.cert'; 1346import { BusinessError } from '@ohos.base'; 1347 1348// string转Uint8Array 1349function stringToUint8Array(str: string): Uint8Array { 1350 let arr: Array<number> = []; 1351 for (let i = 0, j = str.length; i < j; i++) { 1352 arr.push(str.charCodeAt(i)); 1353 } 1354 return new Uint8Array(arr); 1355} 1356 1357// 证书二进制数据,需业务自行赋值 1358let certData = '-----BEGIN CERTIFICATE-----\n' + 1359 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1360 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1361 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1362 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1363 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1364 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1365 'Qw==\n' + 1366 '-----END CERTIFICATE-----\n'; 1367 1368let encodingBlob: certFramework.EncodingBlob = { 1369 data: stringToUint8Array(certData), 1370 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1371 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1372}; 1373 1374certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1375 if (error != null) { 1376 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1377 } else { 1378 console.log('createX509Cert success'); 1379 try { 1380 let sigAlgOid = x509Cert.getSignatureAlgOid(); 1381 } catch (err) { 1382 let e: BusinessError = err as BusinessError; 1383 console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1384 } 1385 } 1386}); 1387``` 1388 1389### getSignatureAlgParams 1390 1391getSignatureAlgParams() : DataBlob 1392 1393表示获取X509证书签名算法参数。 1394 1395**系统能力:** SystemCapability.Security.Cert 1396 1397**返回值**: 1398 1399| 类型 | 说明 | 1400| --------------------- | ------------------------ | 1401| [DataBlob](#datablob) | 表示X509证书签名算法参数 | 1402 1403**错误码:** 1404 1405以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1406 1407| 错误码ID | 错误信息 | 1408| -------- | ------------------------------------------------- | 1409| 19020001 | memory error. | 1410| 19020002 | runtime error. | 1411| 19030001 | crypto operation error.| 1412 1413**示例:** 1414 1415```ts 1416import certFramework from '@ohos.security.cert'; 1417import { BusinessError } from '@ohos.base'; 1418 1419// string转Uint8Array 1420function stringToUint8Array(str: string): Uint8Array { 1421 let arr: Array<number> = []; 1422 for (let i = 0, j = str.length; i < j; i++) { 1423 arr.push(str.charCodeAt(i)); 1424 } 1425 return new Uint8Array(arr); 1426} 1427 1428// 证书二进制数据,需业务自行赋值 1429let certData = '-----BEGIN CERTIFICATE-----\n' + 1430 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1431 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1432 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1433 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1434 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1435 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1436 'Qw==\n' + 1437 '-----END CERTIFICATE-----\n'; 1438 1439let encodingBlob: certFramework.EncodingBlob = { 1440 data: stringToUint8Array(certData), 1441 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1442 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1443}; 1444 1445certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1446 if (error != null) { 1447 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1448 } else { 1449 console.log('createX509Cert success'); 1450 try { 1451 let sigAlgParams = x509Cert.getSignatureAlgParams(); 1452 } catch (err) { 1453 let e: BusinessError = err as BusinessError; 1454 console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1455 } 1456 } 1457}); 1458``` 1459 1460### getKeyUsage 1461 1462getKeyUsage() : DataBlob 1463 1464表示获取X509证书秘钥用途。 1465 1466**系统能力:** SystemCapability.Security.Cert 1467 1468**返回值**: 1469 1470| 类型 | 说明 | 1471| --------------------- | -------------------- | 1472| [DataBlob](#datablob) | 表示X509证书秘钥用途 | 1473 1474**错误码:** 1475 1476以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1477 1478| 错误码ID | 错误信息 | 1479| -------- | ------------------------------------------------- | 1480| 19020001 | memory error. | 1481| 19030001 | crypto operation error.| 1482 1483**示例:** 1484 1485```ts 1486import certFramework from '@ohos.security.cert'; 1487import { BusinessError } from '@ohos.base'; 1488 1489// string转Uint8Array 1490function stringToUint8Array(str: string): Uint8Array { 1491 let arr: Array<number> = []; 1492 for (let i = 0, j = str.length; i < j; i++) { 1493 arr.push(str.charCodeAt(i)); 1494 } 1495 return new Uint8Array(arr); 1496} 1497 1498// 证书二进制数据,需业务自行赋值 1499let certData = '-----BEGIN CERTIFICATE-----\n' + 1500 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1501 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1502 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1503 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1504 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1505 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1506 'Qw==\n' + 1507 '-----END CERTIFICATE-----\n'; 1508 1509let encodingBlob: certFramework.EncodingBlob = { 1510 data: stringToUint8Array(certData), 1511 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1512 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1513}; 1514 1515certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1516 if (error != null) { 1517 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1518 } else { 1519 console.log('createX509Cert success'); 1520 try { 1521 let keyUsage = x509Cert.getKeyUsage(); 1522 } catch (err) { 1523 let e: BusinessError = err as BusinessError; 1524 console.error('getKeyUsage failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1525 } 1526 } 1527}); 1528``` 1529 1530### getExtKeyUsage 1531 1532getExtKeyUsage() : DataArray 1533 1534表示获取X509证书扩展秘钥用途。 1535 1536**系统能力:** SystemCapability.Security.Cert 1537 1538**返回值**: 1539 1540| 类型 | 说明 | 1541| ----------------------- | ------------------------ | 1542| [DataArray](#dataarray) | 表示X509证书扩展秘钥用途 | 1543 1544**错误码:** 1545 1546以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1547 1548| 错误码ID | 错误信息 | 1549| -------- | ------------------------------------------------- | 1550| 19020001 | memory error. | 1551| 19020002 | runtime error. | 1552| 19030001 | crypto operation error.| 1553 1554**示例:** 1555 1556```ts 1557import certFramework from '@ohos.security.cert'; 1558import { BusinessError } from '@ohos.base'; 1559 1560// string转Uint8Array 1561function stringToUint8Array(str: string): Uint8Array { 1562 let arr: Array<number> = []; 1563 for (let i = 0, j = str.length; i < j; i++) { 1564 arr.push(str.charCodeAt(i)); 1565 } 1566 return new Uint8Array(arr); 1567} 1568 1569// 证书二进制数据,需业务自行赋值 1570let certData = '-----BEGIN CERTIFICATE-----\n' + 1571 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1572 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1573 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1574 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1575 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1576 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1577 'Qw==\n' + 1578 '-----END CERTIFICATE-----\n'; 1579 1580let encodingBlob: certFramework.EncodingBlob = { 1581 data: stringToUint8Array(certData), 1582 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1583 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1584}; 1585 1586certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1587 if (error != null) { 1588 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1589 } else { 1590 console.log('createX509Cert success'); 1591 try { 1592 let extKeyUsage = x509Cert.getExtKeyUsage(); 1593 } catch (err) { 1594 let e: BusinessError = err as BusinessError; 1595 console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1596 } 1597 } 1598}); 1599``` 1600 1601### getBasicConstraints 1602 1603getBasicConstraints() : number 1604 1605表示获取X509证书基本约束。 1606 1607**系统能力:** SystemCapability.Security.Cert 1608 1609**返回值**: 1610 1611| 类型 | 说明 | 1612| ------ | -------------------- | 1613| number | 表示X509证书基本约束 | 1614 1615**示例:** 1616 1617```ts 1618import certFramework from '@ohos.security.cert'; 1619 1620// string转Uint8Array 1621function stringToUint8Array(str: string): Uint8Array { 1622 let arr: Array<number> = []; 1623 for (let i = 0, j = str.length; i < j; i++) { 1624 arr.push(str.charCodeAt(i)); 1625 } 1626 return new Uint8Array(arr); 1627} 1628 1629// 证书二进制数据,需业务自行赋值 1630let certData = '-----BEGIN CERTIFICATE-----\n' + 1631 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1632 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1633 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1634 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1635 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1636 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1637 'Qw==\n' + 1638 '-----END CERTIFICATE-----\n'; 1639 1640let encodingBlob: certFramework.EncodingBlob = { 1641 data: stringToUint8Array(certData), 1642 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1643 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1644}; 1645 1646certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1647 if (error != null) { 1648 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1649 } else { 1650 console.log('createX509Cert success'); 1651 let basicConstraints = x509Cert.getBasicConstraints(); 1652 } 1653}); 1654``` 1655 1656### getSubjectAltNames 1657 1658getSubjectAltNames() : DataArray 1659 1660表示获取X509证书主体可选名称。 1661 1662**系统能力:** SystemCapability.Security.Cert 1663 1664**返回值**: 1665 1666| 类型 | 说明 | 1667| ----------------------- | ------------------------ | 1668| [DataArray](#dataarray) | 表示X509证书主体可选名称 | 1669 1670**错误码:** 1671 1672以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1673 1674| 错误码ID | 错误信息 | 1675| -------- | ------------------------------------------------- | 1676| 19020001 | memory error. | 1677| 19020002 | runtime error. | 1678| 19030001 | crypto operation error.| 1679 1680**示例:** 1681 1682```ts 1683import certFramework from '@ohos.security.cert'; 1684import { BusinessError } from '@ohos.base'; 1685 1686// string转Uint8Array 1687function stringToUint8Array(str: string): Uint8Array { 1688 let arr: Array<number> = []; 1689 for (let i = 0, j = str.length; i < j; i++) { 1690 arr.push(str.charCodeAt(i)); 1691 } 1692 return new Uint8Array(arr); 1693} 1694 1695// 证书二进制数据,需业务自行赋值 1696let certData = '-----BEGIN CERTIFICATE-----\n' + 1697 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1698 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1699 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1700 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1701 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1702 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1703 'Qw==\n' + 1704 '-----END CERTIFICATE-----\n'; 1705 1706let encodingBlob: certFramework.EncodingBlob = { 1707 data: stringToUint8Array(certData), 1708 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1709 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1710}; 1711 1712certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1713 if (error != null) { 1714 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1715 } else { 1716 console.log('createX509Cert success'); 1717 try { 1718 let subjectAltNames = x509Cert.getSubjectAltNames(); 1719 } catch (err) { 1720 let e: BusinessError = err as BusinessError; 1721 console.error('getSubjectAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1722 } 1723 } 1724}); 1725``` 1726 1727### getIssuerAltNames 1728 1729getIssuerAltNames() : DataArray 1730 1731表示获取X509证书颁发者可选名称。 1732 1733**系统能力:** SystemCapability.Security.Cert 1734 1735**返回值**: 1736 1737| 类型 | 说明 | 1738| ----------------------- | -------------------------- | 1739| [DataArray](#dataarray) | 表示X509证书颁发者可选名称 | 1740 1741**错误码:** 1742 1743以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1744 1745| 错误码ID | 错误信息 | 1746| -------- | ------------------------------------------------- | 1747| 19020001 | memory error. | 1748| 19020002 | runtime error. | 1749| 19030001 | crypto operation error.| 1750 1751**示例:** 1752 1753```ts 1754import certFramework from '@ohos.security.cert'; 1755import { BusinessError } from '@ohos.base'; 1756 1757// string转Uint8Array 1758function stringToUint8Array(str: string): Uint8Array { 1759 let arr: Array<number> = []; 1760 for (let i = 0, j = str.length; i < j; i++) { 1761 arr.push(str.charCodeAt(i)); 1762 } 1763 return new Uint8Array(arr); 1764} 1765 1766// 证书二进制数据,需业务自行赋值 1767let certData = '-----BEGIN CERTIFICATE-----\n' + 1768 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1769 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1770 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1771 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1772 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1773 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1774 'Qw==\n' + 1775 '-----END CERTIFICATE-----\n'; 1776 1777let encodingBlob: certFramework.EncodingBlob = { 1778 data: stringToUint8Array(certData), 1779 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1780 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1781}; 1782 1783certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1784 if (error != null) { 1785 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1786 } else { 1787 console.log('createX509Cert success'); 1788 try { 1789 let issuerAltNames = x509Cert.getIssuerAltNames(); 1790 } catch (err) { 1791 let e: BusinessError = err as BusinessError; 1792 console.error('getIssuerAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1793 } 1794 } 1795}); 1796``` 1797 1798### getItem<sup>10+</sup> 1799 1800getItem(itemType: CertItemType) : DataBlob 1801 1802表示获取X509证书对应的字段。 1803 1804**系统能力:** SystemCapability.Security.Cert 1805 1806**返回值**: 1807 1808| 类型 | 说明 | 1809| --------------------- | ----------------------------------------- | 1810| [DataBlob](#datablob) | 表示X509证书对应的字段,返回值为DER格式。 | 1811 1812**错误码:** 1813 1814以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1815 1816| 错误码ID | 错误信息 | 1817| -------- | ----------------------- | 1818| 19020001 | memory error. | 1819| 19020002 | runtime error. | 1820| 19030001 | crypto operation error. | 1821 1822**示例:** 1823 1824```ts 1825import certFramework from '@ohos.security.cert'; 1826import { BusinessError } from '@ohos.base'; 1827 1828// string转Uint8Array 1829function stringToUint8Array(str: string): Uint8Array { 1830 let arr: Array<number> = []; 1831 for (let i = 0, j = str.length; i < j; i++) { 1832 arr.push(str.charCodeAt(i)); 1833 } 1834 return new Uint8Array(arr); 1835} 1836 1837// 证书二进制数据,需业务自行赋值 1838let certData = '-----BEGIN CERTIFICATE-----\n' + 1839 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1840 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1841 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1842 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1843 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1844 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1845 'Qw==\n' + 1846 '-----END CERTIFICATE-----\n'; 1847 1848let encodingBlob: certFramework.EncodingBlob = { 1849 data: stringToUint8Array(certData), 1850 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1851 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 1852}; 1853 1854certFramework.createX509Cert(encodingBlob, (error, x509Cert) => { 1855 if (error != null) { 1856 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1857 } else { 1858 console.log('createX509Cert success'); 1859 try { 1860 let tbs = x509Cert.getItem(certFramework.CertItemType.CERT_ITEM_TYPE_TBS); 1861 let pubKey = x509Cert.getItem(certFramework.CertItemType.CERT_ITEM_TYPE_PUBLIC_KEY); 1862 } catch (err) { 1863 let e: BusinessError = err as BusinessError; 1864 console.error('getItem failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1865 } 1866 } 1867}); 1868``` 1869 1870## cryptoCert.createCertExtension<sup>10+</sup> 1871 1872createCertExtension(inStream : EncodingBlob, callback : AsyncCallback\<CertExtension>) : void 1873 1874表示创建证书扩展域段的对象,使用Callback回调异步返回结果。 1875 1876**系统能力:** SystemCapability.Security.Cert 1877 1878**参数**: 1879 1880| 参数名 | 类型 | 必填 | 说明 | 1881| -------- | ------------------------------------------------- | ---- | -------------------------- | 1882| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据 | 1883| callback | AsyncCallback\<[CertExtension](#certextension10)> | 是 | 回调函数。表示扩展域段对象 | 1884 1885**错误码:** 1886 1887以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1888 1889| 错误码ID | 错误信息 | 1890| -------- | ------------- | 1891| 19020001 | memory error. | 1892 1893**示例:** 1894 1895```ts 1896import certFramework from '@ohos.security.cert'; 1897 1898// 证书扩展域段二进制数据,需业务自行赋值 1899let extData = new Uint8Array([ 1900 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 1901 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 1902 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 1903 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 1904 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 1905 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 1906 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 1907 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 1908 0xD9, 0xE4 1909]); 1910 1911let encodingBlob: certFramework.EncodingBlob = { 1912 data: extData, 1913 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 1914 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 1915}; 1916 1917certFramework.createCertExtension(encodingBlob, (error, certExt) => { 1918 if (error != null) { 1919 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1920 } else { 1921 console.log('createCertExtension success'); 1922 } 1923}); 1924``` 1925 1926## cryptoCert.createCertExtension<sup>10+</sup> 1927 1928createCertExtension(inStream : EncodingBlob) : Promise\<CertExtension> 1929 1930表示创建证书扩展域段的对象,使用Promise方式异步返回结果。 1931 1932**系统能力:** SystemCapability.Security.Cert 1933 1934**参数**: 1935 1936| 参数名 | 类型 | 必填 | 说明 | 1937| -------- | ----------------------------- | ---- | -------------------------- | 1938| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据 | 1939 1940**返回值**: 1941 1942| 类型 | 说明 | 1943| ------------------------------------------- | -------------------- | 1944| Promise\<[CertExtension](#certextension10)> | 表示证书扩展域段对象 | 1945 1946**错误码:** 1947 1948以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 1949 1950| 错误码ID | 错误信息 | 1951| -------- | ------------- | 1952| 19020001 | memory error. | 1953 1954**示例:** 1955 1956```ts 1957import certFramework from '@ohos.security.cert'; 1958import { BusinessError } from '@ohos.base'; 1959 1960// 证书扩展域段二进制数据,需业务自行赋值 1961let extData = new Uint8Array([ 1962 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 1963 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 1964 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 1965 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 1966 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 1967 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 1968 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 1969 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 1970 0xD9, 0xE4 1971]); 1972 1973let encodingBlob: certFramework.EncodingBlob = { 1974 data: extData, 1975 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 1976 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 1977}; 1978 1979certFramework.createCertExtension(encodingBlob).then(certExt => { 1980 console.log('createCertExtension success'); 1981}).catch((error: BusinessError) => { 1982 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1983}); 1984``` 1985 1986## CertExtension<sup>10+</sup> 1987 1988证书扩展域段类。 1989 1990### getEncoded<sup>10+</sup> 1991 1992getEncoded() : EncodingBlob 1993 1994表示获取证书扩展域段序列化数据。 1995 1996**系统能力:** SystemCapability.Security.Cert 1997 1998**返回值**: 1999 2000| 类型 | 说明 | 2001| ----------------------------- | ---------------------------- | 2002| [EncodingBlob](#encodingblob) | 表示证书扩展域段序列化数据。 | 2003 2004**错误码:** 2005 2006以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2007 2008| 错误码ID | 错误信息 | 2009| -------- | ----------------------- | 2010| 19020001 | memory error. | 2011| 19020002 | runtime error. | 2012| 19030001 | crypto operation error. | 2013 2014**示例:** 2015 2016```ts 2017import certFramework from '@ohos.security.cert'; 2018import { BusinessError } from '@ohos.base'; 2019 2020// 证书扩展域段二进制数据,需业务自行赋值 2021let extData = new Uint8Array([ 2022 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2023 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2024 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2025 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2026 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2027 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2028 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2029 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2030 0xD9, 0xE4 2031]); 2032 2033let encodingBlob: certFramework.EncodingBlob = { 2034 data: extData, 2035 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2036 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 2037}; 2038 2039certFramework.createCertExtension(encodingBlob, (error, certExt) => { 2040 if (error != null) { 2041 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2042 } else { 2043 console.log('createCertExtension success'); 2044 try { 2045 let extEncodedBlob = certExt.getEncoded(); 2046 } catch (err) { 2047 let e: BusinessError = err as BusinessError; 2048 console.error('ext getEncoded failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2049 } 2050 } 2051}); 2052``` 2053 2054### getOidList<sup>10+</sup> 2055 2056getOidList(valueType : ExtensionOidType) : DataArray 2057 2058表示获取证书扩展域段对象标识符列表。 2059 2060**系统能力:** SystemCapability.Security.Cert 2061 2062**参数**: 2063 2064| 参数名 | 类型 | 必填 | 说明 | 2065| --------- | ------------------------------------- | ---- | ------------------------------ | 2066| valueType | [ExtensionOidType](#extensionoidtype) | 是 | 表示证书扩展域段对象标识符类型 | 2067 2068**返回值**: 2069 2070| 类型 | 说明 | 2071| ----------------------- | -------------------------------- | 2072| [DataArray](#dataarray) | 表示证书扩展域段对象标识符列表。 | 2073 2074**错误码:** 2075 2076以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2077 2078| 错误码ID | 错误信息 | 2079| -------- | ----------------------- | 2080| 19020001 | memory error. | 2081| 19020002 | runtime error. | 2082| 19030001 | crypto operation error. | 2083 2084**示例:** 2085 2086```ts 2087import certFramework from '@ohos.security.cert'; 2088import { BusinessError } from '@ohos.base'; 2089 2090// 证书扩展域段二进制数据,需业务自行赋值 2091let extData = new Uint8Array([ 2092 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2093 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2094 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2095 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2096 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2097 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2098 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2099 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2100 0xD9, 0xE4 2101]); 2102 2103let encodingBlob: certFramework.EncodingBlob = { 2104 data: extData, 2105 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2106 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 2107}; 2108 2109certFramework.createCertExtension(encodingBlob, (error, certExt) => { 2110 if (error != null) { 2111 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2112 } else { 2113 console.log('createCertExtension success'); 2114 try { 2115 let oidList = certExt.getOidList(certFramework.ExtensionOidType.EXTENSION_OID_TYPE_ALL); 2116 } catch (err) { 2117 let e: BusinessError = err as BusinessError; 2118 console.error('ext getOidList failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2119 } 2120 } 2121}); 2122``` 2123 2124### getEntry<sup>10+</sup> 2125 2126getEntry(valueType: ExtensionEntryType, oid : DataBlob) : DataBlob 2127 2128表示获取证书扩展域段对象信息。 2129 2130**系统能力:** SystemCapability.Security.Cert 2131 2132**参数**: 2133 2134| 参数名 | 类型 | 必填 | 说明 | 2135| --------- | ----------------------------------------- | ---- | -------------------------------- | 2136| valueType | [ExtensionEntryType](#extensionentrytype) | 是 | 表示证书扩展域段获取的类型 | 2137| oid | [DataBlob](#datablob) | 是 | 表示证书扩展域段获取的对象标识符 | 2138 2139**返回值**: 2140 2141| 类型 | 说明 | 2142| --------------------- | ---------------------------- | 2143| [DataBlob](#datablob) | 表示证书扩展域段对象的数据。 | 2144 2145**错误码:** 2146 2147以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2148 2149| 错误码ID | 错误信息 | 2150| -------- | ----------------------- | 2151| 19020001 | memory error. | 2152| 19020002 | runtime error. | 2153| 19030001 | crypto operation error. | 2154 2155**示例:** 2156 2157```ts 2158import certFramework from '@ohos.security.cert'; 2159import { BusinessError } from '@ohos.base'; 2160 2161// 证书扩展域段二进制数据,需业务自行赋值 2162let extData = new Uint8Array([ 2163 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2164 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2165 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2166 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2167 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2168 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2169 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2170 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2171 0xD9, 0xE4 2172]); 2173 2174let encodingBlob: certFramework.EncodingBlob = { 2175 data: extData, 2176 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2177 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 2178}; 2179 2180certFramework.createCertExtension(encodingBlob, (error, certExt) => { 2181 if (error != null) { 2182 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2183 } else { 2184 console.log('createCertExtension success'); 2185 let oid = new Uint8Array([0x32, 0x2e, 0x35, 0x2e, 0x32, 0x39, 0x2e, 0x31, 0x35]); 2186 let oidBlob: certFramework.DataBlob = { 2187 data: oid 2188 } 2189 try { 2190 let entry = certExt.getEntry(certFramework.ExtensionEntryType.EXTENSION_ENTRY_TYPE_ENTRY, oidBlob); 2191 } catch (err) { 2192 let e: BusinessError = err as BusinessError; 2193 console.error('ext getEntry failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2194 } 2195 } 2196}); 2197``` 2198 2199 2200### checkCA<sup>10+</sup> 2201 2202checkCA() : number 2203 2204表示校验证书是否为CA证书。 2205 2206**系统能力:** SystemCapability.Security.Cert 2207 2208**返回值**: 2209 2210| 类型 | 说明 | 2211| ------ | ------------------------------------------------------------ | 2212| number | 当证书扩展域段中密钥用途包含签名用途,并且基本约束中cA字段为true时,表示证书为CA证书。如果不是CA,则返回-1;否则返回基本约束中的路径长度。如果证书是CA证书,但是基本约束中未给定路径长度,则返回-2,表示无路径长度限制。 | 2213 2214**错误码:** 2215 2216以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2217 2218| 错误码ID | 错误信息 | 2219| -------- | ----------------------- | 2220| 19020001 | memory error. | 2221| 19020002 | runtime error. | 2222| 19030001 | crypto operation error. | 2223 2224**示例:** 2225 2226```ts 2227import certFramework from '@ohos.security.cert'; 2228import { BusinessError } from '@ohos.base'; 2229 2230// 证书扩展域段二进制数据,需业务自行赋值 2231let extData = new Uint8Array([ 2232 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2233 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2234 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2235 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2236 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2237 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2238 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2239 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2240 0xD9, 0xE4 2241]); 2242 2243let encodingBlob: certFramework.EncodingBlob = { 2244 data: extData, 2245 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2246 encodingFormat: certFramework.EncodingFormat.FORMAT_DER 2247}; 2248certFramework.createCertExtension(encodingBlob, (error, certExt) => { 2249 if (error != null) { 2250 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2251 } else { 2252 console.log('createCertExtension success'); 2253 try { 2254 let res = certExt.checkCA(); 2255 } catch (err) { 2256 let e: BusinessError = err as BusinessError; 2257 console.error('ext checkCA failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2258 } 2259 } 2260}); 2261``` 2262 2263## cryptoCert.createX509Crl 2264 2265createX509Crl(inStream : EncodingBlob, callback : AsyncCallback\<X509Crl>) : void 2266 2267表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。 2268 2269**系统能力:** SystemCapability.Security.Cert 2270 2271**参数**: 2272 2273| 参数名 | 类型 | 必填 | 说明 | 2274| -------- | ----------------------------------- | ---- | ------------------------------ | 2275| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 2276| callback | AsyncCallback\<[X509Crl](#x509crl)> | 是 | 回调函数。表示证书吊销列表对象 | 2277 2278**错误码:** 2279 2280以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2281 2282| 错误码ID | 错误信息 | 2283| -------- | ------------- | 2284| 19020001 | memory error. | 2285 2286**示例:** 2287 2288```ts 2289import certFramework from '@ohos.security.cert'; 2290 2291// string转Uint8Array 2292function stringToUint8Array(str: string): Uint8Array { 2293 let arr: Array<number> = []; 2294 for (let i = 0, j = str.length; i < j; i++) { 2295 arr.push(str.charCodeAt(i)); 2296 } 2297 return new Uint8Array(arr); 2298} 2299 2300let crlData = '-----BEGIN X509 CRL-----\n' + 2301 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2302 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2303 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2304 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2305 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2306 'eavsH0Q3\n' + 2307 '-----END X509 CRL-----\n'; 2308 2309// 证书吊销列表二进制数据,需业务自行赋值 2310let encodingBlob: certFramework.EncodingBlob = { 2311 data: stringToUint8Array(crlData), 2312 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2313 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2314}; 2315 2316certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 2317 if (error != null) { 2318 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2319 } else { 2320 console.log('createX509Crl success'); 2321 } 2322}); 2323``` 2324 2325## cryptoCert.createX509Crl 2326 2327createX509Crl(inStream : EncodingBlob) : Promise\<X509Crl> 2328 2329表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。 2330 2331**系统能力:** SystemCapability.Security.Cert 2332 2333**参数**: 2334 2335| 参数名 | 类型 | 必填 | 说明 | 2336| -------- | ----------------------------- | ---- | -------------------------- | 2337| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 2338 2339**返回值**: 2340 2341| 类型 | 说明 | 2342| ----------------------------- | -------------------- | 2343| Promise\<[X509Crl](#x509crl)> | 表示证书吊销列表对象 | 2344 2345**错误码:** 2346 2347以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2348 2349| 错误码ID | 错误信息 | 2350| -------- | ------------- | 2351| 19020001 | memory error. | 2352 2353**示例:** 2354 2355```ts 2356import certFramework from '@ohos.security.cert'; 2357import { BusinessError } from '@ohos.base'; 2358 2359// string转Uint8Array 2360function stringToUint8Array(str: string): Uint8Array { 2361 let arr: Array<number> = []; 2362 for (let i = 0, j = str.length; i < j; i++) { 2363 arr.push(str.charCodeAt(i)); 2364 } 2365 return new Uint8Array(arr); 2366} 2367 2368let crlData = '-----BEGIN X509 CRL-----\n' + 2369 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2370 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2371 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2372 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2373 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2374 'eavsH0Q3\n' + 2375 '-----END X509 CRL-----\n'; 2376 2377// 证书吊销列表二进制数据,需业务自行赋值 2378let encodingBlob: certFramework.EncodingBlob = { 2379 data: stringToUint8Array(crlData), 2380 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2381 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2382}; 2383 2384certFramework.createX509Crl(encodingBlob).then(x509Crl => { 2385 console.log('createX509Crl success'); 2386}).catch((error: BusinessError) => { 2387 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2388}); 2389``` 2390 2391## X509Crl 2392 2393X509证书吊销列表对象。 2394 2395### isRevoked 2396 2397isRevoked(cert : X509Cert) : boolean 2398 2399表示检查证书是否吊销。 2400 2401**系统能力:** SystemCapability.Security.Cert 2402 2403**参数**: 2404 2405| 参数名 | 类型 | 必填 | 说明 | 2406| ------ | -------- | ---- | -------------------- | 2407| cert | X509Cert | 是 | 表示被检查的证书对象 | 2408 2409**返回值**: 2410 2411| 类型 | 说明 | 2412| --------- | --------------------------------------------- | 2413| boolean | 表示证书吊销状态,true表示已吊销,false表示未吊销 | 2414 2415**示例:** 2416 2417```ts 2418import certFramework from '@ohos.security.cert'; 2419import { BusinessError } from '@ohos.base'; 2420 2421// string转Uint8Array 2422function stringToUint8Array(str: string): Uint8Array { 2423 let arr: Array<number> = []; 2424 for (let i = 0, j = str.length; i < j; i++) { 2425 arr.push(str.charCodeAt(i)); 2426 } 2427 return new Uint8Array(arr); 2428} 2429 2430let crlData = '-----BEGIN X509 CRL-----\n' + 2431 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2432 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2433 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2434 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2435 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2436 'eavsH0Q3\n' + 2437 '-----END X509 CRL-----\n'; 2438 2439let certData = '-----BEGIN CERTIFICATE-----\n' + 2440 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 2441 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 2442 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 2443 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 2444 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 2445 '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 2446 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 2447 '-----END CERTIFICATE-----\n'; 2448 2449// 证书吊销列表二进制数据,需业务自行赋值 2450let encodingBlob: certFramework.EncodingBlob = { 2451 data: stringToUint8Array(crlData), 2452 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2453 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2454}; 2455 2456let certEncodingBlob: certFramework.EncodingBlob = { 2457 data: stringToUint8Array(certData), 2458 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2459 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2460}; 2461 2462certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 2463 if (error != null) { 2464 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2465 } else { 2466 console.log('createX509Crl success'); 2467 // Create an X509Cert instance. 2468 certFramework.createX509Cert(certEncodingBlob, (error, x509Cert) => { 2469 if (error == null) { 2470 try { 2471 let revokedFlag = x509Crl.isRevoked(x509Cert); 2472 } catch (error) { 2473 let e: BusinessError = error as BusinessError; 2474 console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2475 } 2476 } 2477 }); 2478 } 2479}); 2480``` 2481 2482### getType 2483 2484getType() : string 2485 2486表示获取证书吊销列表类型。 2487 2488**系统能力:** SystemCapability.Security.Cert 2489 2490**返回值**: 2491 2492| 类型 | 说明 | 2493| ------ | -------------------- | 2494| string | 表示证书吊销列表类型 | 2495 2496**示例:** 2497 2498```ts 2499import certFramework from '@ohos.security.cert'; 2500 2501// string转Uint8Array 2502function stringToUint8Array(str: string): Uint8Array { 2503 let arr: Array<number> = []; 2504 for (let i = 0, j = str.length; i < j; i++) { 2505 arr.push(str.charCodeAt(i)); 2506 } 2507 return new Uint8Array(arr); 2508} 2509 2510let crlData = '-----BEGIN X509 CRL-----\n' + 2511 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2512 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2513 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2514 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2515 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2516 'eavsH0Q3\n' + 2517 '-----END X509 CRL-----\n'; 2518 2519// 证书吊销列表二进制数据,需业务自行赋值 2520let encodingBlob: certFramework.EncodingBlob = { 2521 data: stringToUint8Array(crlData), 2522 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2523 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2524}; 2525 2526certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 2527 if (error != null) { 2528 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2529 } else { 2530 console.log('createX509Crl success'); 2531 let type = x509Crl.getType(); 2532 } 2533}); 2534``` 2535 2536### getEncoded 2537 2538getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 2539 2540表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。 2541 2542**系统能力:** SystemCapability.Security.Cert 2543 2544**参数**: 2545 2546| 参数名 | 类型 | 必填 | 说明 | 2547| -------- | ---------------------------- | ---- | ------------------------------------------ | 2548| callback | AsyncCallback\<EncodingBlob> | 是 | 回调函数,表示X509证书吊销列表的序列化数据 | 2549 2550**错误码:** 2551 2552以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2553 2554| 错误码ID | 错误信息 | 2555| -------- | ----------------------- | 2556| 19020001 | memory error. | 2557| 19020002 | runtime error. | 2558| 19030001 | crypto operation error. | 2559 2560**示例:** 2561 2562```ts 2563import certFramework from '@ohos.security.cert'; 2564 2565// string转Uint8Array 2566function stringToUint8Array(str: string): Uint8Array { 2567 let arr: Array<number> = []; 2568 for (let i = 0, j = str.length; i < j; i++) { 2569 arr.push(str.charCodeAt(i)); 2570 } 2571 return new Uint8Array(arr); 2572} 2573 2574let crlData = '-----BEGIN X509 CRL-----\n' + 2575 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2576 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2577 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2578 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2579 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2580 'eavsH0Q3\n' + 2581 '-----END X509 CRL-----\n'; 2582 2583// 证书吊销列表二进制数据,需业务自行赋值 2584let encodingBlob: certFramework.EncodingBlob = { 2585 data: stringToUint8Array(crlData), 2586 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2587 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2588}; 2589 2590certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 2591 if (error != null) { 2592 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2593 } else { 2594 console.log('createX509Crl success'); 2595 x509Crl.getEncoded((error, data) => { 2596 if (error != null) { 2597 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2598 } else { 2599 console.log('getEncoded success'); 2600 } 2601 }); 2602 } 2603}); 2604``` 2605 2606### getEncoded 2607 2608getEncoded() : Promise\<EncodingBlob> 2609 2610表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。 2611 2612**系统能力:** SystemCapability.Security.Cert 2613 2614**返回值**: 2615 2616| 类型 | 说明 | 2617| ---------------------- | -------------------------------- | 2618| Promise\<EncodingBlob> | 表示X509证书吊销列表的序列化数据 | 2619 2620**错误码:** 2621 2622以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2623 2624| 错误码ID | 错误信息 | 2625| -------- | ----------------------- | 2626| 19020001 | memory error. | 2627| 19020002 | runtime error. | 2628| 19030001 | crypto operation error. | 2629 2630**示例:** 2631 2632```ts 2633import certFramework from '@ohos.security.cert'; 2634import { BusinessError } from '@ohos.base'; 2635 2636// string转Uint8Array 2637function stringToUint8Array(str: string): Uint8Array { 2638 let arr: Array<number> = []; 2639 for (let i = 0, j = str.length; i < j; i++) { 2640 arr.push(str.charCodeAt(i)); 2641 } 2642 return new Uint8Array(arr); 2643} 2644 2645let crlData = '-----BEGIN X509 CRL-----\n' + 2646 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2647 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2648 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2649 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2650 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2651 'eavsH0Q3\n' + 2652 '-----END X509 CRL-----\n'; 2653 2654// 证书吊销列表二进制数据,需业务自行赋值 2655let encodingBlob: certFramework.EncodingBlob = { 2656 data: stringToUint8Array(crlData), 2657 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2658 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2659}; 2660 2661certFramework.createX509Crl(encodingBlob).then(x509Crl => { 2662 console.log('createX509Crl success'); 2663 x509Crl.getEncoded().then(result => { 2664 console.log('getEncoded success'); 2665 }).catch((error: BusinessError) => { 2666 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2667 }); 2668}).catch((error: BusinessError) => { 2669 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2670}); 2671``` 2672 2673### verify 2674 2675verify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 2676 2677表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。 2678 2679**系统能力:** SystemCapability.Security.Cert 2680 2681**参数**: 2682 2683| 参数名 | 类型 | 必填 | 说明 | 2684| -------- | -------------------- | ---- | ------------------------------------------------------------ | 2685| key | cryptoFramework.PubKey | 是 | 表示用于验签的公钥对象 | 2686| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。 | 2687 2688**错误码:** 2689 2690以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2691 2692| 错误码ID | 错误信息 | 2693| -------- | ----------------------- | 2694| 19030001 | crypto operation error. | 2695 2696**示例:** 2697 2698```ts 2699import certFramework from '@ohos.security.cert'; 2700import cryptoFramework from '@ohos.security.cryptoFramework'; 2701import { BusinessError } from '@ohos.base'; 2702 2703// string转Uint8Array 2704function stringToUint8Array(str: string): Uint8Array { 2705 let arr: Array<number> = []; 2706 for (let i = 0, j = str.length; i < j; i++) { 2707 arr.push(str.charCodeAt(i)); 2708 } 2709 return new Uint8Array(arr); 2710} 2711 2712let crlData = '-----BEGIN X509 CRL-----\n' + 2713 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2714 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2715 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2716 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2717 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2718 'eavsH0Q3\n' + 2719 '-----END X509 CRL-----\n'; 2720 2721let pubKeyData = new Uint8Array([ 2722 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 2723 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 2724 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 2725 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 2726 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 2727 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 2728 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 2729 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 2730 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 2731 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 2732 0x00, 0x01 2733]); 2734 2735let priKeyData = new Uint8Array([ 2736 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 2737 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 2738 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 2739 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 2740 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 2741 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 2742 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 2743 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 2744 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 2745 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 2746 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 2747 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 2748 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 2749 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 2750 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 2751 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 2752 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 2753 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 2754 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 2755 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 2756 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 2757 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 2758 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 2759 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 2760 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 2761 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 2762 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 2763 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 2764 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 2765 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 2766 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 2767 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 2768 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 2769 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 2770 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 2771 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 2772 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 2773 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 2774 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 2775 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 2776]); 2777 2778// 证书吊销列表二进制数据,需业务自行赋值 2779let encodingBlob: certFramework.EncodingBlob = { 2780 data: stringToUint8Array(crlData), 2781 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2782 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2783}; 2784 2785certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 2786 if (error != null) { 2787 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2788 } else { 2789 console.log('createX509Crl success'); 2790 try { 2791 // Generate the public key by AsyKeyGenerator. 2792 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 2793 console.log('createAsyKeyGenerator success'); 2794 let priEncodingBlob: cryptoFramework.DataBlob = { 2795 data: priKeyData, 2796 }; 2797 let pubEncodingBlob: cryptoFramework.DataBlob = { 2798 data: pubKeyData, 2799 }; 2800 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => { 2801 if (e == null) { 2802 console.log('convert key success'); 2803 x509Crl.verify(keyPair.pubKey, (err, data) => { 2804 if (err == null) { 2805 console.log('verify success'); 2806 } else { 2807 console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 2808 } 2809 }); 2810 } else { 2811 console.error('convert key failed, message: ' + e.message + 'code: ' + e.code); 2812 } 2813 }) 2814 } catch (error) { 2815 let e: BusinessError = error as BusinessError; 2816 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2817 } 2818 } 2819}); 2820``` 2821 2822### verify 2823 2824verify(key : cryptoFramework.PubKey) : Promise\<void> 2825 2826表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。 2827 2828**系统能力:** SystemCapability.Security.Cert 2829 2830**参数**: 2831 2832| 参数名 | 类型 | 必填 | 说明 | 2833| ------ | ------ | ---- | ---------------------- | 2834| key | cryptoFramework.PubKey | 是 | 表示用于验签的公钥对象。 | 2835 2836**返回值**: 2837 2838| 类型 | 说明 | 2839| ---- | ------------------------------------------------------------ | 2840| Promise\<void> | Promise对象 | 2841 2842**错误码:** 2843 2844以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 2845 2846| 错误码ID | 错误信息 | 2847| -------- | ----------------------- | 2848| 19030001 | crypto operation error. | 2849 2850**示例:** 2851 2852```ts 2853import certFramework from '@ohos.security.cert'; 2854import cryptoFramework from '@ohos.security.cryptoFramework' 2855import { BusinessError } from '@ohos.base'; 2856 2857// string转Uint8Array 2858function stringToUint8Array(str: string): Uint8Array { 2859 let arr: Array<number> = []; 2860 for (let i = 0, j = str.length; i < j; i++) { 2861 arr.push(str.charCodeAt(i)); 2862 } 2863 return new Uint8Array(arr); 2864} 2865 2866let crlData = '-----BEGIN X509 CRL-----\n' + 2867 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 2868 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 2869 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 2870 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 2871 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 2872 'eavsH0Q3\n' + 2873 '-----END X509 CRL-----\n'; 2874 2875let pubKeyData = new Uint8Array([ 2876 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 2877 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 2878 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 2879 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 2880 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 2881 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 2882 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 2883 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 2884 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 2885 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 2886 0x00, 0x01 2887]); 2888 2889let priKeyData = new Uint8Array([ 2890 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 2891 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 2892 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 2893 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 2894 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 2895 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 2896 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 2897 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 2898 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 2899 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 2900 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 2901 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 2902 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 2903 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 2904 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 2905 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 2906 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 2907 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 2908 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 2909 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 2910 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 2911 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 2912 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 2913 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 2914 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 2915 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 2916 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 2917 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 2918 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 2919 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 2920 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 2921 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 2922 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 2923 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 2924 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 2925 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 2926 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 2927 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 2928 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 2929 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 2930]); 2931 2932// 证书吊销列表二进制数据,需业务自行赋值 2933let encodingBlob: certFramework.EncodingBlob = { 2934 data: stringToUint8Array(crlData), 2935 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2936 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 2937}; 2938 2939certFramework.createX509Crl(encodingBlob).then(x509Crl => { 2940 console.log('createX509Crl success'); 2941 2942 try { 2943 // 生成公钥对象 2944 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 2945 console.log('createAsyKeyGenerator success'); 2946 let priEncodingBlob: cryptoFramework.DataBlob = { 2947 data: priKeyData, 2948 }; 2949 let pubEncodingBlob: cryptoFramework.DataBlob = { 2950 data: pubKeyData, 2951 }; 2952 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => { 2953 console.log('convert key success'); 2954 x509Crl.verify(keyPair.pubKey).then(result => { 2955 console.log('verify success'); 2956 }).catch((error: BusinessError) => { 2957 console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2958 }); 2959 }).catch((error: BusinessError) => { 2960 console.error('convert key failed, message: ' + error.message + 'code: ' + error.code); 2961 }); 2962 } catch (error) { 2963 let e: BusinessError = error as BusinessError; 2964 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2965 } 2966}).catch((error: BusinessError) => { 2967 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2968}); 2969``` 2970 2971### getVersion 2972 2973getVersion() : number 2974 2975表示获取X509证书吊销列表的版本号。 2976 2977**系统能力:** SystemCapability.Security.Cert 2978 2979**返回值**: 2980 2981| 类型 | 说明 | 2982| ------ | -------------------------------- | 2983| number | 表示获取X509证书吊销列表的版本号 | 2984 2985**示例:** 2986 2987```ts 2988import certFramework from '@ohos.security.cert'; 2989 2990// string转Uint8Array 2991function stringToUint8Array(str: string): Uint8Array { 2992 let arr: Array<number> = []; 2993 for (let i = 0, j = str.length; i < j; i++) { 2994 arr.push(str.charCodeAt(i)); 2995 } 2996 return new Uint8Array(arr); 2997} 2998 2999let crlData = '-----BEGIN X509 CRL-----\n' + 3000 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3001 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3002 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3003 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3004 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3005 'eavsH0Q3\n' + 3006 '-----END X509 CRL-----\n'; 3007 3008// 证书吊销列表二进制数据,需业务自行赋值 3009let encodingBlob: certFramework.EncodingBlob = { 3010 data: stringToUint8Array(crlData), 3011 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3012 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3013}; 3014 3015certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3016 if (error != null) { 3017 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3018 } else { 3019 console.log('createX509Crl success'); 3020 let version = x509Crl.getVersion(); 3021 } 3022}); 3023``` 3024 3025### getIssuerName 3026 3027getIssuerName() : DataBlob 3028 3029表示获取X509证书吊销列表颁发者名称。 3030 3031**系统能力:** SystemCapability.Security.Cert 3032 3033**返回值**: 3034 3035| 类型 | 说明 | 3036| --------------------- | ------------------------------ | 3037| [DataBlob](#datablob) | 表示X509证书吊销列表颁发者名称 | 3038 3039**错误码:** 3040 3041以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3042 3043| 错误码ID | 错误信息 | 3044| -------- | ----------------------- | 3045| 19020001 | memory error. | 3046| 19020002 | runtime error. | 3047| 19030001 | crypto operation error. | 3048 3049**示例:** 3050 3051```ts 3052import certFramework from '@ohos.security.cert'; 3053import { BusinessError } from '@ohos.base'; 3054 3055// string转Uint8Array 3056function stringToUint8Array(str: string): Uint8Array { 3057 let arr: Array<number> = []; 3058 for (let i = 0, j = str.length; i < j; i++) { 3059 arr.push(str.charCodeAt(i)); 3060 } 3061 return new Uint8Array(arr); 3062} 3063 3064let crlData = '-----BEGIN X509 CRL-----\n' + 3065 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3066 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3067 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3068 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3069 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3070 'eavsH0Q3\n' + 3071 '-----END X509 CRL-----\n'; 3072 3073// 证书吊销列表二进制数据,需业务自行赋值 3074let encodingBlob: certFramework.EncodingBlob = { 3075 data: stringToUint8Array(crlData), 3076 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3077 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3078}; 3079 3080certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3081 if (error != null) { 3082 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3083 } else { 3084 console.log('createX509Crl success'); 3085 try { 3086 let issuerName = x509Crl.getIssuerName(); 3087 } catch (err) { 3088 let e: BusinessError = err as BusinessError; 3089 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3090 } 3091 } 3092}); 3093``` 3094 3095### getLastUpdate 3096 3097getLastUpdate() : string 3098 3099表示获取X509证书吊销列表最后一次更新日期。 3100 3101**系统能力:** SystemCapability.Security.Cert 3102 3103**返回值**: 3104 3105| 类型 | 说明 | 3106| ------ | ------------------------------------ | 3107| string | 表示X509证书吊销列表最后一次更新日期 | 3108 3109**错误码:** 3110 3111以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3112 3113| 错误码ID | 错误信息 | 3114| -------- | ----------------------- | 3115| 19020001 | memory error. | 3116| 19020002 | runtime error. | 3117| 19030001 | crypto operation error. | 3118 3119**示例:** 3120 3121```ts 3122import certFramework from '@ohos.security.cert'; 3123import { BusinessError } from '@ohos.base'; 3124 3125// string转Uint8Array 3126function stringToUint8Array(str: string): Uint8Array { 3127 let arr: Array<number> = []; 3128 for (let i = 0, j = str.length; i < j; i++) { 3129 arr.push(str.charCodeAt(i)); 3130 } 3131 return new Uint8Array(arr); 3132} 3133 3134let crlData = '-----BEGIN X509 CRL-----\n' + 3135 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3136 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3137 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3138 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3139 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3140 'eavsH0Q3\n' + 3141 '-----END X509 CRL-----\n'; 3142 3143// 证书吊销列表二进制数据,需业务自行赋值 3144let encodingBlob: certFramework.EncodingBlob = { 3145 data: stringToUint8Array(crlData), 3146 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3147 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3148}; 3149 3150certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3151 if (error != null) { 3152 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3153 } else { 3154 console.log('createX509Crl success'); 3155 try { 3156 let lastUpdate = x509Crl.getLastUpdate(); 3157 } catch (err) { 3158 let e: BusinessError = err as BusinessError; 3159 console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3160 } 3161 } 3162}); 3163``` 3164 3165### getNextUpdate 3166 3167getNextUpdate() : string 3168 3169表示获取证书吊销列表下一次更新的日期。 3170 3171**系统能力:** SystemCapability.Security.Cert 3172 3173**返回值**: 3174 3175| 类型 | 说明 | 3176| ------ | ------------------------------------ | 3177| string | 表示X509证书吊销列表下一次更新的日期 | 3178 3179**错误码:** 3180 3181以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3182 3183| 错误码ID | 错误信息 | 3184| -------- | ----------------------- | 3185| 19020001 | memory error. | 3186| 19020002 | runtime error. | 3187| 19030001 | crypto operation error. | 3188 3189**示例:** 3190 3191```ts 3192import certFramework from '@ohos.security.cert'; 3193import { BusinessError } from '@ohos.base'; 3194 3195// string转Uint8Array 3196function stringToUint8Array(str: string): Uint8Array { 3197 let arr: Array<number> = []; 3198 for (let i = 0, j = str.length; i < j; i++) { 3199 arr.push(str.charCodeAt(i)); 3200 } 3201 return new Uint8Array(arr); 3202} 3203 3204let crlData = '-----BEGIN X509 CRL-----\n' + 3205 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3206 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3207 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3208 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3209 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3210 'eavsH0Q3\n' + 3211 '-----END X509 CRL-----\n'; 3212 3213// 证书吊销列表二进制数据,需业务自行赋值 3214let encodingBlob: certFramework.EncodingBlob = { 3215 data: stringToUint8Array(crlData), 3216 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3217 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3218}; 3219 3220certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3221 if (error != null) { 3222 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3223 } else { 3224 console.log('createX509Crl success'); 3225 try { 3226 let nextUpdate = x509Crl.getNextUpdate(); 3227 } catch (err) { 3228 let e: BusinessError = err as BusinessError; 3229 console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3230 } 3231 } 3232}); 3233``` 3234 3235### getRevokedCert 3236 3237getRevokedCert(serialNumber : number) : X509CrlEntry 3238 3239表示通过指定证书序列号获取被吊销X509证书对象。 3240 3241**系统能力:** SystemCapability.Security.Cert 3242 3243**参数**: 3244 3245| 参数名 | 类型 | 必填 | 说明 | 3246| ------------ | ------ | ---- | -------------- | 3247| serialNumber | number | 是 | 表示证书序列号 | 3248 3249**返回值**: 3250 3251| 类型 | 说明 | 3252| ---------------------- | --------------------- | 3253| [X509CrlEntry](#x509crlentry) | 表示被吊销X509证书对象 | 3254 3255**错误码:** 3256 3257以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3258 3259| 错误码ID | 错误信息 | 3260| -------- | ----------------------- | 3261| 19020001 | memory error. | 3262| 19030001 | crypto operation error. | 3263 3264**示例:** 3265 3266```ts 3267import certFramework from '@ohos.security.cert'; 3268import { BusinessError } from '@ohos.base'; 3269 3270// string转Uint8Array 3271function stringToUint8Array(str: string): Uint8Array { 3272 let arr: Array<number> = []; 3273 for (let i = 0, j = str.length; i < j; i++) { 3274 arr.push(str.charCodeAt(i)); 3275 } 3276 return new Uint8Array(arr); 3277} 3278 3279let crlData = '-----BEGIN X509 CRL-----\n' + 3280 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3281 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3282 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3283 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3284 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3285 'eavsH0Q3\n' + 3286 '-----END X509 CRL-----\n'; 3287 3288// 证书吊销列表二进制数据,需业务自行赋值 3289let encodingBlob: certFramework.EncodingBlob = { 3290 data: stringToUint8Array(crlData), 3291 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3292 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3293}; 3294 3295certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3296 if (error != null) { 3297 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3298 } else { 3299 console.log('createX509Crl success'); 3300 let serialNumber = 1000; 3301 try { 3302 let entry = x509Crl.getRevokedCert(serialNumber); 3303 } catch (error) { 3304 let e: BusinessError = error as BusinessError; 3305 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3306 } 3307 } 3308}); 3309``` 3310 3311### getRevokedCertWithCert 3312 3313getRevokedCertWithCert(cert : X509Cert) : X509CrlEntry 3314 3315表示通过指定证书对象获取被吊销X509证书对象。 3316 3317**系统能力:** SystemCapability.Security.Cert 3318 3319**参数**: 3320 3321| 参数名 | 类型 | 必填 | 说明 | 3322| ------ | --------------------- | ---- | ------------ | 3323| cert | [X509Cert](#x509cert) | 是 | 表示证书对象 | 3324 3325**返回值**: 3326 3327| 类型 | 说明 | 3328| ------------ | -------------------- | 3329| [X509CrlEntry](#x509crlentry) | 表示被吊销X509证书对象 | 3330 3331**错误码:** 3332 3333以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3334 3335| 错误码ID | 错误信息 | 3336| -------- | ----------------------- | 3337| 19020001 | memory error. | 3338| 19030001 | crypto operation error. | 3339 3340**示例:** 3341 3342```ts 3343import certFramework from '@ohos.security.cert'; 3344import { BusinessError } from '@ohos.base'; 3345 3346// string转Uint8Array 3347function stringToUint8Array(str: string): Uint8Array { 3348 let arr: Array<number> = []; 3349 for (let i = 0, j = str.length; i < j; i++) { 3350 arr.push(str.charCodeAt(i)); 3351 } 3352 return new Uint8Array(arr); 3353} 3354 3355let crlData = '-----BEGIN X509 CRL-----\n' + 3356 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3357 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3358 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3359 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3360 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3361 'eavsH0Q3\n' + 3362 '-----END X509 CRL-----\n'; 3363 3364// 证书二进制数据,需业务自行赋值 3365let certData = '-----BEGIN CERTIFICATE-----\n' 3366 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' 3367 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' 3368 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' 3369 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' 3370 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' 3371 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' 3372 'Qw==\n' 3373 '-----END CERTIFICATE-----\n'; 3374 3375let certEncodingBlob: certFramework.EncodingBlob = { 3376 data: stringToUint8Array(certData), 3377 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3378 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3379}; 3380 3381// 证书吊销列表二进制数据,需业务自行赋值 3382let encodingBlob: certFramework.EncodingBlob = { 3383 data: stringToUint8Array(crlData), 3384 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3385 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3386}; 3387 3388certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3389 if (error != null) { 3390 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3391 } else { 3392 console.log('createX509Crl success'); 3393 // 创建X509证书对象. 3394 certFramework.createX509Cert(certEncodingBlob).then((x509Cert) => { 3395 try { 3396 let entry = x509Crl.getRevokedCertWithCert(x509Cert); 3397 } catch (error) { 3398 let e: BusinessError = error as BusinessError; 3399 console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3400 } 3401 }).catch((error: BusinessError) => { 3402 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3403 }) 3404 } 3405}); 3406``` 3407 3408### getRevokedCerts 3409 3410getRevokedCerts(callback : AsyncCallback<Array\<X509CrlEntry>>) : void 3411 3412表示获取被吊销X509证书列表,使用Callback回调异步返回结果。 3413 3414**系统能力:** SystemCapability.Security.Cert 3415 3416**参数**: 3417 3418| 参数名 | 类型 | 必填 | 说明 | 3419| -------- | ---------------------------------------------------- | ---- | -------------------------------- | 3420| callback | AsyncCallback<Array\<[X509CrlEntry](#x509crlentry)>> | 是 | 回调函数。表示被吊销X509证书列表 | 3421 3422**错误码:** 3423 3424以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3425 3426| 错误码ID | 错误信息 | 3427| -------- | ----------------------- | 3428| 19020001 | memory error. | 3429| 19030001 | crypto operation error. | 3430 3431**示例:** 3432 3433```ts 3434import certFramework from '@ohos.security.cert'; 3435import { BusinessError } from '@ohos.base'; 3436 3437// string转Uint8Array 3438function stringToUint8Array(str: string): Uint8Array { 3439 let arr: Array<number> = []; 3440 for (let i = 0, j = str.length; i < j; i++) { 3441 arr.push(str.charCodeAt(i)); 3442 } 3443 return new Uint8Array(arr); 3444} 3445 3446let crlData = '-----BEGIN X509 CRL-----\n' + 3447 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3448 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3449 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3450 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3451 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3452 'eavsH0Q3\n' + 3453 '-----END X509 CRL-----\n'; 3454 3455// 证书吊销列表二进制数据,需业务自行赋值 3456let encodingBlob: certFramework.EncodingBlob = { 3457 data: stringToUint8Array(crlData), 3458 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3459 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3460}; 3461 3462certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3463 if (error != null) { 3464 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3465 } else { 3466 console.log('createX509Crl success'); 3467 x509Crl.getRevokedCerts((error, array) => { 3468 if (error != null) { 3469 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3470 } else { 3471 console.log('getRevokedCerts success'); 3472 } 3473 }); 3474 } 3475}); 3476``` 3477 3478### getRevokedCerts 3479 3480getRevokedCerts() : Promise<Array\<X509CrlEntry>> 3481 3482表示获取被吊销X509证书列表,使用Promise方式异步返回结果。 3483 3484**系统能力:** SystemCapability.Security.Cert 3485 3486**返回值**: 3487 3488| 类型 | 说明 | 3489| ---------------------------------------------- | ---------------------- | 3490| Promise<Array\<[X509CrlEntry](#x509crlentry)>> | 表示被吊销X509证书列表 | 3491 3492**错误码:** 3493 3494以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3495 3496| 错误码ID | 错误信息 | 3497| -------- | ----------------------- | 3498| 19020001 | memory error. | 3499| 19030001 | crypto operation error. | 3500 3501**示例:** 3502 3503```ts 3504import certFramework from '@ohos.security.cert'; 3505import { BusinessError } from '@ohos.base'; 3506 3507// string转Uint8Array 3508function stringToUint8Array(str: string): Uint8Array { 3509 let arr: Array<number> = []; 3510 for (let i = 0, j = str.length; i < j; i++) { 3511 arr.push(str.charCodeAt(i)); 3512 } 3513 return new Uint8Array(arr); 3514} 3515 3516let crlData = '-----BEGIN X509 CRL-----\n' + 3517 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3518 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3519 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3520 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3521 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3522 'eavsH0Q3\n' + 3523 '-----END X509 CRL-----\n'; 3524 3525// 证书吊销列表二进制数据,需业务自行赋值 3526let encodingBlob: certFramework.EncodingBlob = { 3527 data: stringToUint8Array(crlData), 3528 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3529 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3530}; 3531 3532certFramework.createX509Crl(encodingBlob).then(x509Crl => { 3533 console.log('createX509Crl success'); 3534 x509Crl.getRevokedCerts().then(array => { 3535 console.log('getRevokedCerts success'); 3536 }).catch((error: BusinessError) => { 3537 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3538 }); 3539}).catch((error: BusinessError) => { 3540 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3541}); 3542``` 3543 3544### getTbsInfo 3545 3546getTbsInfo() : DataBlob 3547 3548表示获取证书吊销列表的tbsCertList信息。 3549 3550**系统能力:** SystemCapability.Security.Cert 3551 3552**返回值**: 3553 3554| 类型 | 说明 | 3555| --------------------- | ------------------------------- | 3556| [DataBlob](#datablob) | 表示证书吊销列表的tbsCertList信息 | 3557 3558**错误码:** 3559 3560以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3561 3562| 错误码ID | 错误信息 | 3563| -------- | ----------------------- | 3564| 19020001 | memory error. | 3565| 19020002 | runtime error. | 3566| 19030001 | crypto operation error. | 3567 3568**示例:** 3569 3570```ts 3571import certFramework from '@ohos.security.cert'; 3572import { BusinessError } from '@ohos.base'; 3573 3574// string转Uint8Array 3575function stringToUint8Array(str: string): Uint8Array { 3576 let arr: Array<number> = []; 3577 for (let i = 0, j = str.length; i < j; i++) { 3578 arr.push(str.charCodeAt(i)); 3579 } 3580 return new Uint8Array(arr); 3581} 3582 3583let crlData = '-----BEGIN X509 CRL-----\n' + 3584 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3585 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3586 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3587 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3588 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3589 'eavsH0Q3\n' + 3590 '-----END X509 CRL-----\n'; 3591 3592// 证书吊销列表二进制数据,需业务自行赋值 3593let encodingBlob: certFramework.EncodingBlob = { 3594 data: stringToUint8Array(crlData), 3595 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3596 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3597}; 3598 3599certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3600 if (error != null) { 3601 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3602 } else { 3603 console.log('createX509Crl success'); 3604 try { 3605 let tbsInfo = x509Crl.getTbsInfo(); 3606 } catch (error) { 3607 let e: BusinessError = error as BusinessError; 3608 console.error('getTbsInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3609 } 3610 } 3611}); 3612``` 3613 3614### getSignature 3615 3616getSignature() : DataBlob 3617 3618表示获取X509证书吊销列表的签名数据。 3619 3620**系统能力:** SystemCapability.Security.Cert 3621 3622**返回值**: 3623 3624| 类型 | 说明 | 3625| --------------------- | ------------------------------ | 3626| [DataBlob](#datablob) | 表示X509证书吊销列表的签名数据 | 3627 3628**错误码:** 3629 3630以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3631 3632| 错误码ID | 错误信息 | 3633| -------- | ----------------------- | 3634| 19020001 | memory error. | 3635| 19020002 | runtime error. | 3636| 19030001 | crypto operation error. | 3637 3638**示例:** 3639 3640```ts 3641import certFramework from '@ohos.security.cert'; 3642import { BusinessError } from '@ohos.base'; 3643 3644// string转Uint8Array 3645function stringToUint8Array(str: string): Uint8Array { 3646 let arr: Array<number> = []; 3647 for (let i = 0, j = str.length; i < j; i++) { 3648 arr.push(str.charCodeAt(i)); 3649 } 3650 return new Uint8Array(arr); 3651} 3652 3653let crlData = '-----BEGIN X509 CRL-----\n' + 3654 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3655 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3656 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3657 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3658 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3659 'eavsH0Q3\n' + 3660 '-----END X509 CRL-----\n'; 3661 3662// 证书吊销列表二进制数据,需业务自行赋值 3663let encodingBlob: certFramework.EncodingBlob = { 3664 data: stringToUint8Array(crlData), 3665 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3666 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3667}; 3668 3669certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3670 if (error != null) { 3671 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3672 } else { 3673 console.log('createX509Crl success'); 3674 try { 3675 let signature = x509Crl.getSignature(); 3676 } catch (err) { 3677 let e: BusinessError = err as BusinessError; 3678 console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3679 } 3680 } 3681}); 3682``` 3683 3684### getSignatureAlgName 3685 3686getSignatureAlgName() : string 3687 3688表示获取X509证书吊销列表签名的算法名称。 3689 3690**系统能力:** SystemCapability.Security.Cert 3691 3692**返回值**: 3693 3694| 类型 | 说明 | 3695| ------ | -------------------------------- | 3696| string | 表示X509证书吊销列表签名的算法名 | 3697 3698**错误码:** 3699 3700以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3701 3702| 错误码ID | 错误信息 | 3703| -------- | ----------------------- | 3704| 19020001 | memory error. | 3705| 19020002 | runtime error. | 3706| 19030001 | crypto operation error. | 3707 3708**示例:** 3709 3710```ts 3711import certFramework from '@ohos.security.cert'; 3712import { BusinessError } from '@ohos.base'; 3713 3714// string转Uint8Array 3715function stringToUint8Array(str: string): Uint8Array { 3716 let arr: Array<number> = []; 3717 for (let i = 0, j = str.length; i < j; i++) { 3718 arr.push(str.charCodeAt(i)); 3719 } 3720 return new Uint8Array(arr); 3721} 3722 3723let crlData = '-----BEGIN X509 CRL-----\n' + 3724 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3725 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3726 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3727 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3728 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3729 'eavsH0Q3\n' + 3730 '-----END X509 CRL-----\n'; 3731 3732// 证书吊销列表二进制数据,需业务自行赋值 3733let encodingBlob: certFramework.EncodingBlob = { 3734 data: stringToUint8Array(crlData), 3735 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3736 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3737}; 3738 3739certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3740 if (error != null) { 3741 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3742 } else { 3743 console.log('createX509Crl success'); 3744 try { 3745 let sigAlgName = x509Crl.getSignatureAlgName(); 3746 } catch (err) { 3747 let e: BusinessError = err as BusinessError; 3748 console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3749 } 3750 } 3751}); 3752``` 3753 3754### getSignatureAlgOid 3755 3756getSignatureAlgOid() : string 3757 3758表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 3759 3760**系统能力:** SystemCapability.Security.Cert 3761 3762**返回值**: 3763 3764| 类型 | 说明 | 3765| ------ | --------------------------------------------- | 3766| string | 表示X509证书吊销列表签名算法的对象标志符OID。 | 3767 3768**错误码:** 3769 3770以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3771 3772| 错误码ID | 错误信息 | 3773| -------- | ----------------------- | 3774| 19020001 | memory error. | 3775| 19020002 | runtime error. | 3776| 19030001 | crypto operation error. | 3777 3778**示例:** 3779 3780```ts 3781import certFramework from '@ohos.security.cert'; 3782import { BusinessError } from '@ohos.base'; 3783 3784// string转Uint8Array 3785function stringToUint8Array(str: string): Uint8Array { 3786 let arr: Array<number> = []; 3787 for (let i = 0, j = str.length; i < j; i++) { 3788 arr.push(str.charCodeAt(i)); 3789 } 3790 return new Uint8Array(arr); 3791} 3792 3793let crlData = '-----BEGIN X509 CRL-----\n' + 3794 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3795 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3796 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3797 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3798 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3799 'eavsH0Q3\n' + 3800 '-----END X509 CRL-----\n'; 3801 3802// 证书吊销列表二进制数据,需业务自行赋值 3803let encodingBlob: certFramework.EncodingBlob = { 3804 data: stringToUint8Array(crlData), 3805 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3806 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3807}; 3808 3809certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3810 if (error != null) { 3811 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3812 } else { 3813 console.log('createX509Crl success'); 3814 try { 3815 let sigAlgOid = x509Crl.getSignatureAlgOid(); 3816 } catch (err) { 3817 let e: BusinessError = err as BusinessError; 3818 console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3819 } 3820 } 3821}); 3822``` 3823 3824### getSignatureAlgParams 3825 3826getSignatureAlgParams() : DataBlob 3827 3828表示获取X509证书吊销列表签名的算法参数。 3829 3830**系统能力:** SystemCapability.Security.Cert 3831 3832**返回值**: 3833 3834| 类型 | 说明 | 3835| --------------------- | ---------------------------------- | 3836| [DataBlob](#datablob) | 表示X509证书吊销列表签名的算法参数 | 3837 3838**错误码:** 3839 3840以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3841 3842| 错误码ID | 错误信息 | 3843| -------- | ----------------------- | 3844| 19020001 | memory error. | 3845| 19020002 | runtime error. | 3846| 19030001 | crypto operation error. | 3847 3848**示例:** 3849 3850```ts 3851import certFramework from '@ohos.security.cert'; 3852import { BusinessError } from '@ohos.base'; 3853 3854// string转Uint8Array 3855function stringToUint8Array(str: string): Uint8Array { 3856 let arr: Array<number> = []; 3857 for (let i = 0, j = str.length; i < j; i++) { 3858 arr.push(str.charCodeAt(i)); 3859 } 3860 return new Uint8Array(arr); 3861} 3862 3863let crlData = '-----BEGIN X509 CRL-----\n' + 3864 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3865 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3866 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3867 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3868 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3869 'eavsH0Q3\n' + 3870 '-----END X509 CRL-----\n'; 3871 3872// 证书吊销列表二进制数据,需业务自行赋值 3873let encodingBlob: certFramework.EncodingBlob = { 3874 data: stringToUint8Array(crlData), 3875 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3876 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3877}; 3878 3879certFramework.createX509Crl(encodingBlob, (error, x509Crl) => { 3880 if (error != null) { 3881 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3882 } else { 3883 console.log('createX509Crl success'); 3884 try { 3885 let sigAlgParams = x509Crl.getSignatureAlgParams(); 3886 } catch (err) { 3887 let e: BusinessError = error as BusinessError; 3888 console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3889 } 3890 } 3891}); 3892``` 3893 3894## cryptoCert.createCertChainValidator 3895 3896createCertChainValidator(algorithm :string) : CertChainValidator 3897 3898表示创建证书链校验器对象。 3899 3900**系统能力:** SystemCapability.Security.Cert 3901 3902**参数**: 3903 3904| 参数名 | 类型 | 必填 | 说明 | 3905| --------- | ------ | ---- | ------------------------------------------ | 3906| algorithm | string | 是 | 表示证书链校验器算法。当前仅支持输入“PKIX” | 3907 3908**返回值**: 3909 3910| 类型 | 说明 | 3911| ------------------ | -------------------- | 3912| CertChainValidator | 表示证书链校验器对象 | 3913 3914**错误码:** 3915 3916以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3917 3918| 错误码ID | 错误信息 | 3919| -------- | ----------------------- | 3920| 19020001 | memory error. | 3921| 19020002 | runtime error. | 3922| 19030001 | crypto operation error. | 3923 3924**示例:** 3925 3926```ts 3927import certFramework from '@ohos.security.cert'; 3928import { BusinessError } from '@ohos.base'; 3929 3930try { 3931 let validator = certFramework.createCertChainValidator('PKIX'); 3932} catch (error) { 3933 let e: BusinessError = error as BusinessError; 3934 console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3935} 3936``` 3937 3938## CertChainValidator 3939 3940证书链校验器对象。 3941 3942 3943### 属性 3944 3945**系统能力:** SystemCapability.Security.Cert 3946 3947| 名称 | 类型 | 可读 | 可写 | 说明 | 3948| ------- | ------ | ---- | ---- | -------------------------- | 3949| algorithm | string | 是 | 否 | X509证书链校验器算法名称。 | 3950 3951 3952### validate 3953 3954validate(certChain : CertChainData, callback : AsyncCallback\<void>) : void 3955 3956表示校验X509证书链,使用Callback回调异步返回结果。 3957由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/cert-overview.md#证书规格) 3958 3959**系统能力:** SystemCapability.Security.Cert 3960 3961**参数**: 3962 3963| 参数名 | 类型 | 必填 | 说明 | 3964| --------- | ------------------------------- | ---- | ------------------------------------------------------------ | 3965| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据 | 3966| callback | AsyncCallback\<void> | 是 | 回调函数。使用AsyncCallback的第一个error参数判断是否校验成功,error为null表示成功,error不为null表示失败 | 3967 3968**错误码:** 3969 3970以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 3971 3972| 错误码ID | 错误信息 | 3973| -------- | ------------------------------------------------- | 3974| 19020001 | memory error. | 3975| 19020002 | runtime error. | 3976| 19030001 | crypto operation error. | 3977| 19030002 | the certificate signature verification failed. | 3978| 19030003 | the certificate has not taken effect. | 3979| 19030004 | the certificate has expired. | 3980| 19030005 | failed to obtain the certificate issuer. | 3981| 19030006 | the key cannot be used for signing a certificate. | 3982| 19030007 | the key cannot be used for digital signature. | 3983 3984**示例:** 3985 3986```ts 3987import certFramework from '@ohos.security.cert'; 3988import { BusinessError } from '@ohos.base'; 3989 3990// 证书链二进制数据,需业务自行赋值 3991let certChainBuff = new Uint8Array([0x30, 0x82, 0x44]); 3992 3993let certChainData: certFramework.CertChainData = { 3994 data: certChainBuff, 3995 // 证书链包含的证书个数,需业务自行赋值 3996 count: 2, 3997 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3998 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 3999}; 4000 4001try { 4002 let validator = certFramework.createCertChainValidator('PKIX'); 4003 validator.validate(certChainData, (error, data) => { 4004 if (error != null) { 4005 console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4006 } else { 4007 console.log('validate success'); 4008 } 4009 }); 4010} catch (error) { 4011 let e: BusinessError = error as BusinessError; 4012 console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4013} 4014``` 4015 4016### validate 4017 4018validate(certChain : CertChainData) : Promise\<void> 4019 4020表示校验X509证书链,使用Promise方式异步返回结果。 4021由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/cert-overview.md#证书规格) 4022 4023**系统能力:** SystemCapability.Security.Cert 4024 4025**参数**: 4026 4027| 参数名 | 类型 | 必填 | 说明 | 4028| --------- | ------------------------------- | ---- | -------------------------- | 4029| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据。 | 4030 4031**返回值**: 4032 4033| 类型 | 说明 | 4034| -------------- | ----------- | 4035| Promise\<void> | Promise对象 | 4036 4037**错误码:** 4038 4039以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 4040 4041| 错误码ID | 错误信息 | 4042| -------- | ------------------------------------------------- | 4043| 19020001 | memory error. | 4044| 19020002 | runtime error. | 4045| 19030001 | crypto operation error. | 4046| 19030002 | the certificate signature verification failed. | 4047| 19030003 | the certificate has not taken effect. | 4048| 19030004 | the certificate has expired. | 4049| 19030005 | failed to obtain the certificate issuer. | 4050| 19030006 | the key cannot be used for signing a certificate. | 4051| 19030007 | the key cannot be used for digital signature. | 4052 4053**示例:** 4054 4055```ts 4056import certFramework from '@ohos.security.cert'; 4057import { BusinessError } from '@ohos.base'; 4058 4059// 证书链二进制数据,需业务自行赋值 4060let certChainBuff = new Uint8Array([0x30, 0x82, 0x44]); 4061 4062let certChainData: certFramework.CertChainData = { 4063 data: certChainBuff, 4064 // 证书链包含的证书个数,需业务自行赋值 4065 count: 2, 4066 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4067 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4068}; 4069 4070try { 4071 let validator = certFramework.createCertChainValidator('PKIX'); 4072 validator.validate(certChainData).then(result => { 4073 console.log('validate success'); 4074 }).catch((error: BusinessError) => { 4075 console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4076 }); 4077} catch (error) { 4078 let e: BusinessError = error as BusinessError; 4079 console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4080} 4081``` 4082 4083### algorithm 4084 4085algorithm : string 4086 4087表示X509证书链校验器算法名称。 4088 4089**系统能力:** SystemCapability.Security.Cert 4090 4091**返回值**: 4092 4093| 类型 | 说明 | 4094| ------ | ------------------------ | 4095| string | 表示证书链校验器算法名称 | 4096 4097**示例:** 4098 4099```ts 4100import certFramework from '@ohos.security.cert'; 4101import { BusinessError } from '@ohos.base'; 4102 4103try { 4104 let validator = certFramework.createCertChainValidator('PKIX'); 4105 let algorithm = validator.algorithm; 4106} catch (error) { 4107 let e: BusinessError = error as BusinessError; 4108 console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4109} 4110``` 4111 4112## X509CrlEntry 4113 4114被吊销证书对象。 4115 4116### getEncoded 4117 4118getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 4119 4120表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。 4121 4122**系统能力:** SystemCapability.Security.Cert 4123 4124**参数**: 4125 4126| 参数名 | 类型 | 必填 | 说明 | 4127| -------- | --------------------------------------------- | ---- | ------------------------------------ | 4128| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数。表示被吊销证书的序列化数据 | 4129 4130**错误码:** 4131 4132以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 4133 4134| 错误码ID | 错误信息 | 4135| -------- | ----------------------- | 4136| 19020001 | memory error. | 4137| 19020002 | runtime error. | 4138| 19030001 | crypto operation error. | 4139 4140**示例:** 4141 4142```ts 4143import certFramework from '@ohos.security.cert'; 4144import { BusinessError } from '@ohos.base'; 4145 4146// string转Uint8Array 4147function stringToUint8Array(str: string): Uint8Array { 4148 let arr: Array<number> = []; 4149 for (let i = 0, j = str.length; i < j; i++) { 4150 arr.push(str.charCodeAt(i)); 4151 } 4152 return new Uint8Array(arr); 4153} 4154 4155let crlData = '-----BEGIN X509 CRL-----\n' + 4156 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4157 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4158 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4159 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4160 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4161 'eavsH0Q3\n' + 4162 '-----END X509 CRL-----\n' 4163 4164let encodingBlob: certFramework.EncodingBlob = { 4165 data: stringToUint8Array(crlData), 4166 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4167 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4168}; 4169 4170certFramework.createX509Crl(encodingBlob, (err, x509Crl) => { 4171 if (err != null) { 4172 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4173 } else { 4174 console.log('create x509 crl success'); 4175 4176 try { 4177 let serialNumber = 1000; 4178 let crlEntry = x509Crl.getRevokedCert(serialNumber); 4179 crlEntry.getEncoded((error, data) => { 4180 if (error != null) { 4181 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4182 } else { 4183 console.log('getEncoded success'); 4184 } 4185 }); 4186 } catch (error) { 4187 let e: BusinessError = error as BusinessError; 4188 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4189 } 4190 } 4191}) 4192``` 4193 4194### getEncoded 4195 4196getEncoded() : Promise\<EncodingBlob> 4197 4198表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。 4199 4200**系统能力:** SystemCapability.Security.Cert 4201 4202**返回值**: 4203 4204| 类型 | 说明 | 4205| --------------------------------------- | -------------------------- | 4206| Promise\<[EncodingBlob](#encodingblob)> | 表示被吊销证书的序列化数据 | 4207 4208**错误码:** 4209 4210以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 4211 4212| 错误码ID | 错误信息 | 4213| -------- | ----------------------- | 4214| 19020001 | memory error. | 4215| 19020002 | runtime error. | 4216| 19030001 | crypto operation error. | 4217 4218**示例:** 4219 4220```ts 4221import certFramework from '@ohos.security.cert'; 4222import { BusinessError } from '@ohos.base'; 4223 4224// string转Uint8Array 4225function stringToUint8Array(str: string): Uint8Array { 4226 let arr: Array<number> = []; 4227 for (let i = 0, j = str.length; i < j; i++) { 4228 arr.push(str.charCodeAt(i)); 4229 } 4230 return new Uint8Array(arr); 4231} 4232 4233let crlData = '-----BEGIN X509 CRL-----\n' + 4234 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4235 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4236 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4237 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4238 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4239 'eavsH0Q3\n' + 4240 '-----END X509 CRL-----\n' 4241 4242let encodingBlob: certFramework.EncodingBlob = { 4243 data: stringToUint8Array(crlData), 4244 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4245 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4246}; 4247 4248certFramework.createX509Crl(encodingBlob, (err, x509Crl) => { 4249 if (err != null) { 4250 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4251 } else { 4252 console.log('create x509 crl success'); 4253 4254 try { 4255 let serialNumber = 1000; 4256 let crlEntry = x509Crl.getRevokedCert(serialNumber); 4257 crlEntry.getEncoded().then(result => { 4258 console.log('getEncoded success'); 4259 }).catch((error: BusinessError) => { 4260 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4261 }); 4262 } catch (error) { 4263 let e: BusinessError = error as BusinessError; 4264 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4265 } 4266 } 4267}) 4268``` 4269 4270### getSerialNumber 4271 4272getSerialNumber() : number 4273 4274表示获取被吊销证书的序列号。 4275 4276**系统能力:** SystemCapability.Security.Cert 4277 4278**返回值**: 4279 4280| 类型 | 说明 | 4281| ------ | ---------------------- | 4282| number | 表示被吊销证书的序列号 | 4283 4284**示例:** 4285 4286```ts 4287import certFramework from '@ohos.security.cert'; 4288import { BusinessError } from '@ohos.base'; 4289 4290// string转Uint8Array 4291function stringToUint8Array(str: string): Uint8Array { 4292 let arr: Array<number> = []; 4293 for (let i = 0, j = str.length; i < j; i++) { 4294 arr.push(str.charCodeAt(i)); 4295 } 4296 return new Uint8Array(arr); 4297} 4298 4299let crlData = '-----BEGIN X509 CRL-----\n' + 4300 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4301 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4302 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4303 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4304 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4305 'eavsH0Q3\n' + 4306 '-----END X509 CRL-----\n' 4307 4308let encodingBlob: certFramework.EncodingBlob = { 4309 data: stringToUint8Array(crlData), 4310 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4311 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4312}; 4313 4314certFramework.createX509Crl(encodingBlob, (err, x509Crl) => { 4315 if (err != null) { 4316 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4317 } else { 4318 console.log('create x509 crl success'); 4319 4320 try { 4321 let serialNumber = 1000; 4322 let crlEntry = x509Crl.getRevokedCert(serialNumber); 4323 serialNumber = crlEntry.getSerialNumber(); 4324 } catch (error) { 4325 let e: BusinessError = error as BusinessError; 4326 console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4327 } 4328 } 4329}) 4330``` 4331 4332### getCertIssuer 4333 4334getCertIssuer() : DataBlob 4335 4336表示获取被吊销证书的颁发者信息。 4337 4338**系统能力:** SystemCapability.Security.Cert 4339 4340**返回值**: 4341 4342| 类型 | 说明 | 4343| --------------------- | ----------------------- | 4344| [DataBlob](#datablob) | 表示被吊销证书的颁发者信息 | 4345 4346**错误码:** 4347 4348以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 4349 4350| 错误码ID | 错误信息 | 4351| -------- | -------------- | 4352| 19020001 | memory error. | 4353| 19020002 | runtime error. | 4354 4355**示例:** 4356 4357```ts 4358import certFramework from '@ohos.security.cert'; 4359import { BusinessError } from '@ohos.base'; 4360 4361// string转Uint8Array 4362function stringToUint8Array(str: string): Uint8Array { 4363 let arr: Array<number> = []; 4364 for (let i = 0, j = str.length; i < j; i++) { 4365 arr.push(str.charCodeAt(i)); 4366 } 4367 return new Uint8Array(arr); 4368} 4369 4370let crlData = '-----BEGIN X509 CRL-----\n' + 4371 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4372 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4373 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4374 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4375 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4376 'eavsH0Q3\n' + 4377 '-----END X509 CRL-----\n' 4378 4379let encodingBlob: certFramework.EncodingBlob = { 4380 data: stringToUint8Array(crlData), 4381 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4382 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4383}; 4384 4385certFramework.createX509Crl(encodingBlob, (err, x509Crl) => { 4386 if (err != null) { 4387 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4388 } else { 4389 console.log('create x509 crl success'); 4390 4391 try { 4392 let serialNumber = 1000; 4393 let crlEntry = x509Crl.getRevokedCert(serialNumber); 4394 let issuer = crlEntry.getCertIssuer(); 4395 } catch (error) { 4396 let e: BusinessError = error as BusinessError; 4397 console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4398 } 4399 } 4400}) 4401``` 4402 4403### getRevocationDate 4404 4405getRevocationDate() : string 4406 4407表示获取证书被吊销的日期。 4408 4409**系统能力:** SystemCapability.Security.Cert 4410 4411**返回值**: 4412 4413| 类型 | 说明 | 4414| ------ | ------------------ | 4415| string | 表示证书被吊销的日期 | 4416 4417**错误码:** 4418 4419以下错误码的详细介绍请参见[cert错误码](../errorcodes/errorcode-cert.md)。 4420 4421| 错误码ID | 错误信息 | 4422| -------- | ----------------------- | 4423| 19020001 | memory error. | 4424| 19020002 | runtime error. | 4425| 19030001 | crypto operation error. | 4426 4427**示例:** 4428 4429```ts 4430import certFramework from '@ohos.security.cert'; 4431import { BusinessError } from '@ohos.base'; 4432 4433// string转Uint8Array 4434function stringToUint8Array(str: string): Uint8Array { 4435 let arr: Array<number> = []; 4436 for (let i = 0, j = str.length; i < j; i++) { 4437 arr.push(str.charCodeAt(i)); 4438 } 4439 return new Uint8Array(arr); 4440} 4441 4442let crlData = '-----BEGIN X509 CRL-----\n' + 4443 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4444 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4445 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4446 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4447 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4448 'eavsH0Q3\n' + 4449 '-----END X509 CRL-----\n' 4450 4451let encodingBlob: certFramework.EncodingBlob = { 4452 data: stringToUint8Array(crlData), 4453 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4454 encodingFormat: certFramework.EncodingFormat.FORMAT_PEM 4455}; 4456 4457certFramework.createX509Crl(encodingBlob, (err, x509Crl) => { 4458 if (err != null) { 4459 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4460 } else { 4461 console.log('create x509 crl success'); 4462 4463 try { 4464 let serialNumber = 1000; 4465 let crlEntry = x509Crl.getRevokedCert(serialNumber); 4466 let date = crlEntry.getRevocationDate(); 4467 } catch (error) { 4468 let e: BusinessError = error as BusinessError; 4469 console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4470 } 4471 } 4472}) 4473``` 4474