1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16import util from '@ohos.util'; 17import huks from '@ohos.security.huks'; 18import userAuth from '@ohos.userIAM.userAuth'; 19import promptAction from '@ohos.promptAction'; 20import Logger from './Logger'; 21import restrictions from '@ohos.enterprise.restrictions'; 22 23const TAG: string = '[HUKS]'; 24const CHALLENG_LEN = 6; 25const ALWAYSVAILD = 4; 26const ENCODEINTO_BUFFER = 20; 27const DECRYPT_BYTE = 16; 28const IV: string = (Math.floor(Math.random() * 1000000000000) + 1).toString(); 29let NONCE = '123456789012'; 30let AAD = '124567890123456'; 31let AEAD = '124567890123456'; 32let cipherData: Uint8Array; 33let cipherDataString: string; 34let challengeNew = new Uint8Array(CHALLENG_LEN); 35 36 37// 密钥明文 38let PLAIN_TEXT_SIZE_16 = new Uint8Array([ 39 0xfb, 0x8b, 0x9f, 0x12, 0xa0, 0x83, 0x19, 0xbe, 40 0x64, 0x0b, 0x88, 0x96, 0xe2, 0xfa, 0x77, 0xbc 41]); 42 43function stringToUint8Array(str: string): Uint8Array { 44 let arr = []; 45 for (let i = 0, j = str.length; i < j; ++i) { 46 arr.push(str.charCodeAt(i)); 47 } 48 return new Uint8Array(arr); 49} 50 51function uint8ArrayToString(fileData): string { 52 let dataString = ''; 53 for (let i = 0; i < fileData.length; i++) { 54 dataString += String.fromCharCode(fileData[i]); 55 } 56 return dataString; 57} 58 59function base64ToArrayBuffer(info): Uint8Array { 60 return new util.Base64().decodeSync(info); 61} 62 63function base64ToString(byte): string { 64 return new util.Base64().encodeToStringSync(byte); 65} 66 67function encodeInto(str: string): Uint8Array { 68 let textEncoder = new util.TextEncoder(); 69 let buffer = new ArrayBuffer(ENCODEINTO_BUFFER); 70 let result = new Uint8Array(buffer); 71 result = textEncoder.encodeInto(str); 72 73 console.info('retStr==' + result); 74 return result; 75} 76 77// 生成Sm2密钥属性信息 78function getSm2GenerateProperties(properties): void { 79 let index = 0; 80 properties[index++] = { 81 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 82 value: huks.HuksKeyAlg.HUKS_ALG_SM2 83 }; 84 properties[index++] = { 85 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 86 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 87 }; 88 properties[index++] = { 89 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 90 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 91 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 92 }; 93 properties[index++] = { 94 tag: huks.HuksTag.HUKS_TAG_CHALLENGE_TYPE, 95 value: huks.HuksChallengeType.HUKS_CHALLENGE_TYPE_NORMAL 96 }; 97 properties[index++] = { 98 tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_PURPOSE, 99 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 100 }; 101 properties[index++] = { 102 tag: huks.HuksTag.HUKS_TAG_USER_AUTH_TYPE, 103 value: huks.HuksUserAuthType.HUKS_USER_AUTH_TYPE_PIN 104 }; 105 properties[index++] = { 106 tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_ACCESS_TYPE, 107 value: ALWAYSVAILD 108 }; 109 return; 110} 111 112// Sm2加密密钥属性信息 113function getSm2EncryptProperties(properties): void { 114 let index = 0; 115 properties[index++] = { 116 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 117 value: huks.HuksKeyAlg.HUKS_ALG_SM2 118 }; 119 properties[index++] = { 120 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 121 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 122 }; 123 properties[index++] = { 124 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 125 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 126 }; 127 properties[index++] = { 128 tag: huks.HuksTag.HUKS_TAG_DIGEST, 129 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 130 }; 131 return; 132} 133 134// Sm2解密密钥属性信息 135function getSm2DecryptProperties(properties): void { 136 let index = 0; 137 properties[index++] = { 138 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 139 value: huks.HuksKeyAlg.HUKS_ALG_SM2 140 }; 141 properties[index++] = { 142 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 143 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 144 }; 145 properties[index++] = { 146 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 147 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 148 }; 149 properties[index++] = { 150 tag: huks.HuksTag.HUKS_TAG_DIGEST, 151 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 152 }; 153 return; 154} 155 156 157// AES加密密钥属性信息 158function getAesEncryptProperties(properties): void { 159 let index = 0; 160 properties[index++] = { 161 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 162 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 163 }; 164 properties[index++] = { 165 tag: huks.HuksTag.HUKS_TAG_PADDING, 166 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 167 }; 168 properties[index++] = { 169 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 170 value: huks.HuksCipherMode.HUKS_MODE_GCM 171 }; 172 properties[index++] = { 173 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 174 value: stringToUint8Array(AAD) 175 }; 176 properties[index++] = { 177 tag: huks.HuksTag.HUKS_TAG_NONCE, 178 value: stringToUint8Array(NONCE) 179 }; 180 properties[index++] = { 181 tag: huks.HuksTag.HUKS_TAG_AE_TAG, 182 value: stringToUint8Array(AEAD) 183 }; 184 properties[index++] = { 185 tag: huks.HuksTag.HUKS_TAG_IV, 186 value: stringToUint8Array(IV) 187 }; 188 return; 189} 190 191// AES解密密钥属性信息 192function getAesDecryptProperties(properties, info): void { 193 let index = 0; 194 let t = base64ToArrayBuffer(info); 195 properties[index++] = { 196 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 197 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 198 }; 199 properties[index++] = { 200 tag: huks.HuksTag.HUKS_TAG_PADDING, 201 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 202 }; 203 properties[index++] = { 204 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 205 value: huks.HuksCipherMode.HUKS_MODE_GCM 206 }; 207 properties[index++] = { 208 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 209 value: stringToUint8Array(AAD) 210 }; 211 properties[index++] = { 212 tag: huks.HuksTag.HUKS_TAG_NONCE, 213 value: stringToUint8Array(NONCE) 214 }; 215 properties[index++] = { 216 tag: huks.HuksTag.HUKS_TAG_AE_TAG, 217 value: t.slice(t.length - DECRYPT_BYTE) 218 }; 219 properties[index++] = { 220 tag: huks.HuksTag.HUKS_TAG_IV, 221 value: stringToUint8Array(IV) 222 }; 223 return; 224} 225 226// 生成AES密钥属性信息 227function getAesGenerateProperties(properties): void { 228 let index = 0; 229 properties[index++] = { 230 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 231 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 232 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 233 }; 234 properties[index++] = { 235 tag: huks.HuksTag.HUKS_TAG_PADDING, 236 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 237 }; 238 properties[index++] = { 239 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 240 value: huks.HuksCipherMode.HUKS_MODE_GCM 241 }; 242 return; 243} 244 245function getAesPublicProperties(properties) { 246 let index = 0; 247 properties[index++] = { 248 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 249 value: huks.HuksKeyAlg.HUKS_ALG_AES 250 }; 251 properties[index++] = { 252 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 253 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 254 }; 255} 256 257// 导入SM4密钥属性信息 258function getImportKeyProperties(properties): void { 259 let index = 0; 260 properties[index++] = { 261 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 262 value: huks.HuksKeyAlg.HUKS_ALG_SM4 263 }; 264 properties[index++] = { 265 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 266 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128 267 }; 268 properties[index++] = { 269 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 270 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 271 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 272 }; 273 return; 274} 275 276// SM4 加密密钥属性 277function getSm4EnryptProperties(properties): void { 278 let index = 0; 279 properties[index++] = { 280 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 281 value: huks.HuksKeyAlg.HUKS_ALG_SM4 282 }; 283 properties[index++] = { 284 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 285 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128, 286 }; 287 properties[index++] = { 288 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 289 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 290 }; 291 properties[index++] = { 292 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 293 value: huks.HuksCipherMode.HUKS_MODE_CBC 294 }; 295 properties[index++] = { 296 tag: huks.HuksTag.HUKS_TAG_PADDING, 297 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 298 }; 299 properties[index++] = { 300 tag: huks.HuksTag.HUKS_TAG_IV, 301 value: stringToUint8Array(IV) 302 }; 303 return; 304} 305 306// SM4 解密密钥属性 307function getSm4DeryptProperties(properties): void { 308 let index = 0; 309 properties[index++] = { 310 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 311 value: huks.HuksKeyAlg.HUKS_ALG_SM4 312 }; 313 properties[index++] = { 314 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 315 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128, 316 }; 317 properties[index++] = { 318 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 319 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 320 }; 321 properties[index++] = { 322 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 323 value: huks.HuksCipherMode.HUKS_MODE_CBC 324 }; 325 properties[index++] = { 326 tag: huks.HuksTag.HUKS_TAG_PADDING, 327 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 328 }; 329 properties[index++] = { 330 tag: huks.HuksTag.HUKS_TAG_IV, 331 value: stringToUint8Array(IV) 332 }; 333 return; 334} 335 336/** 337 * 功能模型 338 */ 339export class HuksModel { 340 // 模拟使用HUKS生成新密钥 341 async encryptData(plainText: string, resultCallback): Promise<void> { 342 let aesKeyAlias = 'test_aesKeyAlias'; 343 let handle; 344 let generateKeyProperties = new Array(); 345 let publicProperties = new Array(); 346 getAesGenerateProperties(generateKeyProperties); 347 getAesPublicProperties(publicProperties); 348 let generateKeyOptions = { 349 properties: publicProperties.concat(generateKeyProperties) 350 }; 351 await huks.generateKeyItem(aesKeyAlias, generateKeyOptions).then((data) => { 352 Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`); 353 }).catch((err) => { 354 Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 355 }); 356 357 // 模拟使用HUKS生成的新密钥加密 358 let encryptProperties = new Array(); 359 getAesEncryptProperties(encryptProperties); 360 let encryptOptions = { 361 properties: publicProperties.concat(encryptProperties), 362 inData: new Uint8Array(new Array()) 363 }; 364 await huks.initSession(aesKeyAlias, encryptOptions).then((data) => { 365 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 366 handle = data.handle; 367 }).catch((err) => { 368 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 369 }); 370 encryptOptions.inData = encodeInto(plainText); 371 372 await huks.finishSession(handle, encryptOptions).then((data) => { 373 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 374 cipherData = data.outData; 375 cipherDataString = base64ToString(cipherData); 376 let that = new util.Base64Helper(); 377 resultCallback(that.encodeToStringSync(cipherData)); 378 }).catch((err) => { 379 Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 380 promptAction.showToast({ 381 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 382 duration: 6500, 383 }); 384 }); 385 } 386 387 // 模拟使用HUKS生成的新密钥进行解密 388 async decryptData(resultCallback): Promise<void> { 389 let decryptOptions = new Array(); 390 let publicProperties = new Array(); 391 getAesDecryptProperties(decryptOptions, cipherDataString); 392 getAesPublicProperties(publicProperties); 393 let aesKeyAlias = 'test_aesKeyAlias'; 394 let handle; 395 let t = base64ToArrayBuffer(cipherDataString); 396 let options = { 397 properties: publicProperties.concat(decryptOptions), 398 inData: base64ToArrayBuffer(cipherDataString) 399 }; 400 let emptyOptions = { 401 properties: [] 402 }; 403 404 await huks.initSession(aesKeyAlias, options).then((data) => { 405 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 406 handle = data.handle; 407 }).catch((err) => { 408 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 409 }); 410 options.inData = base64ToArrayBuffer(cipherDataString).slice(0, t.length - DECRYPT_BYTE); 411 412 await huks.finishSession(handle, options).then((data) => { 413 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 414 resultCallback(uint8ArrayToString(data.outData)); 415 }).catch((err) => { 416 Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 417 promptAction.showToast({ 418 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 419 duration: 6500, 420 }); 421 }); 422 await huks.deleteKeyItem(aesKeyAlias, emptyOptions).then((data) => { 423 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 424 }).catch((err) => { 425 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 426 }); 427 } 428 429 // 模拟使用Sm2 生成密钥并进行加密 430 async encryptDataUseSm2(plainText: string, resultCallback): Promise<void> { 431 let sm2KeyAlias = 'test_sm2KeyAlias'; 432 let handle; 433 let generateKeyProperties = new Array(); 434 getSm2GenerateProperties(generateKeyProperties); 435 let generateKeyOptions = { 436 properties: generateKeyProperties 437 }; 438 await huks.generateKeyItem(sm2KeyAlias, generateKeyOptions).then((data) => { 439 Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`); 440 }).catch((err) => { 441 Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 442 }); 443 444 let encryptProperties = new Array(); 445 getSm2EncryptProperties(encryptProperties); 446 let encryptOptions = { 447 properties: encryptProperties, 448 inData: stringToUint8Array(plainText) 449 }; 450 await huks.initSession(sm2KeyAlias, encryptOptions).then((data) => { 451 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 452 handle = data.handle; 453 }).catch((err) => { 454 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 455 }); 456 await huks.finishSession(handle, encryptOptions).then((data) => { 457 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 458 cipherData = data.outData; 459 let that = new util.Base64Helper(); 460 resultCallback(that.encodeToStringSync(cipherData)); 461 }).catch((err) => { 462 Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 463 promptAction.showToast({ 464 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 465 duration: 6500, 466 }); 467 }); 468 } 469 470 async finishSession(handle, options, resultCallback, authToken: Uint8Array): Promise<void> { 471 await huks.finishSession(handle, options, authToken).then((data) => { 472 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 473 resultCallback(uint8ArrayToString(data.outData)); 474 }).catch((err) => { 475 Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 476 promptAction.showToast({ 477 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 478 duration: 6500, 479 }); 480 }); 481 } 482 483 async userIAMAuthFinger(finishSessionFunction, param): Promise<void> { 484 Logger.info(TAG, '[HUKS->userIAM]start userAuth...'); 485 const authParam: userAuth.AuthParam = { 486 challenge: challengeNew, 487 authType: [userAuth.UserAuthType.PIN], 488 authTrustLevel: userAuth.AuthTrustLevel.ATL1 489 }; 490 const widgetParam: userAuth.WidgetParam = { 491 title: 'PIN' 492 }; 493 try { 494 let userAuthInstance = await userAuth.getUserAuthInstance(authParam, widgetParam); 495 Logger.info(TAG, 'get userAuth instance success'); 496 await userAuthInstance.on('result', { 497 onResult(result) { 498 Logger.info(TAG, 'userAuthInstance callback result = ' + JSON.stringify(result)); 499 finishSessionFunction(param.handleParam, param.optionsParam, param.resultCallbackParam, result.token); 500 } 501 }); 502 Logger.info(TAG, 'auth on success'); 503 await userAuthInstance.start(); 504 Logger.info(TAG, 'auth on success'); 505 } catch (error) { 506 Logger.error(TAG, 'auth catch error: ' + JSON.stringify(error)); 507 } 508 } 509 510 // 模拟使用HUKS生成的新密钥进行低安访问控制与解密 511 async decryptDataUseSm2(resultCallback): Promise<void> { 512 let decryptOptions = new Array(); 513 getSm2DecryptProperties(decryptOptions); 514 let sm2KeyAlias = 'test_sm2KeyAlias'; 515 let handle; 516 let options = { 517 properties: decryptOptions, 518 inData: cipherData 519 }; 520 let emptyOptions = { 521 properties: [] 522 }; 523 await huks.initSession(sm2KeyAlias, options).then((data) => { 524 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 525 handle = data.handle; 526 challengeNew = data.challenge; 527 }).catch((err) => { 528 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 529 }); 530 let finishSessionFunction = this.finishSession; 531 let param = { 532 handleParam: handle, 533 optionsParam: options, 534 resultCallbackParam: resultCallback, 535 }; 536 await this.userIAMAuthFinger(finishSessionFunction, param); 537 } 538 539 540 // 模拟设备1使用旧密钥在本地进行加密 541 async encryptDataUserOldKey(plainText: string, resultCallback): Promise<void> { 542 let device1KeyAlias = 'device_1_key_alias'; 543 let importKeyProperties = new Array(); 544 getImportKeyProperties(importKeyProperties); 545 let importKeyOptions = { 546 properties: importKeyProperties, 547 inData: PLAIN_TEXT_SIZE_16 548 }; 549 Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`); 550 await huks.importKeyItem(device1KeyAlias, importKeyOptions).then((data) => { 551 Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`); 552 }).catch((err) => { 553 Logger.error(TAG, `import key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 554 }); 555 556 // 加密 557 let sm4EncryptProperties = new Array(); 558 getSm4EnryptProperties(sm4EncryptProperties); 559 let sm4EncryptOptions = { 560 properties: sm4EncryptProperties, 561 inData: stringToUint8Array(plainText) 562 }; 563 let handle; 564 await huks.initSession(device1KeyAlias, sm4EncryptOptions).then((data) => { 565 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 566 handle = data.handle; 567 }).catch((err) => { 568 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 569 }); 570 await huks.finishSession(handle, sm4EncryptOptions).then((data) => { 571 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 572 cipherData = data.outData; 573 let that = new util.Base64Helper(); 574 resultCallback(that.encodeToStringSync(cipherData)); 575 }).catch((err) => { 576 Logger.error(TAG, `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 577 promptAction.showToast({ 578 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 579 duration: 6500, 580 }); 581 }); 582 583 // 加密完成删除本地密钥 584 let emptyOptions = { 585 properties: [] 586 }; 587 await huks.deleteKeyItem(device1KeyAlias, emptyOptions).then((data) => { 588 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 589 }).catch((err) => { 590 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 591 }); 592 } 593 594 // 模拟设备2导入设备1中的旧密钥 595 async importKey(): Promise<void> { 596 let keyAlias = 'import_device_1_key_alias'; 597 let importOptions = new Array(); 598 getImportKeyProperties(importOptions); 599 let huksoptions = { 600 properties: importOptions, 601 inData: PLAIN_TEXT_SIZE_16 602 }; 603 Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`); 604 await huks.importKeyItem(keyAlias, huksoptions).then((data) => { 605 Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`); 606 promptAction.showToast({ 607 message: 'import old key success', 608 duration: 1000, 609 }); 610 }).catch((err) => { 611 Logger.error(TAG, `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 612 promptAction.showToast({ 613 message: `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 614 duration: 1000, 615 }); 616 }); 617 } 618 619 // 模拟设备2使用导入的设备1中的旧密钥进行解密 620 async decryptDataUserOldKey(resultCallback): Promise<void> { 621 let handle; 622 let keyAlias = 'import_device_1_key_alias'; 623 let decryptProperties = new Array(); 624 getSm4DeryptProperties(decryptProperties); 625 let decryptOptions = { 626 properties: decryptProperties, 627 inData: cipherData 628 }; 629 630 // 解密 631 await huks.initSession(keyAlias, decryptOptions).then((data) => { 632 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 633 handle = data.handle; 634 }).catch((err) => { 635 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 636 }); 637 await huks.finishSession(handle, decryptOptions).then((data) => { 638 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 639 resultCallback(uint8ArrayToString(data.outData)); 640 }).catch((err) => { 641 Logger.error(TAG, `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 642 promptAction.showToast({ 643 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 644 duration: 6500, 645 }); 646 }); 647 648 // 解密完成删除本地密钥 649 let emptyOptions = { 650 properties: [] 651 }; 652 await huks.deleteKeyItem(keyAlias, emptyOptions).then((data) => { 653 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 654 }).catch((err) => { 655 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 656 }); 657 } 658}