1# 签名/验签(ArkTS) 2 3当前指导共提供四种示例,供开发者参考完成签名、验签开发: 4 5- [密钥算法为ECC256、摘要算法为SHA256](#ecc256sha256) 6- [密钥算法为SM2、摘要算法为SM3](#sm2sm3) 7- [密钥算法为RSA、摘要算法为SHA256、填充模式为PSS](#rsasha256pss) 8- [密钥算法为RSA、摘要算法为SHA256、填充模式为PKCS1_V1_5](#rsasha256pkcs1_v1_5) 9 10具体的场景介绍及支持的算法规格,请参考[签名/验签支持的算法](huks-signing-signature-verification-overview.md#支持的算法)。 11 12## 开发步骤 13 14**生成密钥** 15 161. 指定密钥别名。 17 182. 初始化密钥属性集。 19 203. 调用[generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9)生成密钥,具体请参考[密钥生成](huks-key-generation-overview.md)。 21 22除此之外,开发者也可以参考[密钥导入](huks-key-import-overview.md),导入已有的密钥。 23 24**签名** 25 261. 获取密钥别名。 27 282. 指定待签名的明文数据。 29 303. 获取属性参数HuksOptions,包括两个字段properties和inData。inData传入明文数据,properties传入[算法参数配置](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam)。 31 324. 调用[initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9)初始化密钥会话,并获取会话的句柄handle。 33 345. 调用[finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9)结束密钥会话,获取签名signature。 35 36**验签** 37 381. 获取密钥别名。 39 402. 获取待验证的签名signature。 41 423. 获取属性参数HuksOptions,包括两个字段properties和inData。inData传入签名signature,properties传入[算法参数配置](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam)。 43 444. 调用[initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9)初始化密钥会话,并获取会话的句柄handle。 45 465. 调用[updateSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksupdatesession9)更新密钥会话。 47 486. 调用[finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9)结束密钥会话,验证签名。 49 50**删除密钥** 51 52当密钥废弃不用时,需要调用[deleteKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksdeletekeyitem9)删除密钥,具体请参考[密钥删除](huks-delete-key-arkts.md)。 53## 开发案例 54 55### ECC256/SHA256 56```ts 57/* 58 * 密钥算法为ECC256、摘要算法为SHA256 59 */ 60import { huks } from '@kit.UniversalKeystoreKit'; 61 62let keyAlias = 'test_eccKeyAlias'; 63let handle: number; 64let plaintext = '123456'; 65let signature: Uint8Array; 66 67function StringToUint8Array(str: String) { 68 let arr: number[] = new Array(); 69 for (let i = 0, j = str.length; i < j; ++i) { 70 arr.push(str.charCodeAt(i)); 71 } 72 return new Uint8Array(arr); 73} 74 75function Uint8ArrayToString(fileData: Uint8Array) { 76 let dataString = ''; 77 for (let i = 0; i < fileData.length; i++) { 78 dataString += String.fromCharCode(fileData[i]); 79 } 80 return dataString; 81} 82 83function GetEccGenerateProperties() { 84 let properties: Array<huks.HuksParam> = [{ 85 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 86 value: huks.HuksKeyAlg.HUKS_ALG_ECC 87 }, { 88 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 89 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 90 }, { 91 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 92 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 93 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 94 }, { 95 tag: huks.HuksTag.HUKS_TAG_DIGEST, 96 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 97 }]; 98 return properties; 99} 100 101function GetEccSignProperties() { 102 let properties: Array<huks.HuksParam> = [{ 103 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 104 value: huks.HuksKeyAlg.HUKS_ALG_ECC 105 }, { 106 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 107 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 108 }, { 109 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 110 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 111 }, { 112 tag: huks.HuksTag.HUKS_TAG_DIGEST, 113 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 114 }]; 115 return properties; 116} 117 118function GetEccVerifyProperties() { 119 let properties: Array<huks.HuksParam> = [{ 120 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 121 value: huks.HuksKeyAlg.HUKS_ALG_ECC 122 }, { 123 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 124 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 125 }, { 126 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 127 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 128 }, { 129 tag: huks.HuksTag.HUKS_TAG_DIGEST, 130 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 131 }]; 132 return properties; 133} 134 135async function GenerateEccKey(keyAlias: string) { 136 let genProperties = GetEccGenerateProperties(); 137 let options: huks.HuksOptions = { 138 properties: genProperties 139 } 140 await huks.generateKeyItem(keyAlias, options) 141 .then((data) => { 142 console.info(`promise: generate ECC Key success, data = ${JSON.stringify(data)}`); 143 }).catch((err: Error) => { 144 console.error(`promise: generate ECC Key failed, error: ` + JSON.stringify(err)); 145 }) 146} 147 148async function Sign(keyAlias: string, plaintext: string) { 149 let signProperties = GetEccSignProperties(); 150 let options: huks.HuksOptions = { 151 properties: signProperties, 152 inData: StringToUint8Array(plaintext) 153 } 154 await huks.initSession(keyAlias, options) 155 .then((data) => { 156 handle = data.handle; 157 }).catch((err: Error) => { 158 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 159 }) 160 await huks.finishSession(handle, options) 161 .then((data) => { 162 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 163 signature = data.outData as Uint8Array; 164 }).catch((err: Error) => { 165 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 166 }) 167} 168 169async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 170 let verifyProperties = GetEccVerifyProperties() 171 let options: huks.HuksOptions = { 172 properties: verifyProperties, 173 inData: StringToUint8Array(plaintext) 174 } 175 await huks.initSession(keyAlias, options) 176 .then((data) => { 177 handle = data.handle; 178 }).catch((err: Error) => { 179 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 180 }) 181 await huks.updateSession(handle, options) 182 .then((data) => { 183 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 184 }).catch((err: Error) => { 185 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 186 }) 187 options.inData = signature; 188 await huks.finishSession(handle, options) 189 .then((data) => { 190 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 191 }).catch((err: Error) => { 192 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 193 }) 194} 195 196async function DeleteEccKey(keyAlias: string) { 197 let emptyOptions: huks.HuksOptions = { 198 properties: [] 199 } 200 await huks.deleteKeyItem(keyAlias, emptyOptions) 201 .then((data) => { 202 console.info(`promise: delete data success`); 203 }).catch((err: Error) => { 204 console.error(`promise: delete data failed`); 205 }) 206} 207 208async function testSignVerify() { 209 await GenerateEccKey(keyAlias); 210 await Sign(keyAlias, plaintext); 211 await Verify(keyAlias, plaintext, signature); 212 await DeleteEccKey(keyAlias); 213} 214``` 215### SM2/SM3 216```ts 217/* 218 * 密钥算法为SM2、摘要算法为SM3 219 */ 220import { huks } from '@kit.UniversalKeystoreKit'; 221 222let keyAlias = 'test_sm2KeyAlias'; 223let handle: number; 224let plaintext = '123456'; 225let signature: Uint8Array; 226 227 228function StringToUint8Array(str: String) { 229 let arr: number[] = new Array(); 230 for (let i = 0, j = str.length; i < j; ++i) { 231 arr.push(str.charCodeAt(i)); 232 } 233 return new Uint8Array(arr); 234} 235 236 237function Uint8ArrayToString(fileData: Uint8Array) { 238 let dataString = ''; 239 for (let i = 0; i < fileData.length; i++) { 240 dataString += String.fromCharCode(fileData[i]); 241 } 242 return dataString; 243} 244 245 246function GetSm2GenerateProperties() { 247 let properties: Array<huks.HuksParam> = [{ 248 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 249 value: huks.HuksKeyAlg.HUKS_ALG_SM2 250 }, { 251 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 252 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 253 }, { 254 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 255 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 256 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 257 }, { 258 tag: huks.HuksTag.HUKS_TAG_DIGEST, 259 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 260 }]; 261 return properties; 262} 263 264function GetSm2SignProperties() { 265 let properties: Array<huks.HuksParam> = [{ 266 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 267 value: huks.HuksKeyAlg.HUKS_ALG_SM2 268 }, { 269 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 270 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 271 }, { 272 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 273 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 274 }, { 275 tag: huks.HuksTag.HUKS_TAG_DIGEST, 276 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 277 }]; 278 return properties; 279} 280 281function GetSm2VerifyProperties() { 282 let properties: Array<huks.HuksParam> = [{ 283 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 284 value: huks.HuksKeyAlg.HUKS_ALG_SM2 285 }, { 286 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 287 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 288 }, { 289 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 290 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 291 }, { 292 tag: huks.HuksTag.HUKS_TAG_DIGEST, 293 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 294 }]; 295 return properties; 296} 297 298async function GenerateSm2Key(keyAlias: string) { 299 let genProperties = GetSm2GenerateProperties(); 300 let options: huks.HuksOptions = { 301 properties: genProperties 302 } 303 await huks.generateKeyItem(keyAlias, options) 304 .then((data) => { 305 console.info(`promise: generate Sm2 Key success, data = ${JSON.stringify(data)}`); 306 }).catch((err: Error) => { 307 console.error(`promise: generate Sm2 Key failed, error: ` + JSON.stringify(err)); 308 }) 309} 310 311async function Sign(keyAlias: string, plaintext: string) { 312 let signProperties = GetSm2SignProperties(); 313 let options: huks.HuksOptions = { 314 properties: signProperties, 315 inData: StringToUint8Array(plaintext) 316 } 317 await huks.initSession(keyAlias, options) 318 .then((data) => { 319 handle = data.handle; 320 }).catch((err: Error) => { 321 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 322 }) 323 await huks.finishSession(handle, options) 324 .then((data) => { 325 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 326 signature = data.outData as Uint8Array; 327 }).catch((err: Error) => { 328 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 329 }) 330} 331 332async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 333 let verifyProperties = GetSm2VerifyProperties() 334 let options: huks.HuksOptions = { 335 properties: verifyProperties, 336 inData: StringToUint8Array(plaintext) 337 } 338 await huks.initSession(keyAlias, options) 339 .then((data) => { 340 handle = data.handle; 341 }).catch((err: Error) => { 342 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 343 }) 344 await huks.updateSession(handle, options) 345 .then((data) => { 346 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 347 }).catch((err: Error) => { 348 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 349 }) 350 options.inData = signature; 351 await huks.finishSession(handle, options) 352 .then((data) => { 353 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 354 }).catch((err: Error) => { 355 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 356 }) 357} 358 359async function DeleteSm2Key(keyAlias: string) { 360 let emptyOptions: huks.HuksOptions = { 361 properties: [] 362 } 363 await huks.deleteKeyItem(keyAlias, emptyOptions) 364 .then((data) => { 365 console.info(`promise: delete data success`); 366 }).catch((err: Error) => { 367 console.error(`promise: delete data failed`); 368 }) 369} 370 371export async function testSignVerify() { 372 await GenerateSm2Key(keyAlias); 373 await Sign(keyAlias, plaintext); 374 await Verify(keyAlias, plaintext, signature); 375 await DeleteSm2Key(keyAlias); 376} 377``` 378### RSA/SHA256/PSS 379```ts 380/* 381 * 密钥算法为RSA,摘要算法为SHA256,填充模式为PSS 382 */ 383import { huks } from '@kit.UniversalKeystoreKit'; 384 385let keyAlias = 'test_rsaKeyAlias'; 386let handle: number; 387let plaintext = '123456'; 388let signature: Uint8Array; 389 390function StringToUint8Array(str: string) { 391 let arr: number[] = []; 392 for (let i = 0, j = str.length; i < j; ++i) { 393 arr.push(str.charCodeAt(i)); 394 } 395 return new Uint8Array(arr); 396} 397 398function Uint8ArrayToString(fileData: Uint8Array) { 399 let dataString = ''; 400 for (let i = 0; i < fileData.length; i++) { 401 dataString += String.fromCharCode(fileData[i]); 402 } 403 return dataString; 404} 405 406function GetRsaGenerateProperties() { 407 let properties: Array<huks.HuksParam> = [{ 408 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 409 value: huks.HuksKeyAlg.HUKS_ALG_RSA 410 }, { 411 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 412 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 413 }, { 414 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 415 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 416 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 417 }, { 418 tag: huks.HuksTag.HUKS_TAG_PADDING, 419 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 420 }, { 421 tag: huks.HuksTag.HUKS_TAG_DIGEST, 422 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 423 }]; 424 return properties; 425} 426 427function GetRsaSignProperties() { 428 let properties: Array<huks.HuksParam> = [{ 429 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 430 value: huks.HuksKeyAlg.HUKS_ALG_RSA 431 }, { 432 tag: huks.HuksTag.HUKS_TAG_PADDING, 433 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 434 }, { 435 tag: huks.HuksTag.HUKS_TAG_DIGEST, 436 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 437 }, { 438 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 439 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 440 }]; 441 return properties; 442} 443 444function GetRsaVerifyProperties() { 445 let properties: Array<huks.HuksParam> = [{ 446 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 447 value: huks.HuksKeyAlg.HUKS_ALG_RSA 448 }, { 449 tag: huks.HuksTag.HUKS_TAG_PADDING, 450 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 451 }, { 452 tag: huks.HuksTag.HUKS_TAG_DIGEST, 453 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 454 }, { 455 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 456 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 457 }]; 458 return properties; 459} 460 461async function GenerateRsaKey(keyAlias: string) { 462 let genProperties = GetRsaGenerateProperties(); 463 let options: huks.HuksOptions = { 464 properties: genProperties 465 }; 466 await huks.generateKeyItem(keyAlias, options) 467 .then((data) => { 468 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 469 }).catch((err: Error) => { 470 console.error(`promise: generate RSA Key failed, error: ` + JSON.stringify(err)); 471 }); 472} 473 474async function Sign(keyAlias: string, plaintext: string) { 475 let signProperties = GetRsaSignProperties(); 476 let options: huks.HuksOptions = { 477 properties: signProperties, 478 inData: StringToUint8Array(plaintext) 479 } 480 await huks.initSession(keyAlias, options) 481 .then((data) => { 482 handle = data.handle; 483 }).catch((err: Error) => { 484 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 485 return; 486 }); 487 488 if (handle !== undefined) { 489 await huks.finishSession(handle, options) 490 .then((data) => { 491 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 492 signature = data.outData as Uint8Array; 493 }).catch((err: Error) => { 494 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 495 }); 496 } 497} 498 499async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 500 let verifyProperties = GetRsaVerifyProperties(); 501 let options: huks.HuksOptions = { 502 properties: verifyProperties, 503 inData: StringToUint8Array(plaintext) 504 } 505 await huks.initSession(keyAlias, options) 506 .then((data) => { 507 handle = data.handle; 508 }).catch((err: Error) => { 509 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 510 return; 511 }); 512 513 if (handle !== undefined) { 514 await huks.updateSession(handle, options) 515 .then((data) => { 516 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 517 }).catch((err: Error) => { 518 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 519 }); 520 521 options.inData = signature; 522 await huks.finishSession(handle, options) 523 .then((data) => { 524 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 525 }).catch((err: Error) => { 526 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 527 }); 528 } 529} 530 531async function DeleteRsaKey(keyAlias: string) { 532 let emptyOptions: huks.HuksOptions = { 533 properties: [] 534 } 535 await huks.deleteKeyItem(keyAlias, emptyOptions) 536 .then((data) => { 537 console.info(`promise: delete data success`); 538 }).catch((err: Error) => { 539 console.error(`promise: delete data failed`); 540 }); 541} 542 543export async function testSignVerify() { 544 await GenerateRsaKey(keyAlias); 545 await Sign(keyAlias, plaintext); 546 await Verify(keyAlias, plaintext, signature); 547 await DeleteRsaKey(keyAlias); 548} 549``` 550### RSA/SHA256/PKCS1_V1_5 551```ts 552/* 553 * 密钥算法为RSA,摘要算法为SHA256,填充模式为PKCS1_V1_5 554 */ 555import { huks } from '@kit.UniversalKeystoreKit'; 556 557let keyAlias = 'test_rsaKeyAlias'; 558let handle: number; 559let plaintext = '123456'; 560let signature: Uint8Array; 561 562function StringToUint8Array(str: String) { 563 let arr: number[] = new Array(); 564 for (let i = 0, j = str.length; i < j; ++i) { 565 arr.push(str.charCodeAt(i)); 566 } 567 return new Uint8Array(arr); 568} 569 570function Uint8ArrayToString(fileData: Uint8Array) { 571 let dataString = ''; 572 for (let i = 0; i < fileData.length; i++) { 573 dataString += String.fromCharCode(fileData[i]); 574 } 575 return dataString; 576} 577 578function GetRsaGenerateProperties() { 579 let properties: Array<huks.HuksParam> = [ 580 { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, 581 { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, 582 { 583 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 584 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 585 }, 586 { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }, 587 { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 } 588 ]; 589 return properties; 590} 591 592function GetRsaSignProperties() { 593 let properties: Array<huks.HuksParam> = [{ 594 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 595 value: huks.HuksKeyAlg.HUKS_ALG_RSA 596 }, { 597 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 598 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 599 }, { 600 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 601 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 602 }, { 603 tag: huks.HuksTag.HUKS_TAG_PADDING, 604 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 605 }, { 606 tag: huks.HuksTag.HUKS_TAG_DIGEST, 607 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 608 }]; 609 return properties; 610} 611 612function GetRsaVerifyProperties() { 613 let properties: Array<huks.HuksParam> = [{ 614 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 615 value: huks.HuksKeyAlg.HUKS_ALG_RSA 616 }, { 617 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 618 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 619 }, { 620 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 621 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 622 }, { 623 tag: huks.HuksTag.HUKS_TAG_PADDING, 624 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 625 }, { 626 tag: huks.HuksTag.HUKS_TAG_DIGEST, 627 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 628 }]; 629 return properties; 630} 631 632async function GenerateRsaKey(keyAlias: string) { 633 let genProperties = GetRsaGenerateProperties(); 634 let options: huks.HuksOptions = { 635 properties: genProperties 636 } 637 await huks.generateKeyItem(keyAlias, options) 638 .then((data) => { 639 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 640 }).catch((err: Error) => { 641 console.error(`promise: generate RSA Key failed, error: ` + JSON.stringify(err)); 642 }) 643} 644 645async function Sign(keyAlias: string, plaintext: string) { 646 let signProperties = GetRsaSignProperties(); 647 let options: huks.HuksOptions = { 648 properties: signProperties, 649 inData: StringToUint8Array(plaintext) 650 } 651 await huks.initSession(keyAlias, options) 652 .then((data) => { 653 handle = data.handle; 654 }).catch((err: Error) => { 655 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 656 }) 657 await huks.finishSession(handle, options) 658 .then((data) => { 659 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 660 signature = data.outData as Uint8Array; 661 }).catch((err: Error) => { 662 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 663 }) 664} 665 666async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 667 let verifyProperties = GetRsaVerifyProperties() 668 let options: huks.HuksOptions = { 669 properties: verifyProperties, 670 inData: StringToUint8Array(plaintext) 671 } 672 await huks.initSession(keyAlias, options) 673 .then((data) => { 674 handle = data.handle; 675 }).catch((err: Error) => { 676 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 677 }) 678 await huks.updateSession(handle, options) 679 .then((data) => { 680 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 681 }).catch((err: Error) => { 682 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 683 }) 684 options.inData = signature; 685 await huks.finishSession(handle, options) 686 .then((data) => { 687 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 688 }).catch((err: Error) => { 689 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 690 }) 691} 692 693async function DeleteRsaKey(keyAlias: string) { 694 let emptyOptions: huks.HuksOptions = { 695 properties: [] 696 } 697 await huks.deleteKeyItem(keyAlias, emptyOptions) 698 .then((data) => { 699 console.info(`promise: delete data success`); 700 }).catch((err: Error) => { 701 console.error(`promise: delete data failed`); 702 }) 703} 704 705export async function testSignVerify() { 706 await GenerateRsaKey(keyAlias); 707 await Sign(keyAlias, plaintext); 708 await Verify(keyAlias, plaintext, signature); 709 await DeleteRsaKey(keyAlias); 710} 711```