1/* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit DeviceCertificateKit 19 */ 20import type { AsyncCallback } from './@ohos.base'; 21import cryptoFramework from './@ohos.security.cryptoFramework'; 22 23/** 24 * Provides a series of capabilities related to certificates, 25 * which supports parsing, verification, and output of certificates, extensions, and CRLs. 26 * 27 * @namespace cert 28 * @syscap SystemCapability.Security.Cert 29 * @since 9 30 */ 31/** 32 * Provides a series of capabilities related to certificates, 33 * which supports parsing, verification, and output of certificates, extensions, and CRLs. 34 * 35 * @namespace cert 36 * @syscap SystemCapability.Security.Cert 37 * @crossplatform 38 * @since 11 39 */ 40/** 41 * Provides a series of capabilities related to certificates, 42 * which supports parsing, verification, and output of certificates, extensions, and CRLs. 43 * 44 * @namespace cert 45 * @syscap SystemCapability.Security.Cert 46 * @crossplatform 47 * @atomicservice 48 * @since 12 49 */ 50declare namespace cert { 51 /** 52 * Enum for result code 53 * 54 * @enum { number } 55 * @syscap SystemCapability.Security.Cert 56 * @since 9 57 */ 58 /** 59 * Enum for result code 60 * 61 * @enum { number } 62 * @syscap SystemCapability.Security.Cert 63 * @crossplatform 64 * @since 11 65 */ 66 /** 67 * Enum for result code 68 * 69 * @enum { number } 70 * @syscap SystemCapability.Security.Cert 71 * @crossplatform 72 * @atomicservice 73 * @since 12 74 */ 75 enum CertResult { 76 /** 77 * Indicates that input parameters is invalid. 78 * 79 * @syscap SystemCapability.Security.Cert 80 * @since 9 81 */ 82 /** 83 * Indicates that input parameters is invalid. 84 * 85 * @syscap SystemCapability.Security.Cert 86 * @crossplatform 87 * @since 11 88 */ 89 /** 90 * Indicates that input parameters is invalid. 91 * 92 * @syscap SystemCapability.Security.Cert 93 * @crossplatform 94 * @atomicservice 95 * @since 12 96 */ 97 INVALID_PARAMS = 401, 98 99 /** 100 * Indicates that function or algorithm is not supported. 101 * 102 * @syscap SystemCapability.Security.Cert 103 * @since 9 104 */ 105 /** 106 * Indicates that function or algorithm is not supported. 107 * 108 * @syscap SystemCapability.Security.Cert 109 * @crossplatform 110 * @since 11 111 */ 112 /** 113 * Indicates that function or algorithm is not supported. 114 * 115 * @syscap SystemCapability.Security.Cert 116 * @crossplatform 117 * @atomicservice 118 * @since 12 119 */ 120 NOT_SUPPORT = 801, 121 122 /** 123 * Indicates the memory error. 124 * 125 * @syscap SystemCapability.Security.Cert 126 * @since 9 127 */ 128 /** 129 * Indicates the memory error. 130 * 131 * @syscap SystemCapability.Security.Cert 132 * @crossplatform 133 * @since 11 134 */ 135 /** 136 * Indicates the memory error. 137 * 138 * @syscap SystemCapability.Security.Cert 139 * @crossplatform 140 * @atomicservice 141 * @since 12 142 */ 143 ERR_OUT_OF_MEMORY = 19020001, 144 145 /** 146 * Indicates that runtime error. 147 * 148 * @syscap SystemCapability.Security.Cert 149 * @since 9 150 */ 151 /** 152 * Indicates that runtime error. 153 * 154 * @syscap SystemCapability.Security.Cert 155 * @crossplatform 156 * @since 11 157 */ 158 /** 159 * Indicates that runtime error. 160 * 161 * @syscap SystemCapability.Security.Cert 162 * @crossplatform 163 * @atomicservice 164 * @since 12 165 */ 166 ERR_RUNTIME_ERROR = 19020002, 167 168 /** 169 * Indicates the crypto operation error. 170 * 171 * @syscap SystemCapability.Security.Cert 172 * @since 9 173 */ 174 /** 175 * Indicates the crypto operation error. 176 * 177 * @syscap SystemCapability.Security.Cert 178 * @crossplatform 179 * @since 11 180 */ 181 /** 182 * Indicates the crypto operation error. 183 * 184 * @syscap SystemCapability.Security.Cert 185 * @crossplatform 186 * @atomicservice 187 * @since 12 188 */ 189 ERR_CRYPTO_OPERATION = 19030001, 190 191 /** 192 * Indicates that the certificate signature verification failed. 193 * 194 * @syscap SystemCapability.Security.Cert 195 * @since 9 196 */ 197 /** 198 * Indicates that the certificate signature verification failed. 199 * 200 * @syscap SystemCapability.Security.Cert 201 * @crossplatform 202 * @since 11 203 */ 204 /** 205 * Indicates that the certificate signature verification failed. 206 * 207 * @syscap SystemCapability.Security.Cert 208 * @crossplatform 209 * @atomicservice 210 * @since 12 211 */ 212 ERR_CERT_SIGNATURE_FAILURE = 19030002, 213 214 /** 215 * Indicates that the certificate has not taken effect. 216 * 217 * @syscap SystemCapability.Security.Cert 218 * @since 9 219 */ 220 /** 221 * Indicates that the certificate has not taken effect. 222 * 223 * @syscap SystemCapability.Security.Cert 224 * @crossplatform 225 * @since 11 226 */ 227 /** 228 * Indicates that the certificate has not taken effect. 229 * 230 * @syscap SystemCapability.Security.Cert 231 * @crossplatform 232 * @atomicservice 233 * @since 12 234 */ 235 ERR_CERT_NOT_YET_VALID = 19030003, 236 237 /** 238 * Indicates that the certificate has expired. 239 * 240 * @syscap SystemCapability.Security.Cert 241 * @since 9 242 */ 243 /** 244 * Indicates that the certificate has expired. 245 * 246 * @syscap SystemCapability.Security.Cert 247 * @crossplatform 248 * @since 11 249 */ 250 /** 251 * Indicates that the certificate has expired. 252 * 253 * @syscap SystemCapability.Security.Cert 254 * @crossplatform 255 * @atomicservice 256 * @since 12 257 */ 258 ERR_CERT_HAS_EXPIRED = 19030004, 259 260 /** 261 * Indicates a failure to obtain the certificate issuer. 262 * 263 * @syscap SystemCapability.Security.Cert 264 * @since 9 265 */ 266 /** 267 * Indicates a failure to obtain the certificate issuer. 268 * 269 * @syscap SystemCapability.Security.Cert 270 * @crossplatform 271 * @since 11 272 */ 273 /** 274 * Indicates a failure to obtain the certificate issuer. 275 * 276 * @syscap SystemCapability.Security.Cert 277 * @crossplatform 278 * @atomicservice 279 * @since 12 280 */ 281 ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 19030005, 282 283 /** 284 * The key cannot be used for signing a certificate. 285 * 286 * @syscap SystemCapability.Security.Cert 287 * @since 9 288 */ 289 /** 290 * The key cannot be used for signing a certificate. 291 * 292 * @syscap SystemCapability.Security.Cert 293 * @crossplatform 294 * @since 11 295 */ 296 /** 297 * The key cannot be used for signing a certificate. 298 * 299 * @syscap SystemCapability.Security.Cert 300 * @crossplatform 301 * @atomicservice 302 * @since 12 303 */ 304 ERR_KEYUSAGE_NO_CERTSIGN = 19030006, 305 306 /** 307 * The key cannot be used for digital signature. 308 * 309 * @syscap SystemCapability.Security.Cert 310 * @since 9 311 */ 312 /** 313 * The key cannot be used for digital signature. 314 * 315 * @syscap SystemCapability.Security.Cert 316 * @crossplatform 317 * @since 11 318 */ 319 /** 320 * The key cannot be used for digital signature. 321 * 322 * @syscap SystemCapability.Security.Cert 323 * @crossplatform 324 * @atomicservice 325 * @since 12 326 */ 327 ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = 19030007, 328 329 /** 330 * The password may be wrong. 331 * 332 * @syscap SystemCapability.Security.Cert 333 * @crossplatform 334 * @atomicservice 335 * @since 18 336 */ 337 ERR_MAYBE_WRONG_PASSWORD = 19030008 338 } 339 340 /** 341 * Provides the data blob type. 342 * 343 * @typedef DataBlob 344 * @syscap SystemCapability.Security.Cert 345 * @since 9 346 */ 347 /** 348 * Provides the data blob type. 349 * 350 * @typedef DataBlob 351 * @syscap SystemCapability.Security.Cert 352 * @crossplatform 353 * @since 11 354 */ 355 /** 356 * Provides the data blob type. 357 * 358 * @typedef DataBlob 359 * @syscap SystemCapability.Security.Cert 360 * @crossplatform 361 * @atomicservice 362 * @since 12 363 */ 364 interface DataBlob { 365 /** 366 * Indicates the content of data blob. 367 * 368 * @type { Uint8Array } 369 * @syscap SystemCapability.Security.Cert 370 * @since 9 371 */ 372 /** 373 * Indicates the content of data blob. 374 * 375 * @type { Uint8Array } 376 * @syscap SystemCapability.Security.Cert 377 * @crossplatform 378 * @since 11 379 */ 380 /** 381 * Indicates the content of data blob. 382 * 383 * @type { Uint8Array } 384 * @syscap SystemCapability.Security.Cert 385 * @crossplatform 386 * @atomicservice 387 * @since 12 388 */ 389 data: Uint8Array; 390 } 391 392 /** 393 * Provides the data array type. 394 * 395 * @typedef DataArray 396 * @syscap SystemCapability.Security.Cert 397 * @since 9 398 */ 399 /** 400 * Provides the data array type. 401 * 402 * @typedef DataArray 403 * @syscap SystemCapability.Security.Cert 404 * @crossplatform 405 * @since 11 406 */ 407 /** 408 * Provides the data array type. 409 * 410 * @typedef DataArray 411 * @syscap SystemCapability.Security.Cert 412 * @crossplatform 413 * @atomicservice 414 * @since 12 415 */ 416 interface DataArray { 417 /** 418 * Indicates the content of data array. 419 * 420 * @type { Array<Uint8Array> } 421 * @syscap SystemCapability.Security.Cert 422 * @since 9 423 */ 424 /** 425 * Indicates the content of data array. 426 * 427 * @type { Array<Uint8Array> } 428 * @syscap SystemCapability.Security.Cert 429 * @crossplatform 430 * @since 11 431 */ 432 /** 433 * Indicates the content of data array. 434 * 435 * @type { Array<Uint8Array> } 436 * @syscap SystemCapability.Security.Cert 437 * @crossplatform 438 * @atomicservice 439 * @since 12 440 */ 441 data: Array<Uint8Array>; 442 } 443 444 /** 445 * Enum for supported cert encoding format. 446 * 447 * @enum { number } 448 * @syscap SystemCapability.Security.Cert 449 * @since 9 450 */ 451 /** 452 * Enum for supported cert encoding format. 453 * 454 * @enum { number } 455 * @syscap SystemCapability.Security.Cert 456 * @crossplatform 457 * @since 11 458 */ 459 /** 460 * Enum for supported cert encoding format. 461 * 462 * @enum { number } 463 * @syscap SystemCapability.Security.Cert 464 * @crossplatform 465 * @atomicservice 466 * @since 12 467 */ 468 enum EncodingFormat { 469 /** 470 * The value of cert DER format. 471 * 472 * @syscap SystemCapability.Security.Cert 473 * @since 9 474 */ 475 /** 476 * The value of cert DER format. 477 * 478 * @syscap SystemCapability.Security.Cert 479 * @crossplatform 480 * @since 11 481 */ 482 /** 483 * The value of cert DER format. 484 * 485 * @syscap SystemCapability.Security.Cert 486 * @crossplatform 487 * @atomicservice 488 * @since 12 489 */ 490 FORMAT_DER = 0, 491 492 /** 493 * The value of cert PEM format. 494 * 495 * @syscap SystemCapability.Security.Cert 496 * @since 9 497 */ 498 /** 499 * The value of cert PEM format. 500 * 501 * @syscap SystemCapability.Security.Cert 502 * @crossplatform 503 * @since 11 504 */ 505 /** 506 * The value of cert PEM format. 507 * 508 * @syscap SystemCapability.Security.Cert 509 * @crossplatform 510 * @atomicservice 511 * @since 12 512 */ 513 FORMAT_PEM = 1, 514 515 /** 516 * The value of cert chain PKCS7 format. 517 * 518 * @syscap SystemCapability.Security.Cert 519 * @crossplatform 520 * @since 11 521 */ 522 /** 523 * The value of cert chain PKCS7 format. 524 * 525 * @syscap SystemCapability.Security.Cert 526 * @crossplatform 527 * @atomicservice 528 * @since 12 529 */ 530 FORMAT_PKCS7 = 2 531 } 532 533 /** 534 * Enum for the certificate item type. 535 * 536 * @enum { number } 537 * @syscap SystemCapability.Security.Cert 538 * @since 10 539 */ 540 /** 541 * Enum for the certificate item type. 542 * 543 * @enum { number } 544 * @syscap SystemCapability.Security.Cert 545 * @crossplatform 546 * @since 11 547 */ 548 /** 549 * Enum for the certificate item type. 550 * 551 * @enum { number } 552 * @syscap SystemCapability.Security.Cert 553 * @crossplatform 554 * @atomicservice 555 * @since 12 556 */ 557 enum CertItemType { 558 /** 559 * Indicates to get certificate TBS(to be signed) value. 560 * 561 * @syscap SystemCapability.Security.Cert 562 * @since 10 563 */ 564 /** 565 * Indicates to get certificate TBS(to be signed) value. 566 * 567 * @syscap SystemCapability.Security.Cert 568 * @crossplatform 569 * @since 11 570 */ 571 /** 572 * Indicates to get certificate TBS(to be signed) value. 573 * 574 * @syscap SystemCapability.Security.Cert 575 * @crossplatform 576 * @atomicservice 577 * @since 12 578 */ 579 CERT_ITEM_TYPE_TBS = 0, 580 581 /** 582 * Indicates to get certificate public key. 583 * 584 * @syscap SystemCapability.Security.Cert 585 * @since 10 586 */ 587 /** 588 * Indicates to get certificate public key. 589 * 590 * @syscap SystemCapability.Security.Cert 591 * @crossplatform 592 * @since 11 593 */ 594 /** 595 * Indicates to get certificate public key. 596 * 597 * @syscap SystemCapability.Security.Cert 598 * @crossplatform 599 * @atomicservice 600 * @since 12 601 */ 602 CERT_ITEM_TYPE_PUBLIC_KEY = 1, 603 604 /** 605 * Indicates to get certificate issuer unique id value. 606 * 607 * @syscap SystemCapability.Security.Cert 608 * @since 10 609 */ 610 /** 611 * Indicates to get certificate issuer unique id value. 612 * 613 * @syscap SystemCapability.Security.Cert 614 * @crossplatform 615 * @since 11 616 */ 617 /** 618 * Indicates to get certificate issuer unique id value. 619 * 620 * @syscap SystemCapability.Security.Cert 621 * @crossplatform 622 * @atomicservice 623 * @since 12 624 */ 625 CERT_ITEM_TYPE_ISSUER_UNIQUE_ID = 2, 626 627 /** 628 * Indicates to get certificate subject unique id value. 629 * 630 * @syscap SystemCapability.Security.Cert 631 * @since 10 632 */ 633 /** 634 * Indicates to get certificate subject unique id value. 635 * 636 * @syscap SystemCapability.Security.Cert 637 * @crossplatform 638 * @since 11 639 */ 640 /** 641 * Indicates to get certificate subject unique id value. 642 * 643 * @syscap SystemCapability.Security.Cert 644 * @crossplatform 645 * @atomicservice 646 * @since 12 647 */ 648 CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID = 3, 649 650 /** 651 * Indicates to get certificate extensions value. 652 * 653 * @syscap SystemCapability.Security.Cert 654 * @since 10 655 */ 656 /** 657 * Indicates to get certificate extensions value. 658 * 659 * @syscap SystemCapability.Security.Cert 660 * @crossplatform 661 * @since 11 662 */ 663 /** 664 * Indicates to get certificate extensions value. 665 * 666 * @syscap SystemCapability.Security.Cert 667 * @crossplatform 668 * @atomicservice 669 * @since 12 670 */ 671 CERT_ITEM_TYPE_EXTENSIONS = 4 672 } 673 674 /** 675 * Enumerates for the certificate extension object identifier (OID) types. 676 * 677 * @enum { number } 678 * @syscap SystemCapability.Security.Cert 679 * @since 10 680 */ 681 /** 682 * Enumerates for the certificate extension object identifier (OID) types. 683 * 684 * @enum { number } 685 * @syscap SystemCapability.Security.Cert 686 * @crossplatform 687 * @since 11 688 */ 689 /** 690 * Enumerates for the certificate extension object identifier (OID) types. 691 * 692 * @enum { number } 693 * @syscap SystemCapability.Security.Cert 694 * @crossplatform 695 * @atomicservice 696 * @since 12 697 */ 698 enum ExtensionOidType { 699 /** 700 * Indicates to obtain all types of OIDs, including critical and uncritical types. 701 * 702 * @syscap SystemCapability.Security.Cert 703 * @since 10 704 */ 705 /** 706 * Indicates to obtain all types of OIDs, including critical and uncritical types. 707 * 708 * @syscap SystemCapability.Security.Cert 709 * @crossplatform 710 * @since 11 711 */ 712 /** 713 * Indicates to obtain all types of OIDs, including critical and uncritical types. 714 * 715 * @syscap SystemCapability.Security.Cert 716 * @crossplatform 717 * @atomicservice 718 * @since 12 719 */ 720 EXTENSION_OID_TYPE_ALL = 0, 721 722 /** 723 * Indicates to obtain OIDs of the critical type. 724 * 725 * @syscap SystemCapability.Security.Cert 726 * @since 10 727 */ 728 /** 729 * Indicates to obtain OIDs of the critical type. 730 * 731 * @syscap SystemCapability.Security.Cert 732 * @crossplatform 733 * @since 11 734 */ 735 /** 736 * Indicates to obtain OIDs of the critical type. 737 * 738 * @syscap SystemCapability.Security.Cert 739 * @crossplatform 740 * @atomicservice 741 * @since 12 742 */ 743 EXTENSION_OID_TYPE_CRITICAL = 1, 744 745 /** 746 * Indicates to obtain OIDs of the uncritical type. 747 * 748 * @syscap SystemCapability.Security.Cert 749 * @since 10 750 */ 751 /** 752 * Indicates to obtain OIDs of the uncritical type. 753 * 754 * @syscap SystemCapability.Security.Cert 755 * @crossplatform 756 * @since 11 757 */ 758 /** 759 * Indicates to obtain OIDs of the uncritical type. 760 * 761 * @syscap SystemCapability.Security.Cert 762 * @crossplatform 763 * @atomicservice 764 * @since 12 765 */ 766 EXTENSION_OID_TYPE_UNCRITICAL = 2 767 } 768 769 /** 770 * Enum for the certificate extension entry type. 771 * 772 * @enum { number } 773 * @syscap SystemCapability.Security.Cert 774 * @since 10 775 */ 776 /** 777 * Enum for the certificate extension entry type. 778 * 779 * @enum { number } 780 * @syscap SystemCapability.Security.Cert 781 * @crossplatform 782 * @since 11 783 */ 784 /** 785 * Enum for the certificate extension entry type. 786 * 787 * @enum { number } 788 * @syscap SystemCapability.Security.Cert 789 * @crossplatform 790 * @atomicservice 791 * @since 12 792 */ 793 enum ExtensionEntryType { 794 /** 795 * Indicates to get extension entry. 796 * 797 * @syscap SystemCapability.Security.Cert 798 * @since 10 799 */ 800 /** 801 * Indicates to get extension entry. 802 * 803 * @syscap SystemCapability.Security.Cert 804 * @crossplatform 805 * @since 11 806 */ 807 /** 808 * Indicates to get extension entry. 809 * 810 * @syscap SystemCapability.Security.Cert 811 * @crossplatform 812 * @atomicservice 813 * @since 12 814 */ 815 EXTENSION_ENTRY_TYPE_ENTRY = 0, 816 817 /** 818 * Indicates to get extension entry critical. 819 * 820 * @syscap SystemCapability.Security.Cert 821 * @since 10 822 */ 823 /** 824 * Indicates to get extension entry critical. 825 * 826 * @syscap SystemCapability.Security.Cert 827 * @crossplatform 828 * @since 11 829 */ 830 /** 831 * Indicates to get extension entry critical. 832 * 833 * @syscap SystemCapability.Security.Cert 834 * @crossplatform 835 * @atomicservice 836 * @since 12 837 */ 838 EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL = 1, 839 840 /** 841 * Indicates to get extension entry value. 842 * 843 * @syscap SystemCapability.Security.Cert 844 * @since 10 845 */ 846 /** 847 * Indicates to get extension entry value. 848 * 849 * @syscap SystemCapability.Security.Cert 850 * @crossplatform 851 * @since 11 852 */ 853 /** 854 * Indicates to get extension entry value. 855 * 856 * @syscap SystemCapability.Security.Cert 857 * @crossplatform 858 * @atomicservice 859 * @since 12 860 */ 861 EXTENSION_ENTRY_TYPE_ENTRY_VALUE = 2 862 } 863 864 /** 865 * Provides the cert encoding blob type. 866 * 867 * @typedef EncodingBlob 868 * @syscap SystemCapability.Security.Cert 869 * @since 9 870 */ 871 /** 872 * Provides the cert encoding blob type. 873 * 874 * @typedef EncodingBlob 875 * @syscap SystemCapability.Security.Cert 876 * @crossplatform 877 * @since 11 878 */ 879 /** 880 * Provides the cert encoding blob type. 881 * 882 * @typedef EncodingBlob 883 * @syscap SystemCapability.Security.Cert 884 * @crossplatform 885 * @atomicservice 886 * @since 12 887 */ 888 interface EncodingBlob { 889 /** 890 * The data input. 891 * 892 * @type { Uint8Array } 893 * @syscap SystemCapability.Security.Cert 894 * @since 9 895 */ 896 /** 897 * The data input. 898 * 899 * @type { Uint8Array } 900 * @syscap SystemCapability.Security.Cert 901 * @crossplatform 902 * @since 11 903 */ 904 /** 905 * The data input. 906 * 907 * @type { Uint8Array } 908 * @syscap SystemCapability.Security.Cert 909 * @crossplatform 910 * @atomicservice 911 * @since 12 912 */ 913 data: Uint8Array; 914 /** 915 * The data encoding format. 916 * 917 * @type { EncodingFormat } 918 * @syscap SystemCapability.Security.Cert 919 * @since 9 920 */ 921 /** 922 * The data encoding format. 923 * 924 * @type { EncodingFormat } 925 * @syscap SystemCapability.Security.Cert 926 * @crossplatform 927 * @since 11 928 */ 929 /** 930 * The data encoding format. 931 * 932 * @type { EncodingFormat } 933 * @syscap SystemCapability.Security.Cert 934 * @crossplatform 935 * @atomicservice 936 * @since 12 937 */ 938 encodingFormat: EncodingFormat; 939 } 940 941 /** 942 * Provides the cert chain data type. 943 * 944 * @typedef CertChainData 945 * @syscap SystemCapability.Security.Cert 946 * @since 9 947 */ 948 /** 949 * Provides the cert chain data type. 950 * 951 * @typedef CertChainData 952 * @syscap SystemCapability.Security.Cert 953 * @crossplatform 954 * @since 11 955 */ 956 /** 957 * Provides the cert chain data type. 958 * 959 * @typedef CertChainData 960 * @syscap SystemCapability.Security.Cert 961 * @crossplatform 962 * @atomicservice 963 * @since 12 964 */ 965 interface CertChainData { 966 /** 967 * The data input. 968 * 969 * @type { Uint8Array } 970 * @syscap SystemCapability.Security.Cert 971 * @since 9 972 */ 973 /** 974 * The data input. 975 * 976 * @type { Uint8Array } 977 * @syscap SystemCapability.Security.Cert 978 * @crossplatform 979 * @since 11 980 */ 981 /** 982 * The data input. 983 * 984 * @type { Uint8Array } 985 * @syscap SystemCapability.Security.Cert 986 * @crossplatform 987 * @atomicservice 988 * @since 12 989 */ 990 data: Uint8Array; 991 /** 992 * The number of certs. 993 * 994 * @type { number } 995 * @syscap SystemCapability.Security.Cert 996 * @since 9 997 */ 998 /** 999 * The number of certs. 1000 * 1001 * @type { number } 1002 * @syscap SystemCapability.Security.Cert 1003 * @crossplatform 1004 * @since 11 1005 */ 1006 /** 1007 * The number of certs. 1008 * 1009 * @type { number } 1010 * @syscap SystemCapability.Security.Cert 1011 * @crossplatform 1012 * @atomicservice 1013 * @since 12 1014 */ 1015 count: number; 1016 /** 1017 * The data encoding format. 1018 * 1019 * @type { EncodingFormat } 1020 * @syscap SystemCapability.Security.Cert 1021 * @since 9 1022 */ 1023 /** 1024 * The data encoding format. 1025 * 1026 * @type { EncodingFormat } 1027 * @syscap SystemCapability.Security.Cert 1028 * @crossplatform 1029 * @since 11 1030 */ 1031 /** 1032 * The data encoding format. 1033 * 1034 * @type { EncodingFormat } 1035 * @syscap SystemCapability.Security.Cert 1036 * @crossplatform 1037 * @atomicservice 1038 * @since 12 1039 */ 1040 encodingFormat: EncodingFormat; 1041 } 1042 1043 /** 1044 * Enum for Encoding type. 1045 * 1046 * @enum { number } 1047 * @syscap SystemCapability.Security.Cert 1048 * @crossplatform 1049 * @atomicservice 1050 * @since 12 1051 */ 1052 enum EncodingType { 1053 /** 1054 * Indicates to utf8 type. 1055 * 1056 * @syscap SystemCapability.Security.Cert 1057 * @crossplatform 1058 * @atomicservice 1059 * @since 12 1060 */ 1061 ENCODING_UTF8 = 0 1062 } 1063 1064 /** 1065 * Provides the x509 cert type. 1066 * 1067 * @typedef X509Cert 1068 * @syscap SystemCapability.Security.Cert 1069 * @since 9 1070 */ 1071 /** 1072 * Provides the x509 cert type. 1073 * 1074 * @typedef X509Cert 1075 * @syscap SystemCapability.Security.Cert 1076 * @crossplatform 1077 * @since 11 1078 */ 1079 /** 1080 * Provides the x509 cert type. 1081 * 1082 * @typedef X509Cert 1083 * @syscap SystemCapability.Security.Cert 1084 * @crossplatform 1085 * @atomicservice 1086 * @since 12 1087 */ 1088 interface X509Cert { 1089 /** 1090 * Verify the X509 cert. 1091 * 1092 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1093 * @param { AsyncCallback<void> } callback - the callback of verify. 1094 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1095 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1096 * @throws { BusinessError } 19030001 - crypto operation error. 1097 * @syscap SystemCapability.Security.Cert 1098 * @since 9 1099 */ 1100 /** 1101 * Verify the X509 cert. 1102 * 1103 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1104 * @param { AsyncCallback<void> } callback - the callback of verify. 1105 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1106 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1107 * @throws { BusinessError } 19030001 - crypto operation error. 1108 * @syscap SystemCapability.Security.Cert 1109 * @crossplatform 1110 * @since 11 1111 */ 1112 /** 1113 * Verify the X509 cert. 1114 * 1115 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1116 * @param { AsyncCallback<void> } callback - the callback of verify. 1117 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1118 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1119 * @throws { BusinessError } 19030001 - crypto operation error. 1120 * @syscap SystemCapability.Security.Cert 1121 * @crossplatform 1122 * @atomicservice 1123 * @since 12 1124 */ 1125 verify(key: cryptoFramework.PubKey, callback: AsyncCallback<void>): void; 1126 1127 /** 1128 * Verify the X509 cert. 1129 * 1130 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1131 * @returns { Promise<void> } the promise returned by the function. 1132 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1133 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1134 * @throws { BusinessError } 19030001 - crypto operation error. 1135 * @syscap SystemCapability.Security.Cert 1136 * @since 9 1137 */ 1138 /** 1139 * Verify the X509 cert. 1140 * 1141 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1142 * @returns { Promise<void> } the promise returned by the function. 1143 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1144 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1145 * @throws { BusinessError } 19030001 - crypto operation error. 1146 * @syscap SystemCapability.Security.Cert 1147 * @crossplatform 1148 * @since 11 1149 */ 1150 /** 1151 * Verify the X509 cert. 1152 * 1153 * @param { cryptoFramework.PubKey } key - public key to verify cert. 1154 * @returns { Promise<void> } the promise returned by the function. 1155 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1156 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1157 * @throws { BusinessError } 19030001 - crypto operation error. 1158 * @syscap SystemCapability.Security.Cert 1159 * @crossplatform 1160 * @atomicservice 1161 * @since 12 1162 */ 1163 verify(key: cryptoFramework.PubKey): Promise<void>; 1164 1165 /** 1166 * Get X509 cert encoded data. 1167 * 1168 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 1169 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1170 * <br>2. Incorrect parameter types; 1171 * @throws { BusinessError } 19020001 - memory error. 1172 * @throws { BusinessError } 19020002 - runtime error. 1173 * @throws { BusinessError } 19030001 - crypto operation error. 1174 * @syscap SystemCapability.Security.Cert 1175 * @since 9 1176 */ 1177 /** 1178 * Get X509 cert encoded data. 1179 * 1180 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 1181 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1182 * <br>2. Incorrect parameter types; 1183 * @throws { BusinessError } 19020001 - memory error. 1184 * @throws { BusinessError } 19020002 - runtime error. 1185 * @throws { BusinessError } 19030001 - crypto operation error. 1186 * @syscap SystemCapability.Security.Cert 1187 * @crossplatform 1188 * @since 11 1189 */ 1190 /** 1191 * Get X509 cert encoded data. 1192 * 1193 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 1194 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1195 * <br>2. Incorrect parameter types; 1196 * @throws { BusinessError } 19020001 - memory error. 1197 * @throws { BusinessError } 19020002 - runtime error. 1198 * @throws { BusinessError } 19030001 - crypto operation error. 1199 * @syscap SystemCapability.Security.Cert 1200 * @crossplatform 1201 * @atomicservice 1202 * @since 12 1203 */ 1204 getEncoded(callback: AsyncCallback<EncodingBlob>): void; 1205 1206 /** 1207 * Get X509 cert encoded data. 1208 * 1209 * @returns { Promise<EncodingBlob> } the promise of X509 cert encoded data. 1210 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1211 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1212 * @throws { BusinessError } 19020001 - memory error. 1213 * @throws { BusinessError } 19020002 - runtime error. 1214 * @throws { BusinessError } 19030001 - crypto operation error. 1215 * @syscap SystemCapability.Security.Cert 1216 * @since 9 1217 */ 1218 /** 1219 * Get X509 cert encoded data. 1220 * 1221 * @returns { Promise<EncodingBlob> } the promise of X509 cert encoded data. 1222 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1223 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1224 * @throws { BusinessError } 19020001 - memory error. 1225 * @throws { BusinessError } 19020002 - runtime error. 1226 * @throws { BusinessError } 19030001 - crypto operation error. 1227 * @syscap SystemCapability.Security.Cert 1228 * @crossplatform 1229 * @since 11 1230 */ 1231 /** 1232 * Get X509 cert encoded data. 1233 * 1234 * @returns { Promise<EncodingBlob> } the promise of X509 cert encoded data. 1235 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1236 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1237 * @throws { BusinessError } 19020001 - memory error. 1238 * @throws { BusinessError } 19020002 - runtime error. 1239 * @throws { BusinessError } 19030001 - crypto operation error. 1240 * @syscap SystemCapability.Security.Cert 1241 * @crossplatform 1242 * @atomicservice 1243 * @since 12 1244 */ 1245 getEncoded(): Promise<EncodingBlob>; 1246 1247 /** 1248 * Get X509 cert public key. 1249 * 1250 * @returns { cryptoFramework.PubKey } X509 cert pubKey. 1251 * @throws { BusinessError } 19020001 - memory error. 1252 * @throws { BusinessError } 19030001 - crypto operation error. 1253 * @syscap SystemCapability.Security.Cert 1254 * @since 9 1255 */ 1256 /** 1257 * Get X509 cert public key. 1258 * 1259 * @returns { cryptoFramework.PubKey } X509 cert pubKey. 1260 * @throws { BusinessError } 19020001 - memory error. 1261 * @throws { BusinessError } 19030001 - crypto operation error. 1262 * @syscap SystemCapability.Security.Cert 1263 * @crossplatform 1264 * @since 11 1265 */ 1266 /** 1267 * Get X509 cert public key. 1268 * 1269 * @returns { cryptoFramework.PubKey } X509 cert pubKey. 1270 * @throws { BusinessError } 19020001 - memory error. 1271 * @throws { BusinessError } 19030001 - crypto operation error. 1272 * @syscap SystemCapability.Security.Cert 1273 * @crossplatform 1274 * @atomicservice 1275 * @since 12 1276 */ 1277 getPublicKey(): cryptoFramework.PubKey; 1278 1279 /** 1280 * Check the X509 cert validity with date. 1281 * 1282 * @param { string } date - indicates the cert date. 1283 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1284 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1285 * @throws { BusinessError } 19020001 - memory error. 1286 * @throws { BusinessError } 19030001 - crypto operation error. 1287 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 1288 * @throws { BusinessError } 19030004 - the certificate has expired. 1289 * @syscap SystemCapability.Security.Cert 1290 * @since 9 1291 */ 1292 /** 1293 * Check the X509 cert validity with date. 1294 * 1295 * @param { string } date - indicates the cert date. 1296 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1297 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1298 * @throws { BusinessError } 19020001 - memory error. 1299 * @throws { BusinessError } 19030001 - crypto operation error. 1300 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 1301 * @throws { BusinessError } 19030004 - the certificate has expired. 1302 * @syscap SystemCapability.Security.Cert 1303 * @crossplatform 1304 * @since 11 1305 */ 1306 /** 1307 * Check the X509 cert validity with date. 1308 * 1309 * @param { string } date - indicates the cert date. 1310 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1311 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1312 * @throws { BusinessError } 19020001 - memory error. 1313 * @throws { BusinessError } 19030001 - crypto operation error. 1314 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 1315 * @throws { BusinessError } 19030004 - the certificate has expired. 1316 * @syscap SystemCapability.Security.Cert 1317 * @crossplatform 1318 * @atomicservice 1319 * @since 12 1320 */ 1321 checkValidityWithDate(date: string): void; 1322 1323 /** 1324 * Get X509 cert version. 1325 * 1326 * @returns { number } X509 cert version. 1327 * @syscap SystemCapability.Security.Cert 1328 * @since 9 1329 */ 1330 /** 1331 * Get X509 cert version. 1332 * 1333 * @returns { number } X509 cert version. 1334 * @syscap SystemCapability.Security.Cert 1335 * @crossplatform 1336 * @since 11 1337 */ 1338 /** 1339 * Get X509 cert version. 1340 * 1341 * @returns { number } X509 cert version. 1342 * @syscap SystemCapability.Security.Cert 1343 * @crossplatform 1344 * @atomicservice 1345 * @since 12 1346 */ 1347 getVersion(): number; 1348 1349 /** 1350 * Get X509 cert serial number. 1351 * 1352 * @returns { number } X509 cert serial number. 1353 * @syscap SystemCapability.Security.Cert 1354 * @since 9 1355 * @deprecated since 10 1356 * @useinstead ohos.security.cert.X509Cert.getCertSerialNumber 1357 */ 1358 getSerialNumber(): number; 1359 1360 /** 1361 * Get X509 cert serial number. 1362 * 1363 * @returns { bigint } X509 cert serial number. 1364 * @throws { BusinessError } 19020002 - runtime error. 1365 * @syscap SystemCapability.Security.Cert 1366 * @since 10 1367 */ 1368 /** 1369 * Get X509 cert serial number. 1370 * 1371 * @returns { bigint } X509 cert serial number. 1372 * @throws { BusinessError } 19020002 - runtime error. 1373 * @syscap SystemCapability.Security.Cert 1374 * @crossplatform 1375 * @since 11 1376 */ 1377 /** 1378 * Get X509 cert serial number. 1379 * 1380 * @returns { bigint } X509 cert serial number. 1381 * @throws { BusinessError } 19020002 - runtime error. 1382 * @syscap SystemCapability.Security.Cert 1383 * @crossplatform 1384 * @atomicservice 1385 * @since 12 1386 */ 1387 getCertSerialNumber(): bigint; 1388 1389 /** 1390 * Get X509 cert issuer name. 1391 * 1392 * @returns { DataBlob } X509 cert issuer name. 1393 * @throws { BusinessError } 19020001 - memory error. 1394 * @throws { BusinessError } 19020002 - runtime error. 1395 * @throws { BusinessError } 19030001 - crypto operation error. 1396 * @syscap SystemCapability.Security.Cert 1397 * @since 9 1398 */ 1399 /** 1400 * Get X509 cert issuer name. 1401 * 1402 * @returns { DataBlob } X509 cert issuer name. 1403 * @throws { BusinessError } 19020001 - memory error. 1404 * @throws { BusinessError } 19020002 - runtime error. 1405 * @throws { BusinessError } 19030001 - crypto operation error. 1406 * @syscap SystemCapability.Security.Cert 1407 * @crossplatform 1408 * @since 11 1409 */ 1410 /** 1411 * Get X509 cert issuer name. 1412 * 1413 * @returns { DataBlob } X509 cert issuer name. 1414 * @throws { BusinessError } 19020001 - memory error. 1415 * @throws { BusinessError } 19020002 - runtime error. 1416 * @throws { BusinessError } 19030001 - crypto operation error. 1417 * @syscap SystemCapability.Security.Cert 1418 * @crossplatform 1419 * @atomicservice 1420 * @since 12 1421 */ 1422 getIssuerName(): DataBlob; 1423 1424 /** 1425 * Get X509 cert subject name. 1426 * 1427 * @returns { DataBlob } X509 cert subject name. 1428 * @throws { BusinessError } 19020001 - memory error. 1429 * @throws { BusinessError } 19020002 - runtime error. 1430 * @throws { BusinessError } 19030001 - crypto operation error. 1431 * @syscap SystemCapability.Security.Cert 1432 * @since 9 1433 */ 1434 /** 1435 * Get X509 cert subject name. 1436 * 1437 * @returns { DataBlob } X509 cert subject name. 1438 * @throws { BusinessError } 19020001 - memory error. 1439 * @throws { BusinessError } 19020002 - runtime error. 1440 * @throws { BusinessError } 19030001 - crypto operation error. 1441 * @syscap SystemCapability.Security.Cert 1442 * @crossplatform 1443 * @since 11 1444 */ 1445 /** 1446 * Get X509 cert subject name. 1447 * 1448 * @param { EncodingType } [encodingType] indicates the encoding type, if the encoding type parameter is not set, 1449 * the default ASCII encoding is used. 1450 * @returns { DataBlob } X509 cert subject name. 1451 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Incorrect parameter types; 1452 * <br>2. Parameter verification failed. 1453 * @throws { BusinessError } 19020001 - memory error. 1454 * @throws { BusinessError } 19020002 - runtime error. 1455 * @throws { BusinessError } 19030001 - crypto operation error. 1456 * @syscap SystemCapability.Security.Cert 1457 * @crossplatform 1458 * @atomicservice 1459 * @since 12 1460 */ 1461 getSubjectName(encodingType?: EncodingType): DataBlob; 1462 1463 /** 1464 * Get X509 cert not before time. 1465 * 1466 * @returns { string } X509 cert not before time. 1467 * @throws { BusinessError } 19020001 - memory error. 1468 * @throws { BusinessError } 19020002 - runtime error. 1469 * @throws { BusinessError } 19030001 - crypto operation error. 1470 * @syscap SystemCapability.Security.Cert 1471 * @since 9 1472 */ 1473 /** 1474 * Get X509 cert not before time. 1475 * 1476 * @returns { string } X509 cert not before time. 1477 * @throws { BusinessError } 19020001 - memory error. 1478 * @throws { BusinessError } 19020002 - runtime error. 1479 * @throws { BusinessError } 19030001 - crypto operation error. 1480 * @syscap SystemCapability.Security.Cert 1481 * @crossplatform 1482 * @since 11 1483 */ 1484 /** 1485 * Get X509 cert not before time. 1486 * 1487 * @returns { string } X509 cert not before time. 1488 * @throws { BusinessError } 19020001 - memory error. 1489 * @throws { BusinessError } 19020002 - runtime error. 1490 * @throws { BusinessError } 19030001 - crypto operation error. 1491 * @syscap SystemCapability.Security.Cert 1492 * @crossplatform 1493 * @atomicservice 1494 * @since 12 1495 */ 1496 getNotBeforeTime(): string; 1497 1498 /** 1499 * Get X509 cert not after time. 1500 * 1501 * @returns { string } X509 cert not after time. 1502 * @throws { BusinessError } 19020001 - memory error. 1503 * @throws { BusinessError } 19020002 - runtime error. 1504 * @throws { BusinessError } 19030001 - crypto operation error. 1505 * @syscap SystemCapability.Security.Cert 1506 * @since 9 1507 */ 1508 /** 1509 * Get X509 cert not after time. 1510 * 1511 * @returns { string } X509 cert not after time. 1512 * @throws { BusinessError } 19020001 - memory error. 1513 * @throws { BusinessError } 19020002 - runtime error. 1514 * @throws { BusinessError } 19030001 - crypto operation error. 1515 * @syscap SystemCapability.Security.Cert 1516 * @crossplatform 1517 * @since 11 1518 */ 1519 /** 1520 * Get X509 cert not after time. 1521 * 1522 * @returns { string } X509 cert not after time. 1523 * @throws { BusinessError } 19020001 - memory error. 1524 * @throws { BusinessError } 19020002 - runtime error. 1525 * @throws { BusinessError } 19030001 - crypto operation error. 1526 * @syscap SystemCapability.Security.Cert 1527 * @crossplatform 1528 * @atomicservice 1529 * @since 12 1530 */ 1531 getNotAfterTime(): string; 1532 1533 /** 1534 * Get X509 cert signature. 1535 * 1536 * @returns { DataBlob } X509 cert signature. 1537 * @throws { BusinessError } 19020001 - memory error. 1538 * @throws { BusinessError } 19020002 - runtime error. 1539 * @throws { BusinessError } 19030001 - crypto operation error. 1540 * @syscap SystemCapability.Security.Cert 1541 * @since 9 1542 */ 1543 /** 1544 * Get X509 cert signature. 1545 * 1546 * @returns { DataBlob } X509 cert signature. 1547 * @throws { BusinessError } 19020001 - memory error. 1548 * @throws { BusinessError } 19020002 - runtime error. 1549 * @throws { BusinessError } 19030001 - crypto operation error. 1550 * @syscap SystemCapability.Security.Cert 1551 * @crossplatform 1552 * @since 11 1553 */ 1554 /** 1555 * Get X509 cert signature. 1556 * 1557 * @returns { DataBlob } X509 cert signature. 1558 * @throws { BusinessError } 19020001 - memory error. 1559 * @throws { BusinessError } 19020002 - runtime error. 1560 * @throws { BusinessError } 19030001 - crypto operation error. 1561 * @syscap SystemCapability.Security.Cert 1562 * @crossplatform 1563 * @atomicservice 1564 * @since 12 1565 */ 1566 getSignature(): DataBlob; 1567 1568 /** 1569 * Get X509 cert signature's algorithm name. 1570 * 1571 * @returns { string } X509 cert signature's algorithm name. 1572 * @throws { BusinessError } 19020001 - memory error. 1573 * @throws { BusinessError } 19020002 - runtime error. 1574 * @throws { BusinessError } 19030001 - crypto operation error. 1575 * @syscap SystemCapability.Security.Cert 1576 * @since 9 1577 */ 1578 /** 1579 * Get X509 cert signature's algorithm name. 1580 * 1581 * @returns { string } X509 cert signature's algorithm name. 1582 * @throws { BusinessError } 19020001 - memory error. 1583 * @throws { BusinessError } 19020002 - runtime error. 1584 * @throws { BusinessError } 19030001 - crypto operation error. 1585 * @syscap SystemCapability.Security.Cert 1586 * @crossplatform 1587 * @since 11 1588 */ 1589 /** 1590 * Get X509 cert signature's algorithm name. 1591 * 1592 * @returns { string } X509 cert signature's algorithm name. 1593 * @throws { BusinessError } 19020001 - memory error. 1594 * @throws { BusinessError } 19020002 - runtime error. 1595 * @throws { BusinessError } 19030001 - crypto operation error. 1596 * @syscap SystemCapability.Security.Cert 1597 * @crossplatform 1598 * @atomicservice 1599 * @since 12 1600 */ 1601 getSignatureAlgName(): string; 1602 1603 /** 1604 * Get X509 cert signature's algorithm oid. 1605 * 1606 * @returns { string } X509 cert signature's algorithm oid. 1607 * @throws { BusinessError } 19020001 - memory error. 1608 * @throws { BusinessError } 19020002 - runtime error. 1609 * @throws { BusinessError } 19030001 - crypto operation error. 1610 * @syscap SystemCapability.Security.Cert 1611 * @since 9 1612 */ 1613 /** 1614 * Get X509 cert signature's algorithm oid. 1615 * 1616 * @returns { string } X509 cert signature's algorithm oid. 1617 * @throws { BusinessError } 19020001 - memory error. 1618 * @throws { BusinessError } 19020002 - runtime error. 1619 * @throws { BusinessError } 19030001 - crypto operation error. 1620 * @syscap SystemCapability.Security.Cert 1621 * @crossplatform 1622 * @since 11 1623 */ 1624 /** 1625 * Get X509 cert signature's algorithm oid. 1626 * 1627 * @returns { string } X509 cert signature's algorithm oid. 1628 * @throws { BusinessError } 19020001 - memory error. 1629 * @throws { BusinessError } 19020002 - runtime error. 1630 * @throws { BusinessError } 19030001 - crypto operation error. 1631 * @syscap SystemCapability.Security.Cert 1632 * @crossplatform 1633 * @atomicservice 1634 * @since 12 1635 */ 1636 getSignatureAlgOid(): string; 1637 1638 /** 1639 * Get X509 cert signature's algorithm name. 1640 * 1641 * @returns { DataBlob } X509 cert signature's algorithm name. 1642 * @throws { BusinessError } 801 - this operation is not supported. 1643 * @throws { BusinessError } 19020001 - memory error. 1644 * @throws { BusinessError } 19020002 - runtime error. 1645 * @throws { BusinessError } 19030001 - crypto operation error. 1646 * @syscap SystemCapability.Security.Cert 1647 * @since 9 1648 */ 1649 /** 1650 * Get X509 cert signature's algorithm name. 1651 * 1652 * @returns { DataBlob } X509 cert signature's algorithm name. 1653 * @throws { BusinessError } 801 - this operation is not supported. 1654 * @throws { BusinessError } 19020001 - memory error. 1655 * @throws { BusinessError } 19020002 - runtime error. 1656 * @throws { BusinessError } 19030001 - crypto operation error. 1657 * @syscap SystemCapability.Security.Cert 1658 * @crossplatform 1659 * @since 11 1660 */ 1661 /** 1662 * Get X509 cert signature's algorithm name. 1663 * 1664 * @returns { DataBlob } X509 cert signature's algorithm name. 1665 * @throws { BusinessError } 801 - this operation is not supported. 1666 * @throws { BusinessError } 19020001 - memory error. 1667 * @throws { BusinessError } 19020002 - runtime error. 1668 * @throws { BusinessError } 19030001 - crypto operation error. 1669 * @syscap SystemCapability.Security.Cert 1670 * @crossplatform 1671 * @atomicservice 1672 * @since 12 1673 */ 1674 getSignatureAlgParams(): DataBlob; 1675 1676 /** 1677 * Get X509 cert key usage. 1678 * 1679 * @returns { DataBlob } X509 cert key usage. 1680 * @throws { BusinessError } 19020001 - memory error. 1681 * @throws { BusinessError } 19030001 - crypto operation error. 1682 * @syscap SystemCapability.Security.Cert 1683 * @since 9 1684 */ 1685 /** 1686 * Get X509 cert key usage. 1687 * 1688 * @returns { DataBlob } X509 cert key usage. 1689 * @throws { BusinessError } 19020001 - memory error. 1690 * @throws { BusinessError } 19030001 - crypto operation error. 1691 * @syscap SystemCapability.Security.Cert 1692 * @crossplatform 1693 * @since 11 1694 */ 1695 /** 1696 * Get X509 cert key usage. 1697 * 1698 * @returns { DataBlob } X509 cert key usage. 1699 * @throws { BusinessError } 19020001 - memory error. 1700 * @throws { BusinessError } 19030001 - crypto operation error. 1701 * @syscap SystemCapability.Security.Cert 1702 * @crossplatform 1703 * @atomicservice 1704 * @since 12 1705 */ 1706 getKeyUsage(): DataBlob; 1707 1708 /** 1709 * Get X509 cert extended key usage. 1710 * 1711 * @returns { DataArray } X509 cert extended key usage. 1712 * @throws { BusinessError } 19020001 - memory error. 1713 * @throws { BusinessError } 19020002 - runtime error. 1714 * @throws { BusinessError } 19030001 - crypto operation error. 1715 * @syscap SystemCapability.Security.Cert 1716 * @since 9 1717 */ 1718 /** 1719 * Get X509 cert extended key usage. 1720 * 1721 * @returns { DataArray } X509 cert extended key usage. 1722 * @throws { BusinessError } 19020001 - memory error. 1723 * @throws { BusinessError } 19020002 - runtime error. 1724 * @throws { BusinessError } 19030001 - crypto operation error. 1725 * @syscap SystemCapability.Security.Cert 1726 * @crossplatform 1727 * @since 11 1728 */ 1729 /** 1730 * Get X509 cert extended key usage. 1731 * 1732 * @returns { DataArray } X509 cert extended key usage. 1733 * @throws { BusinessError } 19020001 - memory error. 1734 * @throws { BusinessError } 19020002 - runtime error. 1735 * @throws { BusinessError } 19030001 - crypto operation error. 1736 * @syscap SystemCapability.Security.Cert 1737 * @crossplatform 1738 * @atomicservice 1739 * @since 12 1740 */ 1741 getExtKeyUsage(): DataArray; 1742 1743 /** 1744 * Get X509 cert basic constraints path len. 1745 * 1746 * @returns { number } X509 cert basic constraints path len. 1747 * @syscap SystemCapability.Security.Cert 1748 * @since 9 1749 */ 1750 /** 1751 * Get X509 cert basic constraints path len. 1752 * 1753 * @returns { number } X509 cert basic constraints path len. 1754 * @syscap SystemCapability.Security.Cert 1755 * @crossplatform 1756 * @since 11 1757 */ 1758 /** 1759 * Get X509 cert basic constraints path len. 1760 * 1761 * @returns { number } X509 cert basic constraints path len. 1762 * @syscap SystemCapability.Security.Cert 1763 * @crossplatform 1764 * @atomicservice 1765 * @since 12 1766 */ 1767 getBasicConstraints(): number; 1768 1769 /** 1770 * Get X509 cert subject alternative name. 1771 * 1772 * @returns { DataArray } X509 cert subject alternative name. 1773 * @throws { BusinessError } 19020001 - memory error. 1774 * @throws { BusinessError } 19020002 - runtime error. 1775 * @throws { BusinessError } 19030001 - crypto operation error. 1776 * @syscap SystemCapability.Security.Cert 1777 * @since 9 1778 */ 1779 /** 1780 * Get X509 cert subject alternative name. 1781 * 1782 * @returns { DataArray } X509 cert subject alternative name. 1783 * @throws { BusinessError } 19020001 - memory error. 1784 * @throws { BusinessError } 19020002 - runtime error. 1785 * @throws { BusinessError } 19030001 - crypto operation error. 1786 * @syscap SystemCapability.Security.Cert 1787 * @crossplatform 1788 * @since 11 1789 */ 1790 /** 1791 * Get X509 cert subject alternative name. 1792 * 1793 * @returns { DataArray } X509 cert subject alternative name. 1794 * @throws { BusinessError } 19020001 - memory error. 1795 * @throws { BusinessError } 19020002 - runtime error. 1796 * @throws { BusinessError } 19030001 - crypto operation error. 1797 * @syscap SystemCapability.Security.Cert 1798 * @crossplatform 1799 * @atomicservice 1800 * @since 12 1801 */ 1802 getSubjectAltNames(): DataArray; 1803 1804 /** 1805 * Get X509 cert issuer alternative name. 1806 * 1807 * @returns { DataArray } X509 cert issuer alternative name. 1808 * @throws { BusinessError } 19020001 - memory error. 1809 * @throws { BusinessError } 19020002 - runtime error. 1810 * @throws { BusinessError } 19030001 - crypto operation error. 1811 * @syscap SystemCapability.Security.Cert 1812 * @since 9 1813 */ 1814 /** 1815 * Get X509 cert issuer alternative name. 1816 * 1817 * @returns { DataArray } X509 cert issuer alternative name. 1818 * @throws { BusinessError } 19020001 - memory error. 1819 * @throws { BusinessError } 19020002 - runtime error. 1820 * @throws { BusinessError } 19030001 - crypto operation error. 1821 * @syscap SystemCapability.Security.Cert 1822 * @crossplatform 1823 * @since 11 1824 */ 1825 /** 1826 * Get X509 cert issuer alternative name. 1827 * 1828 * @returns { DataArray } X509 cert issuer alternative name. 1829 * @throws { BusinessError } 19020001 - memory error. 1830 * @throws { BusinessError } 19020002 - runtime error. 1831 * @throws { BusinessError } 19030001 - crypto operation error. 1832 * @syscap SystemCapability.Security.Cert 1833 * @crossplatform 1834 * @atomicservice 1835 * @since 12 1836 */ 1837 getIssuerAltNames(): DataArray; 1838 1839 /** 1840 * Get certificate item value. 1841 * 1842 * @param { CertItemType } itemType 1843 * @returns { DataBlob } cert item value. 1844 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1845 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1846 * @throws { BusinessError } 19020001 - memory error. 1847 * @throws { BusinessError } 19020002 - runtime error. 1848 * @throws { BusinessError } 19030001 - crypto operation error. 1849 * @syscap SystemCapability.Security.Cert 1850 * @since 10 1851 */ 1852 /** 1853 * Get certificate item value. 1854 * 1855 * @param { CertItemType } itemType 1856 * @returns { DataBlob } cert item value. 1857 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1858 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1859 * @throws { BusinessError } 19020001 - memory error. 1860 * @throws { BusinessError } 19020002 - runtime error. 1861 * @throws { BusinessError } 19030001 - crypto operation error. 1862 * @syscap SystemCapability.Security.Cert 1863 * @crossplatform 1864 * @since 11 1865 */ 1866 /** 1867 * Get certificate item value. 1868 * 1869 * @param { CertItemType } itemType 1870 * @returns { DataBlob } cert item value. 1871 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1872 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1873 * @throws { BusinessError } 19020001 - memory error. 1874 * @throws { BusinessError } 19020002 - runtime error. 1875 * @throws { BusinessError } 19030001 - crypto operation error. 1876 * @syscap SystemCapability.Security.Cert 1877 * @crossplatform 1878 * @atomicservice 1879 * @since 12 1880 */ 1881 getItem(itemType: CertItemType): DataBlob; 1882 1883 /** 1884 * Check the X509 cert if match the parameters. 1885 * 1886 * @param { X509CertMatchParameters } param - indicate the match parameters. 1887 * @returns { boolean } true - match X509Cert, false - not match. 1888 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1889 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1890 * @throws { BusinessError } 19020001 - memory error. 1891 * @throws { BusinessError } 19030001 - crypto operation error. 1892 * @syscap SystemCapability.Security.Cert 1893 * @crossplatform 1894 * @since 11 1895 */ 1896 /** 1897 * Check the X509 cert if match the parameters. 1898 * 1899 * @param { X509CertMatchParameters } param - indicate the match parameters. 1900 * @returns { boolean } true - match X509Cert, false - not match. 1901 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 1902 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1903 * @throws { BusinessError } 19020001 - memory error. 1904 * @throws { BusinessError } 19030001 - crypto operation error. 1905 * @syscap SystemCapability.Security.Cert 1906 * @crossplatform 1907 * @atomicservice 1908 * @since 12 1909 */ 1910 match(param: X509CertMatchParameters): boolean; 1911 1912 /** 1913 * Obtain CRL distribution points. 1914 * 1915 * @returns { DataArray } X509 cert CRL distribution points. 1916 * @throws { BusinessError } 19020001 - memory error. 1917 * @throws { BusinessError } 19020002 - runtime error. 1918 * @throws { BusinessError } 19030001 - crypto operation error. 1919 * @syscap SystemCapability.Security.Cert 1920 * @crossplatform 1921 * @atomicservice 1922 * @since 12 1923 */ 1924 getCRLDistributionPoint(): DataArray; 1925 1926 /** 1927 * Get X500 distinguished name of the issuer. 1928 * 1929 * @returns { X500DistinguishedName } X500 distinguished name object. 1930 * @throws { BusinessError } 19020001 - memory error. 1931 * @throws { BusinessError } 19020002 - runtime error. 1932 * @throws { BusinessError } 19030001 - crypto operation error. 1933 * @syscap SystemCapability.Security.Cert 1934 * @crossplatform 1935 * @atomicservice 1936 * @since 12 1937 */ 1938 getIssuerX500DistinguishedName(): X500DistinguishedName; 1939 1940 /** 1941 * Get X500 distinguished name of the subject. 1942 * 1943 * @returns { X500DistinguishedName } X500 distinguished name object. 1944 * @throws { BusinessError } 19020001 - memory error. 1945 * @throws { BusinessError } 19020002 - runtime error. 1946 * @throws { BusinessError } 19030001 - crypto operation error. 1947 * @syscap SystemCapability.Security.Cert 1948 * @crossplatform 1949 * @atomicservice 1950 * @since 12 1951 */ 1952 getSubjectX500DistinguishedName(): X500DistinguishedName; 1953 1954 /** 1955 * Get the string type data of the object. 1956 * 1957 * @returns { string } the string type data of the object. 1958 * @throws { BusinessError } 19020001 - memory error. 1959 * @throws { BusinessError } 19020002 - runtime error. 1960 * @throws { BusinessError } 19030001 - crypto operation error. 1961 * @syscap SystemCapability.Security.Cert 1962 * @crossplatform 1963 * @atomicservice 1964 * @since 12 1965 */ 1966 toString(): string; 1967 1968 /** 1969 * Get the hash value of DER format data. 1970 * 1971 * @returns { Uint8Array } the hash value of DER format data. 1972 * @throws { BusinessError } 19020001 - memory error. 1973 * @throws { BusinessError } 19020002 - runtime error. 1974 * @throws { BusinessError } 19030001 - crypto operation error. 1975 * @syscap SystemCapability.Security.Cert 1976 * @crossplatform 1977 * @atomicservice 1978 * @since 12 1979 */ 1980 hashCode(): Uint8Array; 1981 1982 /** 1983 * Get the extension der encoding data for the corresponding entity. 1984 * 1985 * @returns { CertExtension } the certExtension object. 1986 * @throws { BusinessError } 19020001 - memory error. 1987 * @throws { BusinessError } 19020002 - runtime error. 1988 * @throws { BusinessError } 19030001 - crypto operation error. 1989 * @syscap SystemCapability.Security.Cert 1990 * @crossplatform 1991 * @atomicservice 1992 * @since 12 1993 */ 1994 getExtensionsObject(): CertExtension; 1995 } 1996 1997 /** 1998 * Provides to create X509 certificate object. 1999 * The returned object provides the data parsing or verification capability. 2000 * 2001 * @param { EncodingBlob } inStream - indicate the input cert data. 2002 * @param { AsyncCallback<X509Cert> } callback - the callback of createX509Cert. 2003 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2004 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2005 * @throws { BusinessError } 801 - this operation is not supported. 2006 * @throws { BusinessError } 19020001 - memory error. 2007 * @throws { BusinessError } 19030001 - crypto operation error. 2008 * @syscap SystemCapability.Security.Cert 2009 * @since 9 2010 */ 2011 /** 2012 * Provides to create X509 certificate object. 2013 * The returned object provides the data parsing or verification capability. 2014 * 2015 * @param { EncodingBlob } inStream - indicate the input cert data. 2016 * @param { AsyncCallback<X509Cert> } callback - the callback of createX509Cert. 2017 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2018 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2019 * @throws { BusinessError } 801 - this operation is not supported. 2020 * @throws { BusinessError } 19020001 - memory error. 2021 * @throws { BusinessError } 19030001 - crypto operation error. 2022 * @syscap SystemCapability.Security.Cert 2023 * @crossplatform 2024 * @since 11 2025 */ 2026 /** 2027 * Provides to create X509 certificate object. 2028 * The returned object provides the data parsing or verification capability. 2029 * 2030 * @param { EncodingBlob } inStream - indicate the input cert data. 2031 * @param { AsyncCallback<X509Cert> } callback - the callback of createX509Cert. 2032 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2033 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2034 * @throws { BusinessError } 801 - this operation is not supported. 2035 * @throws { BusinessError } 19020001 - memory error. 2036 * @throws { BusinessError } 19030001 - crypto operation error. 2037 * @syscap SystemCapability.Security.Cert 2038 * @crossplatform 2039 * @atomicservice 2040 * @since 12 2041 */ 2042 function createX509Cert(inStream: EncodingBlob, callback: AsyncCallback<X509Cert>): void; 2043 2044 /** 2045 * Provides to create X509 certificate object. 2046 * The returned object provides the data parsing or verification capability. 2047 * 2048 * @param { EncodingBlob } inStream - indicate the input cert data. 2049 * @returns { Promise<X509Cert> } the promise of X509 cert instance. 2050 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2051 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2052 * @throws { BusinessError } 801 - this operation is not supported. 2053 * @throws { BusinessError } 19020001 - memory error. 2054 * @throws { BusinessError } 19030001 - crypto operation error. 2055 * @syscap SystemCapability.Security.Cert 2056 * @since 9 2057 */ 2058 /** 2059 * Provides to create X509 certificate object. 2060 * The returned object provides the data parsing or verification capability. 2061 * 2062 * @param { EncodingBlob } inStream - indicate the input cert data. 2063 * @returns { Promise<X509Cert> } the promise of X509 cert instance. 2064 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2065 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2066 * @throws { BusinessError } 801 - this operation is not supported. 2067 * @throws { BusinessError } 19020001 - memory error. 2068 * @throws { BusinessError } 19030001 - crypto operation error. 2069 * @syscap SystemCapability.Security.Cert 2070 * @crossplatform 2071 * @since 11 2072 */ 2073 /** 2074 * Provides to create X509 certificate object. 2075 * The returned object provides the data parsing or verification capability. 2076 * 2077 * @param { EncodingBlob } inStream - indicate the input cert data. 2078 * @returns { Promise<X509Cert> } the promise of X509 cert instance. 2079 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2080 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2081 * @throws { BusinessError } 801 - this operation is not supported. 2082 * @throws { BusinessError } 19020001 - memory error. 2083 * @throws { BusinessError } 19030001 - crypto operation error. 2084 * @syscap SystemCapability.Security.Cert 2085 * @crossplatform 2086 * @atomicservice 2087 * @since 12 2088 */ 2089 function createX509Cert(inStream: EncodingBlob): Promise<X509Cert>; 2090 2091 /** 2092 * The CertExtension interface is used to parse and verify certificate extension. 2093 * 2094 * @typedef CertExtension 2095 * @syscap SystemCapability.Security.Cert 2096 * @since 10 2097 */ 2098 /** 2099 * The CertExtension interface is used to parse and verify certificate extension. 2100 * 2101 * @typedef CertExtension 2102 * @syscap SystemCapability.Security.Cert 2103 * @crossplatform 2104 * @since 11 2105 */ 2106 /** 2107 * The CertExtension interface is used to parse and verify certificate extension. 2108 * 2109 * @typedef CertExtension 2110 * @syscap SystemCapability.Security.Cert 2111 * @crossplatform 2112 * @atomicservice 2113 * @since 12 2114 */ 2115 interface CertExtension { 2116 /** 2117 * Get certificate extension encoded data. 2118 * 2119 * @returns { EncodingBlob } cert extension encoded data. 2120 * @throws { BusinessError } 19020001 - memory error. 2121 * @throws { BusinessError } 19020002 - runtime error. 2122 * @throws { BusinessError } 19030001 - crypto operation error. 2123 * @syscap SystemCapability.Security.Cert 2124 * @since 10 2125 */ 2126 /** 2127 * Get certificate extension encoded data. 2128 * 2129 * @returns { EncodingBlob } cert extension encoded data. 2130 * @throws { BusinessError } 19020001 - memory error. 2131 * @throws { BusinessError } 19020002 - runtime error. 2132 * @throws { BusinessError } 19030001 - crypto operation error. 2133 * @syscap SystemCapability.Security.Cert 2134 * @crossplatform 2135 * @since 11 2136 */ 2137 /** 2138 * Get certificate extension encoded data. 2139 * 2140 * @returns { EncodingBlob } cert extension encoded data. 2141 * @throws { BusinessError } 19020001 - memory error. 2142 * @throws { BusinessError } 19020002 - runtime error. 2143 * @throws { BusinessError } 19030001 - crypto operation error. 2144 * @syscap SystemCapability.Security.Cert 2145 * @crossplatform 2146 * @atomicservice 2147 * @since 12 2148 */ 2149 getEncoded(): EncodingBlob; 2150 2151 /** 2152 * Get certificate extension oid list. 2153 * 2154 * @param { ExtensionOidType } valueType 2155 * @returns { DataArray } cert extension OID list value. 2156 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2157 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2158 * @throws { BusinessError } 19020001 - memory error. 2159 * @throws { BusinessError } 19020002 - runtime error. 2160 * @throws { BusinessError } 19030001 - crypto operation error. 2161 * @syscap SystemCapability.Security.Cert 2162 * @since 10 2163 */ 2164 /** 2165 * Get certificate extension oid list. 2166 * 2167 * @param { ExtensionOidType } valueType 2168 * @returns { DataArray } cert extension OID list value. 2169 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2170 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2171 * @throws { BusinessError } 19020001 - memory error. 2172 * @throws { BusinessError } 19020002 - runtime error. 2173 * @throws { BusinessError } 19030001 - crypto operation error. 2174 * @syscap SystemCapability.Security.Cert 2175 * @crossplatform 2176 * @since 11 2177 */ 2178 /** 2179 * Get certificate extension oid list. 2180 * 2181 * @param { ExtensionOidType } valueType 2182 * @returns { DataArray } cert extension OID list value. 2183 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2184 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2185 * @throws { BusinessError } 19020001 - memory error. 2186 * @throws { BusinessError } 19020002 - runtime error. 2187 * @throws { BusinessError } 19030001 - crypto operation error. 2188 * @syscap SystemCapability.Security.Cert 2189 * @crossplatform 2190 * @atomicservice 2191 * @since 12 2192 */ 2193 getOidList(valueType: ExtensionOidType): DataArray; 2194 2195 /** 2196 * Get certificate extension entry. 2197 * 2198 * @param { ExtensionEntryType } valueType 2199 * @param { DataBlob } oid 2200 * @returns { DataBlob } cert extension entry value. 2201 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2202 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2203 * @throws { BusinessError } 19020001 - memory error. 2204 * @throws { BusinessError } 19020002 - runtime error. 2205 * @throws { BusinessError } 19030001 - crypto operation error. 2206 * @syscap SystemCapability.Security.Cert 2207 * @since 10 2208 */ 2209 /** 2210 * Get certificate extension entry. 2211 * 2212 * @param { ExtensionEntryType } valueType 2213 * @param { DataBlob } oid 2214 * @returns { DataBlob } cert extension entry value. 2215 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2216 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2217 * @throws { BusinessError } 19020001 - memory error. 2218 * @throws { BusinessError } 19020002 - runtime error. 2219 * @throws { BusinessError } 19030001 - crypto operation error. 2220 * @syscap SystemCapability.Security.Cert 2221 * @crossplatform 2222 * @since 11 2223 */ 2224 /** 2225 * Get certificate extension entry. 2226 * 2227 * @param { ExtensionEntryType } valueType 2228 * @param { DataBlob } oid 2229 * @returns { DataBlob } cert extension entry value. 2230 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2231 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2232 * @throws { BusinessError } 19020001 - memory error. 2233 * @throws { BusinessError } 19020002 - runtime error. 2234 * @throws { BusinessError } 19030001 - crypto operation error. 2235 * @syscap SystemCapability.Security.Cert 2236 * @crossplatform 2237 * @atomicservice 2238 * @since 12 2239 */ 2240 getEntry(valueType: ExtensionEntryType, oid: DataBlob): DataBlob; 2241 2242 /** 2243 * Check whether the certificate is a CA(The keyusage contains signature usage and the value of cA in BasicConstraints is true). 2244 * If not a CA, return -1, otherwise return the path length constraint in BasicConstraints. 2245 * If the certificate is a CA and the path length constraint does not appear, then return -2 to indicate that there is no limit to path length. 2246 * 2247 * @returns { number } path length constraint. 2248 * @throws { BusinessError } 19020001 - memory error. 2249 * @throws { BusinessError } 19020002 - runtime error. 2250 * @throws { BusinessError } 19030001 - crypto operation error. 2251 * @syscap SystemCapability.Security.Cert 2252 * @since 10 2253 */ 2254 /** 2255 * Check whether the certificate is a CA(The keyusage contains signature usage and the value of cA in BasicConstraints is true). 2256 * If not a CA, return -1, otherwise return the path length constraint in BasicConstraints. 2257 * If the certificate is a CA and the path length constraint does not appear, then return -2 to indicate that there is no limit to path length. 2258 * 2259 * @returns { number } path length constraint. 2260 * @throws { BusinessError } 19020001 - memory error. 2261 * @throws { BusinessError } 19020002 - runtime error. 2262 * @throws { BusinessError } 19030001 - crypto operation error. 2263 * @syscap SystemCapability.Security.Cert 2264 * @crossplatform 2265 * @since 11 2266 */ 2267 /** 2268 * Check whether the certificate is a CA(The keyusage contains signature usage and the value of cA in BasicConstraints is true). 2269 * If not a CA, return -1, otherwise return the path length constraint in BasicConstraints. 2270 * If the certificate is a CA and the path length constraint does not appear, then return -2 to indicate that there is no limit to path length. 2271 * 2272 * @returns { number } path length constraint. 2273 * @throws { BusinessError } 19020001 - memory error. 2274 * @throws { BusinessError } 19020002 - runtime error. 2275 * @throws { BusinessError } 19030001 - crypto operation error. 2276 * @syscap SystemCapability.Security.Cert 2277 * @crossplatform 2278 * @atomicservice 2279 * @since 12 2280 */ 2281 checkCA(): number; 2282 2283 /** 2284 * Check if exists Unsupported critical extension. 2285 * 2286 * @returns { boolean } true - exists unsupported critical extension, false - else. 2287 * @throws { BusinessError } 19020001 - memory error. 2288 * @throws { BusinessError } 19020002 - runtime error. 2289 * @throws { BusinessError } 19030001 - crypto operation error. 2290 * @syscap SystemCapability.Security.Cert 2291 * @crossplatform 2292 * @since 11 2293 */ 2294 /** 2295 * Check if exists Unsupported critical extension. 2296 * 2297 * @returns { boolean } true - exists unsupported critical extension, false - else. 2298 * @throws { BusinessError } 19020001 - memory error. 2299 * @throws { BusinessError } 19020002 - runtime error. 2300 * @throws { BusinessError } 19030001 - crypto operation error. 2301 * @syscap SystemCapability.Security.Cert 2302 * @crossplatform 2303 * @atomicservice 2304 * @since 12 2305 */ 2306 hasUnsupportedCriticalExtension(): boolean; 2307 } 2308 2309 /** 2310 * Provides to create certificate extension object. 2311 * The returned object provides the data parsing or verification capability. 2312 * 2313 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2314 * @param { AsyncCallback<CertExtension> } callback - the callback of of certificate extension instance. 2315 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2316 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2317 * @throws { BusinessError } 801 - this operation is not supported. 2318 * @throws { BusinessError } 19020001 - memory error. 2319 * @throws { BusinessError } 19030001 - crypto operation error. 2320 * @syscap SystemCapability.Security.Cert 2321 * @since 10 2322 */ 2323 /** 2324 * Provides to create certificate extension object. 2325 * The returned object provides the data parsing or verification capability. 2326 * 2327 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2328 * @param { AsyncCallback<CertExtension> } callback - the callback of of certificate extension instance. 2329 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2330 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2331 * @throws { BusinessError } 801 - this operation is not supported. 2332 * @throws { BusinessError } 19020001 - memory error. 2333 * @throws { BusinessError } 19030001 - crypto operation error. 2334 * @syscap SystemCapability.Security.Cert 2335 * @crossplatform 2336 * @since 11 2337 */ 2338 /** 2339 * Provides to create certificate extension object. 2340 * The returned object provides the data parsing or verification capability. 2341 * 2342 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2343 * @param { AsyncCallback<CertExtension> } callback - the callback of of certificate extension instance. 2344 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2345 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2346 * @throws { BusinessError } 801 - this operation is not supported. 2347 * @throws { BusinessError } 19020001 - memory error. 2348 * @throws { BusinessError } 19030001 - crypto operation error. 2349 * @syscap SystemCapability.Security.Cert 2350 * @crossplatform 2351 * @atomicservice 2352 * @since 12 2353 */ 2354 function createCertExtension(inStream: EncodingBlob, callback: AsyncCallback<CertExtension>): void; 2355 2356 /** 2357 * Provides to create certificate extension object. 2358 * The returned object provides the data parsing or verification capability. 2359 * 2360 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2361 * @returns { Promise<CertExtension> } the promise of certificate extension instance. 2362 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2363 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2364 * @throws { BusinessError } 801 - this operation is not supported. 2365 * @throws { BusinessError } 19020001 - memory error. 2366 * @throws { BusinessError } 19030001 - crypto operation error. 2367 * @syscap SystemCapability.Security.Cert 2368 * @since 10 2369 */ 2370 /** 2371 * Provides to create certificate extension object. 2372 * The returned object provides the data parsing or verification capability. 2373 * 2374 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2375 * @returns { Promise<CertExtension> } the promise of certificate extension instance. 2376 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2377 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2378 * @throws { BusinessError } 801 - this operation is not supported. 2379 * @throws { BusinessError } 19020001 - memory error. 2380 * @throws { BusinessError } 19030001 - crypto operation error. 2381 * @syscap SystemCapability.Security.Cert 2382 * @crossplatform 2383 * @since 11 2384 */ 2385 /** 2386 * Provides to create certificate extension object. 2387 * The returned object provides the data parsing or verification capability. 2388 * 2389 * @param { EncodingBlob } inStream - indicate the input cert extensions data. 2390 * @returns { Promise<CertExtension> } the promise of certificate extension instance. 2391 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2392 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2393 * @throws { BusinessError } 801 - this operation is not supported. 2394 * @throws { BusinessError } 19020001 - memory error. 2395 * @throws { BusinessError } 19030001 - crypto operation error. 2396 * @syscap SystemCapability.Security.Cert 2397 * @crossplatform 2398 * @atomicservice 2399 * @since 12 2400 */ 2401 function createCertExtension(inStream: EncodingBlob): Promise<CertExtension>; 2402 2403 /** 2404 * Interface of X509CrlEntry. 2405 * 2406 * @typedef X509CrlEntry 2407 * @syscap SystemCapability.Security.Cert 2408 * @since 9 2409 * @deprecated since 11 2410 * @useinstead ohos.security.cert.X509CRLEntry 2411 */ 2412 interface X509CrlEntry { 2413 /** 2414 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2415 * 2416 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 2417 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2418 * <br>2. Incorrect parameter types; 2419 * @throws { BusinessError } 19020001 - memory error. 2420 * @throws { BusinessError } 19020002 - runtime error. 2421 * @throws { BusinessError } 19030001 - crypto operation error. 2422 * @syscap SystemCapability.Security.Cert 2423 * @since 9 2424 * @deprecated since 11 2425 * @useinstead ohos.security.cert.X509CRLEntry#getEncoded 2426 */ 2427 getEncoded(callback: AsyncCallback<EncodingBlob>): void; 2428 2429 /** 2430 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2431 * 2432 * @returns { Promise<EncodingBlob> } the promise of crl entry blob data. 2433 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2434 * <br>2. Incorrect parameter types; 2435 * @throws { BusinessError } 19020001 - memory error. 2436 * @throws { BusinessError } 19020002 - runtime error. 2437 * @throws { BusinessError } 19030001 - crypto operation error. 2438 * @syscap SystemCapability.Security.Cert 2439 * @since 9 2440 * @deprecated since 11 2441 * @useinstead ohos.security.cert.X509CRLEntry#getEncoded 2442 */ 2443 getEncoded(): Promise<EncodingBlob>; 2444 2445 /** 2446 * Get the serial number from this x509crl entry. 2447 * 2448 * @returns { number } serial number of crl entry. 2449 * @syscap SystemCapability.Security.Cert 2450 * @since 9 2451 * @deprecated since 11 2452 * @useinstead ohos.security.cert.X509CRLEntry#getSerialNumber 2453 */ 2454 getSerialNumber(): number; 2455 2456 /** 2457 * Get the issuer of the x509 certificate described by this entry. 2458 * 2459 * @returns { DataBlob } DataBlob of issuer. 2460 * @throws { BusinessError } 801 - this operation is not supported. 2461 * @throws { BusinessError } 19020001 - memory error. 2462 * @throws { BusinessError } 19020002 - runtime error. 2463 * @syscap SystemCapability.Security.Cert 2464 * @since 9 2465 * @deprecated since 11 2466 * @useinstead ohos.security.cert.X509CRLEntry#getCertIssuer 2467 */ 2468 getCertIssuer(): DataBlob; 2469 2470 /** 2471 * Get the revocation date from x509crl entry. 2472 * 2473 * @returns { string } string of revocation date. 2474 * @throws { BusinessError } 19020001 - memory error. 2475 * @throws { BusinessError } 19020002 - runtime error. 2476 * @throws { BusinessError } 19030001 - crypto operation error. 2477 * @syscap SystemCapability.Security.Cert 2478 * @since 9 2479 * @deprecated since 11 2480 * @useinstead ohos.security.cert.X509CRLEntry#getRevocationDate 2481 */ 2482 getRevocationDate(): string; 2483 } 2484 2485 /** 2486 * Interface of X509CRLEntry. 2487 * 2488 * @typedef X509CRLEntry 2489 * @syscap SystemCapability.Security.Cert 2490 * @crossplatform 2491 * @since 11 2492 */ 2493 /** 2494 * Interface of X509CRLEntry. 2495 * 2496 * @typedef X509CRLEntry 2497 * @syscap SystemCapability.Security.Cert 2498 * @crossplatform 2499 * @atomicservice 2500 * @since 12 2501 */ 2502 interface X509CRLEntry { 2503 /** 2504 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2505 * 2506 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 2507 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2508 * <br>2. Incorrect parameter types; 2509 * @throws { BusinessError } 19020001 - memory error. 2510 * @throws { BusinessError } 19020002 - runtime error. 2511 * @throws { BusinessError } 19030001 - crypto operation error. 2512 * @syscap SystemCapability.Security.Cert 2513 * @crossplatform 2514 * @since 11 2515 */ 2516 /** 2517 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2518 * 2519 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 2520 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2521 * <br>2. Incorrect parameter types; 2522 * @throws { BusinessError } 19020001 - memory error. 2523 * @throws { BusinessError } 19020002 - runtime error. 2524 * @throws { BusinessError } 19030001 - crypto operation error. 2525 * @syscap SystemCapability.Security.Cert 2526 * @crossplatform 2527 * @atomicservice 2528 * @since 12 2529 */ 2530 getEncoded(callback: AsyncCallback<EncodingBlob>): void; 2531 2532 /** 2533 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2534 * 2535 * @returns { Promise<EncodingBlob> } the promise of CRL entry blob data. 2536 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2537 * <br>2. Incorrect parameter types; 2538 * @throws { BusinessError } 19020001 - memory error. 2539 * @throws { BusinessError } 19020002 - runtime error. 2540 * @throws { BusinessError } 19030001 - crypto operation error. 2541 * @syscap SystemCapability.Security.Cert 2542 * @crossplatform 2543 * @since 11 2544 */ 2545 /** 2546 * Returns the ASN of this CRL entry 1 der coding form, i.e. internal sequence. 2547 * 2548 * @returns { Promise<EncodingBlob> } the promise of CRL entry blob data. 2549 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2550 * <br>2. Incorrect parameter types; 2551 * @throws { BusinessError } 19020001 - memory error. 2552 * @throws { BusinessError } 19020002 - runtime error. 2553 * @throws { BusinessError } 19030001 - crypto operation error. 2554 * @syscap SystemCapability.Security.Cert 2555 * @crossplatform 2556 * @atomicservice 2557 * @since 12 2558 */ 2559 getEncoded(): Promise<EncodingBlob>; 2560 2561 /** 2562 * Get the serial number from this x509CRL entry. 2563 * 2564 * @returns { bigint } serial number of CRL entry. 2565 * @throws { BusinessError } 19020001 - memory error. 2566 * @throws { BusinessError } 19020002 - runtime error. 2567 * @throws { BusinessError } 19030001 - crypto operation error. 2568 * @syscap SystemCapability.Security.Cert 2569 * @crossplatform 2570 * @since 11 2571 */ 2572 /** 2573 * Get the serial number from this x509CRL entry. 2574 * 2575 * @returns { bigint } serial number of CRL entry. 2576 * @throws { BusinessError } 19020001 - memory error. 2577 * @throws { BusinessError } 19020002 - runtime error. 2578 * @throws { BusinessError } 19030001 - crypto operation error. 2579 * @syscap SystemCapability.Security.Cert 2580 * @crossplatform 2581 * @atomicservice 2582 * @since 12 2583 */ 2584 getSerialNumber(): bigint; 2585 2586 /** 2587 * Get the issuer of the x509 certificate described by this entry. 2588 * 2589 * @returns { DataBlob } DataBlob of issuer. 2590 * @throws { BusinessError } 801 - this operation is not supported. 2591 * @throws { BusinessError } 19020001 - memory error. 2592 * @throws { BusinessError } 19020002 - runtime error. 2593 * @throws { BusinessError } 19030001 - crypto operation error. 2594 * @syscap SystemCapability.Security.Cert 2595 * @crossplatform 2596 * @since 11 2597 */ 2598 /** 2599 * Get the issuer of the x509 certificate described by this entry. 2600 * 2601 * @returns { DataBlob } DataBlob of issuer. 2602 * @throws { BusinessError } 801 - this operation is not supported. 2603 * @throws { BusinessError } 19020001 - memory error. 2604 * @throws { BusinessError } 19020002 - runtime error. 2605 * @throws { BusinessError } 19030001 - crypto operation error. 2606 * @syscap SystemCapability.Security.Cert 2607 * @crossplatform 2608 * @atomicservice 2609 * @since 12 2610 */ 2611 getCertIssuer(): DataBlob; 2612 2613 /** 2614 * Get the revocation date from x509CRL entry. 2615 * 2616 * @returns { string } string of revocation date. 2617 * @throws { BusinessError } 19020001 - memory error. 2618 * @throws { BusinessError } 19020002 - runtime error. 2619 * @throws { BusinessError } 19030001 - crypto operation error. 2620 * @syscap SystemCapability.Security.Cert 2621 * @crossplatform 2622 * @since 11 2623 */ 2624 /** 2625 * Get the revocation date from x509CRL entry. 2626 * 2627 * @returns { string } string of revocation date. 2628 * @throws { BusinessError } 19020001 - memory error. 2629 * @throws { BusinessError } 19020002 - runtime error. 2630 * @throws { BusinessError } 19030001 - crypto operation error. 2631 * @syscap SystemCapability.Security.Cert 2632 * @crossplatform 2633 * @atomicservice 2634 * @since 12 2635 */ 2636 getRevocationDate(): string; 2637 2638 /** 2639 * Get Extensions of CRL Entry. 2640 * 2641 * @returns { DataBlob } DataBlob of extensions 2642 * @throws { BusinessError } 19020001 - memory error. 2643 * @throws { BusinessError } 19020002 - runtime error. 2644 * @throws { BusinessError } 19030001 - crypto operation error. 2645 * @syscap SystemCapability.Security.Cert 2646 * @crossplatform 2647 * @since 11 2648 */ 2649 /** 2650 * Get Extensions of CRL Entry. 2651 * 2652 * @returns { DataBlob } DataBlob of extensions 2653 * @throws { BusinessError } 19020001 - memory error. 2654 * @throws { BusinessError } 19020002 - runtime error. 2655 * @throws { BusinessError } 19030001 - crypto operation error. 2656 * @syscap SystemCapability.Security.Cert 2657 * @crossplatform 2658 * @atomicservice 2659 * @since 12 2660 */ 2661 getExtensions(): DataBlob; 2662 2663 /** 2664 * Check if CRL Entry has extension . 2665 * 2666 * @returns { boolean } true - CRL Entry has extension, false - else. 2667 * @throws { BusinessError } 19020001 - memory error. 2668 * @throws { BusinessError } 19020002 - runtime error. 2669 * @throws { BusinessError } 19030001 - crypto operation error. 2670 * @syscap SystemCapability.Security.Cert 2671 * @crossplatform 2672 * @since 11 2673 */ 2674 /** 2675 * Check if CRL Entry has extension . 2676 * 2677 * @returns { boolean } true - CRL Entry has extension, false - else. 2678 * @throws { BusinessError } 19020001 - memory error. 2679 * @throws { BusinessError } 19020002 - runtime error. 2680 * @throws { BusinessError } 19030001 - crypto operation error. 2681 * @syscap SystemCapability.Security.Cert 2682 * @crossplatform 2683 * @atomicservice 2684 * @since 12 2685 */ 2686 hasExtensions(): boolean; 2687 2688 /** 2689 * Get X500 distinguished name of the issuer. 2690 * 2691 * @returns { X500DistinguishedName } X500 distinguished name object. 2692 * @throws { BusinessError } 19020001 - memory error. 2693 * @throws { BusinessError } 19020002 - runtime error. 2694 * @throws { BusinessError } 19030001 - crypto operation error. 2695 * @syscap SystemCapability.Security.Cert 2696 * @crossplatform 2697 * @atomicservice 2698 * @since 12 2699 */ 2700 getCertIssuerX500DistinguishedName(): X500DistinguishedName; 2701 2702 /** 2703 * Get the string type data of the object. 2704 * 2705 * @returns { string } the string type data of the object. 2706 * @throws { BusinessError } 19020001 - memory error. 2707 * @throws { BusinessError } 19020002 - runtime error. 2708 * @throws { BusinessError } 19030001 - crypto operation error. 2709 * @syscap SystemCapability.Security.Cert 2710 * @crossplatform 2711 * @atomicservice 2712 * @since 12 2713 */ 2714 toString(): string; 2715 2716 /** 2717 * Get the hash value of DER format data. 2718 * 2719 * @returns { Uint8Array } the hash value of DER format data. 2720 * @throws { BusinessError } 19020001 - memory error. 2721 * @throws { BusinessError } 19020002 - runtime error. 2722 * @throws { BusinessError } 19030001 - crypto operation error. 2723 * @syscap SystemCapability.Security.Cert 2724 * @crossplatform 2725 * @atomicservice 2726 * @since 12 2727 */ 2728 hashCode(): Uint8Array; 2729 2730 /** 2731 * Get the extension der encoding data for the corresponding entity. 2732 * 2733 * @returns { CertExtension } the certExtension object. 2734 * @throws { BusinessError } 19020001 - memory error. 2735 * @throws { BusinessError } 19020002 - runtime error. 2736 * @throws { BusinessError } 19030001 - crypto operation error. 2737 * @syscap SystemCapability.Security.Cert 2738 * @crossplatform 2739 * @atomicservice 2740 * @since 12 2741 */ 2742 getExtensionsObject(): CertExtension; 2743 } 2744 2745 /** 2746 * Interface of X509Crl. 2747 * 2748 * @typedef X509Crl 2749 * @syscap SystemCapability.Security.Cert 2750 * @since 9 2751 * @deprecated since 11 2752 * @useinstead ohos.security.cert.X509CRL 2753 */ 2754 interface X509Crl { 2755 /** 2756 * Check if the given certificate is on this CRL. 2757 * 2758 * @param { X509Cert } cert - input cert data. 2759 * @returns { boolean } result of Check cert is revoked or not. 2760 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2761 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2762 * @syscap SystemCapability.Security.Cert 2763 * @since 9 2764 * @deprecated since 11 2765 * @useinstead ohos.security.cert.X509CRL#isRevoked 2766 */ 2767 isRevoked(cert: X509Cert): boolean; 2768 2769 /** 2770 * Returns the type of this CRL. 2771 * 2772 * @returns { string } string of crl type. 2773 * @syscap SystemCapability.Security.Cert 2774 * @since 9 2775 * @deprecated since 11 2776 * @useinstead ohos.security.cert.X509CRL#getType 2777 */ 2778 getType(): string; 2779 2780 /** 2781 * Get the der coding format. 2782 * 2783 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 2784 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2785 * <br>2. Incorrect parameter types; 2786 * @throws { BusinessError } 19020001 - memory error. 2787 * @throws { BusinessError } 19020002 - runtime error. 2788 * @throws { BusinessError } 19030001 - crypto operation error. 2789 * @syscap SystemCapability.Security.Cert 2790 * @since 9 2791 * @deprecated since 11 2792 * @useinstead ohos.security.cert.X509CRL#getEncoded 2793 */ 2794 getEncoded(callback: AsyncCallback<EncodingBlob>): void; 2795 2796 /** 2797 * Get the der coding format. 2798 * 2799 * @returns { Promise<EncodingBlob> } the promise of crl blob data. 2800 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2801 * <br>2. Incorrect parameter types; 2802 * @throws { BusinessError } 19020001 - memory error. 2803 * @throws { BusinessError } 19020002 - runtime error. 2804 * @throws { BusinessError } 19030001 - crypto operation error. 2805 * @syscap SystemCapability.Security.Cert 2806 * @since 9 2807 * @deprecated since 11 2808 * @useinstead ohos.security.cert.X509CRL#getEncoded 2809 */ 2810 getEncoded(): Promise<EncodingBlob>; 2811 2812 /** 2813 * Use the public key to verify the signature of CRL. 2814 * 2815 * @param { cryptoFramework.PubKey } key - input public Key. 2816 * @param { AsyncCallback<void> } callback - the callback of getEncoded. 2817 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2818 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2819 * @throws { BusinessError } 19030001 - crypto operation error. 2820 * @syscap SystemCapability.Security.Cert 2821 * @since 9 2822 * @deprecated since 11 2823 * @useinstead ohos.security.cert.X509CRL#verify 2824 */ 2825 verify(key: cryptoFramework.PubKey, callback: AsyncCallback<void>): void; 2826 2827 /** 2828 * Use the public key to verify the signature of CRL. 2829 * 2830 * @param { cryptoFramework.PubKey } key - input public Key. 2831 * @returns { Promise<void> } the promise returned by the function. 2832 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2833 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2834 * @throws { BusinessError } 19030001 - crypto operation error. 2835 * @syscap SystemCapability.Security.Cert 2836 * @since 9 2837 * @deprecated since 11 2838 * @useinstead ohos.security.cert.X509CRL#verify 2839 */ 2840 verify(key: cryptoFramework.PubKey): Promise<void>; 2841 2842 /** 2843 * Get version number from CRL. 2844 * 2845 * @returns { number } version of crl. 2846 * @syscap SystemCapability.Security.Cert 2847 * @since 9 2848 * @deprecated since 11 2849 * @useinstead ohos.security.cert.X509CRL#getVersion 2850 */ 2851 getVersion(): number; 2852 2853 /** 2854 * Get the issuer name from CRL. Issuer means the entity that signs and publishes the CRL. 2855 * 2856 * @returns { DataBlob } issuer name of crl. 2857 * @throws { BusinessError } 19020001 - memory error. 2858 * @throws { BusinessError } 19020002 - runtime error. 2859 * @throws { BusinessError } 19030001 - crypto operation error. 2860 * @syscap SystemCapability.Security.Cert 2861 * @since 9 2862 * @deprecated since 11 2863 * @useinstead ohos.security.cert.X509CRL#getIssuerName 2864 */ 2865 getIssuerName(): DataBlob; 2866 2867 /** 2868 * Get lastUpdate value from CRL. 2869 * 2870 * @returns { string } last update of crl. 2871 * @throws { BusinessError } 19020001 - memory error. 2872 * @throws { BusinessError } 19020002 - runtime error. 2873 * @throws { BusinessError } 19030001 - crypto operation error. 2874 * @syscap SystemCapability.Security.Cert 2875 * @since 9 2876 * @deprecated since 11 2877 * @useinstead ohos.security.cert.X509CRL#getLastUpdate 2878 */ 2879 getLastUpdate(): string; 2880 2881 /** 2882 * Get nextUpdate value from CRL. 2883 * 2884 * @returns { string } next update of crl. 2885 * @throws { BusinessError } 19020001 - memory error. 2886 * @throws { BusinessError } 19020002 - runtime error. 2887 * @throws { BusinessError } 19030001 - crypto operation error. 2888 * @syscap SystemCapability.Security.Cert 2889 * @since 9 2890 * @deprecated since 11 2891 * @useinstead ohos.security.cert.X509CRL#getNextUpdate 2892 */ 2893 getNextUpdate(): string; 2894 2895 /** 2896 * This method can be used to find CRL entries in specified CRLs. 2897 * 2898 * @param { number } serialNumber - serial number of crl. 2899 * @returns { X509CrlEntry } next update of crl. 2900 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2901 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2902 * @throws { BusinessError } 19020001 - memory error. 2903 * @throws { BusinessError } 19030001 - crypto operation error. 2904 * @syscap SystemCapability.Security.Cert 2905 * @since 9 2906 * @deprecated since 11 2907 * @useinstead ohos.security.cert.X509CRL#getRevokedCert 2908 */ 2909 getRevokedCert(serialNumber: number): X509CrlEntry; 2910 2911 /** 2912 * This method can be used to find CRL entries in specified cert. 2913 * 2914 * @param { X509Cert } cert - cert of x509. 2915 * @returns { X509CrlEntry } X509CrlEntry instance. 2916 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2917 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 2918 * @throws { BusinessError } 19020001 - memory error. 2919 * @throws { BusinessError } 19030001 - crypto operation error. 2920 * @syscap SystemCapability.Security.Cert 2921 * @since 9 2922 * @deprecated since 11 2923 * @useinstead ohos.security.cert.X509CRL#getRevokedCertWithCert 2924 */ 2925 getRevokedCertWithCert(cert: X509Cert): X509CrlEntry; 2926 2927 /** 2928 * Get all entries in this CRL. 2929 * 2930 * @param { AsyncCallback<Array<X509CrlEntry>> } callback - the callback of getRevokedCerts. 2931 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2932 * <br>2. Incorrect parameter types; 2933 * @throws { BusinessError } 19020001 - memory error. 2934 * @throws { BusinessError } 19030001 - crypto operation error. 2935 * @syscap SystemCapability.Security.Cert 2936 * @since 9 2937 * @deprecated since 11 2938 * @useinstead ohos.security.cert.X509CRL#getRevokedCerts 2939 */ 2940 getRevokedCerts(callback: AsyncCallback<Array<X509CrlEntry>>): void; 2941 2942 /** 2943 * Get all entries in this CRL. 2944 * 2945 * @returns { Promise<Array<X509CrlEntry>> } the promise of X509CrlEntry instance. 2946 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 2947 * <br>2. Incorrect parameter types; 2948 * @throws { BusinessError } 19020001 - memory error. 2949 * @throws { BusinessError } 19030001 - crypto operation error. 2950 * @syscap SystemCapability.Security.Cert 2951 * @since 9 2952 * @deprecated since 11 2953 * @useinstead ohos.security.cert.X509CRL#getRevokedCerts 2954 */ 2955 getRevokedCerts(): Promise<Array<X509CrlEntry>>; 2956 2957 /** 2958 * Get the CRL information encoded by Der from this CRL. 2959 * 2960 * @returns { DataBlob } DataBlob of tbs info. 2961 * @throws { BusinessError } 19020001 - memory error. 2962 * @throws { BusinessError } 19020002 - runtime error. 2963 * @throws { BusinessError } 19030001 - crypto operation error. 2964 * @syscap SystemCapability.Security.Cert 2965 * @since 9 2966 * @deprecated since 11 2967 * @useinstead ohos.security.cert.X509CRL#getTBSInfo 2968 */ 2969 getTbsInfo(): DataBlob; 2970 2971 /** 2972 * Get signature value from CRL. 2973 * 2974 * @returns { DataBlob } DataBlob of signature. 2975 * @throws { BusinessError } 19020001 - memory error. 2976 * @throws { BusinessError } 19020002 - runtime error. 2977 * @throws { BusinessError } 19030001 - crypto operation error. 2978 * @syscap SystemCapability.Security.Cert 2979 * @since 9 2980 * @deprecated since 11 2981 * @useinstead ohos.security.cert.X509CRL#getSignature 2982 */ 2983 getSignature(): DataBlob; 2984 2985 /** 2986 * Get the signature algorithm name of the CRL signature algorithm. 2987 * 2988 * @returns { string } string of signature algorithm name. 2989 * @throws { BusinessError } 19020001 - memory error. 2990 * @throws { BusinessError } 19020002 - runtime error. 2991 * @throws { BusinessError } 19030001 - crypto operation error. 2992 * @syscap SystemCapability.Security.Cert 2993 * @since 9 2994 * @deprecated since 11 2995 * @useinstead ohos.security.cert.X509CRL#getSignatureAlgName 2996 */ 2997 getSignatureAlgName(): string; 2998 2999 /** 3000 * Get the signature algorithm oid string from CRL. 3001 * 3002 * @returns { string } string of signature algorithm oid. 3003 * @throws { BusinessError } 19020001 - memory error. 3004 * @throws { BusinessError } 19020002 - runtime error. 3005 * @throws { BusinessError } 19030001 - crypto operation error. 3006 * @syscap SystemCapability.Security.Cert 3007 * @since 9 3008 * @deprecated since 11 3009 * @useinstead ohos.security.cert.X509CRL#getSignatureAlgOid 3010 */ 3011 getSignatureAlgOid(): string; 3012 3013 /** 3014 * Get the der encoded signature algorithm parameters from the CRL signature algorithm. 3015 * 3016 * @returns { DataBlob } DataBlob of signature algorithm params. 3017 * @throws { BusinessError } 801 - this operation is not supported. 3018 * @throws { BusinessError } 19020001 - memory error. 3019 * @throws { BusinessError } 19020002 - runtime error. 3020 * @throws { BusinessError } 19030001 - crypto operation error. 3021 * @syscap SystemCapability.Security.Cert 3022 * @since 9 3023 * @deprecated since 11 3024 * @useinstead ohos.security.cert.X509CRL#getSignatureAlgParams 3025 */ 3026 getSignatureAlgParams(): DataBlob; 3027 } 3028 3029 /** 3030 * Provides to create X509 CRL object. 3031 * The returned object provides the data parsing or verification capability. 3032 * 3033 * @param { EncodingBlob } inStream - indicates the input CRL data. 3034 * @param { AsyncCallback<X509Crl> } callback - the callback of createX509Crl to return x509 CRL instance. 3035 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3036 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3037 * @throws { BusinessError } 801 - this operation is not supported. 3038 * @throws { BusinessError } 19020001 - memory error. 3039 * @syscap SystemCapability.Security.Cert 3040 * @since 9 3041 * @deprecated since 11 3042 * @useinstead ohos.security.cert#createX509CRL 3043 */ 3044 function createX509Crl(inStream: EncodingBlob, callback: AsyncCallback<X509Crl>): void; 3045 3046 /** 3047 * Provides to create X509 CRL object. 3048 * The returned object provides the data parsing or verification capability. 3049 * 3050 * @param { EncodingBlob } inStream - indicates the input CRL data. 3051 * @returns { Promise<X509Crl> } the promise of x509 CRL instance. 3052 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3053 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3054 * @throws { BusinessError } 801 - this operation is not supported. 3055 * @throws { BusinessError } 19020001 - memory error. 3056 * @syscap SystemCapability.Security.Cert 3057 * @since 9 3058 * @deprecated since 11 3059 * @useinstead ohos.security.cert#createX509CRL 3060 */ 3061 function createX509Crl(inStream: EncodingBlob): Promise<X509Crl>; 3062 3063 /** 3064 * Interface of X509CRL. 3065 * 3066 * @typedef X509CRL 3067 * @syscap SystemCapability.Security.Cert 3068 * @crossplatform 3069 * @since 11 3070 */ 3071 /** 3072 * Interface of X509CRL. 3073 * 3074 * @typedef X509CRL 3075 * @syscap SystemCapability.Security.Cert 3076 * @crossplatform 3077 * @atomicservice 3078 * @since 12 3079 */ 3080 interface X509CRL { 3081 /** 3082 * Check if the given certificate is on this CRL. 3083 * 3084 * @param { X509Cert } cert - input cert data. 3085 * @returns { boolean } result of Check cert is revoked or not. 3086 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3087 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3088 * @syscap SystemCapability.Security.Cert 3089 * @crossplatform 3090 * @since 11 3091 */ 3092 /** 3093 * Check if the given certificate is on this CRL. 3094 * 3095 * @param { X509Cert } cert - input cert data. 3096 * @returns { boolean } result of Check cert is revoked or not. 3097 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3098 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3099 * @syscap SystemCapability.Security.Cert 3100 * @crossplatform 3101 * @atomicservice 3102 * @since 12 3103 */ 3104 isRevoked(cert: X509Cert): boolean; 3105 3106 /** 3107 * Returns the type of this CRL. 3108 * 3109 * @returns { string } string of CRL type. 3110 * @syscap SystemCapability.Security.Cert 3111 * @crossplatform 3112 * @since 11 3113 */ 3114 /** 3115 * Returns the type of this CRL. 3116 * 3117 * @returns { string } string of CRL type. 3118 * @syscap SystemCapability.Security.Cert 3119 * @crossplatform 3120 * @atomicservice 3121 * @since 12 3122 */ 3123 getType(): string; 3124 3125 /** 3126 * Get the der coding format. 3127 * 3128 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 3129 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3130 * <br>2. Incorrect parameter types; 3131 * @throws { BusinessError } 19020001 - memory error. 3132 * @throws { BusinessError } 19020002 - runtime error. 3133 * @throws { BusinessError } 19030001 - crypto operation error. 3134 * @syscap SystemCapability.Security.Cert 3135 * @crossplatform 3136 * @since 11 3137 */ 3138 /** 3139 * Get the der coding format. 3140 * 3141 * @param { AsyncCallback<EncodingBlob> } callback - the callback of getEncoded. 3142 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3143 * <br>2. Incorrect parameter types; 3144 * @throws { BusinessError } 19020001 - memory error. 3145 * @throws { BusinessError } 19020002 - runtime error. 3146 * @throws { BusinessError } 19030001 - crypto operation error. 3147 * @syscap SystemCapability.Security.Cert 3148 * @crossplatform 3149 * @atomicservice 3150 * @since 12 3151 */ 3152 getEncoded(callback: AsyncCallback<EncodingBlob>): void; 3153 3154 /** 3155 * Get the der coding format. 3156 * 3157 * @returns { Promise<EncodingBlob> } the promise of CRL blob data. 3158 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3159 * <br>2. Incorrect parameter types; 3160 * @throws { BusinessError } 19020001 - memory error. 3161 * @throws { BusinessError } 19020002 - runtime error. 3162 * @throws { BusinessError } 19030001 - crypto operation error. 3163 * @syscap SystemCapability.Security.Cert 3164 * @crossplatform 3165 * @since 11 3166 */ 3167 /** 3168 * Get the der coding format. 3169 * 3170 * @returns { Promise<EncodingBlob> } the promise of CRL blob data. 3171 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3172 * <br>2. Incorrect parameter types; 3173 * @throws { BusinessError } 19020001 - memory error. 3174 * @throws { BusinessError } 19020002 - runtime error. 3175 * @throws { BusinessError } 19030001 - crypto operation error. 3176 * @syscap SystemCapability.Security.Cert 3177 * @crossplatform 3178 * @atomicservice 3179 * @since 12 3180 */ 3181 getEncoded(): Promise<EncodingBlob>; 3182 3183 /** 3184 * Use the public key to verify the signature of CRL. 3185 * 3186 * @param { cryptoFramework.PubKey } key - input public Key. 3187 * @param { AsyncCallback<void> } callback - the callback of getEncoded. 3188 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3189 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3190 * @throws { BusinessError } 19030001 - crypto operation error. 3191 * @syscap SystemCapability.Security.Cert 3192 * @crossplatform 3193 * @since 11 3194 */ 3195 /** 3196 * Use the public key to verify the signature of CRL. 3197 * 3198 * @param { cryptoFramework.PubKey } key - input public Key. 3199 * @param { AsyncCallback<void> } callback - the callback of getEncoded. 3200 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3201 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3202 * @throws { BusinessError } 19030001 - crypto operation error. 3203 * @syscap SystemCapability.Security.Cert 3204 * @crossplatform 3205 * @atomicservice 3206 * @since 12 3207 */ 3208 verify(key: cryptoFramework.PubKey, callback: AsyncCallback<void>): void; 3209 3210 /** 3211 * Use the public key to verify the signature of CRL. 3212 * 3213 * @param { cryptoFramework.PubKey } key - input public Key. 3214 * @returns { Promise<void> } the promise returned by the function. 3215 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3216 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3217 * @throws { BusinessError } 19030001 - crypto operation error. 3218 * @syscap SystemCapability.Security.Cert 3219 * @crossplatform 3220 * @since 11 3221 */ 3222 /** 3223 * Use the public key to verify the signature of CRL. 3224 * 3225 * @param { cryptoFramework.PubKey } key - input public Key. 3226 * @returns { Promise<void> } the promise returned by the function. 3227 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3228 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3229 * @throws { BusinessError } 19030001 - crypto operation error. 3230 * @syscap SystemCapability.Security.Cert 3231 * @crossplatform 3232 * @atomicservice 3233 * @since 12 3234 */ 3235 verify(key: cryptoFramework.PubKey): Promise<void>; 3236 3237 /** 3238 * Get version number from CRL. 3239 * 3240 * @returns { number } version of CRL. 3241 * @syscap SystemCapability.Security.Cert 3242 * @crossplatform 3243 * @since 11 3244 */ 3245 /** 3246 * Get version number from CRL. 3247 * 3248 * @returns { number } version of CRL. 3249 * @syscap SystemCapability.Security.Cert 3250 * @crossplatform 3251 * @atomicservice 3252 * @since 12 3253 */ 3254 getVersion(): number; 3255 3256 /** 3257 * Get the issuer name from CRL. Issuer means the entity that signs and publishes the CRL. 3258 * 3259 * @returns { DataBlob } issuer name of CRL. 3260 * @throws { BusinessError } 19020001 - memory error. 3261 * @throws { BusinessError } 19020002 - runtime error. 3262 * @throws { BusinessError } 19030001 - crypto operation error. 3263 * @syscap SystemCapability.Security.Cert 3264 * @crossplatform 3265 * @since 11 3266 */ 3267 /** 3268 * Get the issuer name from CRL. Issuer means the entity that signs and publishes the CRL. 3269 * 3270 * @returns { DataBlob } issuer name of CRL. 3271 * @throws { BusinessError } 19020001 - memory error. 3272 * @throws { BusinessError } 19020002 - runtime error. 3273 * @throws { BusinessError } 19030001 - crypto operation error. 3274 * @syscap SystemCapability.Security.Cert 3275 * @crossplatform 3276 * @atomicservice 3277 * @since 12 3278 */ 3279 getIssuerName(): DataBlob; 3280 3281 /** 3282 * Get lastUpdate value from CRL. 3283 * 3284 * @returns { string } last update of CRL. 3285 * @throws { BusinessError } 19020001 - memory error. 3286 * @throws { BusinessError } 19020002 - runtime error. 3287 * @throws { BusinessError } 19030001 - crypto operation error. 3288 * @syscap SystemCapability.Security.Cert 3289 * @crossplatform 3290 * @since 11 3291 */ 3292 /** 3293 * Get lastUpdate value from CRL. 3294 * 3295 * @returns { string } last update of CRL. 3296 * @throws { BusinessError } 19020001 - memory error. 3297 * @throws { BusinessError } 19020002 - runtime error. 3298 * @throws { BusinessError } 19030001 - crypto operation error. 3299 * @syscap SystemCapability.Security.Cert 3300 * @crossplatform 3301 * @atomicservice 3302 * @since 12 3303 */ 3304 getLastUpdate(): string; 3305 3306 /** 3307 * Get nextUpdate value from CRL. 3308 * 3309 * @returns { string } next update of CRL. 3310 * @throws { BusinessError } 19020001 - memory error. 3311 * @throws { BusinessError } 19020002 - runtime error. 3312 * @throws { BusinessError } 19030001 - crypto operation error. 3313 * @syscap SystemCapability.Security.Cert 3314 * @crossplatform 3315 * @since 11 3316 */ 3317 /** 3318 * Get nextUpdate value from CRL. 3319 * 3320 * @returns { string } next update of CRL. 3321 * @throws { BusinessError } 19020001 - memory error. 3322 * @throws { BusinessError } 19020002 - runtime error. 3323 * @throws { BusinessError } 19030001 - crypto operation error. 3324 * @syscap SystemCapability.Security.Cert 3325 * @crossplatform 3326 * @atomicservice 3327 * @since 12 3328 */ 3329 getNextUpdate(): string; 3330 3331 /** 3332 * This method can be used to find CRL entries in specified CRLs. 3333 * 3334 * @param { bigint } serialNumber - serial number of CRL. 3335 * @returns { X509CRLEntry } next update of CRL. 3336 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3337 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3338 * @throws { BusinessError } 19020001 - memory error. 3339 * @throws { BusinessError } 19030001 - crypto operation error. 3340 * @syscap SystemCapability.Security.Cert 3341 * @crossplatform 3342 * @since 11 3343 */ 3344 /** 3345 * This method can be used to find CRL entries in specified CRLs. 3346 * 3347 * @param { bigint } serialNumber - serial number of CRL. 3348 * @returns { X509CRLEntry } next update of CRL. 3349 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3350 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3351 * @throws { BusinessError } 19020001 - memory error. 3352 * @throws { BusinessError } 19030001 - crypto operation error. 3353 * @syscap SystemCapability.Security.Cert 3354 * @crossplatform 3355 * @atomicservice 3356 * @since 12 3357 */ 3358 getRevokedCert(serialNumber: bigint): X509CRLEntry; 3359 3360 /** 3361 * This method can be used to find CRL entries in specified cert. 3362 * 3363 * @param { X509Cert } cert - cert of x509. 3364 * @returns { X509CRLEntry } X509CRLEntry instance. 3365 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3366 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3367 * @throws { BusinessError } 19020001 - memory error. 3368 * @throws { BusinessError } 19030001 - crypto operation error. 3369 * @syscap SystemCapability.Security.Cert 3370 * @crossplatform 3371 * @since 11 3372 */ 3373 /** 3374 * This method can be used to find CRL entries in specified cert. 3375 * 3376 * @param { X509Cert } cert - cert of x509. 3377 * @returns { X509CRLEntry } X509CRLEntry instance. 3378 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3379 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3380 * @throws { BusinessError } 19020001 - memory error. 3381 * @throws { BusinessError } 19030001 - crypto operation error. 3382 * @syscap SystemCapability.Security.Cert 3383 * @crossplatform 3384 * @atomicservice 3385 * @since 12 3386 */ 3387 getRevokedCertWithCert(cert: X509Cert): X509CRLEntry; 3388 3389 /** 3390 * Get all entries in this CRL. 3391 * 3392 * @param { AsyncCallback<Array<X509CRLEntry>> } callback - the callback of getRevokedCerts. 3393 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3394 * <br>2. Incorrect parameter types; 3395 * @throws { BusinessError } 19020001 - memory error. 3396 * @throws { BusinessError } 19030001 - crypto operation error. 3397 * @syscap SystemCapability.Security.Cert 3398 * @crossplatform 3399 * @since 11 3400 */ 3401 /** 3402 * Get all entries in this CRL. 3403 * 3404 * @param { AsyncCallback<Array<X509CRLEntry>> } callback - the callback of getRevokedCerts. 3405 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3406 * <br>2. Incorrect parameter types; 3407 * @throws { BusinessError } 19020001 - memory error. 3408 * @throws { BusinessError } 19030001 - crypto operation error. 3409 * @syscap SystemCapability.Security.Cert 3410 * @crossplatform 3411 * @atomicservice 3412 * @since 12 3413 */ 3414 getRevokedCerts(callback: AsyncCallback<Array<X509CRLEntry>>): void; 3415 3416 /** 3417 * Get all entries in this CRL. 3418 * 3419 * @returns { Promise<Array<X509CRLEntry>> } the promise of X509CRLEntry instance. 3420 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3421 * <br>2. Incorrect parameter types; 3422 * @throws { BusinessError } 19020001 - memory error. 3423 * @throws { BusinessError } 19030001 - crypto operation error. 3424 * @syscap SystemCapability.Security.Cert 3425 * @crossplatform 3426 * @since 11 3427 */ 3428 /** 3429 * Get all entries in this CRL. 3430 * 3431 * @returns { Promise<Array<X509CRLEntry>> } the promise of X509CRLEntry instance. 3432 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3433 * <br>2. Incorrect parameter types; 3434 * @throws { BusinessError } 19020001 - memory error. 3435 * @throws { BusinessError } 19030001 - crypto operation error. 3436 * @syscap SystemCapability.Security.Cert 3437 * @crossplatform 3438 * @atomicservice 3439 * @since 12 3440 */ 3441 getRevokedCerts(): Promise<Array<X509CRLEntry>>; 3442 3443 /** 3444 * Get the CRL information encoded by Der from this CRL. 3445 * 3446 * @returns { DataBlob } DataBlob of tbs info. 3447 * @throws { BusinessError } 19020001 - memory error. 3448 * @throws { BusinessError } 19020002 - runtime error. 3449 * @throws { BusinessError } 19030001 - crypto operation error. 3450 * @syscap SystemCapability.Security.Cert 3451 * @crossplatform 3452 * @since 11 3453 */ 3454 /** 3455 * Get the CRL information encoded by Der from this CRL. 3456 * 3457 * @returns { DataBlob } DataBlob of tbs info. 3458 * @throws { BusinessError } 19020001 - memory error. 3459 * @throws { BusinessError } 19020002 - runtime error. 3460 * @throws { BusinessError } 19030001 - crypto operation error. 3461 * @syscap SystemCapability.Security.Cert 3462 * @crossplatform 3463 * @atomicservice 3464 * @since 12 3465 */ 3466 getTBSInfo(): DataBlob; 3467 3468 /** 3469 * Get signature value from CRL. 3470 * 3471 * @returns { DataBlob } DataBlob of signature. 3472 * @throws { BusinessError } 19020001 - memory error. 3473 * @throws { BusinessError } 19020002 - runtime error. 3474 * @throws { BusinessError } 19030001 - crypto operation error. 3475 * @syscap SystemCapability.Security.Cert 3476 * @crossplatform 3477 * @since 11 3478 */ 3479 /** 3480 * Get signature value from CRL. 3481 * 3482 * @returns { DataBlob } DataBlob of signature. 3483 * @throws { BusinessError } 19020001 - memory error. 3484 * @throws { BusinessError } 19020002 - runtime error. 3485 * @throws { BusinessError } 19030001 - crypto operation error. 3486 * @syscap SystemCapability.Security.Cert 3487 * @crossplatform 3488 * @atomicservice 3489 * @since 12 3490 */ 3491 getSignature(): DataBlob; 3492 3493 /** 3494 * Get the signature algorithm name of the CRL signature algorithm. 3495 * 3496 * @returns { string } string of signature algorithm name. 3497 * @throws { BusinessError } 19020001 - memory error. 3498 * @throws { BusinessError } 19020002 - runtime error. 3499 * @throws { BusinessError } 19030001 - crypto operation error. 3500 * @syscap SystemCapability.Security.Cert 3501 * @crossplatform 3502 * @since 11 3503 */ 3504 /** 3505 * Get the signature algorithm name of the CRL signature algorithm. 3506 * 3507 * @returns { string } string of signature algorithm name. 3508 * @throws { BusinessError } 19020001 - memory error. 3509 * @throws { BusinessError } 19020002 - runtime error. 3510 * @throws { BusinessError } 19030001 - crypto operation error. 3511 * @syscap SystemCapability.Security.Cert 3512 * @crossplatform 3513 * @atomicservice 3514 * @since 12 3515 */ 3516 getSignatureAlgName(): string; 3517 3518 /** 3519 * Get the signature algorithm oid string from CRL. 3520 * 3521 * @returns { string } string of signature algorithm oid. 3522 * @throws { BusinessError } 19020001 - memory error. 3523 * @throws { BusinessError } 19020002 - runtime error. 3524 * @throws { BusinessError } 19030001 - crypto operation error. 3525 * @syscap SystemCapability.Security.Cert 3526 * @crossplatform 3527 * @since 11 3528 */ 3529 /** 3530 * Get the signature algorithm oid string from CRL. 3531 * 3532 * @returns { string } string of signature algorithm oid. 3533 * @throws { BusinessError } 19020001 - memory error. 3534 * @throws { BusinessError } 19020002 - runtime error. 3535 * @throws { BusinessError } 19030001 - crypto operation error. 3536 * @syscap SystemCapability.Security.Cert 3537 * @crossplatform 3538 * @atomicservice 3539 * @since 12 3540 */ 3541 getSignatureAlgOid(): string; 3542 3543 /** 3544 * Get the der encoded signature algorithm parameters from the CRL signature algorithm. 3545 * 3546 * @returns { DataBlob } DataBlob of signature algorithm params. 3547 * @throws { BusinessError } 801 - this operation is not supported. 3548 * @throws { BusinessError } 19020001 - memory error. 3549 * @throws { BusinessError } 19020002 - runtime error. 3550 * @throws { BusinessError } 19030001 - crypto operation error. 3551 * @syscap SystemCapability.Security.Cert 3552 * @crossplatform 3553 * @since 11 3554 */ 3555 /** 3556 * Get the der encoded signature algorithm parameters from the CRL signature algorithm. 3557 * 3558 * @returns { DataBlob } DataBlob of signature algorithm params. 3559 * @throws { BusinessError } 801 - this operation is not supported. 3560 * @throws { BusinessError } 19020001 - memory error. 3561 * @throws { BusinessError } 19020002 - runtime error. 3562 * @throws { BusinessError } 19030001 - crypto operation error. 3563 * @syscap SystemCapability.Security.Cert 3564 * @crossplatform 3565 * @atomicservice 3566 * @since 12 3567 */ 3568 getSignatureAlgParams(): DataBlob; 3569 3570 /** 3571 * Get Extensions of CRL Entry. 3572 * 3573 * @returns { DataBlob } DataBlob of extensions 3574 * @throws { BusinessError } 19020001 - memory error. 3575 * @throws { BusinessError } 19020002 - runtime error. 3576 * @throws { BusinessError } 19030001 - crypto operation error. 3577 * @syscap SystemCapability.Security.Cert 3578 * @crossplatform 3579 * @since 11 3580 */ 3581 /** 3582 * Get Extensions of CRL Entry. 3583 * 3584 * @returns { DataBlob } DataBlob of extensions 3585 * @throws { BusinessError } 19020001 - memory error. 3586 * @throws { BusinessError } 19020002 - runtime error. 3587 * @throws { BusinessError } 19030001 - crypto operation error. 3588 * @syscap SystemCapability.Security.Cert 3589 * @crossplatform 3590 * @atomicservice 3591 * @since 12 3592 */ 3593 getExtensions(): DataBlob; 3594 3595 /** 3596 * Check if the X509 CRL match the parameters. 3597 * 3598 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 3599 * @returns { boolean } true - match X509CRL, false - not match. 3600 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3601 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3602 * @throws { BusinessError } 19020001 - memory error. 3603 * @throws { BusinessError } 19030001 - crypto operation error. 3604 * @syscap SystemCapability.Security.Cert 3605 * @crossplatform 3606 * @since 11 3607 */ 3608 /** 3609 * Check if the X509 CRL match the parameters. 3610 * 3611 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 3612 * @returns { boolean } true - match X509CRL, false - not match. 3613 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3614 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3615 * @throws { BusinessError } 19020001 - memory error. 3616 * @throws { BusinessError } 19030001 - crypto operation error. 3617 * @syscap SystemCapability.Security.Cert 3618 * @crossplatform 3619 * @atomicservice 3620 * @since 12 3621 */ 3622 match(param: X509CRLMatchParameters): boolean; 3623 3624 /** 3625 * Get X500 distinguished name of the issuer. 3626 * 3627 * @returns { X500DistinguishedName } X500 distinguished name object. 3628 * @throws { BusinessError } 19020001 - memory error. 3629 * @throws { BusinessError } 19020002 - runtime error. 3630 * @throws { BusinessError } 19030001 - crypto operation error. 3631 * @syscap SystemCapability.Security.Cert 3632 * @crossplatform 3633 * @atomicservice 3634 * @since 12 3635 */ 3636 getIssuerX500DistinguishedName(): X500DistinguishedName; 3637 3638 /** 3639 * Get the string type data of the object. 3640 * 3641 * @returns { string } the string type data of the object. 3642 * @throws { BusinessError } 19020001 - memory error. 3643 * @throws { BusinessError } 19020002 - runtime error. 3644 * @throws { BusinessError } 19030001 - crypto operation error. 3645 * @syscap SystemCapability.Security.Cert 3646 * @crossplatform 3647 * @atomicservice 3648 * @since 12 3649 */ 3650 toString(): string; 3651 3652 /** 3653 * Get the hash value of DER format data. 3654 * 3655 * @returns { Uint8Array } the hash value of DER format data. 3656 * @throws { BusinessError } 19020001 - memory error. 3657 * @throws { BusinessError } 19020002 - runtime error. 3658 * @throws { BusinessError } 19030001 - crypto operation error. 3659 * @syscap SystemCapability.Security.Cert 3660 * @crossplatform 3661 * @atomicservice 3662 * @since 12 3663 */ 3664 hashCode(): Uint8Array; 3665 3666 /** 3667 * Get the extension der encoding data for the corresponding entity. 3668 * 3669 * @returns { CertExtension } the certExtension object. 3670 * @throws { BusinessError } 19020001 - memory error. 3671 * @throws { BusinessError } 19020002 - runtime error. 3672 * @throws { BusinessError } 19030001 - crypto operation error. 3673 * @syscap SystemCapability.Security.Cert 3674 * @crossplatform 3675 * @atomicservice 3676 * @since 12 3677 */ 3678 getExtensionsObject(): CertExtension; 3679 } 3680 3681 /** 3682 * Provides to create X509 CRL object. 3683 * The returned object provides the data parsing or verification capability. 3684 * 3685 * @param { EncodingBlob } inStream - indicates the input CRL data. 3686 * @param { AsyncCallback<X509CRL> } callback - the callback of createX509CRL to return x509 CRL instance. 3687 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3688 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3689 * @throws { BusinessError } 801 - this operation is not supported. 3690 * @throws { BusinessError } 19020001 - memory error. 3691 * @syscap SystemCapability.Security.Cert 3692 * @crossplatform 3693 * @since 11 3694 */ 3695 /** 3696 * Provides to create X509 CRL object. 3697 * The returned object provides the data parsing or verification capability. 3698 * 3699 * @param { EncodingBlob } inStream - indicates the input CRL data. 3700 * @param { AsyncCallback<X509CRL> } callback - the callback of createX509CRL to return x509 CRL instance. 3701 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3702 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3703 * @throws { BusinessError } 801 - this operation is not supported. 3704 * @throws { BusinessError } 19020001 - memory error. 3705 * @syscap SystemCapability.Security.Cert 3706 * @crossplatform 3707 * @atomicservice 3708 * @since 12 3709 */ 3710 function createX509CRL(inStream: EncodingBlob, callback: AsyncCallback<X509CRL>): void; 3711 3712 /** 3713 * Provides to create X509 CRL object. 3714 * The returned object provides the data parsing or verification capability. 3715 * 3716 * @param { EncodingBlob } inStream - indicates the input CRL data. 3717 * @returns { Promise<X509CRL> } the promise of x509 CRL instance. 3718 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3719 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3720 * @throws { BusinessError } 801 - this operation is not supported. 3721 * @throws { BusinessError } 19020001 - memory error. 3722 * @syscap SystemCapability.Security.Cert 3723 * @crossplatform 3724 * @since 11 3725 */ 3726 /** 3727 * Provides to create X509 CRL object. 3728 * The returned object provides the data parsing or verification capability. 3729 * 3730 * @param { EncodingBlob } inStream - indicates the input CRL data. 3731 * @returns { Promise<X509CRL> } the promise of x509 CRL instance. 3732 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3733 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3734 * @throws { BusinessError } 801 - this operation is not supported. 3735 * @throws { BusinessError } 19020001 - memory error. 3736 * @syscap SystemCapability.Security.Cert 3737 * @crossplatform 3738 * @atomicservice 3739 * @since 12 3740 */ 3741 function createX509CRL(inStream: EncodingBlob): Promise<X509CRL>; 3742 3743 /** 3744 * Certification chain validator. 3745 * 3746 * @typedef CertChainValidator 3747 * @syscap SystemCapability.Security.Cert 3748 * @since 9 3749 */ 3750 /** 3751 * Certification chain validator. 3752 * 3753 * @typedef CertChainValidator 3754 * @syscap SystemCapability.Security.Cert 3755 * @crossplatform 3756 * @since 11 3757 */ 3758 /** 3759 * Certification chain validator. 3760 * 3761 * @typedef CertChainValidator 3762 * @syscap SystemCapability.Security.Cert 3763 * @crossplatform 3764 * @atomicservice 3765 * @since 12 3766 */ 3767 interface CertChainValidator { 3768 /** 3769 * Validate the cert chain. 3770 * 3771 * @param { CertChainData } certChain - indicate the cert chain validator data. 3772 * @param { AsyncCallback<void> } callback - the callback of validate. 3773 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3774 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3775 * @throws { BusinessError } 19020001 - memory error. 3776 * @throws { BusinessError } 19020002 - runtime error. 3777 * @throws { BusinessError } 19030001 - crypto operation error. 3778 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3779 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3780 * @throws { BusinessError } 19030004 - the certificate has expired. 3781 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3782 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3783 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3784 * @syscap SystemCapability.Security.Cert 3785 * @since 9 3786 */ 3787 /** 3788 * Validate the cert chain. 3789 * 3790 * @param { CertChainData } certChain - indicate the cert chain validator data. 3791 * @param { AsyncCallback<void> } callback - the callback of validate. 3792 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3793 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3794 * @throws { BusinessError } 19020001 - memory error. 3795 * @throws { BusinessError } 19020002 - runtime error. 3796 * @throws { BusinessError } 19030001 - crypto operation error. 3797 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3798 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3799 * @throws { BusinessError } 19030004 - the certificate has expired. 3800 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3801 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3802 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3803 * @syscap SystemCapability.Security.Cert 3804 * @crossplatform 3805 * @since 11 3806 */ 3807 /** 3808 * Validate the cert chain. 3809 * 3810 * @param { CertChainData } certChain - indicate the cert chain validator data. 3811 * @param { AsyncCallback<void> } callback - the callback of validate. 3812 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3813 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3814 * @throws { BusinessError } 19020001 - memory error. 3815 * @throws { BusinessError } 19020002 - runtime error. 3816 * @throws { BusinessError } 19030001 - crypto operation error. 3817 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3818 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3819 * @throws { BusinessError } 19030004 - the certificate has expired. 3820 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3821 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3822 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3823 * @syscap SystemCapability.Security.Cert 3824 * @crossplatform 3825 * @atomicservice 3826 * @since 12 3827 */ 3828 validate(certChain: CertChainData, callback: AsyncCallback<void>): void; 3829 3830 /** 3831 * Validate the cert chain. 3832 * 3833 * @param { CertChainData } certChain - indicate the cert chain validator data. 3834 * @returns { Promise<void> } the promise returned by the function. 3835 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3836 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3837 * @throws { BusinessError } 19020001 - memory error. 3838 * @throws { BusinessError } 19020002 - runtime error. 3839 * @throws { BusinessError } 19030001 - crypto operation error. 3840 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3841 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3842 * @throws { BusinessError } 19030004 - the certificate has expired. 3843 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3844 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3845 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3846 * @syscap SystemCapability.Security.Cert 3847 * @since 9 3848 */ 3849 /** 3850 * Validate the cert chain. 3851 * 3852 * @param { CertChainData } certChain - indicate the cert chain validator data. 3853 * @returns { Promise<void> } the promise returned by the function. 3854 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3855 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3856 * @throws { BusinessError } 19020001 - memory error. 3857 * @throws { BusinessError } 19020002 - runtime error. 3858 * @throws { BusinessError } 19030001 - crypto operation error. 3859 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3860 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3861 * @throws { BusinessError } 19030004 - the certificate has expired. 3862 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3863 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3864 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3865 * @syscap SystemCapability.Security.Cert 3866 * @crossplatform 3867 * @since 11 3868 */ 3869 /** 3870 * Validate the cert chain. 3871 * 3872 * @param { CertChainData } certChain - indicate the cert chain validator data. 3873 * @returns { Promise<void> } the promise returned by the function. 3874 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3875 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3876 * @throws { BusinessError } 19020001 - memory error. 3877 * @throws { BusinessError } 19020002 - runtime error. 3878 * @throws { BusinessError } 19030001 - crypto operation error. 3879 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 3880 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 3881 * @throws { BusinessError } 19030004 - the certificate has expired. 3882 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 3883 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 3884 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 3885 * @syscap SystemCapability.Security.Cert 3886 * @crossplatform 3887 * @atomicservice 3888 * @since 12 3889 */ 3890 validate(certChain: CertChainData): Promise<void>; 3891 3892 /** 3893 * The cert chain related algorithm. 3894 * 3895 * @type { string } 3896 * @readonly 3897 * @syscap SystemCapability.Security.Cert 3898 * @since 9 3899 */ 3900 /** 3901 * The cert chain related algorithm. 3902 * 3903 * @type { string } 3904 * @readonly 3905 * @syscap SystemCapability.Security.Cert 3906 * @crossplatform 3907 * @since 11 3908 */ 3909 /** 3910 * The cert chain related algorithm. 3911 * 3912 * @type { string } 3913 * @readonly 3914 * @syscap SystemCapability.Security.Cert 3915 * @crossplatform 3916 * @atomicservice 3917 * @since 12 3918 */ 3919 readonly algorithm: string; 3920 } 3921 3922 /** 3923 * Provides to create certificate chain object. The returned object provides the verification capability. 3924 * 3925 * @param { string } algorithm - indicates the cert chain validator type. 3926 * @returns { CertChainValidator } the cert chain validator instance. 3927 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3928 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3929 * @throws { BusinessError } 801 - this operation is not supported. 3930 * @throws { BusinessError } 19020001 - memory error. 3931 * @throws { BusinessError } 19020002 - runtime error. 3932 * @throws { BusinessError } 19030001 - crypto operation error. 3933 * @syscap SystemCapability.Security.Cert 3934 * @since 9 3935 */ 3936 /** 3937 * Provides to create certificate chain object. The returned object provides the verification capability. 3938 * 3939 * @param { string } algorithm - indicates the cert chain validator type. 3940 * @returns { CertChainValidator } the cert chain validator instance. 3941 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3942 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3943 * @throws { BusinessError } 801 - this operation is not supported. 3944 * @throws { BusinessError } 19020001 - memory error. 3945 * @throws { BusinessError } 19020002 - runtime error. 3946 * @throws { BusinessError } 19030001 - crypto operation error. 3947 * @syscap SystemCapability.Security.Cert 3948 * @crossplatform 3949 * @since 11 3950 */ 3951 /** 3952 * Provides to create certificate chain object. The returned object provides the verification capability. 3953 * 3954 * @param { string } algorithm - indicates the cert chain validator type. 3955 * @returns { CertChainValidator } the cert chain validator instance. 3956 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 3957 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 3958 * @throws { BusinessError } 801 - this operation is not supported. 3959 * @throws { BusinessError } 19020001 - memory error. 3960 * @throws { BusinessError } 19020002 - runtime error. 3961 * @throws { BusinessError } 19030001 - crypto operation error. 3962 * @syscap SystemCapability.Security.Cert 3963 * @crossplatform 3964 * @atomicservice 3965 * @since 12 3966 */ 3967 function createCertChainValidator(algorithm: string): CertChainValidator; 3968 3969 /** 3970 * Enum for general name use type. 3971 * 3972 * @enum { number } 3973 * @syscap SystemCapability.Security.Cert 3974 * @crossplatform 3975 * @atomicservice 3976 * @since 12 3977 */ 3978 enum GeneralNameType { 3979 /** 3980 * Indicates the name used for other. 3981 * 3982 * @syscap SystemCapability.Security.Cert 3983 * @crossplatform 3984 * @atomicservice 3985 * @since 12 3986 */ 3987 GENERAL_NAME_TYPE_OTHER_NAME = 0, 3988 3989 /** 3990 * Indicates the name used for RFC822. 3991 * 3992 * @syscap SystemCapability.Security.Cert 3993 * @crossplatform 3994 * @atomicservice 3995 * @since 12 3996 */ 3997 GENERAL_NAME_TYPE_RFC822_NAME = 1, 3998 3999 /** 4000 * Indicates the name used for DNS. 4001 * 4002 * @syscap SystemCapability.Security.Cert 4003 * @crossplatform 4004 * @atomicservice 4005 * @since 12 4006 */ 4007 GENERAL_NAME_TYPE_DNS_NAME = 2, 4008 4009 /** 4010 * Indicates the name used for X.400 address. 4011 * 4012 * @syscap SystemCapability.Security.Cert 4013 * @crossplatform 4014 * @atomicservice 4015 * @since 12 4016 */ 4017 GENERAL_NAME_TYPE_X400_ADDRESS = 3, 4018 4019 /** 4020 * Indicates the name used for X.500 directory. 4021 * 4022 * @syscap SystemCapability.Security.Cert 4023 * @crossplatform 4024 * @atomicservice 4025 * @since 12 4026 */ 4027 GENERAL_NAME_TYPE_DIRECTORY_NAME = 4, 4028 4029 /** 4030 * Indicates the name used for EDI. 4031 * 4032 * @syscap SystemCapability.Security.Cert 4033 * @crossplatform 4034 * @atomicservice 4035 * @since 12 4036 */ 4037 GENERAL_NAME_TYPE_EDI_PARTY_NAME = 5, 4038 4039 /** 4040 * Indicates the name used for URI. 4041 * 4042 * @syscap SystemCapability.Security.Cert 4043 * @crossplatform 4044 * @atomicservice 4045 * @since 12 4046 */ 4047 GENERAL_NAME_TYPE_UNIFORM_RESOURCE_ID = 6, 4048 4049 /** 4050 * Indicates the name used for IP address. 4051 * 4052 * @syscap SystemCapability.Security.Cert 4053 * @crossplatform 4054 * @atomicservice 4055 * @since 12 4056 */ 4057 GENERAL_NAME_TYPE_IP_ADDRESS = 7, 4058 4059 /** 4060 * Indicates the name used for registered ID. 4061 * 4062 * @syscap SystemCapability.Security.Cert 4063 * @crossplatform 4064 * @atomicservice 4065 * @since 12 4066 */ 4067 GENERAL_NAME_TYPE_REGISTERED_ID = 8 4068 } 4069 4070 /** 4071 * GeneralName object 4072 * 4073 * @typedef GeneralName 4074 * @syscap SystemCapability.Security.Cert 4075 * @crossplatform 4076 * @atomicservice 4077 * @since 12 4078 */ 4079 interface GeneralName { 4080 /** 4081 * The general name type. 4082 * 4083 * @type { GeneralNameType } 4084 * @syscap SystemCapability.Security.Cert 4085 * @crossplatform 4086 * @atomicservice 4087 * @since 12 4088 */ 4089 type: GeneralNameType; 4090 4091 /** 4092 * The general name in DER format 4093 * 4094 * @type { ?Uint8Array } 4095 * @syscap SystemCapability.Security.Cert 4096 * @crossplatform 4097 * @atomicservice 4098 * @since 12 4099 */ 4100 name?: Uint8Array; 4101 } 4102 4103 /** 4104 * X509 Cert match parameters 4105 * 4106 * @typedef X509CertMatchParameters 4107 * @syscap SystemCapability.Security.Cert 4108 * @crossplatform 4109 * @since 11 4110 */ 4111 /** 4112 * X509 Cert match parameters 4113 * 4114 * @typedef X509CertMatchParameters 4115 * @syscap SystemCapability.Security.Cert 4116 * @crossplatform 4117 * @atomicservice 4118 * @since 12 4119 */ 4120 interface X509CertMatchParameters { 4121 /** 4122 * To match SubjectAlternativeNames of cert extensions: 4123 * [Rule] 4124 * null : Do not match. 4125 * NOT null : match after [matchAllSubjectAltNames] 4126 * 4127 * @type { ?Array<GeneralName> } SubjectAlternativeNames is in DER encoding format 4128 * @syscap SystemCapability.Security.Cert 4129 * @crossplatform 4130 * @atomicservice 4131 * @since 12 4132 */ 4133 subjectAlternativeNames?: Array<GeneralName>; 4134 4135 /** 4136 * Indicate if match all subject alternate name: 4137 * [Rule] 4138 * true : match if [subjectAlternativeNames] is equal with all of [SubjectAlternativeNames of cert extensions] 4139 * false : match if [subjectAlternativeNames] is only equal with one of [SubjectAlternativeNames of cert extensions] 4140 * 4141 * @type { ?boolean } 4142 * @syscap SystemCapability.Security.Cert 4143 * @crossplatform 4144 * @atomicservice 4145 * @since 12 4146 */ 4147 matchAllSubjectAltNames?: boolean; 4148 4149 /** 4150 * To match AuthorityKeyIdentifier of cert extensions in DER encoding: 4151 * [Rule] 4152 * null : Do not match. 4153 * NOT null : match if it is equal with [AuthorityKeyIdentifier of cert extensions] in DER encoding 4154 * 4155 * @type { ?Uint8Array } the key identifier 4156 * @syscap SystemCapability.Security.Cert 4157 * @crossplatform 4158 * @atomicservice 4159 * @since 12 4160 */ 4161 authorityKeyIdentifier?: Uint8Array; 4162 4163 /** 4164 * To match BaseConstraints.pathLenConstraint of cert extensions: 4165 * [Rule] 4166 * >=0 : The certificate must contain BaseConstraints extension, and the cA field in the extension takes. 4167 * -2 : The cA field in the BaseConstraints extension of the certificate must be set to false or the certificate does not contain BaseConstraints extension. 4168 * other : Do not match. 4169 * 4170 * @type { ?number } 4171 * @syscap SystemCapability.Security.Cert 4172 * @crossplatform 4173 * @atomicservice 4174 * @since 12 4175 */ 4176 minPathLenConstraint?: number; 4177 4178 /** 4179 * To match X509Cert: 4180 * [Rule] 4181 * null : Do not match. 4182 * NOT null : match if x509Cert.getEncoding is equal. 4183 * 4184 * @type { ?X509Cert } 4185 * @syscap SystemCapability.Security.Cert 4186 * @crossplatform 4187 * @since 11 4188 */ 4189 /** 4190 * To match X509Cert: 4191 * [Rule] 4192 * null : Do not match. 4193 * NOT null : match if x509Cert.getEncoding is equal. 4194 * 4195 * @type { ?X509Cert } 4196 * @syscap SystemCapability.Security.Cert 4197 * @crossplatform 4198 * @atomicservice 4199 * @since 12 4200 */ 4201 x509Cert?: X509Cert; 4202 4203 /** 4204 * To match the validDate of cert: 4205 * [Rule] 4206 * null : Do not match. 4207 * NOT null : match if [notBefore of cert] <= [validDate] <= [notAfter of cert]. 4208 * 4209 * @type { ?string } format is YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ. 4210 * @syscap SystemCapability.Security.Cert 4211 * @crossplatform 4212 * @since 11 4213 */ 4214 /** 4215 * To match the validDate of cert: 4216 * [Rule] 4217 * null : Do not match. 4218 * NOT null : match if [notBefore of cert] <= [validDate] <= [notAfter of cert]. 4219 * 4220 * @type { ?string } format is YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ. 4221 * @syscap SystemCapability.Security.Cert 4222 * @crossplatform 4223 * @atomicservice 4224 * @since 12 4225 */ 4226 validDate?: string; 4227 4228 /** 4229 * To match the issuer of cert: 4230 * [Rule] 4231 * null : Do not match. 4232 * NOT null : match if it is equal with [issuer of cert] in DER encoding. 4233 * 4234 * @type { ?Uint8Array } 4235 * @syscap SystemCapability.Security.Cert 4236 * @crossplatform 4237 * @since 11 4238 */ 4239 /** 4240 * To match the issuer of cert: 4241 * [Rule] 4242 * null : Do not match. 4243 * NOT null : match if it is equal with [issuer of cert] in DER encoding. 4244 * 4245 * @type { ?Uint8Array } 4246 * @syscap SystemCapability.Security.Cert 4247 * @crossplatform 4248 * @atomicservice 4249 * @since 12 4250 */ 4251 issuer?: Uint8Array; 4252 4253 /** 4254 * To match the ExtendedKeyUsage of cert extensions: 4255 * [Rule] 4256 * null : Do not match. 4257 * NOT null : match ok if [ExtendedKeyUsage of cert extensions] is null, or 4258 * [ExtendedKeyUsage of cert extensions] include [extendedKeyUsage]. 4259 * 4260 * @type { ?Array<string> } array of oIDs. 4261 * @syscap SystemCapability.Security.Cert 4262 * @crossplatform 4263 * @atomicservice 4264 * @since 12 4265 */ 4266 extendedKeyUsage?: Array<string>; 4267 4268 /** 4269 * The X509Certificate must have subject and subject alternative names that meet the specified name constraints: 4270 * [Rule] 4271 * null : Do not match. 4272 * NOT null : match ok if [NameConstraints of cert extensions] is null, or 4273 * [NameConstraints of cert extensions] include [nameConstraints]. 4274 * 4275 * @type { ?Uint8Array } ASN.1 DER encoded form of nameConstraints 4276 * @syscap SystemCapability.Security.Cert 4277 * @crossplatform 4278 * @atomicservice 4279 * @since 12 4280 */ 4281 nameConstraints?: Uint8Array; 4282 4283 /** 4284 * The X509Certificate must have subject and subject alternative names that meet the specified name constraints: 4285 * [Rule] 4286 * null : Do not match. 4287 * NOT null : match ok if [Certificate Policies of cert extensions] is null, or 4288 * [Certificate Policies of cert extensions] include [certPolicy]. 4289 * 4290 * @type { ?Array<string> } array of oIDs. 4291 * @syscap SystemCapability.Security.Cert 4292 * @crossplatform 4293 * @atomicservice 4294 * @since 12 4295 */ 4296 certPolicy?: Array<string>; 4297 4298 /** 4299 * The specified date must fall within the private key validity period for the X509Certificate: 4300 * [Rule] 4301 * null : Do not match. 4302 * NOT null : match ok if [Private Key Valid Period of cert extensions] is null, or 4303 * [privateKeyValid] fall in [Private Key Valid Period of cert extensions]. 4304 * 4305 * @type { ?string } format is YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ 4306 * @syscap SystemCapability.Security.Cert 4307 * @crossplatform 4308 * @atomicservice 4309 * @since 12 4310 */ 4311 privateKeyValid?: string; 4312 4313 /** 4314 * To match the KeyUsage of cert extensions: 4315 * [Rule] 4316 * null : Do not match. 4317 * NOT null : match ok if [KeyUsage of cert extensions] is null, or 4318 * [KeyUsage of cert extensions] include [keyUsage]. 4319 * 4320 * @type { ?Array<boolean> } 4321 * @syscap SystemCapability.Security.Cert 4322 * @crossplatform 4323 * @since 11 4324 */ 4325 /** 4326 * To match the KeyUsage of cert extensions: 4327 * [Rule] 4328 * null : Do not match. 4329 * NOT null : match ok if [KeyUsage of cert extensions] is null, or 4330 * [KeyUsage of cert extensions] include [keyUsage]. 4331 * 4332 * @type { ?Array<boolean> } 4333 * @syscap SystemCapability.Security.Cert 4334 * @crossplatform 4335 * @atomicservice 4336 * @since 12 4337 */ 4338 keyUsage?: Array<boolean>; 4339 4340 /** 4341 * The specified serial number must match the serialnumber for the X509Certificate: 4342 * [Rule] 4343 * null : Do not match. 4344 * NOT null : match ok if it is equal with [serialNumber of cert]. 4345 * 4346 * @type { ?bigint } 4347 * @syscap SystemCapability.Security.Cert 4348 * @crossplatform 4349 * @since 11 4350 */ 4351 /** 4352 * The specified serial number must match the serialnumber for the X509Certificate: 4353 * [Rule] 4354 * null : Do not match. 4355 * NOT null : match ok if it is equal with [serialNumber of cert]. 4356 * 4357 * @type { ?bigint } 4358 * @syscap SystemCapability.Security.Cert 4359 * @crossplatform 4360 * @atomicservice 4361 * @since 12 4362 */ 4363 serialNumber?: bigint; 4364 4365 /** 4366 * The specified value must match the subject for the X509Certificate: 4367 * [Rule] 4368 * null : Do not match. 4369 * NOT null : match ok if it is equal with [subject of cert]. 4370 * 4371 * @type { ?Uint8Array } subject in DER encoding format 4372 * @syscap SystemCapability.Security.Cert 4373 * @crossplatform 4374 * @since 11 4375 */ 4376 /** 4377 * The specified value must match the subject for the X509Certificate: 4378 * [Rule] 4379 * null : Do not match. 4380 * NOT null : match ok if it is equal with [subject of cert]. 4381 * 4382 * @type { ?Uint8Array } subject in DER encoding format 4383 * @syscap SystemCapability.Security.Cert 4384 * @crossplatform 4385 * @atomicservice 4386 * @since 12 4387 */ 4388 subject?: Uint8Array; 4389 4390 /** 4391 * The specified value must match the Subject Key Identifier extension for the X509Certificate: 4392 * [Rule] 4393 * null : Do not match. 4394 * NOT null : match ok if it is equal with [Subject Key Identifier of cert extensions]. 4395 * 4396 * @type { ?Uint8Array } subjectKeyIdentifier in DER encoding format ?? 4397 * @syscap SystemCapability.Security.Cert 4398 * @crossplatform 4399 * @atomicservice 4400 * @since 12 4401 */ 4402 subjectKeyIdentifier?: Uint8Array; 4403 4404 /** 4405 * The specified value must match the publicKey for the X509Certificate: 4406 * [Rule] 4407 * null : Do not match. 4408 * NOT null : match ok if it is equal with [publicKey of cert]. 4409 * 4410 * @type { ?DataBlob } publicKey 4411 * @syscap SystemCapability.Security.Cert 4412 * @crossplatform 4413 * @since 11 4414 */ 4415 /** 4416 * The specified value must match the publicKey for the X509Certificate: 4417 * [Rule] 4418 * null : Do not match. 4419 * NOT null : match ok if it is equal with [publicKey of cert]. 4420 * 4421 * @type { ?DataBlob } publicKey 4422 * @syscap SystemCapability.Security.Cert 4423 * @crossplatform 4424 * @atomicservice 4425 * @since 12 4426 */ 4427 publicKey?: DataBlob; 4428 4429 /** 4430 * The specified value must match the publicKey for the X509Certificate: 4431 * [Rule] 4432 * null : Do not match. 4433 * NOT null : match ok if it is equal with [publicKey of cert]. 4434 * 4435 * @type { ?string } the object identifier (OID) of the signature algorithm to check. 4436 * @syscap SystemCapability.Security.Cert 4437 * @crossplatform 4438 * @since 11 4439 */ 4440 /** 4441 * The specified value must match the publicKey for the X509Certificate: 4442 * [Rule] 4443 * null : Do not match. 4444 * NOT null : match ok if it is equal with [publicKey of cert]. 4445 * 4446 * @type { ?string } the object identifier (OID) of the signature algorithm to check. 4447 * @syscap SystemCapability.Security.Cert 4448 * @crossplatform 4449 * @atomicservice 4450 * @since 12 4451 */ 4452 publicKeyAlgID?: string; 4453 } 4454 4455 /** 4456 * X509 CRL match parameters 4457 * 4458 * @typedef X509CRLMatchParameters 4459 * @syscap SystemCapability.Security.Cert 4460 * @crossplatform 4461 * @since 11 4462 */ 4463 /** 4464 * X509 CRL match parameters 4465 * 4466 * @typedef X509CRLMatchParameters 4467 * @syscap SystemCapability.Security.Cert 4468 * @crossplatform 4469 * @atomicservice 4470 * @since 12 4471 */ 4472 interface X509CRLMatchParameters { 4473 /** 4474 * To match the issuer of cert: 4475 * [Rule] 4476 * null : Do not match. 4477 * NOT null : match if it is equal with [issuer of cert] in DER encoding. 4478 * 4479 * @type { ?Array<Uint8Array> } 4480 * @syscap SystemCapability.Security.Cert 4481 * @crossplatform 4482 * @since 11 4483 */ 4484 /** 4485 * To match the issuer of cert: 4486 * [Rule] 4487 * null : Do not match. 4488 * NOT null : match if it is equal with [issuer of cert] in DER encoding. 4489 * 4490 * @type { ?Array<Uint8Array> } 4491 * @syscap SystemCapability.Security.Cert 4492 * @crossplatform 4493 * @atomicservice 4494 * @since 12 4495 */ 4496 issuer?: Array<Uint8Array>; 4497 4498 /** 4499 * To match X509Cert: 4500 * [Rule] 4501 * null : Do not match. 4502 * NOT null : match if x509Cert.getEncoding is equal. 4503 * 4504 * @type { ?X509Cert } 4505 * @syscap SystemCapability.Security.Cert 4506 * @crossplatform 4507 * @since 11 4508 */ 4509 /** 4510 * To match X509Cert: 4511 * [Rule] 4512 * null : Do not match. 4513 * NOT null : match if x509Cert.getEncoding is equal. 4514 * 4515 * @type { ?X509Cert } 4516 * @syscap SystemCapability.Security.Cert 4517 * @crossplatform 4518 * @atomicservice 4519 * @since 12 4520 */ 4521 x509Cert?: X509Cert; 4522 4523 /** 4524 * To match updateDateTime of CRL: 4525 * [Rule] 4526 * null : Do not verify. 4527 * NOT null : verify if [thisUpdate in CRL] <= updateDateTime <= [nextUpdate in CRL] 4528 * 4529 * @type { ?string } 4530 * @syscap SystemCapability.Security.Cert 4531 * @crossplatform 4532 * @atomicservice 4533 * @since 12 4534 */ 4535 updateDateTime?: string; 4536 4537 /** 4538 * To match the maximum of CRL number extension: 4539 * [Rule] 4540 * null : Do not verify. 4541 * NOT null : verify if [CRL number extension] <= maxCRL. 4542 * 4543 * @type { ?bigint } 4544 * @syscap SystemCapability.Security.Cert 4545 * @crossplatform 4546 * @atomicservice 4547 * @since 12 4548 */ 4549 maxCRL?: bigint; 4550 4551 /** 4552 * To match the minimum of CRL number extension: 4553 * [Rule] 4554 * null : Do not verify. 4555 * NOT null : verify if [CRL number extension] >= minCRL. 4556 * 4557 * @type { ?bigint } 4558 * @syscap SystemCapability.Security.Cert 4559 * @crossplatform 4560 * @atomicservice 4561 * @since 12 4562 */ 4563 minCRL?: bigint; 4564 } 4565 4566 /** 4567 * The certificate and CRL collection object. 4568 * 4569 * @typedef CertCRLCollection 4570 * @syscap SystemCapability.Security.Cert 4571 * @crossplatform 4572 * @since 11 4573 */ 4574 /** 4575 * The certificate and CRL collection object. 4576 * 4577 * @typedef CertCRLCollection 4578 * @syscap SystemCapability.Security.Cert 4579 * @crossplatform 4580 * @atomicservice 4581 * @since 12 4582 */ 4583 interface CertCRLCollection { 4584 /** 4585 * return all Array<X509Cert> which match X509CertMatchParameters 4586 * 4587 * @param { X509CertMatchParameters } param - indicate the X509CertMatchParameters object. 4588 * @returns { Promise<Array<X509Cert>> } 4589 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4590 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4591 * @throws { BusinessError } 19020001 - memory error. 4592 * @throws { BusinessError } 19030001 - crypto operation error. 4593 * @syscap SystemCapability.Security.Cert 4594 * @crossplatform 4595 * @since 11 4596 */ 4597 /** 4598 * return all Array<X509Cert> which match X509CertMatchParameters 4599 * 4600 * @param { X509CertMatchParameters } param - indicate the X509CertMatchParameters object. 4601 * @returns { Promise<Array<X509Cert>> } 4602 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4603 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4604 * @throws { BusinessError } 19020001 - memory error. 4605 * @throws { BusinessError } 19030001 - crypto operation error. 4606 * @syscap SystemCapability.Security.Cert 4607 * @crossplatform 4608 * @atomicservice 4609 * @since 12 4610 */ 4611 selectCerts(param: X509CertMatchParameters): Promise<Array<X509Cert>>; 4612 4613 /** 4614 * return the X509 Cert which match X509CertMatchParameters 4615 * 4616 * @param { X509CertMatchParameters } param - indicate the X509CertMatchParameters object. 4617 * @param { AsyncCallback<Array<X509Cert>> } callback - the callback of select cert. 4618 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4619 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4620 * @throws { BusinessError } 19020001 - memory error. 4621 * @throws { BusinessError } 19030001 - crypto operation error. 4622 * @syscap SystemCapability.Security.Cert 4623 * @crossplatform 4624 * @since 11 4625 */ 4626 /** 4627 * return the X509 Cert which match X509CertMatchParameters 4628 * 4629 * @param { X509CertMatchParameters } param - indicate the X509CertMatchParameters object. 4630 * @param { AsyncCallback<Array<X509Cert>> } callback - the callback of select cert. 4631 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4632 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4633 * @throws { BusinessError } 19020001 - memory error. 4634 * @throws { BusinessError } 19030001 - crypto operation error. 4635 * @syscap SystemCapability.Security.Cert 4636 * @crossplatform 4637 * @atomicservice 4638 * @since 12 4639 */ 4640 selectCerts(param: X509CertMatchParameters, callback: AsyncCallback<Array<X509Cert>>): void; 4641 4642 /** 4643 * return all X509 CRL which match X509CRLMatchParameters 4644 * 4645 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 4646 * @returns { Promise<Array<X509CRL>> } 4647 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4648 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4649 * @throws { BusinessError } 19020001 - memory error. 4650 * @throws { BusinessError } 19030001 - crypto operation error. 4651 * @syscap SystemCapability.Security.Cert 4652 * @crossplatform 4653 * @since 11 4654 */ 4655 /** 4656 * return all X509 CRL which match X509CRLMatchParameters 4657 * 4658 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 4659 * @returns { Promise<Array<X509CRL>> } 4660 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4661 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4662 * @throws { BusinessError } 19020001 - memory error. 4663 * @throws { BusinessError } 19030001 - crypto operation error. 4664 * @syscap SystemCapability.Security.Cert 4665 * @crossplatform 4666 * @atomicservice 4667 * @since 12 4668 */ 4669 selectCRLs(param: X509CRLMatchParameters): Promise<Array<X509CRL>>; 4670 4671 /** 4672 * return all X509 CRL which match X509CRLMatchParameters 4673 * 4674 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 4675 * @param { AsyncCallback<Array<X509CRL>> } callback - the callback of select CRL. 4676 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4677 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4678 * @throws { BusinessError } 19020001 - memory error. 4679 * @throws { BusinessError } 19030001 - crypto operation error. 4680 * @syscap SystemCapability.Security.Cert 4681 * @crossplatform 4682 * @since 11 4683 */ 4684 /** 4685 * return all X509 CRL which match X509CRLMatchParameters 4686 * 4687 * @param { X509CRLMatchParameters } param - indicate the X509CRLMatchParameters object. 4688 * @param { AsyncCallback<Array<X509CRL>> } callback - the callback of select CRL. 4689 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4690 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4691 * @throws { BusinessError } 19020001 - memory error. 4692 * @throws { BusinessError } 19030001 - crypto operation error. 4693 * @syscap SystemCapability.Security.Cert 4694 * @crossplatform 4695 * @atomicservice 4696 * @since 12 4697 */ 4698 selectCRLs(param: X509CRLMatchParameters, callback: AsyncCallback<Array<X509CRL>>): void; 4699 } 4700 4701 /** 4702 * create object CertCRLCollection 4703 * 4704 * @param { Array<X509Cert> } certs - array of X509Cert. 4705 * @param { Array<X509CRL> } [options] crls - array of X509CRL. 4706 * @returns { CertCRLCollection } 4707 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4708 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4709 * @throws { BusinessError } 19020001 - memory error. 4710 * @syscap SystemCapability.Security.Cert 4711 * @crossplatform 4712 * @since 11 4713 */ 4714 /** 4715 * create object CertCRLCollection 4716 * 4717 * @param { Array<X509Cert> } certs - array of X509Cert. 4718 * @param { Array<X509CRL> } [crls] - array of X509CRL. 4719 * @returns { CertCRLCollection } 4720 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4721 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4722 * @throws { BusinessError } 19020001 - memory error. 4723 * @syscap SystemCapability.Security.Cert 4724 * @crossplatform 4725 * @atomicservice 4726 * @since 12 4727 */ 4728 function createCertCRLCollection(certs: Array<X509Cert>, crls?: Array<X509CRL>): CertCRLCollection; 4729 4730 /** 4731 * X509 Certification chain object. 4732 * 4733 * @typedef X509CertChain 4734 * @syscap SystemCapability.Security.Cert 4735 * @crossplatform 4736 * @since 11 4737 */ 4738 /** 4739 * X509 Certification chain object. 4740 * 4741 * @typedef X509CertChain 4742 * @syscap SystemCapability.Security.Cert 4743 * @crossplatform 4744 * @atomicservice 4745 * @since 12 4746 */ 4747 interface X509CertChain { 4748 /** 4749 * Get the X509 certificate list. 4750 * 4751 * @returns { Array<X509Cert> } the X509 certificate list. 4752 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4753 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4754 * @throws { BusinessError } 19020001 - memory error. 4755 * @throws { BusinessError } 19030001 - crypto operation error. 4756 * @syscap SystemCapability.Security.Cert 4757 * @crossplatform 4758 * @since 11 4759 */ 4760 /** 4761 * Get the X509 certificate list. 4762 * 4763 * @returns { Array<X509Cert> } the X509 certificate list. 4764 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4765 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4766 * @throws { BusinessError } 19020001 - memory error. 4767 * @throws { BusinessError } 19030001 - crypto operation error. 4768 * @syscap SystemCapability.Security.Cert 4769 * @crossplatform 4770 * @atomicservice 4771 * @since 12 4772 */ 4773 getCertList(): Array<X509Cert>; 4774 4775 /** 4776 * Validate the cert chain with validate parameters. 4777 * 4778 * @param { CertChainValidationParameters } param - indicate the cert chain Validate parameters. 4779 * @returns { Promise<CertChainValidationResult> } the promise returned by the function. 4780 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4781 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4782 * @throws { BusinessError } 19020001 - memory error. 4783 * @throws { BusinessError } 19020002 - runtime error. 4784 * @throws { BusinessError } 19030001 - crypto operation error. 4785 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 4786 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 4787 * @throws { BusinessError } 19030004 - the certificate has expired. 4788 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 4789 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 4790 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 4791 * @syscap SystemCapability.Security.Cert 4792 * @crossplatform 4793 * @since 11 4794 */ 4795 /** 4796 * Validate the cert chain with validate parameters. 4797 * 4798 * @param { CertChainValidationParameters } param - indicate the cert chain Validate parameters. 4799 * @returns { Promise<CertChainValidationResult> } the promise returned by the function. 4800 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4801 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4802 * @throws { BusinessError } 19020001 - memory error. 4803 * @throws { BusinessError } 19020002 - runtime error. 4804 * @throws { BusinessError } 19030001 - crypto operation error. 4805 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 4806 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 4807 * @throws { BusinessError } 19030004 - the certificate has expired. 4808 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 4809 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 4810 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 4811 * @syscap SystemCapability.Security.Cert 4812 * @crossplatform 4813 * @atomicservice 4814 * @since 12 4815 */ 4816 validate(param: CertChainValidationParameters): Promise<CertChainValidationResult>; 4817 4818 /** 4819 * Validate the cert chain with validate parameters. 4820 * 4821 * @param { CertChainValidationParameters } param - indicate the cert chain validate parameters. 4822 * @param { AsyncCallback<CertChainValidationResult> } callback - indicate the cert chain validate result. 4823 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4824 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4825 * @throws { BusinessError } 19020001 - memory error. 4826 * @throws { BusinessError } 19020002 - runtime error. 4827 * @throws { BusinessError } 19030001 - crypto operation error. 4828 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 4829 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 4830 * @throws { BusinessError } 19030004 - the certificate has expired. 4831 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 4832 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 4833 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 4834 * @syscap SystemCapability.Security.Cert 4835 * @crossplatform 4836 * @since 11 4837 */ 4838 /** 4839 * Validate the cert chain with validate parameters. 4840 * 4841 * @param { CertChainValidationParameters } param - indicate the cert chain validate parameters. 4842 * @param { AsyncCallback<CertChainValidationResult> } callback - indicate the cert chain validate result. 4843 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4844 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4845 * @throws { BusinessError } 19020001 - memory error. 4846 * @throws { BusinessError } 19020002 - runtime error. 4847 * @throws { BusinessError } 19030001 - crypto operation error. 4848 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 4849 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 4850 * @throws { BusinessError } 19030004 - the certificate has expired. 4851 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 4852 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 4853 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 4854 * @syscap SystemCapability.Security.Cert 4855 * @crossplatform 4856 * @atomicservice 4857 * @since 12 4858 */ 4859 validate(param: CertChainValidationParameters, callback: AsyncCallback<CertChainValidationResult>): void; 4860 4861 /** 4862 * Get the string type data of the object. 4863 * 4864 * @returns { string } the string type data of the object. 4865 * @throws { BusinessError } 19020001 - memory error. 4866 * @throws { BusinessError } 19020002 - runtime error. 4867 * @throws { BusinessError } 19030001 - crypto operation error. 4868 * @syscap SystemCapability.Security.Cert 4869 * @crossplatform 4870 * @atomicservice 4871 * @since 12 4872 */ 4873 toString(): string; 4874 4875 /** 4876 * Get the hash value of DER format data. 4877 * 4878 * @returns { Uint8Array } the hash value of DER format data. 4879 * @throws { BusinessError } 19020001 - memory error. 4880 * @throws { BusinessError } 19020002 - runtime error. 4881 * @throws { BusinessError } 19030001 - crypto operation error. 4882 * @syscap SystemCapability.Security.Cert 4883 * @crossplatform 4884 * @atomicservice 4885 * @since 12 4886 */ 4887 hashCode(): Uint8Array; 4888 } 4889 4890 /** 4891 * Provides to create X509 certificate chain object. 4892 * The returned object provides the data parsing or verification capability. 4893 * 4894 * @param { EncodingBlob } inStream - indicate the input cert data. 4895 * @returns { Promise<X509CertChain> } 4896 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4897 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4898 * @throws { BusinessError } 19020001 - memory error. 4899 * @throws { BusinessError } 19030001 - crypto operation error. 4900 * @syscap SystemCapability.Security.Cert 4901 * @crossplatform 4902 * @since 11 4903 */ 4904 /** 4905 * Provides to create X509 certificate chain object. 4906 * The returned object provides the data parsing or verification capability. 4907 * 4908 * @param { EncodingBlob } inStream - indicate the input cert data. 4909 * @returns { Promise<X509CertChain> } 4910 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4911 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4912 * @throws { BusinessError } 19020001 - memory error. 4913 * @throws { BusinessError } 19030001 - crypto operation error. 4914 * @syscap SystemCapability.Security.Cert 4915 * @crossplatform 4916 * @atomicservice 4917 * @since 12 4918 */ 4919 function createX509CertChain(inStream: EncodingBlob): Promise<X509CertChain>; 4920 4921 /** 4922 * Provides to create X509 certificate chain object. 4923 * The returned object provides the data parsing or verification capability. 4924 * 4925 * @param { EncodingBlob } inStream - indicate the input cert data. 4926 * @param { AsyncCallback<X509CertChain> } callback 4927 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4928 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4929 * @throws { BusinessError } 19020001 - memory error. 4930 * @throws { BusinessError } 19030001 - crypto operation error. 4931 * @syscap SystemCapability.Security.Cert 4932 * @crossplatform 4933 * @since 11 4934 */ 4935 /** 4936 * Provides to create X509 certificate chain object. 4937 * The returned object provides the data parsing or verification capability. 4938 * 4939 * @param { EncodingBlob } inStream - indicate the input cert data. 4940 * @param { AsyncCallback<X509CertChain> } callback 4941 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4942 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4943 * @throws { BusinessError } 19020001 - memory error. 4944 * @throws { BusinessError } 19030001 - crypto operation error. 4945 * @syscap SystemCapability.Security.Cert 4946 * @crossplatform 4947 * @atomicservice 4948 * @since 12 4949 */ 4950 function createX509CertChain(inStream: EncodingBlob, callback: AsyncCallback<X509CertChain>): void; 4951 4952 /** 4953 * Create certificate chain object with certificate array. 4954 * 4955 * @param { Array<X509Cert> } certs - indicate the certificate array. 4956 * @returns { X509CertChain } the certificate chain object. 4957 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4958 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4959 * @throws { BusinessError } 19020001 - memory error. 4960 * @throws { BusinessError } 19030001 - crypto operation error. 4961 * @syscap SystemCapability.Security.Cert 4962 * @crossplatform 4963 * @since 11 4964 */ 4965 /** 4966 * Create certificate chain object with certificate array. 4967 * 4968 * @param { Array<X509Cert> } certs - indicate the certificate array. 4969 * @returns { X509CertChain } the certificate chain object. 4970 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4971 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4972 * @throws { BusinessError } 19020001 - memory error. 4973 * @throws { BusinessError } 19030001 - crypto operation error. 4974 * @syscap SystemCapability.Security.Cert 4975 * @crossplatform 4976 * @atomicservice 4977 * @since 12 4978 */ 4979 function createX509CertChain(certs: Array<X509Cert>): X509CertChain; 4980 4981 /** 4982 * Create and validate a certificate chain with the build parameters. 4983 * 4984 * @param { CertChainBuildParameters } param - indicate the certificate chain build parameters. 4985 * @returns { Promise<CertChainBuildResult> } the promise returned by the function. 4986 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 4987 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 4988 * @throws { BusinessError } 19020001 - memory error. 4989 * @throws { BusinessError } 19020002 - runtime error. 4990 * @throws { BusinessError } 19030001 - crypto operation error. 4991 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 4992 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 4993 * @throws { BusinessError } 19030004 - the certificate has expired. 4994 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 4995 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 4996 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 4997 * @syscap SystemCapability.Security.Cert 4998 * @crossplatform 4999 * @atomicservice 5000 * @since 12 5001 */ 5002 function buildX509CertChain(param: CertChainBuildParameters): Promise<CertChainBuildResult>; 5003 5004 /** 5005 * The encoding base format. 5006 * 5007 * @enum { number } 5008 * @syscap SystemCapability.Security.Cert 5009 * @crossplatform 5010 * @atomicservice 5011 * @since 18 5012 */ 5013 enum EncodingBaseFormat { 5014 /** 5015 * PEM format. 5016 * 5017 * @syscap SystemCapability.Security.Cert 5018 * @crossplatform 5019 * @atomicservice 5020 * @since 18 5021 */ 5022 PEM = 0, 5023 5024 /** 5025 * DER format. 5026 * 5027 * @syscap SystemCapability.Security.Cert 5028 * @crossplatform 5029 * @atomicservice 5030 * @since 18 5031 */ 5032 DER = 1, 5033 } 5034 5035 /** 5036 * PKCS12 data. 5037 * 5038 * @typedef Pkcs12Data 5039 * @syscap SystemCapability.Security.Cert 5040 * @crossplatform 5041 * @atomicservice 5042 * @since 18 5043 */ 5044 interface Pkcs12Data { 5045 /** 5046 * The private key. 5047 * 5048 * @type { ?(string | Uint8Array) } 5049 * @syscap SystemCapability.Security.Cert 5050 * @crossplatform 5051 * @atomicservice 5052 * @since 18 5053 */ 5054 privateKey?: string | Uint8Array; 5055 5056 /** 5057 * The certificate corresponding to the private key. 5058 * 5059 * @type { ?X509Cert } 5060 * @syscap SystemCapability.Security.Cert 5061 * @crossplatform 5062 * @atomicservice 5063 * @since 18 5064 */ 5065 cert?: X509Cert; 5066 5067 /** 5068 * The other certificates. 5069 * 5070 * @type { ?Array<X509Cert> } 5071 * @syscap SystemCapability.Security.Cert 5072 * @crossplatform 5073 * @atomicservice 5074 * @since 18 5075 */ 5076 otherCerts?: Array<X509Cert>; 5077 } 5078 5079 /** 5080 * PKCS12 parsing config. 5081 * 5082 * @typedef Pkcs12ParsingConfig 5083 * @syscap SystemCapability.Security.Cert 5084 * @crossplatform 5085 * @atomicservice 5086 * @since 18 5087 */ 5088 interface Pkcs12ParsingConfig { 5089 /** 5090 * The password of the PKCS12. 5091 * 5092 * @type { string } 5093 * @syscap SystemCapability.Security.Cert 5094 * @crossplatform 5095 * @atomicservice 5096 * @since 18 5097 */ 5098 password: string; 5099 5100 /** 5101 * Whether to get the private key. 5102 * 5103 * @type { ?boolean } 5104 * @default true 5105 * @syscap SystemCapability.Security.Cert 5106 * @crossplatform 5107 * @atomicservice 5108 * @since 18 5109 */ 5110 needsPrivateKey?: boolean; 5111 5112 /** 5113 * The output format of the private key. 5114 * 5115 * @type { ?EncodingBaseFormat } 5116 * @default EncodingBaseFormat.PEM 5117 * @syscap SystemCapability.Security.Cert 5118 * @crossplatform 5119 * @atomicservice 5120 * @since 18 5121 */ 5122 privateKeyFormat?: EncodingBaseFormat; 5123 5124 /** 5125 * Whether to get the certificate corresponding to the private key. 5126 * 5127 * @type { ?boolean } 5128 * @default true 5129 * @syscap SystemCapability.Security.Cert 5130 * @crossplatform 5131 * @atomicservice 5132 * @since 18 5133 */ 5134 needsCert?: boolean; 5135 5136 /** 5137 * Whether to get other certificates. 5138 * 5139 * @type { ?boolean } 5140 * @default false 5141 * @syscap SystemCapability.Security.Cert 5142 * @crossplatform 5143 * @atomicservice 5144 * @since 18 5145 */ 5146 needsOtherCerts?: boolean; 5147 } 5148 5149 /** 5150 * Parse PKCS12. 5151 * 5152 * @param { Uint8Array } data - the PKCS12 data. 5153 * @param { Pkcs12ParsingConfig } config - the configuration for parsing PKCS12. 5154 * @returns { Pkcs12Data } the Pkcs12Data. 5155 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 5156 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 5157 * @throws { BusinessError } 19020001 - memory error. 5158 * @throws { BusinessError } 19020002 - runtime error. 5159 * @throws { BusinessError } 19030001 - crypto operation error. 5160 * @throws { BusinessError } 19030008 - maybe wrong password. 5161 * @syscap SystemCapability.Security.Cert 5162 * @crossplatform 5163 * @atomicservice 5164 * @since 18 5165 */ 5166 function parsePkcs12(data: Uint8Array, config: Pkcs12ParsingConfig): Pkcs12Data; 5167 5168 /** 5169 * Get trust anchor array from specified P12. 5170 * 5171 * @param { Uint8Array } keystore - the file path of the P12. 5172 * @param { string } pwd - the password of the P12. 5173 * @returns { Promise<Array<X509TrustAnchor>> } the promise returned by the function. 5174 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 5175 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 5176 * @throws { BusinessError } 19020001 - memory error. 5177 * @throws { BusinessError } 19020002 - runtime error. 5178 * @throws { BusinessError } 19030001 - crypto operation error. 5179 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 5180 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 5181 * @throws { BusinessError } 19030004 - the certificate has expired. 5182 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 5183 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 5184 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 5185 * @syscap SystemCapability.Security.Cert 5186 * @crossplatform 5187 * @atomicservice 5188 * @since 12 5189 */ 5190 function createTrustAnchorsWithKeyStore(keystore: Uint8Array, pwd: string): Promise<Array<X509TrustAnchor>>; 5191 5192 /** 5193 * Create X500DistinguishedName object with the name in string format. 5194 * 5195 * @param { string } nameStr - the string format of the Name type defined by X509. 5196 * @returns { Promise<X500DistinguishedName> } the promise returned by the function. 5197 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 5198 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 5199 * @throws { BusinessError } 19020001 - memory error. 5200 * @throws { BusinessError } 19020002 - runtime error. 5201 * @throws { BusinessError } 19030001 - crypto operation error. 5202 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 5203 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 5204 * @throws { BusinessError } 19030004 - the certificate has expired. 5205 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 5206 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 5207 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 5208 * @syscap SystemCapability.Security.Cert 5209 * @crossplatform 5210 * @atomicservice 5211 * @since 12 5212 */ 5213 function createX500DistinguishedName(nameStr: string): Promise<X500DistinguishedName>; 5214 5215 /** 5216 * Create X500DistinguishedName object with the name in DER format. 5217 * 5218 * @param { Uint8Array } nameDer - the DER format of the Name type defined by X509. 5219 * @returns { Promise<X500DistinguishedName> } the promise returned by the function. 5220 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 5221 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 5222 * @throws { BusinessError } 19020001 - memory error. 5223 * @throws { BusinessError } 19020002 - runtime error. 5224 * @throws { BusinessError } 19030001 - crypto operation error. 5225 * @throws { BusinessError } 19030002 - the certificate signature verification failed. 5226 * @throws { BusinessError } 19030003 - the certificate has not taken effect. 5227 * @throws { BusinessError } 19030004 - the certificate has expired. 5228 * @throws { BusinessError } 19030005 - failed to obtain the certificate issuer. 5229 * @throws { BusinessError } 19030006 - the key cannot be used for signing a certificate. 5230 * @throws { BusinessError } 19030007 - the key cannot be used for digital signature. 5231 * @syscap SystemCapability.Security.Cert 5232 * @crossplatform 5233 * @atomicservice 5234 * @since 12 5235 */ 5236 function createX500DistinguishedName(nameDer: Uint8Array): Promise<X500DistinguishedName>; 5237 5238 /** 5239 * Provides the x500 distinguished name type. 5240 * 5241 * @typedef X500DistinguishedName 5242 * @syscap SystemCapability.Security.Cert 5243 * @crossplatform 5244 * @atomicservice 5245 * @since 12 5246 */ 5247 interface X500DistinguishedName { 5248 /** 5249 * Get distinguished name string. 5250 * 5251 * @returns { string } distinguished name string. 5252 * @throws { BusinessError } 19020001 - memory error. 5253 * @throws { BusinessError } 19020002 - runtime error. 5254 * @throws { BusinessError } 19030001 - crypto operation error. 5255 * @syscap SystemCapability.Security.Cert 5256 * @crossplatform 5257 * @atomicservice 5258 * @since 12 5259 */ 5260 getName(): string; 5261 5262 /** 5263 * Get distinguished name string by type. 5264 * 5265 * @param { string } type - the specified type name. 5266 * @returns { Array<string> } distinguished name string. 5267 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 5268 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 5269 * @throws { BusinessError } 19020001 - memory error. 5270 * @throws { BusinessError } 19020002 - runtime error. 5271 * @throws { BusinessError } 19030001 - crypto operation error. 5272 * @syscap SystemCapability.Security.Cert 5273 * @crossplatform 5274 * @atomicservice 5275 * @since 12 5276 */ 5277 getName(type: string): Array<string>; 5278 5279 /** 5280 * Get distinguished name in der coding format. 5281 * 5282 * @returns { EncodingBlob } distinguished name encoded data. 5283 * @throws { BusinessError } 19020001 - memory error. 5284 * @throws { BusinessError } 19020002 - runtime error. 5285 * @throws { BusinessError } 19030001 - crypto operation error. 5286 * @syscap SystemCapability.Security.Cert 5287 * @crossplatform 5288 * @atomicservice 5289 * @since 12 5290 */ 5291 getEncoded(): EncodingBlob; 5292 } 5293 5294 /** 5295 * Provides the x509 trust anchor type. 5296 * 5297 * @typedef X509TrustAnchor 5298 * @syscap SystemCapability.Security.Cert 5299 * @crossplatform 5300 * @since 11 5301 */ 5302 /** 5303 * Provides the x509 trust anchor type. 5304 * 5305 * @typedef X509TrustAnchor 5306 * @syscap SystemCapability.Security.Cert 5307 * @crossplatform 5308 * @atomicservice 5309 * @since 12 5310 */ 5311 interface X509TrustAnchor { 5312 /** 5313 * The trust CA cert. 5314 * 5315 * @type { ?X509Cert } 5316 * @syscap SystemCapability.Security.Cert 5317 * @crossplatform 5318 * @since 11 5319 */ 5320 /** 5321 * The trust CA cert. 5322 * 5323 * @type { ?X509Cert } 5324 * @syscap SystemCapability.Security.Cert 5325 * @crossplatform 5326 * @atomicservice 5327 * @since 12 5328 */ 5329 CACert?: X509Cert; 5330 5331 /** 5332 * The trust CA public key in DER format. 5333 * 5334 * @type { ?Uint8Array } 5335 * @syscap SystemCapability.Security.Cert 5336 * @crossplatform 5337 * @since 11 5338 */ 5339 /** 5340 * The trust CA public key in DER format. 5341 * 5342 * @type { ?Uint8Array } 5343 * @syscap SystemCapability.Security.Cert 5344 * @crossplatform 5345 * @atomicservice 5346 * @since 12 5347 */ 5348 CAPubKey?: Uint8Array; 5349 5350 /** 5351 * The trust CA subject in DER format. 5352 * 5353 * @type { ?Uint8Array } 5354 * @syscap SystemCapability.Security.Cert 5355 * @crossplatform 5356 * @since 11 5357 */ 5358 /** 5359 * The trust CA subject in DER format. 5360 * 5361 * @type { ?Uint8Array } 5362 * @syscap SystemCapability.Security.Cert 5363 * @crossplatform 5364 * @atomicservice 5365 * @since 12 5366 */ 5367 CASubject?: Uint8Array; 5368 5369 /** 5370 * The name constraints in DER format. 5371 * 5372 * @type { ?Uint8Array } 5373 * @syscap SystemCapability.Security.Cert 5374 * @crossplatform 5375 * @atomicservice 5376 * @since 12 5377 */ 5378 nameConstraints?: Uint8Array; 5379 } 5380 5381 /** 5382 * Enum for revocation check option. 5383 * 5384 * @enum { number } 5385 * @syscap SystemCapability.Security.Cert 5386 * @crossplatform 5387 * @atomicservice 5388 * @since 12 5389 */ 5390 enum RevocationCheckOptions { 5391 /** 5392 * Indicates priority to use OCSP for verification. 5393 * 5394 * @syscap SystemCapability.Security.Cert 5395 * @crossplatform 5396 * @atomicservice 5397 * @since 12 5398 */ 5399 REVOCATION_CHECK_OPTION_PREFER_OCSP = 0, 5400 5401 /** 5402 * Indicates support for verifying revocation status by accessing the network to obtain CRL or OCSP responses. 5403 * 5404 * @syscap SystemCapability.Security.Cert 5405 * @crossplatform 5406 * @atomicservice 5407 * @since 12 5408 */ 5409 REVOCATION_CHECK_OPTION_ACCESS_NETWORK, 5410 5411 /** 5412 * Indicates when the 'REVOCATION_CHECK_OPTION_ACCESS_NETWORK' option is turned on, it is effective. 5413 * If the preferred verification method is unable to verify the certificate status due to network reasons, 5414 * an alternative solution will be used for verification. 5415 * 5416 * @syscap SystemCapability.Security.Cert 5417 * @crossplatform 5418 * @atomicservice 5419 * @since 12 5420 */ 5421 REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER, 5422 5423 /** 5424 * Indicates when the 'REVOCATION_CHECK_OPTION_ACCESS_NETWORK' option is turned on, it is effective. 5425 * If both the CRL and OCSP responses obtained online cannot verify the certificate status due to network reasons, 5426 * the locally set CRL and OCSP responses will be used for verification. 5427 * 5428 * @syscap SystemCapability.Security.Cert 5429 * @crossplatform 5430 * @atomicservice 5431 * @since 12 5432 */ 5433 REVOCATION_CHECK_OPTION_FALLBACK_LOCAL 5434 } 5435 5436 /** 5437 * Enum for validation policy type. 5438 * 5439 * @enum { number } 5440 * @syscap SystemCapability.Security.Cert 5441 * @crossplatform 5442 * @atomicservice 5443 * @since 12 5444 */ 5445 enum ValidationPolicyType { 5446 /** 5447 * Indicates not need to verify the sslHostname field in the certificate. 5448 * 5449 * @syscap SystemCapability.Security.Cert 5450 * @crossplatform 5451 * @atomicservice 5452 * @since 12 5453 */ 5454 VALIDATION_POLICY_TYPE_X509 = 0, 5455 5456 /** 5457 * Indicates need to verify the sslHostname field in the certificate. 5458 * 5459 * @syscap SystemCapability.Security.Cert 5460 * @crossplatform 5461 * @atomicservice 5462 * @since 12 5463 */ 5464 VALIDATION_POLICY_TYPE_SSL 5465 } 5466 5467 /** 5468 * Enum for validation keyusage type. 5469 * 5470 * @enum { number } 5471 * @syscap SystemCapability.Security.Cert 5472 * @crossplatform 5473 * @atomicservice 5474 * @since 12 5475 */ 5476 enum KeyUsageType { 5477 /** 5478 * Indicates the certificate public key can be used for digital signature operations. 5479 * 5480 * @syscap SystemCapability.Security.Cert 5481 * @crossplatform 5482 * @atomicservice 5483 * @since 12 5484 */ 5485 KEYUSAGE_DIGITAL_SIGNATURE = 0, 5486 5487 /** 5488 * Indicates certificate public key can be used for non repudiation operations, preventing the signer from denying their signature. 5489 * 5490 * @syscap SystemCapability.Security.Cert 5491 * @crossplatform 5492 * @atomicservice 5493 * @since 12 5494 */ 5495 KEYUSAGE_NON_REPUDIATION, 5496 5497 /** 5498 * Indicates certificate public key can be used for key encryption operations, for encrypting symmetric keys, etc. 5499 * 5500 * @syscap SystemCapability.Security.Cert 5501 * @crossplatform 5502 * @atomicservice 5503 * @since 12 5504 */ 5505 KEYUSAGE_KEY_ENCIPHERMENT, 5506 5507 /** 5508 * Indicates certificate public key can be used for data encryption operations, to encrypt data. 5509 * 5510 * @syscap SystemCapability.Security.Cert 5511 * @crossplatform 5512 * @atomicservice 5513 * @since 12 5514 */ 5515 KEYUSAGE_DATA_ENCIPHERMENT, 5516 5517 /** 5518 * Indicates certificate public key can be used for key negotiation operations, to negotiate shared keys. 5519 * 5520 * @syscap SystemCapability.Security.Cert 5521 * @crossplatform 5522 * @atomicservice 5523 * @since 12 5524 */ 5525 KEYUSAGE_KEY_AGREEMENT, 5526 5527 /** 5528 * Indicates certificate public key can be used for certificate signing operations. 5529 * 5530 * @syscap SystemCapability.Security.Cert 5531 * @crossplatform 5532 * @atomicservice 5533 * @since 12 5534 */ 5535 KEYUSAGE_KEY_CERT_SIGN, 5536 5537 /** 5538 * Indicates certificate public key can be used for signing operations on certificate revocation lists (CRLs). 5539 * 5540 * @syscap SystemCapability.Security.Cert 5541 * @crossplatform 5542 * @atomicservice 5543 * @since 12 5544 */ 5545 KEYUSAGE_CRL_SIGN, 5546 5547 /** 5548 * Indicates the key can only be used for encryption operations and cannot be used for decryption operations. 5549 * 5550 * @syscap SystemCapability.Security.Cert 5551 * @crossplatform 5552 * @atomicservice 5553 * @since 12 5554 */ 5555 KEYUSAGE_ENCIPHER_ONLY, 5556 5557 /** 5558 * Indicates the key can only be used for decryption operations and cannot be used for encryption operations. 5559 * 5560 * @syscap SystemCapability.Security.Cert 5561 * @crossplatform 5562 * @atomicservice 5563 * @since 12 5564 */ 5565 KEYUSAGE_DECIPHER_ONLY 5566 } 5567 5568 /** 5569 * Provides the certificate chain validate revocation parameters. 5570 * 5571 * @typedef RevocationCheckParameter 5572 * @syscap SystemCapability.Security.Cert 5573 * @crossplatform 5574 * @atomicservice 5575 * @since 12 5576 */ 5577 interface RevocationCheckParameter { 5578 /** 5579 * The additional field for sending OCSP requests. 5580 * 5581 * @type { ?Array<Uint8Array> } 5582 * @syscap SystemCapability.Security.Cert 5583 * @crossplatform 5584 * @atomicservice 5585 * @since 12 5586 */ 5587 ocspRequestExtension?: Array<Uint8Array>; 5588 5589 /** 5590 * The server URL address for sending requests to OCSP. 5591 * 5592 * @type { ?string } 5593 * @syscap SystemCapability.Security.Cert 5594 * @crossplatform 5595 * @atomicservice 5596 * @since 12 5597 */ 5598 ocspResponderURI?: string; 5599 5600 /** 5601 * The signing certificate for verifying OCSP response signatures. 5602 * 5603 * @type { ?X509Cert } 5604 * @syscap SystemCapability.Security.Cert 5605 * @crossplatform 5606 * @atomicservice 5607 * @since 12 5608 */ 5609 ocspResponderCert?: X509Cert; 5610 5611 /** 5612 * The OCSP response message returned by an OCSP server. 5613 * 5614 * @type { ?Uint8Array } 5615 * @syscap SystemCapability.Security.Cert 5616 * @crossplatform 5617 * @atomicservice 5618 * @since 12 5619 */ 5620 ocspResponses?: Uint8Array; 5621 5622 /** 5623 * The URL address for downloading the CRL list. 5624 * 5625 * @type { ?string } 5626 * @syscap SystemCapability.Security.Cert 5627 * @crossplatform 5628 * @atomicservice 5629 * @since 12 5630 */ 5631 crlDownloadURI?: string; 5632 5633 /** 5634 * The certificate revocation status verification option. 5635 * 5636 * @type { ?Array<RevocationCheckOptions> } 5637 * @syscap SystemCapability.Security.Cert 5638 * @crossplatform 5639 * @atomicservice 5640 * @since 12 5641 */ 5642 options?: Array<RevocationCheckOptions>; 5643 5644 /** 5645 * The digest used to generate the ocsp cert id. 5646 * 5647 * @type { ?string } 5648 * @default SHA256 5649 * @syscap SystemCapability.Security.Cert 5650 * @crossplatform 5651 * @atomicservice 5652 * @since 12 5653 */ 5654 ocspDigest?: string; 5655 } 5656 5657 /** 5658 * Provides the certificate chain validate parameters type. 5659 * 5660 * @typedef CertChainValidationParameters 5661 * @syscap SystemCapability.Security.Cert 5662 * @crossplatform 5663 * @since 11 5664 */ 5665 /** 5666 * Provides the certificate chain validate parameters type. 5667 * 5668 * @typedef CertChainValidationParameters 5669 * @syscap SystemCapability.Security.Cert 5670 * @crossplatform 5671 * @atomicservice 5672 * @since 12 5673 */ 5674 interface CertChainValidationParameters { 5675 /** 5676 * The datetime to verify the certificate chain validity period. 5677 * 5678 * @type { ?string } 5679 * @syscap SystemCapability.Security.Cert 5680 * @crossplatform 5681 * @since 11 5682 */ 5683 /** 5684 * The datetime to verify the certificate chain validity period. 5685 * 5686 * @type { ?string } 5687 * @syscap SystemCapability.Security.Cert 5688 * @crossplatform 5689 * @atomicservice 5690 * @since 12 5691 */ 5692 date?: string; 5693 5694 /** 5695 * The trust ca certificates to verify the certificate chain. 5696 * 5697 * @type { Array<X509TrustAnchor> } 5698 * @syscap SystemCapability.Security.Cert 5699 * @crossplatform 5700 * @since 11 5701 */ 5702 /** 5703 * The trust ca certificates to verify the certificate chain. 5704 * 5705 * @type { Array<X509TrustAnchor> } 5706 * @syscap SystemCapability.Security.Cert 5707 * @crossplatform 5708 * @atomicservice 5709 * @since 12 5710 */ 5711 trustAnchors: Array<X509TrustAnchor>; 5712 5713 /** 5714 * The cert and CRL list to build cert chain and verify the certificate chain revocation state. 5715 * 5716 * @type { ?Array<CertCRLCollection> } 5717 * @syscap SystemCapability.Security.Cert 5718 * @crossplatform 5719 * @since 11 5720 */ 5721 /** 5722 * The cert and CRL list to build cert chain and verify the certificate chain revocation state. 5723 * 5724 * @type { ?Array<CertCRLCollection> } 5725 * @syscap SystemCapability.Security.Cert 5726 * @crossplatform 5727 * @atomicservice 5728 * @since 12 5729 */ 5730 certCRLs?: Array<CertCRLCollection>; 5731 5732 /** 5733 * The revocation parameters to verify the certificate chain revocation status. 5734 * 5735 * @type { ?RevocationCheckParameter } 5736 * @syscap SystemCapability.Security.Cert 5737 * @crossplatform 5738 * @atomicservice 5739 * @since 12 5740 */ 5741 revocationCheckParam?: RevocationCheckParameter; 5742 5743 /** 5744 * The policy to verify the certificate chain validity. 5745 * 5746 * @type { ?ValidationPolicyType } 5747 * @syscap SystemCapability.Security.Cert 5748 * @crossplatform 5749 * @atomicservice 5750 * @since 12 5751 */ 5752 policy?: ValidationPolicyType; 5753 5754 /** 5755 * The sslHostname to verify the certificate chain validity. 5756 * 5757 * @type { ?string } 5758 * @syscap SystemCapability.Security.Cert 5759 * @crossplatform 5760 * @atomicservice 5761 * @since 12 5762 */ 5763 sslHostname?: string; 5764 5765 /** 5766 * The keyUsage to verify the certificate chain validity. 5767 * 5768 * @type { ?Array<KeyUsageType> } 5769 * @syscap SystemCapability.Security.Cert 5770 * @crossplatform 5771 * @atomicservice 5772 * @since 12 5773 */ 5774 keyUsage?: Array<KeyUsageType>; 5775 } 5776 5777 /** 5778 * Certification chain validate result. 5779 * 5780 * @typedef CertChainValidationResult 5781 * @syscap SystemCapability.Security.Cert 5782 * @crossplatform 5783 * @since 11 5784 */ 5785 /** 5786 * Certification chain validate result. 5787 * 5788 * @typedef CertChainValidationResult 5789 * @syscap SystemCapability.Security.Cert 5790 * @crossplatform 5791 * @atomicservice 5792 * @since 12 5793 */ 5794 interface CertChainValidationResult { 5795 /** 5796 * The cert chain trust anchor. 5797 * 5798 * @type { X509TrustAnchor } 5799 * @readonly 5800 * @syscap SystemCapability.Security.Cert 5801 * @crossplatform 5802 * @since 11 5803 */ 5804 /** 5805 * The cert chain trust anchor. 5806 * 5807 * @type { X509TrustAnchor } 5808 * @readonly 5809 * @syscap SystemCapability.Security.Cert 5810 * @crossplatform 5811 * @atomicservice 5812 * @since 12 5813 */ 5814 readonly trustAnchor: X509TrustAnchor; 5815 5816 /** 5817 * The target certificate. 5818 * 5819 * @type { X509Cert } 5820 * @readonly 5821 * @syscap SystemCapability.Security.Cert 5822 * @crossplatform 5823 * @since 11 5824 */ 5825 /** 5826 * The target certificate. 5827 * 5828 * @type { X509Cert } 5829 * @readonly 5830 * @syscap SystemCapability.Security.Cert 5831 * @crossplatform 5832 * @atomicservice 5833 * @since 12 5834 */ 5835 readonly entityCert: X509Cert; 5836 } 5837 5838 /** 5839 * Provides the certificate chain build parameters type. 5840 * 5841 * @typedef CertChainBuildParameters 5842 * @syscap SystemCapability.Security.Cert 5843 * @crossplatform 5844 * @atomicservice 5845 * @since 12 5846 */ 5847 interface CertChainBuildParameters { 5848 /** 5849 * The certificate match parameters to selects certificate from the certificate collection. 5850 * 5851 * @type { X509CertMatchParameters } 5852 * @syscap SystemCapability.Security.Cert 5853 * @crossplatform 5854 * @atomicservice 5855 * @since 12 5856 */ 5857 certMatchParameters: X509CertMatchParameters; 5858 5859 /** 5860 * The maximum length of the certificate chain to be built. 5861 * 5862 * @type { ?number } 5863 * @syscap SystemCapability.Security.Cert 5864 * @crossplatform 5865 * @atomicservice 5866 * @since 12 5867 */ 5868 maxLength?: number; 5869 5870 /** 5871 * The CertChain validation parameters. 5872 * 5873 * @type { CertChainValidationParameters } 5874 * @syscap SystemCapability.Security.Cert 5875 * @crossplatform 5876 * @atomicservice 5877 * @since 12 5878 */ 5879 validationParameters: CertChainValidationParameters; 5880 } 5881 5882 /** 5883 * Certification chain build result. 5884 * 5885 * @typedef CertChainBuildResult 5886 * @syscap SystemCapability.Security.Cert 5887 * @crossplatform 5888 * @atomicservice 5889 * @since 12 5890 */ 5891 interface CertChainBuildResult { 5892 /** 5893 * The certificate chain of build result. 5894 * 5895 * @type { X509CertChain } 5896 * @readonly 5897 * @syscap SystemCapability.Security.Cert 5898 * @crossplatform 5899 * @atomicservice 5900 * @since 12 5901 */ 5902 readonly certChain: X509CertChain; 5903 5904 /** 5905 * The certificate chain validation result. 5906 * 5907 * @type { CertChainValidationResult } 5908 * @readonly 5909 * @syscap SystemCapability.Security.Cert 5910 * @crossplatform 5911 * @atomicservice 5912 * @since 12 5913 */ 5914 readonly validationResult: CertChainValidationResult; 5915 } 5916 5917 /** 5918 * Enum for CMS content type. 5919 * 5920 * @enum { number } 5921 * @syscap SystemCapability.Security.Cert 5922 * @crossplatform 5923 * @atomicservice 5924 * @since 18 5925 */ 5926 enum CmsContentType { 5927 /** 5928 * Signed data. 5929 * 5930 * @syscap SystemCapability.Security.Cert 5931 * @crossplatform 5932 * @atomicservice 5933 * @since 18 5934 */ 5935 SIGNED_DATA = 0 5936 } 5937 5938 /** 5939 * Enum for CMS content data format. 5940 * 5941 * @enum { number } 5942 * @syscap SystemCapability.Security.Cert 5943 * @crossplatform 5944 * @atomicservice 5945 * @since 18 5946 */ 5947 enum CmsContentDataFormat { 5948 /** 5949 * Binary format. 5950 * 5951 * @syscap SystemCapability.Security.Cert 5952 * @crossplatform 5953 * @atomicservice 5954 * @since 18 5955 */ 5956 BINARY = 0, 5957 5958 /** 5959 * Text format. 5960 * 5961 * @syscap SystemCapability.Security.Cert 5962 * @crossplatform 5963 * @atomicservice 5964 * @since 18 5965 */ 5966 TEXT = 1 5967 } 5968 5969 /** 5970 * Enum for CMS format. 5971 * 5972 * @enum { number } 5973 * @syscap SystemCapability.Security.Cert 5974 * @crossplatform 5975 * @atomicservice 5976 * @since 18 5977 */ 5978 enum CmsFormat { 5979 /** 5980 * PEM format. 5981 * 5982 * @syscap SystemCapability.Security.Cert 5983 * @crossplatform 5984 * @atomicservice 5985 * @since 18 5986 */ 5987 PEM = 0, 5988 5989 /** 5990 * DER format. 5991 * 5992 * @syscap SystemCapability.Security.Cert 5993 * @crossplatform 5994 * @atomicservice 5995 * @since 18 5996 */ 5997 DER = 1 5998 } 5999 6000 /** 6001 * Private key info. 6002 * 6003 * @typedef PrivateKeyInfo 6004 * @syscap SystemCapability.Security.Cert 6005 * @crossplatform 6006 * @atomicservice 6007 * @since 18 6008 */ 6009 interface PrivateKeyInfo { 6010 /** 6011 * The unencrypted or encrypted private key, in PEM or DER format. 6012 * 6013 * @type { string | Uint8Array } 6014 * @syscap SystemCapability.Security.Cert 6015 * @crossplatform 6016 * @atomicservice 6017 * @since 18 6018 */ 6019 key: string | Uint8Array; 6020 6021 /** 6022 * The password of the private key, if the private key is encrypted. 6023 * 6024 * @type { ?string } 6025 * @syscap SystemCapability.Security.Cert 6026 * @crossplatform 6027 * @atomicservice 6028 * @since 18 6029 */ 6030 password?: string; 6031 } 6032 6033 /** 6034 * Configuration options for CMS signer. 6035 * 6036 * @typedef CmsSignerConfig 6037 * @syscap SystemCapability.Security.Cert 6038 * @crossplatform 6039 * @atomicservice 6040 * @since 18 6041 */ 6042 interface CmsSignerConfig { 6043 /** 6044 * Digest algorithm name, such as "SHA384". 6045 * 6046 * @type { string } 6047 * @syscap SystemCapability.Security.Cert 6048 * @crossplatform 6049 * @atomicservice 6050 * @since 18 6051 */ 6052 mdName: string; 6053 6054 /** 6055 * Whether to add the certificate. 6056 * 6057 * @type { ?boolean } 6058 * @default true 6059 * @syscap SystemCapability.Security.Cert 6060 * @crossplatform 6061 * @atomicservice 6062 * @since 18 6063 */ 6064 addCert?: boolean; 6065 6066 /** 6067 * Whether to add the signature attributes. 6068 * 6069 * @type { ?boolean } 6070 * @default true 6071 * @syscap SystemCapability.Security.Cert 6072 * @crossplatform 6073 * @atomicservice 6074 * @since 18 6075 */ 6076 addAttr?: boolean; 6077 6078 /** 6079 * Whether to add the smime capibilities to the signature attributes. 6080 * 6081 * @type { ?boolean } 6082 * @default true 6083 * @syscap SystemCapability.Security.Cert 6084 * @crossplatform 6085 * @atomicservice 6086 * @since 18 6087 */ 6088 addSmimeCapAttr?: boolean 6089 } 6090 6091 /** 6092 * CMS generator options. 6093 * 6094 * @typedef CmsGeneratorOptions 6095 * @syscap SystemCapability.Security.Cert 6096 * @crossplatform 6097 * @atomicservice 6098 * @since 18 6099 */ 6100 interface CmsGeneratorOptions { 6101 /** 6102 * The format of the content data. 6103 * 6104 * @type { ?CmsContentDataFormat } 6105 * @default CmsContentDataFormat.BINARY 6106 * @syscap SystemCapability.Security.Cert 6107 * @crossplatform 6108 * @atomicservice 6109 * @since 18 6110 */ 6111 contentDataFormat?: CmsContentDataFormat; 6112 6113 /** 6114 * The output format of the CMS final data. 6115 * 6116 * @type { ?CmsFormat } 6117 * @default CmsFormat.DER 6118 * @syscap SystemCapability.Security.Cert 6119 * @crossplatform 6120 * @atomicservice 6121 * @since 18 6122 */ 6123 outFormat?: CmsFormat; 6124 6125 /** 6126 * Whether the CMS final data does not contain original content data. 6127 * 6128 * @type { ?boolean } 6129 * @default false 6130 * @syscap SystemCapability.Security.Cert 6131 * @crossplatform 6132 * @atomicservice 6133 * @since 18 6134 */ 6135 isDetached?: boolean; 6136 } 6137 6138 /** 6139 * Provides the interface for generating CMS. 6140 * 6141 * @typedef CmsGenerator 6142 * @syscap SystemCapability.Security.Cert 6143 * @crossplatform 6144 * @atomicservice 6145 * @since 18 6146 */ 6147 interface CmsGenerator { 6148 /** 6149 * Used to add the signer info. 6150 * 6151 * @param { X509Cert } cert - the signer certificate. 6152 * @param { PrivateKeyInfo } keyInfo - the private key info of the signer certificate. 6153 * @param { CmsSignerConfig } config - the configuration for CMS signer. 6154 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6155 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6156 * @throws { BusinessError } 19020001 - memory error. 6157 * @throws { BusinessError } 19020002 - runtime error. 6158 * @throws { BusinessError } 19030001 - crypto operation error. 6159 * @throws { BusinessError } 19030008 - maybe wrong password. 6160 * @syscap SystemCapability.Security.Cert 6161 * @crossplatform 6162 * @atomicservice 6163 * @since 18 6164 */ 6165 addSigner(cert: X509Cert, keyInfo: PrivateKeyInfo, config: CmsSignerConfig): void; 6166 6167 /** 6168 * Used to add the certificate, such as the issuer certificate of the signer certificate. 6169 * 6170 * @param { X509Cert } cert - the certificate. 6171 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6172 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6173 * @throws { BusinessError } 19020001 - memory error. 6174 * @throws { BusinessError } 19020002 - runtime error. 6175 * @throws { BusinessError } 19030001 - crypto operation error. 6176 * @syscap SystemCapability.Security.Cert 6177 * @crossplatform 6178 * @atomicservice 6179 * @since 18 6180 */ 6181 addCert(cert: X509Cert): void; 6182 6183 /** 6184 * Used to obtain the CMS final data, such as CMS signed data. 6185 * 6186 * @param { Uint8Array } data - the content data for CMS operation. 6187 * @param { CmsGeneratorOptions } options - the configuration options for CMS operation. 6188 * @returns { Promise<Uint8Array | string> } the promise returned by the function. 6189 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6190 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6191 * @throws { BusinessError } 19020001 - memory error. 6192 * @throws { BusinessError } 19020002 - runtime error. 6193 * @throws { BusinessError } 19030001 - crypto operation error. 6194 * @syscap SystemCapability.Security.Cert 6195 * @crossplatform 6196 * @atomicservice 6197 * @since 18 6198 */ 6199 doFinal(data: Uint8Array, options?: CmsGeneratorOptions): Promise<Uint8Array | string>; 6200 6201 /** 6202 * Used to obtain the CMS final data, such as CMS signed data. 6203 * 6204 * @param { Uint8Array } data - the content data for CMS operation. 6205 * @param { CmsGeneratorOptions } options - the configuration options for CMS operation. 6206 * @returns { Uint8Array | string } the CMS final data. 6207 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6208 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6209 * @throws { BusinessError } 19020001 - memory error. 6210 * @throws { BusinessError } 19020002 - runtime error. 6211 * @throws { BusinessError } 19030001 - crypto operation error. 6212 * @syscap SystemCapability.Security.Cert 6213 * @crossplatform 6214 * @atomicservice 6215 * @since 18 6216 */ 6217 doFinalSync(data: Uint8Array, options?: CmsGeneratorOptions): Uint8Array | string; 6218 } 6219 6220 /** 6221 * Used to create CmsGenerator. 6222 * 6223 * @param { CmsContentType } contentType - the CMS content type. 6224 * @returns { CmsGenerator } the CmsGenerator. 6225 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6226 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6227 * @throws { BusinessError } 19020001 - memory error. 6228 * @throws { BusinessError } 19020002 - runtime error. 6229 * @throws { BusinessError } 19030001 - crypto operation error. 6230 * @syscap SystemCapability.Security.Cert 6231 * @crossplatform 6232 * @atomicservice 6233 * @since 18 6234 */ 6235 function createCmsGenerator(contentType: CmsContentType): CmsGenerator; 6236 6237 /** 6238 * Additional information about the subject of the certificate. 6239 * 6240 * @typedef CsrAttribute 6241 * @syscap SystemCapability.Security.Cert 6242 * @crossplatform 6243 * @atomicservice 6244 * @since 18 6245 */ 6246 interface CsrAttribute { 6247 /** 6248 * Attribute type. 6249 * 6250 * @type { string } 6251 * @syscap SystemCapability.Security.Cert 6252 * @crossplatform 6253 * @atomicservice 6254 * @since 18 6255 */ 6256 type: string; 6257 6258 /** 6259 * Attribute value. 6260 * 6261 * @type { string } 6262 * @syscap SystemCapability.Security.Cert 6263 * @crossplatform 6264 * @atomicservice 6265 * @since 18 6266 */ 6267 value: string; 6268 } 6269 6270 /** 6271 * Configuration for generating a certificate signing request. 6272 * 6273 * @typedef CsrGenerationConfig 6274 * @syscap SystemCapability.Security.Cert 6275 * @crossplatform 6276 * @atomicservice 6277 * @since 18 6278 */ 6279 interface CsrGenerationConfig { 6280 /** 6281 * The subject. 6282 * 6283 * @type { X500DistinguishedName } 6284 * @syscap SystemCapability.Security.Cert 6285 * @crossplatform 6286 * @atomicservice 6287 * @since 18 6288 */ 6289 subject: X500DistinguishedName; 6290 6291 /** 6292 * The message digest name, such as "SHA384". 6293 * 6294 * @type { string } 6295 * @syscap SystemCapability.Security.Cert 6296 * @crossplatform 6297 * @atomicservice 6298 * @since 18 6299 */ 6300 mdName: string; 6301 6302 /** 6303 * The attributes. 6304 * 6305 * @type { ?Array<CsrAttribute> } 6306 * @syscap SystemCapability.Security.Cert 6307 * @crossplatform 6308 * @atomicservice 6309 * @since 18 6310 */ 6311 attributes?: Array<CsrAttribute>; 6312 6313 /** 6314 * The output format of CSR. 6315 * 6316 * @type { ?EncodingBaseFormat } 6317 * @default EncodingBaseFormat.PEM 6318 * @syscap SystemCapability.Security.Cert 6319 * @crossplatform 6320 * @atomicservice 6321 * @since 18 6322 */ 6323 outFormat?: EncodingBaseFormat; 6324 } 6325 6326 /** 6327 * Used to generate certificate signing request. 6328 * 6329 * @param { PrivateKeyInfo } keyInfo - the private key info. 6330 * @param { CsrGenerationConfig } config - the configuration for generating CSR. 6331 * @returns { string | Uint8Array } the CSR in PEM or DER format. 6332 * @throws { BusinessError } 401 - invalid parameters. Possible causes: 1. Mandatory parameters are left unspecified; 6333 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 6334 * @throws { BusinessError } 19020001 - memory error. 6335 * @throws { BusinessError } 19020002 - runtime error. 6336 * @throws { BusinessError } 19030001 - crypto operation error. 6337 * @throws { BusinessError } 19030008 - maybe wrong password. 6338 * @syscap SystemCapability.Security.Cert 6339 * @crossplatform 6340 * @atomicservice 6341 * @since 18 6342 */ 6343 function generateCsr(keyInfo: PrivateKeyInfo, config: CsrGenerationConfig): string | Uint8Array; 6344} 6345 6346export default cert; 6347