1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup HuksKeyApi 18 * @{ 19 * 20 * @brief Describes the OpenHarmony Universal KeyStore (HUKS) capabilities, including key management and 21 * cryptography operations, provided for applications. 22 * The keys managed by HUKS can be imported by applications or generated by calling the HUKS APIs. 23 * 24 * @syscap SystemCapability.Security.Huks 25 * @since 9 26 * @version 1.0 27 */ 28 29 /** 30 * @file native_huks_api.h 31 * 32 * @brief Defines the Universal Keystore Kit APIs. 33 * 34 * @library libhuks_ndk.z.so 35 * @syscap SystemCapability.Security.Huks 36 * 37 * include "huks/include/native_huks_type.h" 38 * @kit UniversalKeystoreKit 39 * @since 9 40 * @version 1.0 41 */ 42 43 #ifndef NATIVE_HUKS_API_H 44 #define NATIVE_HUKS_API_H 45 46 #include "native_huks_type.h" 47 48 #ifdef __cplusplus 49 extern "C" { 50 #endif 51 52 /** 53 * @brief Obtains the current HUKS SDK version. 54 * 55 * @param sdkVersion Indicates the pointer to the SDK version (in string format) obtained. 56 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 57 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If sdkVersion or 58 * sdkVersion->data is null, or if sdkVersion->size is too small. 59 * @since 9 60 * @version 1.0 61 */ 62 struct OH_Huks_Result OH_Huks_GetSdkVersion(struct OH_Huks_Blob *sdkVersion); 63 64 /** 65 * @brief Generates a key. 66 * 67 * @param keyAlias Indicates the pointer to the alias of the key to generate. 68 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 69 * @param paramSetIn Indicates the pointer to the parameter set for generating the key. 70 * @param paramSetOut Indicates the pointer to a temporary key generated. If the generated key is 71 * not of a temporary type, this parameter is a null pointer. 72 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 73 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSetIn or 74 * paramSetOut is invalid. 75 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 76 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 77 * or if failed to write file. 78 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 79 * is invalid. 80 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the base key file is not exit. 81 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 82 * get key argument. 83 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 84 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 85 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 86 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 87 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 88 * but not set. 89 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 90 * @since 9 91 * @version 1.0 92 */ 93 struct OH_Huks_Result OH_Huks_GenerateKeyItem(const struct OH_Huks_Blob *keyAlias, 94 const struct OH_Huks_ParamSet *paramSetIn, struct OH_Huks_ParamSet *paramSetOut); 95 96 /** 97 * @brief Imports a key in plaintext. 98 * 99 * @param keyAlias Indicates the pointer to the alias of the key to import. 100 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 101 * @param paramSet Indicates the pointer to the parameters of the key to import. 102 * @param key Indicates the pointer to the key to import. The key must be in the format required by the HUKS. 103 * For details, see {@link HuksTypeApi}. 104 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 105 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or key is invalid. 106 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 107 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 108 * or if failed to write file. 109 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 110 * is invalid. 111 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 112 * get key argument. 113 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 114 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 115 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 116 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 117 * @since 9 118 * @version 1.0 119 */ 120 struct OH_Huks_Result OH_Huks_ImportKeyItem(const struct OH_Huks_Blob *keyAlias, 121 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *key); 122 123 /** 124 * @brief Imports a wrapped key. 125 * 126 * @param keyAlias Indicates the pointer to the alias of the key to import. 127 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 128 * @param wrappingKeyAlias Indicates the pointer to the alias of the wrapping key, 129 * which is obtained through key agreement and used to decrypt the key to import. 130 * @param paramSet Indicates the pointer to the parameters of the wrapped key to import. 131 * @param wrappedKeyData Indicates the pointer to the wrapped key to import. 132 * The key must be in the format required by the HUKS. For details, see {@link OH_Huks_AlgSuite}. 133 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 134 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or wrappingKeyAlias or 135 * paramSet or wrappedKeyData is invalid. 136 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 137 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 138 * or if failed to write file. 139 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 140 * is invalid. 141 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 142 * get key argument. 143 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 144 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 145 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 146 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 147 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 148 * @since 9 149 * @version 1.0 150 */ 151 struct OH_Huks_Result OH_Huks_ImportWrappedKeyItem(const struct OH_Huks_Blob *keyAlias, 152 const struct OH_Huks_Blob *wrappingKeyAlias, const struct OH_Huks_ParamSet *paramSet, 153 const struct OH_Huks_Blob *wrappedKeyData); 154 155 /** 156 * @brief Exports a public key. 157 * 158 * @param keyAlias Indicates the pointer to the alias of the public key to export. 159 * The alias must be the same as the alias for the key generated. 160 * @param paramSet Indicates the pointer to the parameters required for exporting the public key. 161 * @param key Indicates the pointer to the public key exported. 162 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 163 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or key is invalid. 164 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 165 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 166 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 167 * is invalid. 168 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 169 * get key argument. 170 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 171 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 172 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 173 * @since 9 174 * @version 1.0 175 */ 176 struct OH_Huks_Result OH_Huks_ExportPublicKeyItem(const struct OH_Huks_Blob *keyAlias, 177 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_Blob *key); 178 179 /** 180 * @brief Deletes a key. 181 * 182 * @param keyAlias Indicates the pointer to the alias of the key to delete. 183 * The alias must be the same as the alias for the key generated. 184 * @param paramSet Indicates the pointer to the parameters required for deleting the key. 185 * By default, this parameter is a null pointer. 186 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 187 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet is invalid. 188 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 189 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 190 * is invalid. 191 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 192 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 193 * get key argument. 194 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 195 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 196 * @since 9 197 * @version 1.0 198 */ 199 struct OH_Huks_Result OH_Huks_DeleteKeyItem(const struct OH_Huks_Blob *keyAlias, 200 const struct OH_Huks_ParamSet *paramSet); 201 202 /** 203 * @brief Obtains the attributes of a key. 204 * 205 * @param keyAlias Indicates the pointer to the alias of the target key. 206 * @param paramSetIn Indicates the pointer to the attribute tag required for 207 * obtaining the attributes. By default, this parameter is a null pointer. 208 * @param paramSetOut Indicates the pointer to the attributes obtained. 209 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 210 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSetIn or 211 * paramSetOut is invalid. 212 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 213 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 214 * is invalid. 215 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 216 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 217 * get key argument. 218 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 219 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 220 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 221 * @since 9 222 * @version 1.0 223 */ 224 struct OH_Huks_Result OH_Huks_GetKeyItemParamSet(const struct OH_Huks_Blob *keyAlias, 225 const struct OH_Huks_ParamSet *paramSetIn, struct OH_Huks_ParamSet *paramSetOut); 226 227 /** 228 * @brief Checks whether a key exists. 229 * 230 * @param keyAlias Indicates the pointer to the alias of the target key. 231 * @param paramSet Indicates the pointer to the attribute tag required for checking the key. 232 * By default, this parameter is a null pointer. 233 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 234 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet is invalid. 235 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 236 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 237 * is invalid. 238 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 239 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 240 * get key argument. 241 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 242 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 243 * @since 9 244 * @version 1.0 245 */ 246 struct OH_Huks_Result OH_Huks_IsKeyItemExist(const struct OH_Huks_Blob *keyAlias, 247 const struct OH_Huks_ParamSet *paramSet); 248 249 /** 250 * @brief Obtain the key certificate chain. This API can be called only by system applications. 251 * 252 * @permission ohos.permission.ATTEST_KEY 253 * @param keyAlias Indicates the pointer to the alias of the target key. 254 * @param paramSet Indicates the pointer to the parameters required for obtaining the key certificate. 255 * @param certChain Indicates the pointer to the key certificate chain obtained. 256 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 257 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or 258 * paramSet or certChain is invalid. 259 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 260 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 261 * is invalid. 262 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 263 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 264 * get key argument. 265 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 266 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 267 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 268 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 269 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_PERMISSION_FAIL} 201 - If the permission check failed, 270 * please apply for the required permissions first. 271 * @since 9 272 * @version 1.0 273 */ 274 struct OH_Huks_Result OH_Huks_AttestKeyItem(const struct OH_Huks_Blob *keyAlias, 275 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_CertChain *certChain); 276 277 /** 278 * @brief Obtain the key certificate chain. 279 * 280 * @param keyAlias Indicates the pointer to the alias of the target key. 281 * @param paramSet Indicates the pointer to the parameters required for obtaining the key certificate. 282 * @param certChain Indicates the pointer to the key certificate chain obtained. 283 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 284 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or 285 * paramSet or certChain is invalid. 286 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 287 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 288 * is invalid. 289 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 290 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 291 * get key argument. 292 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 293 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 294 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 295 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 296 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_PERMISSION_FAIL} 201 - If the permission check failed, 297 * please apply for the required permissions first. 298 * @since 11 299 * @version 1.0 300 * @note this is a networking duration interface caller need to get the certChain in asynchronous thread 301 */ 302 struct OH_Huks_Result OH_Huks_AnonAttestKeyItem(const struct OH_Huks_Blob *keyAlias, 303 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_CertChain *certChain); 304 305 /** 306 * @brief Initializes the key session interface and obtains a handle (mandatory) and challenge value (optional). 307 * 308 * @param keyAlias Indicates the pointer to the alias of the target key. 309 * @param paramSet Indicates the pointer to the parameters for the initialization operation. 310 * @param handle Indicates the pointer to the handle of the key session obtained. 311 * This handle is required for subsequent operations, including {@link OH_Huks_UpdateSession}, 312 * {@link OH_Huks_FinishSession}, and {@link OH_Huks_AbortSession}. 313 * @param token Indicates the pointer to the token used for key access control. 314 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 315 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or handle or 316 * token is invalid. 317 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 318 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 319 * is invalid. 320 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 321 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 322 * get key argument. 323 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 324 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_SESSION_LIMIT} 12000010 - If reached max session limit. 325 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 326 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 327 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 328 * @since 9 329 * @version 1.0 330 * @see OH_Huks_UpdateSession 331 * @see OH_Huks_FinishSession 332 * @see OH_Huks_AbortSession 333 */ 334 struct OH_Huks_Result OH_Huks_InitSession(const struct OH_Huks_Blob *keyAlias, 335 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_Blob *handle, struct OH_Huks_Blob *token); 336 337 /** 338 * @brief Adds data by segment for the key operation, performs the related key operation, 339 * and outputs the processed data. 340 * 341 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 342 * @param paramSet Indicates the pointer to the parameters required for the key operation. 343 * @param inData Indicates the pointer to the data to be processed. 344 * This API can be called multiples time to process large data by segment. 345 * @param outData Indicates the pointer to the output data. 346 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 347 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 348 * outData is invalid. 349 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 350 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 351 * is invalid. 352 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit, 353 * or if the handle is not exist. 354 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 355 * get key argument. 356 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 357 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 358 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 359 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED} 12000008 - If auth token verify failed. 360 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED} 12000007 - If auth token info 361 * verify failed. 362 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_TIME_OUT} 12000009 - If authentication token timed out. 363 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 364 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 365 * but not set. 366 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 367 * @since 9 368 * @version 1.0 369 * @see OH_Huks_InitSession 370 * @see OH_Huks_FinishSession 371 * @see OH_Huks_AbortSession 372 */ 373 struct OH_Huks_Result OH_Huks_UpdateSession(const struct OH_Huks_Blob *handle, 374 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *inData, struct OH_Huks_Blob *outData); 375 376 /** 377 * @brief Ends the key session. 378 * 379 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 380 * @param paramSet Indicates the pointer to the parameters required for the key operation. 381 * @param inData Indicates the pointer to the data to be processed. 382 * @param outData Indicates the pointer to the output data. 383 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 384 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 385 * outData is invalid. 386 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 387 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 388 * is invalid. 389 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit, 390 * or if the handle is not exist. 391 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 392 * get key argument. 393 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 394 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 395 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 396 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED} 12000008 - If auth token verify failed. 397 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED} 12000007 - If auth token info 398 * verify failed. 399 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_TIME_OUT} 12000009 - If authentication token timed out. 400 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 401 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 402 * but not set. 403 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 404 * @since 9 405 * @version 1.0 406 * @see OH_Huks_InitSession 407 * @see OH_Huks_UpdateSession 408 * @see OH_Huks_AbortSession 409 */ 410 struct OH_Huks_Result OH_Huks_FinishSession(const struct OH_Huks_Blob *handle, 411 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *inData, struct OH_Huks_Blob *outData); 412 413 /** 414 * @brief Aborts a key session. 415 * 416 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 417 * @param paramSet Indicates the pointer to the parameters required for aborting the key session. 418 * By default, this parameter is a null pointer. 419 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 420 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 421 * outData is invalid. 422 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 423 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 424 * is invalid. 425 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - or if the handle is not exist. 426 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 427 * get key argument. 428 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 429 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 430 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 431 * @since 9 432 * @version 1.0 433 * @see OH_Huks_InitSession 434 * @see OH_Huks_UpdateSession 435 * @see OH_Huks_FinishSession 436 */ 437 struct OH_Huks_Result OH_Huks_AbortSession(const struct OH_Huks_Blob *handle, 438 const struct OH_Huks_ParamSet *paramSet); 439 440 #ifdef __cplusplus 441 } 442 #endif 443 444 /** @} */ 445 #endif /* NATIVE_HUKS_API_H */ 446