1/* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16import util from '@ohos.util'; 17import huks from '@ohos.security.huks'; 18import userAuth from '@ohos.userIAM.userAuth'; 19import promptAction from '@ohos.promptAction'; 20import Logger from './Logger'; 21 22const TAG: string = '[HUKS]'; 23const CHALLENG_LEN = 6; 24const ALWAYSVAILD = 4; 25const ENCODEINTO_BUFFER = 20; 26const DECRYPT_BYTE = 16; 27const IV: string = (Math.floor(Math.random() * 1000000000000) + 1).toString(); 28let NONCE = '123456789012'; 29let AAD = '124567890123456'; 30let AEAD = '124567890123456'; 31let cipherData: Uint8Array; 32let cipherDataString: string; 33let challengeNew = new Uint8Array(CHALLENG_LEN); 34 35 36// 密钥明文 37let PLAIN_TEXT_SIZE_16 = new Uint8Array([ 38 0xfb, 0x8b, 0x9f, 0x12, 0xa0, 0x83, 0x19, 0xbe, 39 0x64, 0x0b, 0x88, 0x96, 0xe2, 0xfa, 0x77, 0xbc 40]); 41 42function stringToUint8Array(str: string): Uint8Array { 43 let arr = []; 44 for (let i = 0, j = str.length; i < j; ++i) { 45 arr.push(str.charCodeAt(i)); 46 } 47 return new Uint8Array(arr); 48} 49 50function uint8ArrayToString(fileData): string { 51 let dataString = ''; 52 for (let i = 0; i < fileData.length; i++) { 53 dataString += String.fromCharCode(fileData[i]); 54 } 55 return dataString; 56} 57 58function base64ToArrayBuffer(info): Uint8Array { 59 return new util.Base64().decodeSync(info); 60} 61 62function base64ToString(byte): string { 63 return new util.Base64().encodeToStringSync(byte); 64} 65 66function encodeInto(str: string): Uint8Array { 67 let textEncoder = new util.TextEncoder(); 68 let buffer = new ArrayBuffer(ENCODEINTO_BUFFER); 69 let result = new Uint8Array(buffer); 70 result = textEncoder.encodeInto(str); 71 72 console.info('retStr==' + result); 73 return result; 74} 75 76// 生成Sm2密钥属性信息 77function getSm2GenerateProperties(properties): void { 78 let index = 0; 79 properties[index++] = { 80 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 81 value: huks.HuksKeyAlg.HUKS_ALG_SM2 82 }; 83 properties[index++] = { 84 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 85 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 86 }; 87 properties[index++] = { 88 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 89 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 90 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 91 }; 92 properties[index++] = { 93 tag: huks.HuksTag.HUKS_TAG_CHALLENGE_TYPE, 94 value: huks.HuksChallengeType.HUKS_CHALLENGE_TYPE_NORMAL 95 }; 96 properties[index++] = { 97 tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_PURPOSE, 98 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 99 }; 100 properties[index++] = { 101 tag: huks.HuksTag.HUKS_TAG_USER_AUTH_TYPE, 102 value: huks.HuksUserAuthType.HUKS_USER_AUTH_TYPE_PIN 103 }; 104 properties[index++] = { 105 tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_ACCESS_TYPE, 106 value: ALWAYSVAILD 107 }; 108 return; 109} 110 111// Sm2加密密钥属性信息 112function getSm2EncryptProperties(properties): void { 113 let index = 0; 114 properties[index++] = { 115 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 116 value: huks.HuksKeyAlg.HUKS_ALG_SM2 117 }; 118 properties[index++] = { 119 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 120 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 121 }; 122 properties[index++] = { 123 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 124 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 125 }; 126 properties[index++] = { 127 tag: huks.HuksTag.HUKS_TAG_DIGEST, 128 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 129 }; 130 return; 131} 132 133// Sm2解密密钥属性信息 134function getSm2DecryptProperties(properties): void { 135 let index = 0; 136 properties[index++] = { 137 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 138 value: huks.HuksKeyAlg.HUKS_ALG_SM2 139 }; 140 properties[index++] = { 141 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 142 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 143 }; 144 properties[index++] = { 145 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 146 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 147 }; 148 properties[index++] = { 149 tag: huks.HuksTag.HUKS_TAG_DIGEST, 150 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 151 }; 152 return; 153} 154 155 156// AES加密密钥属性信息 157function getAesEncryptProperties(properties): void { 158 let index = 0; 159 properties[index++] = { 160 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 161 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 162 }; 163 properties[index++] = { 164 tag: huks.HuksTag.HUKS_TAG_PADDING, 165 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 166 }; 167 properties[index++] = { 168 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 169 value: huks.HuksCipherMode.HUKS_MODE_GCM 170 }; 171 properties[index++] = { 172 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 173 value: stringToUint8Array(AAD) 174 }; 175 properties[index++] = { 176 tag: huks.HuksTag.HUKS_TAG_NONCE, 177 value: stringToUint8Array(NONCE) 178 }; 179 properties[index++] = { 180 tag: huks.HuksTag.HUKS_TAG_AE_TAG, 181 value: stringToUint8Array(AEAD) 182 }; 183 properties[index++] = { 184 tag: huks.HuksTag.HUKS_TAG_IV, 185 value: stringToUint8Array(IV) 186 }; 187 return; 188} 189 190// AES解密密钥属性信息 191function getAesDecryptProperties(properties, info): void { 192 let index = 0; 193 let t = base64ToArrayBuffer(info); 194 properties[index++] = { 195 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 196 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 197 }; 198 properties[index++] = { 199 tag: huks.HuksTag.HUKS_TAG_PADDING, 200 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 201 }; 202 properties[index++] = { 203 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 204 value: huks.HuksCipherMode.HUKS_MODE_GCM 205 }; 206 properties[index++] = { 207 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 208 value: stringToUint8Array(AAD) 209 }; 210 properties[index++] = { 211 tag: huks.HuksTag.HUKS_TAG_NONCE, 212 value: stringToUint8Array(NONCE) 213 }; 214 properties[index++] = { 215 tag: huks.HuksTag.HUKS_TAG_AE_TAG, 216 value: t.slice(t.length - DECRYPT_BYTE) 217 }; 218 properties[index++] = { 219 tag: huks.HuksTag.HUKS_TAG_IV, 220 value: stringToUint8Array(IV) 221 }; 222 return; 223} 224 225// 生成AES密钥属性信息 226function getAesGenerateProperties(properties): void { 227 let index = 0; 228 properties[index++] = { 229 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 230 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 231 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 232 }; 233 properties[index++] = { 234 tag: huks.HuksTag.HUKS_TAG_PADDING, 235 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 236 }; 237 properties[index++] = { 238 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 239 value: huks.HuksCipherMode.HUKS_MODE_GCM 240 }; 241 return; 242} 243 244function getAesPublicProperties(properties) { 245 let index = 0; 246 properties[index++] = { 247 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 248 value: huks.HuksKeyAlg.HUKS_ALG_AES 249 }; 250 properties[index++] = { 251 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 252 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 253 }; 254} 255 256// 导入SM4密钥属性信息 257function getImportKeyProperties(properties): void { 258 let index = 0; 259 properties[index++] = { 260 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 261 value: huks.HuksKeyAlg.HUKS_ALG_SM4 262 }; 263 properties[index++] = { 264 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 265 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128 266 }; 267 properties[index++] = { 268 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 269 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 270 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 271 }; 272 return; 273} 274 275// SM4 加密密钥属性 276function getSm4EnryptProperties(properties): void { 277 let index = 0; 278 properties[index++] = { 279 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 280 value: huks.HuksKeyAlg.HUKS_ALG_SM4 281 }; 282 properties[index++] = { 283 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 284 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128, 285 }; 286 properties[index++] = { 287 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 288 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 289 }; 290 properties[index++] = { 291 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 292 value: huks.HuksCipherMode.HUKS_MODE_CBC 293 }; 294 properties[index++] = { 295 tag: huks.HuksTag.HUKS_TAG_PADDING, 296 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 297 }; 298 properties[index++] = { 299 tag: huks.HuksTag.HUKS_TAG_IV, 300 value: stringToUint8Array(IV) 301 }; 302 return; 303} 304 305// SM4 解密密钥属性 306function getSm4DeryptProperties(properties): void { 307 let index = 0; 308 properties[index++] = { 309 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 310 value: huks.HuksKeyAlg.HUKS_ALG_SM4 311 }; 312 properties[index++] = { 313 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 314 value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128, 315 }; 316 properties[index++] = { 317 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 318 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 319 }; 320 properties[index++] = { 321 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 322 value: huks.HuksCipherMode.HUKS_MODE_CBC 323 }; 324 properties[index++] = { 325 tag: huks.HuksTag.HUKS_TAG_PADDING, 326 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 327 }; 328 properties[index++] = { 329 tag: huks.HuksTag.HUKS_TAG_IV, 330 value: stringToUint8Array(IV) 331 }; 332 return; 333} 334 335/** 336 * 功能模型 337 */ 338export class HuksModel { 339 // 模拟使用HUKS生成新密钥 340 async encryptData(plainText: string, resultCallback): Promise<void> { 341 let aesKeyAlias = 'test_aesKeyAlias'; 342 let handle; 343 let generateKeyProperties = new Array(); 344 let publicProperties = new Array(); 345 getAesGenerateProperties(generateKeyProperties); 346 getAesPublicProperties(publicProperties); 347 let generateKeyOptions = { 348 properties: publicProperties.concat(generateKeyProperties) 349 }; 350 await huks.generateKeyItem(aesKeyAlias, generateKeyOptions).then((data) => { 351 Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`); 352 }).catch((err) => { 353 Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 354 }); 355 356 // 模拟使用HUKS生成的新密钥加密 357 let encryptProperties = new Array(); 358 getAesEncryptProperties(encryptProperties); 359 let encryptOptions = { 360 properties: publicProperties.concat(encryptProperties), 361 inData: new Uint8Array(new Array()) 362 }; 363 await huks.initSession(aesKeyAlias, encryptOptions).then((data) => { 364 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 365 handle = data.handle; 366 }).catch((err) => { 367 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 368 }); 369 encryptOptions.inData = encodeInto(plainText); 370 371 await huks.finishSession(handle, encryptOptions).then((data) => { 372 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 373 cipherData = data.outData; 374 cipherDataString = base64ToString(cipherData); 375 let that = new util.Base64Helper(); 376 resultCallback(that.encodeToStringSync(cipherData)); 377 }).catch((err) => { 378 Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 379 promptAction.showToast({ 380 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 381 duration: 6500, 382 }); 383 }); 384 } 385 386 // 模拟使用HUKS生成的新密钥进行解密 387 async decryptData(resultCallback): Promise<void> { 388 let decryptOptions = new Array(); 389 let publicProperties = new Array(); 390 getAesDecryptProperties(decryptOptions, cipherDataString); 391 getAesPublicProperties(publicProperties); 392 let aesKeyAlias = 'test_aesKeyAlias'; 393 let handle; 394 let t = base64ToArrayBuffer(cipherDataString); 395 let options = { 396 properties: publicProperties.concat(decryptOptions), 397 inData: base64ToArrayBuffer(cipherDataString) 398 }; 399 let emptyOptions = { 400 properties: [] 401 }; 402 403 await huks.initSession(aesKeyAlias, options).then((data) => { 404 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 405 handle = data.handle; 406 }).catch((err) => { 407 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 408 }); 409 options.inData = base64ToArrayBuffer(cipherDataString).slice(0, t.length - DECRYPT_BYTE); 410 411 await huks.finishSession(handle, options).then((data) => { 412 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 413 resultCallback(uint8ArrayToString(data.outData)); 414 }).catch((err) => { 415 Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 416 promptAction.showToast({ 417 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 418 duration: 6500, 419 }); 420 }); 421 await huks.deleteKeyItem(aesKeyAlias, emptyOptions).then((data) => { 422 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 423 }).catch((err) => { 424 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 425 }); 426 } 427 428 // 模拟使用Sm2 生成密钥并进行加密 429 async encryptDataUseSm2(plainText: string, resultCallback): Promise<void> { 430 let sm2KeyAlias = 'test_sm2KeyAlias'; 431 let handle; 432 let generateKeyProperties = new Array(); 433 getSm2GenerateProperties(generateKeyProperties); 434 let generateKeyOptions = { 435 properties: generateKeyProperties 436 }; 437 await huks.generateKeyItem(sm2KeyAlias, generateKeyOptions).then((data) => { 438 Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`); 439 }).catch((err) => { 440 Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 441 }); 442 443 let encryptProperties = new Array(); 444 getSm2EncryptProperties(encryptProperties); 445 let encryptOptions = { 446 properties: encryptProperties, 447 inData: stringToUint8Array(plainText) 448 }; 449 await huks.initSession(sm2KeyAlias, encryptOptions).then((data) => { 450 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 451 handle = data.handle; 452 }).catch((err) => { 453 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 454 }); 455 await huks.finishSession(handle, encryptOptions).then((data) => { 456 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 457 cipherData = data.outData; 458 let that = new util.Base64Helper(); 459 resultCallback(that.encodeToStringSync(cipherData)); 460 }).catch((err) => { 461 Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 462 promptAction.showToast({ 463 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 464 duration: 6500, 465 }); 466 }); 467 } 468 469 async finishSession(handle, options, resultCallback, authToken: Uint8Array): Promise<void> { 470 await huks.finishSession(handle, options, authToken).then((data) => { 471 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 472 resultCallback(uint8ArrayToString(data.outData)); 473 }).catch((err) => { 474 Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 475 promptAction.showToast({ 476 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 477 duration: 6500, 478 }); 479 }); 480 } 481 482 async userIAMAuthFinger(finishSessionFunction, param): Promise<void> { 483 Logger.info(TAG, '[HUKS->userIAM]start userAuth...'); 484 const authParam: userAuth.AuthParam = { 485 challenge: challengeNew, 486 authType: [userAuth.UserAuthType.PIN], 487 authTrustLevel: userAuth.AuthTrustLevel.ATL1 488 }; 489 const widgetParam: userAuth.WidgetParam = { 490 title: 'PIN' 491 }; 492 try { 493 let userAuthInstance = await userAuth.getUserAuthInstance(authParam, widgetParam); 494 Logger.info(TAG, 'get userAuth instance success'); 495 await userAuthInstance.on('result', { 496 onResult(result) { 497 Logger.info(TAG, 'userAuthInstance callback result = ' + JSON.stringify(result)); 498 finishSessionFunction(param.handleParam, param.optionsParam, param.resultCallbackParam, result.token); 499 } 500 }); 501 Logger.info(TAG, 'auth on success'); 502 await userAuthInstance.start(); 503 Logger.info(TAG, 'auth on success'); 504 } catch (error) { 505 Logger.error(TAG, 'auth catch error: ' + JSON.stringify(error)); 506 } 507 } 508 509 // 模拟使用HUKS生成的新密钥进行低安访问控制与解密 510 async decryptDataUseSm2(resultCallback): Promise<void> { 511 let decryptOptions = new Array(); 512 getSm2DecryptProperties(decryptOptions); 513 let sm2KeyAlias = 'test_sm2KeyAlias'; 514 let handle; 515 let options = { 516 properties: decryptOptions, 517 inData: cipherData 518 }; 519 let emptyOptions = { 520 properties: [] 521 }; 522 await huks.initSession(sm2KeyAlias, options).then((data) => { 523 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 524 handle = data.handle; 525 challengeNew = data.challenge; 526 }).catch((err) => { 527 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 528 }); 529 let finishSessionFunction = this.finishSession; 530 let param = { 531 handleParam: handle, 532 optionsParam: options, 533 resultCallbackParam: resultCallback, 534 }; 535 await this.userIAMAuthFinger(finishSessionFunction, param); 536 } 537 538 539 // 模拟设备1使用旧密钥在本地进行加密 540 async encryptDataUserOldKey(plainText: string, resultCallback): Promise<void> { 541 let device1KeyAlias = 'device_1_key_alias'; 542 let importKeyProperties = new Array(); 543 getImportKeyProperties(importKeyProperties); 544 let importKeyOptions = { 545 properties: importKeyProperties, 546 inData: PLAIN_TEXT_SIZE_16 547 }; 548 Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`); 549 await huks.importKeyItem(device1KeyAlias, importKeyOptions).then((data) => { 550 Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`); 551 }).catch((err) => { 552 Logger.error(TAG, `import key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 553 }); 554 555 // 加密 556 let sm4EncryptProperties = new Array(); 557 getSm4EnryptProperties(sm4EncryptProperties); 558 let sm4EncryptOptions = { 559 properties: sm4EncryptProperties, 560 inData: stringToUint8Array(plainText) 561 }; 562 let handle; 563 await huks.initSession(device1KeyAlias, sm4EncryptOptions).then((data) => { 564 Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`); 565 handle = data.handle; 566 }).catch((err) => { 567 Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 568 }); 569 await huks.finishSession(handle, sm4EncryptOptions).then((data) => { 570 Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`); 571 cipherData = data.outData; 572 let that = new util.Base64Helper(); 573 resultCallback(that.encodeToStringSync(cipherData)); 574 }).catch((err) => { 575 Logger.error(TAG, `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 576 promptAction.showToast({ 577 message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 578 duration: 6500, 579 }); 580 }); 581 582 // 加密完成删除本地密钥 583 let emptyOptions = { 584 properties: [] 585 }; 586 await huks.deleteKeyItem(device1KeyAlias, emptyOptions).then((data) => { 587 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 588 }).catch((err) => { 589 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 590 }); 591 } 592 593 // 模拟设备2导入设备1中的旧密钥 594 async importKey(): Promise<void> { 595 let keyAlias = 'import_device_1_key_alias'; 596 let importOptions = new Array(); 597 getImportKeyProperties(importOptions); 598 let huksoptions = { 599 properties: importOptions, 600 inData: PLAIN_TEXT_SIZE_16 601 }; 602 Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`); 603 await huks.importKeyItem(keyAlias, huksoptions).then((data) => { 604 Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`); 605 promptAction.showToast({ 606 message: 'import old key success', 607 duration: 1000, 608 }); 609 }).catch((err) => { 610 Logger.error(TAG, `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 611 promptAction.showToast({ 612 message: `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 613 duration: 1000, 614 }); 615 }); 616 } 617 618 // 模拟设备2使用导入的设备1中的旧密钥进行解密 619 async decryptDataUserOldKey(resultCallback): Promise<void> { 620 let handle; 621 let keyAlias = 'import_device_1_key_alias'; 622 let decryptProperties = new Array(); 623 getSm4DeryptProperties(decryptProperties); 624 let decryptOptions = { 625 properties: decryptProperties, 626 inData: cipherData 627 }; 628 629 // 解密 630 await huks.initSession(keyAlias, decryptOptions).then((data) => { 631 Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`); 632 handle = data.handle; 633 }).catch((err) => { 634 Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 635 }); 636 await huks.finishSession(handle, decryptOptions).then((data) => { 637 Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`); 638 resultCallback(uint8ArrayToString(data.outData)); 639 }).catch((err) => { 640 Logger.error(TAG, `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 641 promptAction.showToast({ 642 message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`, 643 duration: 6500, 644 }); 645 }); 646 647 // 解密完成删除本地密钥 648 let emptyOptions = { 649 properties: [] 650 }; 651 await huks.deleteKeyItem(keyAlias, emptyOptions).then((data) => { 652 Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`); 653 }).catch((err) => { 654 Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`); 655 }); 656 } 657}