1# Encryption and Decryption (ArkTS) 2 3<!--Kit: Universal Keystore Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @wutiantian-gitee--> 6<!--Designer: @HighLowWorld--> 7<!--Tester: @wxy1234564846--> 8<!--Adviser: @zengyawen--> 9 10This topic walks you through on how to perform encryption and decryption using AES128, RSA2048, and SM2. For details about the scenarios and supported algorithms, see [Supported Algorithms](huks-encryption-decryption-overview.md#supported-algorithms). 11 12## How to Develop 13 14**Key Generation** 15 161. Specify the key alias. For details about the naming rules, see [Key Generation Overview and Algorithm Specifications](huks-key-generation-overview.md). 17 182. Initialize the key property set. 19 203. Use [generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9) to generate a key. For details, see [Key Generation](huks-key-generation-overview.md). 21 22Alternatively, you can [import a key](huks-key-import-overview.md). 23 24**Encryption** 25 261. Obtain the key alias. 27 282. Obtain the data to be encrypted. 29 303. Obtain the [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) for encryption. 31 32 The parameters to be configured vary with the algorithm used. 33 - If the AES algorithm, CBC block mode, and PKCS7 padding mode are used for encryption, the **IV** parameter must be set. For details, see [AES/CBC/PKCS7](#aescbcpkcs7). 34 - If the AES algorithm and GCM block mode are used for encryption, the **NONCE** parameter is mandatory and **AAD** is optional. For details, see [AES/GCM/NoPadding](#aesgcmnopadding). 35 - If the RSA algorithm is used for encryption, you need to select the corresponding block mode, padding mode, and digest algorithm. For details, see [RSA/ECB/PKCS1_V1_5](#rsaecbpkcs1_v1_5) and [RSA/ECB/OAEP/SHA256](#rsaecboaepsha256). 36 - If the SM2 algorithm is used for encryption, the digest algorithm must be SM3. For details, see [SM2](#sm2). 37 38 For details about the specifications, see [Encryption and Decryption Overview and Algorithm Specifications](huks-encryption-decryption-overview.md). 39 404. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 41 425. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) with the session handle to obtain the ciphertext. 43 44**Decryption** 45 461. Obtain the key alias. 47 482. Obtain the ciphertext to be decrypted. 49 503. Obtain the [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) for decryption. 51 52 The parameters to be configured vary with the algorithm used. 53 - If the AES algorithm and GCM block mode are used for decryption, **NONCE** and **AEAD** are mandatory and **AAD** is optional. For details, see [AES/GCM/NoPadding](#aesgcmnopadding). 54 - The requirements for the parameters in the other development cases are the same as those in the encryption. 55 56 For details about the specifications, see [Encryption and Decryption Overview and Algorithm Specifications](huks-encryption-decryption-overview.md). 57 584. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 59 605. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) to obtain the data decrypted. 61 62**Key Deletion** 63 64Use [deleteKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksdeletekeyitem9) to delete the key that is not required. For details, see [Deleting a Key](huks-delete-key-arkts.md). 65 66## Development Cases 67 68### AES/CBC/PKCS7 69 70```ts 71/* 72 * The following uses AES/CBC/PKCS7 with promise-based APIs. 73 */ 74import { huks } from '@kit.UniversalKeystoreKit'; 75 76let aesKeyAlias = 'test_aesKeyAlias'; 77let handle: number; 78let plainText = '123456'; 79let IV = '001122334455'; // Replace this example code with a random value in practice. 80let cipherData: Uint8Array; 81 82function StringToUint8Array(str: string) { 83 let arr: number[] = new Array(); 84 for (let i = 0, j = str.length; i < j; ++i) { 85 arr.push(str.charCodeAt(i)); 86 } 87 return new Uint8Array(arr); 88} 89 90function Uint8ArrayToString(fileData: Uint8Array) { 91 let dataString = ''; 92 for (let i = 0; i < fileData.length; i++) { 93 dataString += String.fromCharCode(fileData[i]); 94 } 95 return dataString; 96} 97 98function GetAesGenerateProperties() { 99 let properties: Array<huks.HuksParam> = [{ 100 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 101 value: huks.HuksKeyAlg.HUKS_ALG_AES 102 }, { 103 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 104 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 105 }, { 106 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 107 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 108 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 109 }]; 110 return properties; 111} 112 113function GetAesEncryptProperties() { 114 let properties: Array<huks.HuksParam> = [{ 115 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 116 value: huks.HuksKeyAlg.HUKS_ALG_AES 117 }, { 118 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 119 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 120 }, { 121 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 122 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 123 }, { 124 tag: huks.HuksTag.HUKS_TAG_PADDING, 125 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 126 }, { 127 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 128 value: huks.HuksCipherMode.HUKS_MODE_CBC 129 }, { 130 tag: huks.HuksTag.HUKS_TAG_IV, 131 value: StringToUint8Array(IV) 132 }]; 133 return properties; 134} 135 136function GetAesDecryptProperties() { 137 let properties: Array<huks.HuksParam> = [{ 138 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 139 value: huks.HuksKeyAlg.HUKS_ALG_AES 140 }, { 141 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 142 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 143 }, { 144 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 145 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 146 }, { 147 tag: huks.HuksTag.HUKS_TAG_PADDING, 148 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 149 }, { 150 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 151 value: huks.HuksCipherMode.HUKS_MODE_CBC 152 }, { 153 tag: huks.HuksTag.HUKS_TAG_IV, 154 value: StringToUint8Array(IV) 155 }]; 156 return properties; 157} 158 159async function GenerateAesKey() { 160 /* 161 * Simulate the key generation scenario. 162 * 1. Set the key alias. 163 */ 164 /* 165 * 2. Obtain the parameters for key generation. 166 */ 167 let genProperties = GetAesGenerateProperties(); 168 let options: huks.HuksOptions = { 169 properties: genProperties 170 } 171 /* 172 * 3. Call generateKeyItem. 173 */ 174 await huks.generateKeyItem(aesKeyAlias, options) 175 .then((data) => { 176 console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); 177 }).catch((error: Error) => { 178 console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); 179 }) 180} 181 182async function EncryptData() { 183 /* 184 * Simulate the encryption scenario. 185 * 1. Obtain the key alias. 186 */ 187 /* 188 * 2. Obtain the data to be encrypted. 189 */ 190 /* 191 * 3. Obtain the algorithm parameters for encryption. 192 */ 193 let encryptProperties = GetAesEncryptProperties(); 194 let options: huks.HuksOptions = { 195 properties: encryptProperties, 196 inData: StringToUint8Array(plainText) 197 } 198 /* 199 * 4. Call initSession to obtain a session handle. 200 */ 201 await huks.initSession(aesKeyAlias, options) 202 .then((data) => { 203 handle = data.handle; 204 }).catch((error: Error) => { 205 console.error(`promise: init EncryptData failed, ${JSON.stringify(error)}`); 206 }) 207 /* 208 * 5. Call finishSession to obtain the ciphertext. 209 */ 210 await huks.finishSession(handle, options) 211 .then((data) => { 212 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 213 cipherData = data.outData as Uint8Array; 214 }).catch((error: Error) => { 215 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 216 }) 217} 218 219async function DecryptData() { 220 /* 221 * Simulate the decryption scenario. 222 * 1. Obtain the key alias. 223 */ 224 /* 225 * 2. Obtain the ciphertext to be decrypted. 226 */ 227 /* 228 * 3. Obtain the algorithm parameters for decryption. 229 */ 230 let decryptOptions = GetAesDecryptProperties() 231 let options: huks.HuksOptions = { 232 properties: decryptOptions, 233 inData: cipherData 234 } 235 /* 236 * 4. Call initSession to obtain a session handle. 237 */ 238 await huks.initSession(aesKeyAlias, options) 239 .then((data) => { 240 handle = data.handle; 241 }).catch((error: Error) => { 242 console.error(`promise: init DecryptData failed, ${JSON.stringify(error)}`); 243 }) 244 /* 245 * 5. Call finishSession to obtain the decrypted data. 246 */ 247 await huks.finishSession(handle, options) 248 .then((data) => { 249 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 250 }).catch((error: Error) => { 251 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 252 }) 253} 254 255async function DeleteKey() { 256 /* 257 * Simulate the key deletion scenario. 258 * 1. Obtain the key alias. 259 */ 260 let emptyOptions: huks.HuksOptions = { 261 properties: [] 262 } 263 /* 264 * 2. Call deleteKeyItem to delete the key. 265 */ 266 await huks.deleteKeyItem(aesKeyAlias, emptyOptions) 267 .then((data) => { 268 console.info(`promise: delete data success`); 269 }).catch((error: Error) => { 270 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 271 }) 272} 273 274export async function TestEncryptDecrypt() 275{ 276 await GenerateAesKey(); 277 await EncryptData(); 278 await DecryptData(); 279 await DeleteKey(); 280} 281``` 282 283### AES/GCM/NoPadding 284 285```ts 286/* 287 * The following uses AES/GCM/NoPadding with promise-based APIs. 288 */ 289import { huks } from '@kit.UniversalKeystoreKit'; 290 291let aesKeyAlias = 'test_aesKeyAlias'; 292let handle: number; 293let plainText = '123456'; 294let cipherData: Uint8Array; 295let AAD = '1234567890123456'; 296let NONCE = '001122334455'; // Replace this example code with a random value in practice. 297 298function StringToUint8Array(str: string) { 299 let arr: number[] = new Array(); 300 for (let i = 0, j = str.length; i < j; ++i) { 301 arr.push(str.charCodeAt(i)); 302 } 303 return new Uint8Array(arr); 304} 305 306function Uint8ArrayToString(fileData: Uint8Array) { 307 let dataString = ''; 308 for (let i = 0; i < fileData.length; i++) { 309 dataString += String.fromCharCode(fileData[i]); 310 } 311 return dataString; 312} 313 314function GetAesGenerateProperties() { 315 let properties: Array<huks.HuksParam> = [{ 316 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 317 value: huks.HuksKeyAlg.HUKS_ALG_AES 318 }, { 319 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 320 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 321 }, { 322 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 323 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 324 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 325 }]; 326 return properties; 327} 328 329function GetAesGcmEncryptProperties() { 330 let properties: Array<huks.HuksParam> = [{ 331 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 332 value: huks.HuksKeyAlg.HUKS_ALG_AES 333 }, { 334 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 335 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 336 }, { 337 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 338 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 339 }, { 340 tag: huks.HuksTag.HUKS_TAG_PADDING, 341 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 342 }, { 343 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 344 value: huks.HuksCipherMode.HUKS_MODE_GCM 345 }, { 346 tag: huks.HuksTag.HUKS_TAG_NONCE, 347 value: StringToUint8Array(NONCE) 348 }, { 349 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 350 value: StringToUint8Array(AAD) 351 }]; 352 return properties; 353} 354 355function GetAesGcmDecryptProperties(cipherData:Uint8Array) { 356 let properties: Array<huks.HuksParam> = [ 357 { 358 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 359 value: huks.HuksKeyAlg.HUKS_ALG_AES 360 }, { 361 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 362 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 363 }, { 364 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 365 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 366 }, { 367 tag: huks.HuksTag.HUKS_TAG_PADDING, 368 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 369 }, { 370 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 371 value: huks.HuksCipherMode.HUKS_MODE_GCM 372 }, { 373 tag: huks.HuksTag.HUKS_TAG_NONCE, 374 value: StringToUint8Array(NONCE) 375 }, { 376 tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 377 value: StringToUint8Array(AAD) 378 }, { 379 tag: huks.HuksTag.HUKS_TAG_AE_TAG, 380 value: cipherData.slice(cipherData.length-16) 381 }]; 382 return properties; 383} 384 385async function GenerateAesKey() { 386 /* 387 * Simulate the key generation scenario. 388 * 1. Set the key alias. 389 */ 390 /* 391 * 2. Obtain the parameters for key generation. 392 */ 393 let genProperties = GetAesGenerateProperties(); 394 let options: huks.HuksOptions = { 395 properties: genProperties 396 } 397 /* 398 * 3. Call generateKeyItem. 399 */ 400 await huks.generateKeyItem(aesKeyAlias, options) 401 .then((data) => { 402 console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); 403 }).catch((error: Error) => { 404 console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); 405 }) 406} 407 408async function EncryptData() { 409 /* 410 * Simulate the encryption scenario. 411 * 1. Obtain the key alias. 412 */ 413 /* 414 * 2. Obtain the data to be encrypted. 415 */ 416 /* 417 * 3. Obtain the algorithm parameters for encryption. 418 */ 419 let encryptProperties = GetAesGcmEncryptProperties(); 420 let options: huks.HuksOptions = { 421 properties: encryptProperties, 422 inData: StringToUint8Array(plainText) 423 } 424 /* 425 * 4. Call initSession to obtain a session handle. 426 */ 427 await huks.initSession(aesKeyAlias, options) 428 .then((data) => { 429 handle = data.handle; 430 }).catch((error: Error) => { 431 console.error(`promise: init EncryptDataGcm failed, ${JSON.stringify(error)}`); 432 }) 433 /* 434 * 5. Call finishSession to obtain the ciphertext. 435 */ 436 await huks.finishSession(handle, options) 437 .then((data) => { 438 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 439 cipherData = data.outData as Uint8Array; 440 }).catch((error: Error) => { 441 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 442 }) 443} 444 445async function DecryptData() { 446 /* 447 * Simulate the decryption scenario. 448 * 1. Obtain the key alias. 449 */ 450 /* 451 * 2. Obtain the ciphertext to be decrypted. 452 */ 453 /* 454 * 3. Obtain the algorithm parameters for decryption. 455 */ 456 let decryptOptions = GetAesGcmDecryptProperties(cipherData) 457 let options: huks.HuksOptions = { 458 properties: decryptOptions, 459 inData: cipherData.slice(0, cipherData.length-16) 460 } 461 /* 462 * 4. Call initSession to obtain a session handle. 463 */ 464 await huks.initSession(aesKeyAlias, options) 465 .then((data) => { 466 handle = data.handle; 467 }).catch((error: Error) => { 468 console.error(`promise: init DecryptDataGcm failed, ${JSON.stringify(error)}`); 469 }) 470 /* 471 * 5. Call finishSession to obtain the decrypted data. 472 */ 473 await huks.finishSession(handle, options) 474 .then((data) => { 475 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 476 }).catch((error: Error) => { 477 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 478 }) 479} 480 481async function DeleteKey() { 482 /* 483 * Simulate the key deletion scenario. 484 * 1. Obtain the key alias. 485 */ 486 let emptyOptions: huks.HuksOptions = { 487 properties: [] 488 } 489 /* 490 * 2. Call deleteKeyItem to delete the key. 491 */ 492 await huks.deleteKeyItem(aesKeyAlias, emptyOptions) 493 .then((data) => { 494 console.info(`promise: delete data success`); 495 }).catch((error: Error) => { 496 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 497 }) 498} 499 500export async function TestEncryptDecrypt() 501{ 502 await GenerateAesKey(); 503 await EncryptData(); 504 await DecryptData(); 505 await DeleteKey(); 506} 507``` 508 509### RSA/ECB/PKCS1_V1_5 510 511```ts 512/* 513 * The following uses RSA/ECB/PKCS1_V1_5 with promise-based APIs. 514 */ 515import { huks } from '@kit.UniversalKeystoreKit'; 516 517let rsaKeyAlias = 'test_rsaKeyAlias'; 518let handle: number; 519let plainText = '123456'; 520let cipherData: Uint8Array; 521 522function StringToUint8Array(str: string) { 523 let arr: number[] = new Array(); 524 for (let i = 0, j = str.length; i < j; ++i) { 525 arr.push(str.charCodeAt(i)); 526 } 527 return new Uint8Array(arr); 528} 529 530function Uint8ArrayToString(fileData: Uint8Array) { 531 let dataString = ''; 532 for (let i = 0; i < fileData.length; i++) { 533 dataString += String.fromCharCode(fileData[i]); 534 } 535 return dataString; 536} 537 538function GetRsaGenerateProperties() { 539 let properties: Array<huks.HuksParam> = [{ 540 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 541 value: huks.HuksKeyAlg.HUKS_ALG_RSA 542 }, { 543 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 544 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 545 }, { 546 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 547 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 548 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 549 }]; 550 return properties; 551} 552 553function GetRsaEncryptProperties() { 554 let properties: Array<huks.HuksParam> = [{ 555 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 556 value: huks.HuksKeyAlg.HUKS_ALG_RSA 557 }, { 558 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 559 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 560 }, { 561 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 562 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 563 }, { 564 tag: huks.HuksTag.HUKS_TAG_PADDING, 565 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 566 }, { 567 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 568 value: huks.HuksCipherMode.HUKS_MODE_ECB 569 }, { 570 tag: huks.HuksTag.HUKS_TAG_DIGEST, 571 value: huks.HuksKeyDigest.HUKS_DIGEST_NONE 572 }]; 573 return properties; 574} 575 576function GetRsaDecryptProperties() { 577 let properties: Array<huks.HuksParam> = [{ 578 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 579 value: huks.HuksKeyAlg.HUKS_ALG_RSA 580 }, { 581 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 582 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 583 }, { 584 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 585 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 586 }, { 587 tag: huks.HuksTag.HUKS_TAG_PADDING, 588 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 589 }, { 590 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 591 value: huks.HuksCipherMode.HUKS_MODE_ECB 592 }, { 593 tag: huks.HuksTag.HUKS_TAG_DIGEST, 594 value: huks.HuksKeyDigest.HUKS_DIGEST_NONE 595 }]; 596 return properties; 597} 598 599async function GenerateRsaKey() { 600 /* 601 * Simulate the key generation scenario. 602 * 1. Set the key alias. 603 */ 604 /* 605 * 2. Obtain the parameters for key generation. 606 */ 607 let genProperties = GetRsaGenerateProperties(); 608 let options: huks.HuksOptions = { 609 properties: genProperties 610 } 611 /* 612 * 3. Call generateKeyItem. 613 */ 614 await huks.generateKeyItem(rsaKeyAlias, options) 615 .then((data) => { 616 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 617 }).catch((error: Error) => { 618 console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); 619 }) 620} 621 622async function EncryptData() { 623 /* 624 * Simulate the encryption scenario. 625 * 1. Obtain the key alias. 626 */ 627 /* 628 * 2. Obtain the data to be encrypted. 629 */ 630 /* 631 * 3. Obtain the algorithm parameters for encryption. 632 */ 633 let encryptProperties = GetRsaEncryptProperties(); 634 let options: huks.HuksOptions = { 635 properties: encryptProperties, 636 inData: StringToUint8Array(plainText) 637 } 638 /* 639 * 4. Call initSession to obtain a session handle. 640 */ 641 await huks.initSession(rsaKeyAlias, options) 642 .then((data) => { 643 handle = data.handle; 644 }).catch((error: Error) => { 645 console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); 646 }) 647 /* 648 * 5. Call finishSession to obtain the ciphertext. 649 */ 650 await huks.finishSession(handle, options) 651 .then((data) => { 652 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 653 cipherData = data.outData as Uint8Array; 654 }).catch((error: Error) => { 655 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 656 }) 657} 658 659async function DecryptData() { 660 /* 661 * Simulate the decryption scenario. 662 * 1. Obtain the key alias. 663 */ 664 /* 665 * 2. Obtain the ciphertext to be decrypted. 666 */ 667 /* 668 * 3. Obtain the algorithm parameters for decryption. 669 */ 670 let decryptOptions = GetRsaDecryptProperties() 671 let options: huks.HuksOptions = { 672 properties: decryptOptions, 673 inData: cipherData 674 } 675 /* 676 * 4. Call initSession to obtain a session handle. 677 */ 678 await huks.initSession(rsaKeyAlias, options) 679 .then((data) => { 680 handle = data.handle; 681 }).catch((error: Error) => { 682 console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); 683 }) 684 /* 685 * 5. Call finishSession to obtain the decrypted data. 686 */ 687 await huks.finishSession(handle, options) 688 .then((data) => { 689 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 690 }).catch((error: Error) => { 691 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 692 }) 693} 694 695async function DeleteKey() { 696 /* 697 * Simulate the key deletion scenario. 698 * 1. Obtain the key alias. 699 */ 700 let emptyOptions: huks.HuksOptions = { 701 properties: [] 702 } 703 /* 704 * 2. Call deleteKeyItem to delete the key. 705 */ 706 await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) 707 .then((data) => { 708 console.info(`promise: delete data success`); 709 }).catch((error: Error) => { 710 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 711 }) 712} 713 714export async function TestEncryptDecrypt() 715{ 716 await GenerateRsaKey(); 717 await EncryptData(); 718 await DecryptData(); 719 await DeleteKey(); 720} 721``` 722 723### RSA/ECB/OAEP/SHA256 724 725```ts 726/* 727 * The following uses RSA/ECB/OAEP/SHA256 with promise-based APIs. 728 */ 729import { huks } from '@kit.UniversalKeystoreKit'; 730 731let rsaKeyAlias = 'test_rsaKeyAlias'; 732let handle: number; 733let plainText = '123456'; 734let cipherData: Uint8Array; 735 736function StringToUint8Array(str: string) { 737 let arr: number[] = new Array(); 738 for (let i = 0, j = str.length; i < j; ++i) { 739 arr.push(str.charCodeAt(i)); 740 } 741 return new Uint8Array(arr); 742} 743 744function Uint8ArrayToString(fileData: Uint8Array) { 745 let dataString = ''; 746 for (let i = 0; i < fileData.length; i++) { 747 dataString += String.fromCharCode(fileData[i]); 748 } 749 return dataString; 750} 751 752function GetRsaGenerateProperties() { 753 let properties: Array<huks.HuksParam> = [{ 754 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 755 value: huks.HuksKeyAlg.HUKS_ALG_RSA 756 }, { 757 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 758 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 759 }, { 760 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 761 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 762 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 763 }]; 764 return properties; 765} 766 767function GetRsaEncryptProperties() { 768 let properties: Array<huks.HuksParam> = [{ 769 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 770 value: huks.HuksKeyAlg.HUKS_ALG_RSA 771 }, { 772 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 773 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 774 }, { 775 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 776 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 777 }, { 778 tag: huks.HuksTag.HUKS_TAG_PADDING, 779 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 780 }, { 781 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 782 value: huks.HuksCipherMode.HUKS_MODE_ECB 783 }, { 784 tag: huks.HuksTag.HUKS_TAG_DIGEST, 785 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 786 }]; 787 return properties; 788} 789 790function GetRsaDecryptProperties() { 791 let properties: Array<huks.HuksParam> = [{ 792 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 793 value: huks.HuksKeyAlg.HUKS_ALG_RSA 794 }, { 795 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 796 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 797 }, { 798 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 799 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 800 }, { 801 tag: huks.HuksTag.HUKS_TAG_PADDING, 802 value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 803 }, { 804 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 805 value: huks.HuksCipherMode.HUKS_MODE_ECB 806 }, { 807 tag: huks.HuksTag.HUKS_TAG_DIGEST, 808 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 809 }]; 810 return properties; 811} 812 813async function GenerateRsaKey() { 814 /* 815 * Simulate the key generation scenario. 816 * 1. Set the key alias. 817 */ 818 /* 819 * 2. Obtain the parameters for key generation. 820 */ 821 let genProperties = GetRsaGenerateProperties(); 822 let options: huks.HuksOptions = { 823 properties: genProperties 824 } 825 /* 826 * 3. Call generateKeyItem. 827 */ 828 await huks.generateKeyItem(rsaKeyAlias, options) 829 .then((data) => { 830 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 831 }).catch((error: Error) => { 832 console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); 833 }) 834} 835 836async function EncryptData() { 837 /* 838 * Simulate the encryption scenario. 839 * 1. Obtain the key alias. 840 */ 841 /* 842 * 2. Obtain the data to be encrypted. 843 */ 844 /* 845 * 3. Obtain the algorithm parameters for encryption. 846 */ 847 let encryptProperties = GetRsaEncryptProperties(); 848 let options: huks.HuksOptions = { 849 properties: encryptProperties, 850 inData: StringToUint8Array(plainText) 851 } 852 /* 853 * 4. Call initSession to obtain a session handle. 854 */ 855 await huks.initSession(rsaKeyAlias, options) 856 .then((data) => { 857 handle = data.handle; 858 }).catch((error: Error) => { 859 console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); 860 }) 861 /* 862 * 5. Call finishSession to obtain the ciphertext. 863 */ 864 await huks.finishSession(handle, options) 865 .then((data) => { 866 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 867 cipherData = data.outData as Uint8Array; 868 }).catch((error: Error) => { 869 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 870 }) 871} 872 873async function DecryptData() { 874 /* 875 * Simulate the decryption scenario. 876 * 1. Obtain the key alias. 877 */ 878 /* 879 * 2. Obtain the ciphertext to be decrypted. 880 */ 881 /* 882 * 3. Obtain the algorithm parameters for decryption. 883 */ 884 let decryptOptions = GetRsaDecryptProperties() 885 let options: huks.HuksOptions = { 886 properties: decryptOptions, 887 inData: cipherData 888 } 889 /* 890 * 4. Call initSession to obtain a session handle. 891 */ 892 await huks.initSession(rsaKeyAlias, options) 893 .then((data) => { 894 handle = data.handle; 895 }).catch((error: Error) => { 896 console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); 897 }) 898 /* 899 * 5. Call finishSession to obtain the decrypted data. 900 */ 901 await huks.finishSession(handle, options) 902 .then((data) => { 903 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 904 }).catch((error: Error) => { 905 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 906 }) 907} 908 909async function DeleteKey() { 910 /* 911 * Simulate the key deletion scenario. 912 * 1. Obtain the key alias. 913 */ 914 let emptyOptions: huks.HuksOptions = { 915 properties: [] 916 } 917 /* 918 * 2. Call deleteKeyItem to delete the key. 919 */ 920 await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) 921 .then((data) => { 922 console.info(`promise: delete data success`); 923 }).catch((error: Error) => { 924 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 925 }) 926} 927 928export async function TestEncryptDecrypt() 929{ 930 await GenerateRsaKey(); 931 await EncryptData(); 932 await DecryptData(); 933 await DeleteKey(); 934} 935``` 936 937### SM2 938 939```ts 940/* 941 * The following uses SM2 with promise-based APIs. 942 */ 943import { huks } from '@kit.UniversalKeystoreKit'; 944 945let sm2KeyAlias = 'test_sm2KeyAlias'; 946let handle: number; 947let plainText = '123456'; 948let cipherData: Uint8Array; 949 950function StringToUint8Array(str: string) { 951 let arr: number[] = new Array(); 952 for (let i = 0, j = str.length; i < j; ++i) { 953 arr.push(str.charCodeAt(i)); 954 } 955 return new Uint8Array(arr); 956} 957 958function Uint8ArrayToString(fileData: Uint8Array) { 959 let dataString = ''; 960 for (let i = 0; i < fileData.length; i++) { 961 dataString += String.fromCharCode(fileData[i]); 962 } 963 return dataString; 964} 965 966function GetSm2GenerateProperties() { 967 let properties: Array<huks.HuksParam> = [{ 968 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 969 value: huks.HuksKeyAlg.HUKS_ALG_SM2 970 }, { 971 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 972 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 973 }, { 974 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 975 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 976 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 977 }]; 978 return properties; 979} 980 981function GetSm2EncryptProperties() { 982 let properties: Array<huks.HuksParam> = [{ 983 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 984 value: huks.HuksKeyAlg.HUKS_ALG_SM2 985 }, { 986 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 987 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 988 }, { 989 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 990 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 991 }, { 992 tag: huks.HuksTag.HUKS_TAG_DIGEST, 993 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 994 }]; 995 return properties; 996} 997 998function GetSm2DecryptProperties() { 999 let properties: Array<huks.HuksParam> = [{ 1000 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 1001 value: huks.HuksKeyAlg.HUKS_ALG_SM2 1002 }, { 1003 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 1004 value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 1005 }, { 1006 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1007 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 1008 }, { 1009 tag: huks.HuksTag.HUKS_TAG_DIGEST, 1010 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 1011 }]; 1012 return properties; 1013} 1014 1015async function GenerateSm2Key() { 1016 /* 1017 * Simulate the key generation scenario. 1018 * 1. Set the key alias. 1019 */ 1020 /* 1021 * 2. Obtain the parameters for key generation. 1022 */ 1023 let genProperties = GetSm2GenerateProperties(); 1024 let options: huks.HuksOptions = { 1025 properties: genProperties 1026 } 1027 /* 1028 * 3. Call generateKeyItem. 1029 */ 1030 await huks.generateKeyItem(sm2KeyAlias, options) 1031 .then((data) => { 1032 console.info(`promise: generate SM2 Key success, data = ${JSON.stringify(data)}`); 1033 }).catch((error: Error) => { 1034 console.error(`promise: generate SM2 Key failed, ${JSON.stringify(error)}`); 1035 }) 1036} 1037 1038async function EncryptDataSm2() { 1039 /* 1040 * Simulate the encryption scenario. 1041 * 1. Obtain the key alias. 1042 */ 1043 /* 1044 * 2. Obtain the data to be encrypted. 1045 */ 1046 /* 1047 * 3. Obtain the algorithm parameters for encryption. 1048 */ 1049 let encryptProperties = GetSm2EncryptProperties(); 1050 let options: huks.HuksOptions = { 1051 properties: encryptProperties, 1052 inData: StringToUint8Array(plainText) 1053 } 1054 /* 1055 * 4. Call initSession to obtain a session handle. 1056 */ 1057 await huks.initSession(sm2KeyAlias, options) 1058 .then((data) => { 1059 handle = data.handle; 1060 }).catch((error: Error) => { 1061 console.error(`promise: init EncryptDataSm2 failed, ${JSON.stringify(error)}`); 1062 }) 1063 /* 1064 * 5. Call finishSession to obtain the ciphertext. 1065 */ 1066 await huks.finishSession(handle, options) 1067 .then((data) => { 1068 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1069 cipherData = data.outData as Uint8Array; 1070 }).catch((error: Error) => { 1071 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 1072 }) 1073} 1074 1075async function DecryptDataSm2() { 1076 /* 1077 * Simulate the decryption scenario. 1078 * 1. Obtain the key alias. 1079 */ 1080 /* 1081 * 2. Obtain the ciphertext to be decrypted. 1082 */ 1083 /* 1084 * 3. Obtain the algorithm parameters for decryption. 1085 */ 1086 let decryptOptions = GetSm2DecryptProperties() 1087 let options: huks.HuksOptions = { 1088 properties: decryptOptions, 1089 inData: cipherData 1090 } 1091 /* 1092 * 4. Call initSession to obtain a session handle. 1093 */ 1094 await huks.initSession(sm2KeyAlias, options) 1095 .then((data) => { 1096 handle = data.handle; 1097 }).catch((error: Error) => { 1098 console.error(`promise: init DecryptDataSm2 failed, ${JSON.stringify(error)}`); 1099 }) 1100 /* 1101 * 5. Call finishSession to obtain the decrypted data. 1102 */ 1103 await huks.finishSession(handle, options) 1104 .then((data) => { 1105 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1106 }).catch((error: Error) => { 1107 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 1108 }) 1109} 1110 1111async function DeleteKey() { 1112 /* 1113 * Simulate the key deletion scenario. 1114 * 1. Obtain the key alias. 1115 */ 1116 let emptyOptions: huks.HuksOptions = { 1117 properties: [] 1118 } 1119 /* 1120 * 2. Call deleteKeyItem to delete the key. 1121 */ 1122 await huks.deleteKeyItem(sm2KeyAlias, emptyOptions) 1123 .then((data) => { 1124 console.info(`promise: delete data success`); 1125 }).catch((error: Error) => { 1126 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 1127 }) 1128} 1129 1130export async function TestEncryptDecrypt() 1131{ 1132 await GenerateSm2Key(); 1133 await EncryptDataSm2(); 1134 await DecryptDataSm2(); 1135 await DeleteKey(); 1136} 1137``` 1138 1139<!--Del--> 1140### DES/CBC/NoPadding 1141 1142```ts 1143/* 1144 * The following uses DES/CBC/NoPadding with promise-based APIs as an example. 1145 */ 1146import { huks } from '@kit.UniversalKeystoreKit'; 1147 1148let desKeyAlias = 'test_desKeyAlias'; 1149let handle: number; 1150let plainText = '12345678'; 1151let IV = '12345678'; // Replace this example code with a random value in practice. 1152let cipherData: Uint8Array; 1153 1154function StringToUint8Array(str: string) { 1155 let arr: number[] = new Array(); 1156 for (let i = 0, j = str.length; i < j; ++i) { 1157 arr.push(str.charCodeAt(i)); 1158 } 1159 return new Uint8Array(arr); 1160} 1161 1162function Uint8ArrayToString(fileData: Uint8Array) { 1163 let dataString = ''; 1164 for (let i = 0; i < fileData.length; i++) { 1165 dataString += String.fromCharCode(fileData[i]); 1166 } 1167 return dataString; 1168} 1169 1170function GetDesGenerateProperties() { 1171 let properties: Array<huks.HuksParam> = [{ 1172 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 1173 value: huks.HuksKeyAlg.HUKS_ALG_DES 1174 }, { 1175 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 1176 value: huks.HuksKeySize.HUKS_DES_KEY_SIZE_64 1177 }, { 1178 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1179 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 1180 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 1181 }]; 1182 return properties; 1183} 1184 1185function GetDesEncryptProperties() { 1186 let properties: Array<huks.HuksParam> = [{ 1187 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 1188 value: huks.HuksKeyAlg.HUKS_ALG_DES 1189 }, { 1190 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 1191 value: huks.HuksKeySize.HUKS_DES_KEY_SIZE_64 1192 }, { 1193 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1194 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 1195 }, { 1196 tag: huks.HuksTag.HUKS_TAG_PADDING, 1197 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 1198 }, { 1199 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 1200 value: huks.HuksCipherMode.HUKS_MODE_CBC 1201 }, { 1202 tag: huks.HuksTag.HUKS_TAG_IV, 1203 value: StringToUint8Array(IV) 1204 }]; 1205 return properties; 1206} 1207 1208function GetDesDecryptProperties() { 1209 let properties: Array<huks.HuksParam> = [{ 1210 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 1211 value: huks.HuksKeyAlg.HUKS_ALG_DES 1212 }, { 1213 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 1214 value: huks.HuksKeySize.HUKS_DES_KEY_SIZE_64 1215 }, { 1216 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 1217 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 1218 }, { 1219 tag: huks.HuksTag.HUKS_TAG_PADDING, 1220 value: huks.HuksKeyPadding.HUKS_PADDING_NONE 1221 }, { 1222 tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 1223 value: huks.HuksCipherMode.HUKS_MODE_CBC 1224 }, { 1225 tag: huks.HuksTag.HUKS_TAG_IV, 1226 value: StringToUint8Array(IV) 1227 }]; 1228 return properties; 1229} 1230 1231async function GenerateDesKey() { 1232 /* 1233 * Simulate the key generation scenario. 1234 * 1. Set the key alias. 1235 */ 1236 /* 1237 * 2. Obtain the parameters for key generation. 1238 */ 1239 let genProperties = GetDesGenerateProperties(); 1240 let options: huks.HuksOptions = { 1241 properties: genProperties 1242 } 1243 /* 1244 * 3. Call generateKeyItem. 1245 */ 1246 await huks.generateKeyItem(desKeyAlias, options) 1247 .then((data) => { 1248 console.info(`promise: generate DES Key success, data = ${JSON.stringify(data)}`); 1249 }).catch((error: Error) => { 1250 console.error(`promise: generate DES Key failed, ${JSON.stringify(error)}`); 1251 }) 1252} 1253 1254async function EncryptData() { 1255 /* 1256 * Simulate the encryption scenario. 1257 * 1. Obtain the key alias. 1258 */ 1259 /* 1260 * 2. Obtain the data to be encrypted. 1261 */ 1262 /* 1263 * 3. Obtain the algorithm parameters for encryption. 1264 */ 1265 let encryptProperties = GetDesEncryptProperties(); 1266 let options: huks.HuksOptions = { 1267 properties: encryptProperties, 1268 inData: StringToUint8Array(plainText) 1269 } 1270 /* 1271 * 4. Call initSession to obtain a session handle. 1272 */ 1273 await huks.initSession(desKeyAlias, options) 1274 .then((data) => { 1275 handle = data.handle; 1276 }).catch((error: Error) => { 1277 console.error(`promise: init EncryptData failed, ${JSON.stringify(error)}`); 1278 }) 1279 /* 1280 * 5. Call finishSession to obtain the ciphertext. 1281 */ 1282 await huks.finishSession(handle, options) 1283 .then((data) => { 1284 console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1285 cipherData = data.outData as Uint8Array; 1286 }).catch((error: Error) => { 1287 console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 1288 }) 1289} 1290 1291async function DecryptData() { 1292 /* 1293 * Simulate the decryption scenario. 1294 * 1. Obtain the key alias. 1295 */ 1296 /* 1297 * 2. Obtain the ciphertext to be decrypted. 1298 */ 1299 /* 1300 * 3. Obtain the algorithm parameters for decryption. 1301 */ 1302 let decryptOptions = GetDesDecryptProperties() 1303 let options: huks.HuksOptions = { 1304 properties: decryptOptions, 1305 inData: cipherData 1306 } 1307 /* 1308 * 4. Call initSession to obtain a session handle. 1309 */ 1310 await huks.initSession(desKeyAlias, options) 1311 .then((data) => { 1312 handle = data.handle; 1313 }).catch((error: Error) => { 1314 console.error(`promise: init DecryptData failed, ${JSON.stringify(error)}`); 1315 }) 1316 /* 1317 * 5. Call finishSession to obtain the decrypted data. 1318 */ 1319 await huks.finishSession(handle, options) 1320 .then((data) => { 1321 console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1322 }).catch((error: Error) => { 1323 console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 1324 }) 1325} 1326 1327async function DeleteKey() { 1328 /* 1329 * Simulate the key deletion scenario. 1330 * 1. Obtain the key alias. 1331 */ 1332 let emptyOptions: huks.HuksOptions = { 1333 properties: [] 1334 } 1335 /* 1336 * 2. Call deleteKeyItem to delete the key. 1337 */ 1338 await huks.deleteKeyItem(desKeyAlias, emptyOptions) 1339 .then((data) => { 1340 console.info(`promise: delete data success`); 1341 }).catch((error: Error) => { 1342 console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 1343 }) 1344} 1345 1346export async function TestEncryptDecrypt() 1347{ 1348 await GenerateDesKey(); 1349 await EncryptData(); 1350 await DecryptData(); 1351 await DeleteKey(); 1352} 1353``` 1354<!--DelEnd--> 1355