1# @ohos.security.cert (证书模块) 2 3<!--Kit: Device Certificate Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @zxz--3--> 6<!--Designer: @lanming--> 7<!--Tester: @PAFT--> 8<!--Adviser: @zengyawen--> 9 10证书算法库框架提供证书相关接口。其中,依赖加解密算法库框架的基础算法能力的部分,详细接口说明可参考[cryptoFramework API参考](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md)。 11 12> **说明:** 13> 14> 本模块首批接口从API version 9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 15 16## 导入模块 17 18```ts 19import { cert } from '@kit.DeviceCertificateKit'; 20import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 21``` 22 23## CertResult 24 25 表示执行结果的枚举。 26 27 **系统能力:** SystemCapability.Security.Cert 28 29| 名称 | 值 | 说明 | 30| --------------------------------------| -------- | -----------------------------| 31| INVALID_PARAMS | 401 | 非法入参。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 32| NOT_SUPPORT | 801 | 操作不支持。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 33| ERR_OUT_OF_MEMORY | 19020001 | 内存错误。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 34| ERR_RUNTIME_ERROR | 19020002 | 运行时外部错误。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 35| ERR_PARAMETER_CHECK_FAILED<sup>20+</sup> | 19020003 | 参数检查失败。 <br> **原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 | 36| ERR_CRYPTO_OPERATION | 19030001 | 调用三方算法库API出错。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 37| ERR_CERT_SIGNATURE_FAILURE | 19030002 | 证书签名验证错误。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 38| ERR_CERT_NOT_YET_VALID | 19030003 | 证书尚未生效。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 39| ERR_CERT_HAS_EXPIRED | 19030004 | 证书过期。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 40| ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY | 19030005 | 无法获取证书的颁发者。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 41| ERR_KEYUSAGE_NO_CERTSIGN | 19030006 | 证书的秘钥用途不含证书签名。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 42| ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE | 19030007 | 证书的秘钥用途不含数字签名。<br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 43| ERR_MAYBE_WRONG_PASSWORD<sup>18+</sup> | 19030008 | 私钥密码错误。 <br> **原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 | 44 45## DataBlob 46buffer数组。 47 48 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 49 50 **系统能力:** SystemCapability.Security.Cert 51| 名称 | 类型 | 只读 | 可选 | 说明 | 52| -------------- | -------------- | ---- | ---- | ----------------| 53| data | Uint8Array | 否 | 否 | 数据。 | 54 55## DataArray 56 57buffer数组的列表。 58 59 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 60 61 **系统能力:** SystemCapability.Security.Cert 62| 名称 | 类型 | 只读 | 可选 | 说明 | 63| -------------- | -------------- | ---- | ---- | ----------------| 64| data | Array\<Uint8Array> | 否 | 否 | 数据列表。 | 65 66## EncodingFormat 67 68 表示证书编码格式的枚举。 69 70**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 71 72 **系统能力:** SystemCapability.Security.Cert 73 74| 名称 | 值 | 说明 | 75| ---------- | ------ | --------- | 76| FORMAT_DER | 0 | DER格式。 | 77| FORMAT_PEM | 1 | PEM格式。 | 78| FORMAT_PKCS7<sup>11+</sup> | 2 | PKCS7格式。 | 79 80## EncodingBaseFormat<sup>18+</sup> 81 82 表示生成CSR的编码格式的枚举。 83 84**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 85 86 **系统能力:** SystemCapability.Security.Cert 87 88| 名称 | 值 | 说明 | 89| ---------- | ------ | --------- | 90| PEM | 0 | PEM格式。 | 91| DER | 1 | DER格式。 | 92 93## CsrAttribute<sup>18+</sup> 94 表示生成CSR的编码格式配置参数中的扩展。 95 96openssl中规定了扩展类型,例如challengePassword、keyUsage等。 97 98**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 99 100 **系统能力:** SystemCapability.Security.Cert 101 102| 名称 | 类型 | 只读 | 可选 | 说明 | 103| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 104| type | string | 否 | 否 | openssl指定的扩展类型。 | 105| value | string | 否 | 否 | 扩展值。 | 106 107## CsrGenerationConfig<sup>18+</sup> 108RSA私钥生成CSR时的配置参数,包含主体、扩展、摘要算法、输出格式等。 109 110**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 111 112**系统能力:** SystemCapability.Security.Cert 113 114| 名称 | 类型 | 只读 | 可选 | 说明 | 115| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 116| subject | [X500DistinguishedName](#x500distinguishedname12) | 否 | 否 | X509定义的Name类型的对象。 | 117| mdName | string | 否 | 否 | 摘要算法名。 | 118| attributes | Array\<[CsrAttribute](#csrattribute18)> | 否 | 是 | 扩展。 | 119| outFormat | [EncodingBaseFormat](#encodingbaseformat18) | 否 | 是 | 输出类型。 | 120 121> **说明:** 122> 123> - subject是X509定义的Name类型的对象。 124> 125> - mdName是摘要算法名,当前支持SHA1、SHA256、SHA384、SHA512。 126> 127> - attributes是可选参数,可以指定openssl中规定的扩展类型跟扩展值生成CSR。例如challengePassword、keyUsage等。 128> 129> - outFormat指定输出CSR的格式,若不指定默认为PEM格式。 130 131## CertItemType<sup>10+</sup> 132 133 表示获取证书字段的枚举。 134 135**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 136 137 **系统能力:** SystemCapability.Security.Cert 138 139| 名称 | 值 | 说明 | 140| -------------------------------- | ---- | ------------------------------ | 141| CERT_ITEM_TYPE_TBS | 0 | 表示获取证书的待签名信息。 | 142| CERT_ITEM_TYPE_PUBLIC_KEY | 1 | 表示获取证书的公钥信息。 | 143| CERT_ITEM_TYPE_ISSUER_UNIQUE_ID | 2 | 表示获取证书的颁发者唯一编号。 | 144| CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID | 3 | 表示获取证书的主体唯一编号。 | 145| CERT_ITEM_TYPE_EXTENSIONS | 4 | 表示获取证书的扩展域信息。 | 146 147## ExtensionOidType<sup>10+</sup> 148 149 表示获取扩展域中对象标识符类型的枚举。 150 151 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 152 153 **系统能力:** SystemCapability.Security.Cert 154 155| 名称 | 值 | 说明 | 156| ----------------------------- | ---- | --------------------------------------------- | 157| EXTENSION_OID_TYPE_ALL | 0 | 表示获取扩展域中所有的对象标识符。 | 158| EXTENSION_OID_TYPE_CRITICAL | 1 | 表示获取扩展域中critical为true的对象标识符。 | 159| EXTENSION_OID_TYPE_UNCRITICAL | 2 | 表示获取扩展域中critical为false的对象标识符。 | 160 161## ExtensionEntryType<sup>10+</sup> 162 163 表示获取扩展域中对象类型的枚举。 164 165 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 166 167 **系统能力:** SystemCapability.Security.Cert 168 169| 名称 | 值 | 说明 | 170| ----------------------------------- | ---- | ---------------------------- | 171| EXTENSION_ENTRY_TYPE_ENTRY | 0 | 表示获取整个对象。 | 172| EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL | 1 | 表示获取对象的critical属性。 | 173| EXTENSION_ENTRY_TYPE_ENTRY_VALUE | 2 | 表示获取对象的数据。 | 174 175## EncodingType<sup>12+</sup> 176 177 表示获取编码格式的枚举。 178 179**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 180 181 **系统能力:** SystemCapability.Security.Cert 182 183| 名称 | 值 | 说明 | 184| ---------- | ------ | --------- | 185| ENCODING_UTF8 | 0 | UTF8编码格式。 | 186 187## EncodingBlob 188 189带编码格式的证书二进制数组。 190 191### 属性 192 193**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 194 195**系统能力:** SystemCapability.Security.Cert 196 197| 名称 | 类型 | 只读 | 可选 | 说明 | 198| -------------- | --------------------------------- | ---- | ---- | ------------------------------ | 199| data | Uint8Array | 否 | 否 | 传入的证书数据。 | 200| encodingFormat | [EncodingFormat](#encodingformat) | 否 | 否 | 指明证书编码格式。 | 201 202 203## CertChainData 204 205证书链数据,在证书链校验时,作为入参传入。 206 207### 属性 208 209**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 210 211**系统能力:** SystemCapability.Security.Cert 212 213| 名称 | 类型 | 只读 | 可选 | 说明 | 214| -------------- | --------------------------------- | ---- | ---- | ------------------------------------------------------------ | 215| data | Uint8Array | 否 | 否 | 证书数据,按照长度(2字节)-数据的形式传入。如:08ABCDEFGH07ABCDEFG,第一本证书,前2个字节表示证书的长度为8字节,后面附加8字节的证书数据;第2本证书前2个字节表示证书的长度为7字节,后面附加7字节的证书数据。 | 216| count | number | 否 | 否 | 传入的数据中,包含的证书数量。 | 217| encodingFormat | [EncodingFormat](#encodingformat) | 否 | 否 | 指明证书编码格式。 | 218 219## GeneralNameType<sup>12+</sup> 220 221表示证书主体用途的枚举。 222 223**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 224 225**系统能力:** SystemCapability.Security.Cert 226 227| 名称 | 值 | 说明 | 228| -------------- | --------------------------------- | ------------------ | 229| GENERAL_NAME_TYPE_OTHER_NAME | 0 | 表示其他名称。 | 230| GENERAL_NAME_TYPE_RFC822_NAME | 1 | 表示电子邮件地址。 | 231| GENERAL_NAME_TYPE_DNS_NAME | 2 | 表示一个DNS名称。 | 232| GENERAL_NAME_TYPE_X400_ADDRESS | 3 | 表示X.400地址。 | 233| GENERAL_NAME_TYPE_DIRECTORY_NAME | 4 | 表示一个目录名称。 | 234| GENERAL_NAME_TYPE_EDI_PARTY_NAME | 5 | 表示特定的EDI实体。 | 235| GENERAL_NAME_TYPE_UNIFORM_RESOURCE_ID | 6 | 表示一个统一资源标识符。 | 236| GENERAL_NAME_TYPE_IP_ADDRESS | 7 | 表示一个IP地址。 | 237| GENERAL_NAME_TYPE_REGISTERED_ID | 8 | 表示一个已注册的对象标识符。 | 238 239## GeneralName<sup>12+</sup> 240 241用于表示证书主体信息对象。 242 243**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 244 245**系统能力:** SystemCapability.Security.Cert 246 247| 名称 | 类型 | 只读 | 可选 |说明 | 248| -------------- | --------------------------------- | ---- | ---- |------------------ | 249| type | [GeneralNameType](#generalname12) | 否 | 否 | 指定具体的证书主体类型。 | 250| name | Uint8Array | 否 | 是 |指定具体的证书主体DER格式内容。 | 251 252## X509CertMatchParameters<sup>11+</sup> 253 254用于匹配证书的过滤参数。如果参数中任一项都未指定,则匹配所有证书。 255 256**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 257 258**系统能力:** SystemCapability.Security.Cert 259 260| 名称 | 类型 | 只读 | 可选 | 说明 | 261| -------------- | --------------------------------- | ---- | ---- |------------------ | 262| x509Cert | [X509Cert](#x509cert) | 否 | 是 | 指定具体的证书对象。 | 263| validDate | string | 否 | 是 |指定证书有效期。 | 264| issuer | Uint8Array | 否 | 是 |指定证书颁发者,为DER编码格式。 | 265| keyUsage | Array\<boolean> | 否 | 是 |指定是否需要匹配密钥用途。true为需要,false为不需要。 | 266| serialNumber | bigint | 否 | 是 |指定证书的序列号。 | 267| subject | Uint8Array | 否 | 是 |指定证书主题,DER编码格式。 | 268| publicKey | [DataBlob](#datablob) | 否 | 是 |指定证书公钥,DER编码格式。 | 269| publicKeyAlgID | string | 否 | 是 |指定证书公钥的算法。 | 270| subjectAlternativeNames<sup>12+</sup> | Array\<[GeneralName](#generalname12)> | 否 | 是 |指定证书主体名称。 | 271| matchAllSubjectAltNames<sup>12+</sup> | boolean | 否 | 是 |指定是否需要匹配证书主体名称。true为需要,false为不需要。 | 272| authorityKeyIdentifier<sup>12+</sup> | Uint8Array | 否 | 是 |指定证书颁发机构秘钥。 | 273| minPathLenConstraint<sup>12+</sup> | number | 否 | 是 |指定证书CA路径长度。 | 274| extendedKeyUsage<sup>12+</sup> | Array\<string> | 否 | 是 |指定证书扩展用途。 | 275| nameConstraints<sup>12+</sup> | Uint8Array | 否 | 是 |指定证书的使用者名称。 | 276| certPolicy<sup>12+</sup> | Array\<string> | 否 | 是 |指定证书策略。 | 277| privateKeyValid<sup>12+</sup> | string | 否 | 是 |指定证书私钥有效期。 | 278| subjectKeyIdentifier<sup>12+</sup> | Uint8Array | 否 | 是 |指定证书公钥。 | 279 280## X509CRLMatchParameters<sup>11+</sup> 281 282用于匹配证书吊销列表的过滤参数。如果参数中任一项都未指定,则匹配所有证书吊销列表。 283 284**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 285 286**系统能力:** SystemCapability.Security.Cert 287 288| 名称 | 类型 | 只读 | 可选 |说明 | 289| -------------- | --------------------------------- | ---- | ---- | ------------------ | 290| issuer | Array\<Uint8Array> | 否 | 是 |指定颁发者作为过滤条件, 至少要匹配到其中一个issuer。 | 291| x509Cert | [X509Cert](#x509cert) | 否 | 是 |指定具体的证书对象作为过滤条件, 判断该证书是否在CRL列表中。 | 292| updateDateTime<sup>12+</sup> | string | 否 | 是 |指定证书更新时间。 | 293| maxCRL<sup>12+</sup> | bigint | 否 | 是 |指定CRL个数最大值。 | 294| minCRL<sup>12+</sup> | bigint | 否 | 是 |指定CRL个数最小值。 | 295 296## CertChainBuildParameters<sup>12+</sup> 297 298用于指定证书链创建参数。 299 300**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 301 302**系统能力:** SystemCapability.Security.Cert 303 304| 名称 | 类型 | 只读 | 可选 |说明 | 305| -------------- | --------------------------------- | ---- | ---- | ------------------ | 306| certMatchParameters | [X509CertMatchParameters](#x509certmatchparameters11) | 否 | 否 |指定过滤条件。 | 307| maxLength | number | 否 | 是 |指定最终证书链中CA证书的最大长度。 | 308| validationParameters | [CertChainValidationParameters](#certchainvalidationparameters11) | 否 | 否 |指定验证条件。 | 309 310## CertChainBuildResult<sup>12+</sup> 311 312用于指定证书链创建结果。 313 314**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 315 316**系统能力:** SystemCapability.Security.Cert 317 318| 名称 | 类型 | 只读 | 可选 |说明 | 319| -------------- | --------------------------------- | ---- | ---- |------------------ | 320| certChain | [X509CertChain](#x509certchain11) | 是 | 否 |生成的证书链对象。 | 321| validationResult | [CertChainValidationResult](#certchainvalidationresult11) | 是 | 否 |指定最终证书链的最大长度。 | 322 323## X509TrustAnchor<sup>11+</sup> 324 325表示X509信任锚,用于校验证书链。使用信任锚中的证书或者公钥作为可信根,对证书链进行校验。 326 327**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 328 329**系统能力:** SystemCapability.Security.Cert 330 331| 名称 | 类型 | 只读 | 可选 | 说明 | 332| --------- | --------------------- | ---- | ---- | --------------------------- | 333| CACert | [X509Cert](#x509cert) | 否 | 是 | 信任的CA证书。 | 334| CAPubKey | Uint8Array | 否 | 是 | 信任的CA证书公钥,DER格式。 | 335| CASubject | Uint8Array | 否 | 是 | 信任的CA证书主题,DER格式。 | 336| nameConstraints<sup>12+</sup> | Uint8Array | 否 | 是 | 名称约束,DER格式。 | 337 338## RevocationCheckOptions<sup>12+</sup> 339 340 表示证书链在线校验证书吊销状态选项的枚举。 341 342 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 343 344 **系统能力:** SystemCapability.Security.Cert 345 346| 名称 | 值 | 说明 | 347| --------------------------------------| -------- | -----------------------------| 348| REVOCATION_CHECK_OPTION_PREFER_OCSP | 0 | 优先采用OCSP进行校验,默认采用CRL校验。 | 349| REVOCATION_CHECK_OPTION_ACCESS_NETWORK | 1 | 支持通过访问网络获取CRL或OCSP响应进行吊销状态的校验,默认为关闭。必须声明ohos.permission.INTERNET权限。 | 350| REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER | 2 | 当ACCESS_NETWORK选项打开时有效,如果优选的校验方法由于网络原因导致无法校验证书状态,则采用备选的方案进行校验。 | 351| REVOCATION_CHECK_OPTION_FALLBACK_LOCAL | 3 | 当ACCESS_NETWORK选项打开时有效,如果在线获取CRL和OCSP响应都由于网络的原因导致无法校验证书状态,则采用本地设置的CRL和OCSP响应进行校验。 | 352 353## ValidationPolicyType<sup>12+</sup> 354 355 表示证书链在线校验策略的枚举。 356 357 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 358 359 **系统能力:** SystemCapability.Security.Cert 360 361| 名称 | 值 | 说明 | 362| --------------------------------------| -------- | -----------------------------| 363| VALIDATION_POLICY_TYPE_X509 | 0 | 默认值,不需要校验证书中的sslHostname或dNSName。 | 364| VALIDATION_POLICY_TYPE_SSL | 1 | 需要校验证书中的sslHostname或dNSName。 | 365 366## KeyUsageType<sup>12+</sup> 367 368 表示证书中密钥用途的枚举。 369 370 **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 371 372 **系统能力:** SystemCapability.Security.Cert 373 374| 名称 | 值 | 说明 | 375| --------------------------------------| -------- | -----------------------------| 376| KEYUSAGE_DIGITAL_SIGNATURE | 0 | 证书持有者可以用证书中包含的私钥进行数字签名操作。 | 377| KEYUSAGE_NON_REPUDIATION | 1 | 证书持有者不可否认使用证书中包含的私钥进行的数字签名操作。 | 378| KEYUSAGE_KEY_ENCIPHERMENT | 2 | 证书持有者可以使用证书中包含的公钥进行密钥加密操作。 | 379| KEYUSAGE_DATA_ENCIPHERMENT | 3 | 证书持有者可以使用证书中包含的公钥进行数据加密操作。 | 380| KEYUSAGE_KEY_AGREEMENT | 4 | 证书持有者可以使用证书中包含的私钥进行密钥协商操作。 | 381| KEYUSAGE_KEY_CERT_SIGN | 5 | 证书持有者可以使用证书中包含的私钥对其他证书进行签名。 | 382| KEYUSAGE_CRL_SIGN | 6 | 证书持有者可以使用证书中包含的私钥对证书吊销列表(CRL)进行签名。 | 383| KEYUSAGE_ENCIPHER_ONLY | 7 | 证书持有者只能进行加密操作,不能进行解密操作。 | 384| KEYUSAGE_DECIPHER_ONLY | 8 | 证书持有者只能进行解密操作,不能进行加密操作。 | 385 386## RevocationCheckParameter<sup>12+</sup> 387 388表示证书链校验证书吊销状态的参数。 389 390**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 391 392**系统能力:** SystemCapability.Security.Cert 393 394| 名称 | 类型 | 只读 | 可选 |说明 | 395| ------------ | ------------------------------------------------- | ---- | ---- |-------------------------------------- | 396| ocspRequestExtension | Array\<Uint8Array> | 否 | 是 |表示发送OCSP请求的扩展字段。| 397| ocspResponderURI | string | 否 | 是 |表示用于OCSP请求的备选服务器URL地址,支持HTTP/HTTPS,具体配置由与服务器协商决定。 | 398| ocspResponderCert | [X509Cert](#x509cert) | 否 | 是 |表示用于OCSP响应的签名校验的签名证书。 | 399| ocspResponses | Uint8Array | 否 | 是 |表示用于OCSP服务器响应的备选数据。 | 400| crlDownloadURI | string | 否 | 是 |表示用于CRL请求的备选下载地址。 | 401| options | Array\<[RevocationCheckOptions](#revocationcheckoptions12)> | 否 | 是 |表示证书吊销状态查询的策略组合。 | 402| ocspDigest | string | 否 | 是 |表示OCSP通信时创建证书ID使用的哈希算法。默认为SHA256,支持可配置MD5、SHA1、SHA224、SHA256、SHA384、SHA512算法。 | 403 404## CertChainValidationParameters<sup>11+</sup> 405 406表示证书链校验的参数。 407 408**系统能力:** SystemCapability.Security.Cert 409 410| 名称 | 类型 | 只读 | 可选 |说明 | 411| ------------ | ------------------------------------------------- | ---- | ---- |-------------------------------------- | 412| date | string | 否 | 是 |表示需要校验证书的有效期。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 413| trustAnchors | Array\<[X509TrustAnchor](#x509trustanchor11)> | 否 | 否 |表示信任锚列表。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 414| trustSystemCa<sup>20+</sup>| boolean | 否 | 是 |表示需要使用系统预置CA证书校验证书链。<br> **原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 | 415| certCRLs | Array\<[CertCRLCollection](#certcrlcollection11)> | 否 | 是 |表示需要校验证书是否在证书吊销列表中。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。| 416| revocationCheckParam<sup>12+</sup> | [RevocationCheckParameter](#revocationcheckparameter12) | 否 | 是 |表示需要在线校验证证书吊销状态的参数对象。<br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 417| policy<sup>12+</sup> | [ValidationPolicyType](#validationpolicytype12) | 否 | 是 |表示需要校验证书的策略类型。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。| 418| sslHostname<sup>12+</sup> | string | 否 | 是 |表示需要校验证书中主机名,与policy配合使用。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。| 419| keyUsage<sup>12+</sup> | Array\<[KeyUsageType](#keyusagetype12)> | 否 | 是 |表示需要校验证书中的密钥用途。 <br> **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。| 420 421 422## CertChainValidationResult<sup>11+</sup> 423 424表示证书链校验的返回值。 425 426**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 427 428**系统能力:** SystemCapability.Security.Cert 429 430| 名称 | 类型 | 只读 | 可选 | 说明 | 431| ----------- | ------------------------------------- | ---- | ---- | -------------- | 432| trustAnchor | [X509TrustAnchor](#x509trustanchor11) | 是 | 否 | 表示信任锚。 | 433| entityCert | [X509Cert](#x509cert) | 是 | 否 | 表示实体证书。 | 434 435## EncodingBaseFormat<sup>18+</sup> 436 437编码基础格式。 438 439**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 440 441**系统能力:** SystemCapability.Security.Cert 442 443| 名称 | 值 | 说明 | 444| ---- | --- | ------------------ | 445| PEM | 0 | 表示PEM格式。 | 446| DER | 1 | 表示DER格式。 | 447 448## Pkcs12Data<sup>18+</sup> 449 450表示返回P12文件的解析后的证书、私钥及其他证书合集。 451 452**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 453 454**系统能力:** SystemCapability.Security.Cert 455 456| 名称 | 类型 | 只读 | 可选 |说明 | 457| ------------ | ------------------------------------------------- | ---- | ---- |-------------------------------------- | 458| privateKey | string \| Uint8Array | 否 | 是 |表示P12文件解析后的私钥。 | 459| cert | [X509Cert](#x509cert) | 否 | 是 |表示P12文件解析后的证书。 | 460| otherCerts | Array\<[X509Cert](#x509cert)> | 否 | 是 |表示P12文件解析后的其他证书合集。 | 461 462## Pkcs12ParsingConfig<sup>18+</sup> 463 464表示解析P12文件的配置。 465 466**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 467 468**系统能力:** SystemCapability.Security.Cert 469 470| 名称 | 类型 | 只读 | 可选 | 说明 | 471| ------------ | ------------------------------------------------- | ---- | ---- |-------------------------------------- | 472| password | string | 否 | 否 |表示P12文件的密码。 | 473| needsPrivateKey | boolean | 否 | 是 |表示是否获取私钥。默认为true。true为获取,false为不获取。 | 474| privateKeyFormat | [EncodingBaseFormat](#encodingbaseformat18) | 否 | 是 |表示获取私钥的格式。默认为PEM。 | 475| needsCert | boolean | 否 | 是 |表示是否获取证书。默认为true。true为获取,false为不获取。 | 476| needsOtherCerts | boolean | 否 | 是 |表示是否获取其他证书合集。默认为false。true为获取,false为不获取。 | 477 478## CmsContentType<sup>18+</sup> 479 480表示Cms内容类型的枚举。 481 482**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 483 484**系统能力:** SystemCapability.Security.Cert 485 486| 名称 | 值 | 说明 | 487| --------------------------------------| -------- | -----------------------------| 488| SIGNED_DATA | 0 | 签名数据。 | 489 490## CmsContentDataFormat<sup>18+</sup> 491 492表示Cms内容数据格式的枚举。 493 494**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 495 496**系统能力:** SystemCapability.Security.Cert 497 498| 名称 | 值 | 说明 | 499| ------ | --- | ------------------------ | 500| BINARY | 0 | 表示二进制数据格式。 | 501| TEXT | 1 | 表示文本数据格式。 | 502 503## CmsFormat<sup>18+</sup> 504 505表示Cms签名格式的枚举。 506 507**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 508 509**系统能力:** SystemCapability.Security.Cert 510 511| 名称 | 值 | 说明 | 512| ---- | --- | ------------------ | 513| PEM | 0 | 表示PEM格式。 | 514| DER | 1 | 表示DER格式。 | 515 516## PrivateKeyInfo<sup>18+</sup> 517 518表示私钥信息。 519 520**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 521 522**系统能力:** SystemCapability.Security.Cert 523 524| 名称 | 类型 | 只读 | 可选 |说明 | 525| ------------ | ------------------------------------------------- | ---- | ---- | -------------------------------------- | 526| key | string \| Uint8Array | 否 | 否 |未加密或加密的私钥,支持PEM或DER格式。 | 527| password | string | 否 | 是 |私钥的密码,如果私钥是加密的。 | 528 529## CmsSignerConfig<sup>18+</sup> 530 531表示Cms签名者的配置选项。 532 533**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 534 535**系统能力:** SystemCapability.Security.Cert 536 537| 名称 | 类型 | 只读 | 可选 |说明 | 538| ------------ | ------------------------------------------------- | ---- | ---- |-------------------------------------- | 539| mdName | string | 否 | 否 |消息摘要算法的名称,例如 "SHA384", 当前支持"SHA1"、"SHA256"、"SHA384"、"SHA512"。 | 540| addCert | boolean | 否 | 是 |是否添加证书。默认为true。true为需要,false为不需要。 | 541| addAttr | boolean | 否 | 是 |是否添加签名属性。默认为true。true为需要,false为不需要。 | 542| addSmimeCapAttr | boolean | 否 | 是 |是否将SMIME能力添加到Cms对象。默认为true。true为需要,false为不需要。 | 543 544## CmsGeneratorOptions<sup>18+</sup> 545 546表示生成Cms签名结果的配置选项。 547 548**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 549 550**系统能力:** SystemCapability.Security.Cert 551 552| 名称 | 类型 | 只读 | 可选 |说明 | 553| --------------------- | ----------------------------- | ---- | ---- |------------------------------------------------------ | 554| contentDataFormat | [CmsContentDataFormat](#cmscontentdataformat18) | 否 | 是 |内容数据的格式。默认为CmsContentDataFormat.BINARY。 | 555| outFormat | [CmsFormat](#cmsformat18) | 否 |是 | Cms最终数据的输出格式。默认为DER。 | 556| isDetached | boolean | 否 |是 | Cms最终数据是否不包含原始数据。默认为false。true为包含,false为不包含。 | 557 558## cert.createX509Cert 559 560createX509Cert(inStream : EncodingBlob, callback : AsyncCallback\<X509Cert>) : void 561 562表示创建X509证书对象,使用Callback回调异步返回结果。 563 564**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 565 566**系统能力:** SystemCapability.Security.Cert 567 568**参数:** 569 570| 参数名 | 类型 | 必填 | 说明 | 571| -------- | ------------------------------------- | ---- | -------------------------- | 572| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 573| callback | AsyncCallback\<[X509Cert](#x509cert)> | 是 | 回调函数,表示X509证书对象。 | 574 575**错误码:** 576 577以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 578 579| 错误码ID | 错误信息 | 580| -------- | ------------- | 581| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 582| 801 | this operation is not supported. | 583| 19020001 | memory malloc failed. | 584| 19030001 | crypto operation error. | 585 586**示例:** 587 588```ts 589import { cert } from '@kit.DeviceCertificateKit'; 590 591// string转Uint8Array。 592function stringToUint8Array(str: string): Uint8Array { 593 let arr: Array<number> = []; 594 for (let i = 0, j = str.length; i < j; i++) { 595 arr.push(str.charCodeAt(i)); 596 } 597 return new Uint8Array(arr); 598} 599 600// 证书二进制数据,需业务自行赋值。 601let certData = '-----BEGIN CERTIFICATE-----\n' + 602 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 603 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 604 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 605 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 606 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 607 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 608 'Qw==\n' + 609 '-----END CERTIFICATE-----\n'; 610 611let encodingBlob: cert.EncodingBlob = { 612 data: stringToUint8Array(certData), 613 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 614 encodingFormat: cert.EncodingFormat.FORMAT_PEM 615}; 616 617cert.createX509Cert(encodingBlob, (error, x509Cert) => { 618 if (error) { 619 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 620 } else { 621 console.log('createX509Cert success'); 622 } 623}); 624``` 625 626## cert.createX509Cert 627 628createX509Cert(inStream : EncodingBlob) : Promise\<X509Cert> 629 630表示创建X509证书对象,使用Promise方式异步返回结果。 631 632**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 633 634**系统能力:** SystemCapability.Security.Cert 635 636**参数:** 637 638| 参数名 | 类型 | 必填 | 说明 | 639| -------- | ----------------------------- | ---- | ------------------ | 640| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 641 642**返回值:** 643 644| 类型 | 说明 | 645| ------- | ---------------- | 646| Promise\<[X509Cert](#x509cert)> | 表示X509证书对象。 | 647 648**错误码:** 649 650以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 651 652| 错误码ID | 错误信息 | 653| -------- | ------------- | 654| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 655| 801 | this operation is not supported. | 656| 19020001 | memory malloc failed. | 657| 19030001 | crypto operation error. | 658 659**示例:** 660 661```ts 662import { cert } from '@kit.DeviceCertificateKit'; 663import { BusinessError } from '@kit.BasicServicesKit'; 664 665// string转Uint8Array。 666function stringToUint8Array(str: string): Uint8Array { 667 let arr: Array<number> = []; 668 for (let i = 0, j = str.length; i < j; i++) { 669 arr.push(str.charCodeAt(i)); 670 } 671 return new Uint8Array(arr); 672} 673 674// 证书二进制数据,需业务自行赋值。 675let certData = '-----BEGIN CERTIFICATE-----\n' + 676 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 677 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 678 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 679 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 680 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 681 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 682 'Qw==\n' + 683 '-----END CERTIFICATE-----\n'; 684 685let encodingBlob: cert.EncodingBlob = { 686 data: stringToUint8Array(certData), 687 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 688 encodingFormat: cert.EncodingFormat.FORMAT_PEM 689}; 690 691cert.createX509Cert(encodingBlob).then(x509Cert => { 692 console.log('createX509Cert success'); 693}).catch((error: BusinessError) => { 694 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 695}); 696``` 697 698## X509Cert 699 700X509证书类。 701 702### verify 703 704verify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 705 706表示对证书验签,使用Callback回调异步返回结果。 707 708**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 709 710**系统能力:** SystemCapability.Security.Cert 711 712**参数:** 713 714| 参数名 | 类型 | 必填 | 说明 | 715| -------- | --------------------- | ---- | ------------------------------------------------------------ | 716| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 用于验签的公钥对象。 | 717| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,不为null表示失败。 | 718 719**错误码:** 720 721以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 722 723| 错误码ID | 错误信息 | 724| -------- | ------------------ | 725| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 726| 19030001 | crypto operation error. | 727 728**示例:** 729 730```ts 731import { cert } from '@kit.DeviceCertificateKit'; 732import { BusinessError } from '@kit.BasicServicesKit'; 733 734// string转Uint8Array。 735function stringToUint8Array(str: string): Uint8Array { 736 let arr: Array<number> = []; 737 for (let i = 0, j = str.length; i < j; i++) { 738 arr.push(str.charCodeAt(i)); 739 } 740 return new Uint8Array(arr); 741} 742 743// 证书二进制数据,需业务自行赋值。 744let certData = '-----BEGIN CERTIFICATE-----\n' + 745 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 746 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 747 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 748 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 749 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 750 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 751 'Qw==\n' + 752 '-----END CERTIFICATE-----\n'; 753 754let encodingBlob: cert.EncodingBlob = { 755 data: stringToUint8Array(certData), 756 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 757 encodingFormat: cert.EncodingFormat.FORMAT_PEM 758}; 759 760cert.createX509Cert(encodingBlob, (error, x509Cert) => { 761 if (error) { 762 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 763 } else { 764 console.log('createX509Cert success'); 765 766 // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey。 767 try { 768 let pubKey = x509Cert.getPublicKey(); 769 770 // 验证证书签名。 771 x509Cert.verify(pubKey, (err, data) => { 772 if (err) { 773 console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 774 } else { 775 console.log('verify success'); 776 } 777 }); 778 } catch (error) { 779 let e: BusinessError = error as BusinessError; 780 console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 781 } 782 } 783}); 784``` 785 786### verify 787 788verify(key : cryptoFramework.PubKey) : Promise\<void> 789 790表示对证书验签,使用Promise方式异步返回结果。 791 792**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 793 794**系统能力:** SystemCapability.Security.Cert 795 796**参数:** 797 798| 参数名 | 类型 | 必填 | 说明 | 799| ------ | ------ | ---- | ------------------ | 800| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 用于验签的公钥对象。 | 801 802**返回值:** 803 804| 类型 | 说明 | 805| -------------- | ----------- | 806| Promise\<void> | Promise对象。 | 807 808**错误码:** 809 810以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 811 812| 错误码ID | 错误信息 | 813| -------- | ------------------ | 814| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 815| 19030001 | crypto operation error. | 816 817**示例:** 818 819```ts 820import { cert } from '@kit.DeviceCertificateKit'; 821import { BusinessError } from '@kit.BasicServicesKit'; 822 823// string转Uint8Array。 824function stringToUint8Array(str: string): Uint8Array { 825 let arr: Array<number> = []; 826 for (let i = 0, j = str.length; i < j; i++) { 827 arr.push(str.charCodeAt(i)); 828 } 829 return new Uint8Array(arr); 830} 831 832// 证书二进制数据,需业务自行赋值。 833let certData = '-----BEGIN CERTIFICATE-----\n' + 834 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 835 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 836 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 837 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 838 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 839 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 840 'Qw==\n' + 841 '-----END CERTIFICATE-----\n'; 842 843let encodingBlob: cert.EncodingBlob = { 844 data: stringToUint8Array(certData), 845 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 846 encodingFormat: cert.EncodingFormat.FORMAT_PEM 847}; 848 849cert.createX509Cert(encodingBlob).then(x509Cert => { 850 console.log('createX509Cert success'); 851 852 try { 853 // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey。 854 let pubKey = x509Cert.getPublicKey(); 855 x509Cert.verify(pubKey).then(result => { 856 console.log('verify success'); 857 }).catch((error: BusinessError) => { 858 console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 859 }); 860 } catch (err) { 861 console.error('get public key failed'); 862 } 863}).catch((error: BusinessError) => { 864 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 865}); 866``` 867 868### getEncoded 869 870getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 871 872表示获取X509证书序列化数据,使用Callback回调异步返回结果。 873 874**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 875 876**系统能力:** SystemCapability.Security.Cert 877 878**参数**: 879 880| 参数名 | 类型 | 必填 | 说明 | 881| -------- | --------------------------------------------- | ---- | -------------------------------- | 882| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示X509证书序列化数据。 | 883 884**错误码:** 885 886以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 887 888| 错误码ID | 错误信息 | 889| -------- | ------------------------------------------------- | 890| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 891| 19020001 | memory malloc failed. | 892| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 893| 19030001 | crypto operation error.| 894 895**示例:** 896 897```ts 898import { cert } from '@kit.DeviceCertificateKit'; 899 900// string转Uint8Array。 901function stringToUint8Array(str: string): Uint8Array { 902 let arr: Array<number> = []; 903 for (let i = 0, j = str.length; i < j; i++) { 904 arr.push(str.charCodeAt(i)); 905 } 906 return new Uint8Array(arr); 907} 908 909// 证书二进制数据,需业务自行赋值。 910let certData = '-----BEGIN CERTIFICATE-----\n' + 911 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 912 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 913 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 914 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 915 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 916 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 917 'Qw==\n' + 918 '-----END CERTIFICATE-----\n'; 919 920let encodingBlob: cert.EncodingBlob = { 921 data: stringToUint8Array(certData), 922 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 923 encodingFormat: cert.EncodingFormat.FORMAT_PEM 924}; 925 926cert.createX509Cert(encodingBlob, (error, x509Cert) => { 927 if (error) { 928 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 929 } else { 930 console.log('createX509Cert success'); 931 x509Cert.getEncoded((error, data) => { 932 if (error) { 933 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 934 } else { 935 console.log('getEncoded success'); 936 } 937 }); 938 } 939}); 940``` 941 942### getEncoded 943 944getEncoded() : Promise\<EncodingBlob> 945 946表示获取X509证书序列化数据,使用Promise方式异步返回结果。 947 948**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 949 950**系统能力:** SystemCapability.Security.Cert 951 952**返回值**: 953 954| 类型 | 说明 | 955| --------------------------------------- | ---------------------- | 956| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书序列化数据。 | 957 958**错误码:** 959 960以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 961 962| 错误码ID | 错误信息 | 963| -------- | ------------------------------------------------- | 964| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 965| 19020001 | memory malloc failed. | 966| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 967| 19030001 | crypto operation error.| 968 969**示例:** 970 971```ts 972import { cert } from '@kit.DeviceCertificateKit'; 973import { BusinessError } from '@kit.BasicServicesKit'; 974 975// string转Uint8Array。 976function stringToUint8Array(str: string): Uint8Array { 977 let arr: Array<number> = []; 978 for (let i = 0, j = str.length; i < j; i++) { 979 arr.push(str.charCodeAt(i)); 980 } 981 return new Uint8Array(arr); 982} 983 984// 证书二进制数据,需业务自行赋值。 985let certData = '-----BEGIN CERTIFICATE-----\n' + 986 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 987 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 988 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 989 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 990 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 991 '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 992 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 993 '-----END CERTIFICATE-----\n'; 994 995// 证书二进制数据,需业务自行赋值。 996let encodingBlob: cert.EncodingBlob = { 997 data: stringToUint8Array(certData), 998 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 999 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1000}; 1001cert.createX509Cert(encodingBlob).then(x509Cert => { 1002 console.log('createX509Cert success'); 1003 x509Cert.getEncoded().then(result => { 1004 console.log('getEncoded success'); 1005 }).catch((error: BusinessError) => { 1006 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1007 }); 1008}).catch((error: BusinessError) => { 1009 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1010}); 1011``` 1012 1013### getPublicKey 1014 1015getPublicKey() : cryptoFramework.PubKey 1016 1017表示获取X509证书公钥。 1018 1019**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1020 1021**系统能力:** SystemCapability.Security.Cert 1022 1023**返回值**: 1024 1025| 类型 | 说明 | 1026| ------ | ---------------- | 1027| [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | X509证书公钥对象:仅用于X509Cert的verify接口。 | 1028 1029**错误码:** 1030 1031以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1032 1033| 错误码ID | 错误信息 | 1034| -------- | ------------------------------------------------- | 1035| 19020001 | memory malloc failed. | 1036| 19030001 | crypto operation error.| 1037 1038**示例:** 1039 1040```ts 1041import { cert } from '@kit.DeviceCertificateKit'; 1042import { BusinessError } from '@kit.BasicServicesKit'; 1043 1044// string转Uint8Array。 1045function stringToUint8Array(str: string): Uint8Array { 1046 let arr: Array<number> = []; 1047 for (let i = 0, j = str.length; i < j; i++) { 1048 arr.push(str.charCodeAt(i)); 1049 } 1050 return new Uint8Array(arr); 1051} 1052 1053// 证书二进制数据,需业务自行赋值。 1054let certData = '-----BEGIN CERTIFICATE-----\n' + 1055 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1056 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1057 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1058 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1059 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1060 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1061 'Qw==\n' + 1062 '-----END CERTIFICATE-----\n'; 1063 1064let encodingBlob: cert.EncodingBlob = { 1065 data: stringToUint8Array(certData), 1066 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1067 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1068}; 1069 1070cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1071 if (error) { 1072 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1073 } else { 1074 console.log('createX509Cert success'); 1075 try { 1076 let pubKey = x509Cert.getPublicKey(); 1077 } catch (error) { 1078 let e: BusinessError = error as BusinessError; 1079 console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1080 } 1081 } 1082}); 1083``` 1084 1085### checkValidityWithDate 1086 1087checkValidityWithDate(date: string) : void 1088 1089表示检查X509证书有效期。 1090 1091**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1092 1093**系统能力:** SystemCapability.Security.Cert 1094 1095**参数**: 1096 1097| 参数名 | 类型 | 必填 | 说明 | 1098| -------- | -------------- | ---- | ---------- | 1099| date | string | 是 | 日期,为ASN.1时间格式。 | 1100 1101**错误码:** 1102 1103以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1104 1105| 错误码ID | 错误信息 | 1106| -------- | ------------------------------------------------- | 1107| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1108| 19020001 | memory malloc failed. | 1109| 19030001 | crypto operation error.| 1110| 19030003 | the certificate has not taken effect. | 1111| 19030004 | the certificate has expired.| 1112 1113**示例:** 1114 1115```ts 1116import { cert } from '@kit.DeviceCertificateKit'; 1117import { BusinessError } from '@kit.BasicServicesKit'; 1118 1119// string转Uint8Array。 1120function stringToUint8Array(str: string): Uint8Array { 1121 let arr: Array<number> = []; 1122 for (let i = 0, j = str.length; i < j; i++) { 1123 arr.push(str.charCodeAt(i)); 1124 } 1125 return new Uint8Array(arr); 1126} 1127 1128// 证书二进制数据,需业务自行赋值。 1129let certData = '-----BEGIN CERTIFICATE-----\n' + 1130 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1131 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1132 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1133 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1134 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1135 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1136 'Qw==\n' + 1137 '-----END CERTIFICATE-----\n'; 1138 1139let encodingBlob: cert.EncodingBlob = { 1140 data: stringToUint8Array(certData), 1141 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1142 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1143}; 1144 1145cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1146 if (error) { 1147 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1148 } else { 1149 console.log('createX509Cert success'); 1150 1151 let date = '231001000001Z'; 1152 // Verify the certificate validity period. 1153 try { 1154 x509Cert.checkValidityWithDate(date); 1155 } catch (error) { 1156 let e: BusinessError = error as BusinessError; 1157 console.error('checkValidityWithDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1158 } 1159 } 1160}); 1161``` 1162 1163### getVersion 1164 1165getVersion() : number 1166 1167表示获取X509证书版本。 1168 1169**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1170 1171**系统能力:** SystemCapability.Security.Cert 1172 1173**返回值**: 1174 1175| 类型 | 说明 | 1176| ------ | ---------------- | 1177| number | 表示X509证书版本。 | 1178 1179**示例:** 1180 1181```ts 1182import { cert } from '@kit.DeviceCertificateKit'; 1183 1184// string转Uint8Array。 1185function stringToUint8Array(str: string): Uint8Array { 1186 let arr: Array<number> = []; 1187 for (let i = 0, j = str.length; i < j; i++) { 1188 arr.push(str.charCodeAt(i)); 1189 } 1190 return new Uint8Array(arr); 1191} 1192 1193// 证书二进制数据,需业务自行赋值。 1194let certData = '-----BEGIN CERTIFICATE-----\n' + 1195 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1196 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1197 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1198 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1199 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1200 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1201 'Qw==\n' + 1202 '-----END CERTIFICATE-----\n'; 1203 1204let encodingBlob: cert.EncodingBlob = { 1205 data: stringToUint8Array(certData), 1206 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1207 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1208}; 1209cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1210 if (error) { 1211 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1212 } else { 1213 console.log('createX509Cert success'); 1214 let version = x509Cert.getVersion(); 1215 } 1216}); 1217``` 1218 1219### getSerialNumber<sup>(deprecated)</sup> 1220 1221getSerialNumber() : number 1222 1223表示获取X509证书序列号。 1224 1225> **说明:** 1226> 1227> 从API version 9开始支持,从API version 10开始废弃,建议使用[getCertSerialNumber](#getcertserialnumber10)替代。 1228 1229**系统能力:** SystemCapability.Security.Cert 1230 1231**返回值**: 1232 1233| 类型 | 说明 | 1234| ------ | ------------------ | 1235| number | 表示X509证书序列号。 | 1236 1237**示例:** 1238 1239```ts 1240import { cert } from '@kit.DeviceCertificateKit'; 1241 1242// string转Uint8Array。 1243function stringToUint8Array(str: string): Uint8Array { 1244 let arr: Array<number> = []; 1245 for (let i = 0, j = str.length; i < j; i++) { 1246 arr.push(str.charCodeAt(i)); 1247 } 1248 return new Uint8Array(arr); 1249} 1250 1251// 证书二进制数据,需业务自行赋值。 1252let certData = '-----BEGIN CERTIFICATE-----\n' + 1253 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1254 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1255 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1256 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1257 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1258 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1259 'Qw==\n' + 1260 '-----END CERTIFICATE-----\n'; 1261 1262let encodingBlob: cert.EncodingBlob = { 1263 data: stringToUint8Array(certData), 1264 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1265 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1266}; 1267 1268cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1269 if (error) { 1270 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1271 } else { 1272 console.log('createX509Cert success'); 1273 let serialNumber = x509Cert.getSerialNumber(); 1274 } 1275}); 1276``` 1277 1278### getCertSerialNumber<sup>10+</sup> 1279 1280getCertSerialNumber() : bigint 1281 1282表示获取X509证书序列号。 1283 1284**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1285 1286**系统能力:** SystemCapability.Security.Cert 1287 1288**返回值**: 1289 1290| 类型 | 说明 | 1291| ------ | ------------------ | 1292| bigint | 表示X509证书序列号。 | 1293 1294**错误码:** 1295 1296以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1297 1298| 错误码ID | 错误信息 | 1299| -------- | ------------------------------------------------- | 1300| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1301 1302**示例:** 1303 1304```ts 1305import { cert } from '@kit.DeviceCertificateKit'; 1306import { BusinessError } from '@kit.BasicServicesKit'; 1307 1308// string转Uint8Array。 1309function stringToUint8Array(str: string): Uint8Array { 1310 let arr: Array<number> = []; 1311 for (let i = 0, j = str.length; i < j; i++) { 1312 arr.push(str.charCodeAt(i)); 1313 } 1314 return new Uint8Array(arr); 1315} 1316 1317// 证书二进制数据,需业务自行赋值。 1318let certData = '-----BEGIN CERTIFICATE-----\n' + 1319 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1320 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1321 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1322 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1323 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1324 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1325 'Qw==\n' + 1326 '-----END CERTIFICATE-----\n'; 1327 1328let encodingBlob: cert.EncodingBlob = { 1329 data: stringToUint8Array(certData), 1330 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1331 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1332}; 1333 1334cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1335 if (error) { 1336 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1337 } else { 1338 console.log('createX509Cert success'); 1339 try { 1340 let serialNumber = x509Cert.getCertSerialNumber(); 1341 } catch (err) { 1342 let e: BusinessError = err as BusinessError; 1343 console.error('getCertSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1344 } 1345 } 1346}); 1347``` 1348 1349### getIssuerName 1350 1351getIssuerName() : DataBlob 1352 1353表示获取X509证书颁发者名称。 1354 1355> **说明:** 1356> 1357> 获取到的X509证书颁发者名称数据带字符串结束符。 1358 1359**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1360 1361**系统能力:** SystemCapability.Security.Cert 1362 1363**返回值**: 1364 1365| 类型 | 说明 | 1366| --------------------- | ---------------------- | 1367| [DataBlob](#datablob) | 表示X509证书颁发者名称。 | 1368 1369**错误码:** 1370 1371以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1372 1373| 错误码ID | 错误信息 | 1374| -------- | ------------------------------------------------- | 1375| 19020001 | memory malloc failed. | 1376| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1377| 19030001 | crypto operation error.| 1378 1379**示例:** 1380 1381```ts 1382import { cert } from '@kit.DeviceCertificateKit'; 1383import { BusinessError } from '@kit.BasicServicesKit'; 1384 1385// string转Uint8Array。 1386function stringToUint8Array(str: string): Uint8Array { 1387 let arr: Array<number> = []; 1388 for (let i = 0, j = str.length; i < j; i++) { 1389 arr.push(str.charCodeAt(i)); 1390 } 1391 return new Uint8Array(arr); 1392} 1393 1394// 证书二进制数据,需业务自行赋值。 1395let certData = '-----BEGIN CERTIFICATE-----\n' + 1396 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1397 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1398 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1399 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1400 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1401 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1402 'Qw==\n' + 1403 '-----END CERTIFICATE-----\n'; 1404 1405let encodingBlob: cert.EncodingBlob = { 1406 data: stringToUint8Array(certData), 1407 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1408 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1409}; 1410 1411cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1412 if (error) { 1413 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1414 } else { 1415 console.log('createX509Cert success'); 1416 try { 1417 let issuerName = x509Cert.getIssuerName(); 1418 } catch (err) { 1419 let e: BusinessError = err as BusinessError; 1420 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1421 } 1422 } 1423}); 1424``` 1425 1426### getIssuerName<sup>20+</sup> 1427 1428getIssuerName(encodingType: EncodingType): string 1429 1430根据编码类型获取X509证书颁发者名称。 1431 1432**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 1433 1434**系统能力:** SystemCapability.Security.Cert 1435 1436**参数**: 1437 1438| 参数名 | 类型 | 必填 | 说明 | 1439| -------- | ------------------------------------- | ---- | ------------------------------ | 1440| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。 | 1441 1442**返回值**: 1443 1444| 类型 | 说明 | 1445| --------------------- | ---------------------- | 1446| string | 表示X509证书颁发者名称,使用逗号分隔相对可分辨名称。 | 1447 1448**错误码:** 1449 1450以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1451 1452| 错误码ID | 错误信息 | 1453| -------- | ------------------------------------------------- | 1454| 19020001 | memory malloc failed. | 1455| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1456| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 1457| 19030001 | crypto operation error.| 1458 1459**示例:** 1460 1461```ts 1462import { cert } from '@kit.DeviceCertificateKit'; 1463import { BusinessError } from '@kit.BasicServicesKit'; 1464 1465// string转Uint8Array。 1466function stringToUint8Array(str: string): Uint8Array { 1467 let arr: Array<number> = []; 1468 for (let i = 0, j = str.length; i < j; i++) { 1469 arr.push(str.charCodeAt(i)); 1470 } 1471 return new Uint8Array(arr); 1472} 1473 1474// 证书二进制数据,需业务自行赋值。 1475let certData = '-----BEGIN CERTIFICATE-----\n' + 1476 'MIIDgTCCAmmgAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYT\n' + 1477 'AkNOMQ8wDQYDVQQIDAbpmZXopb8xDzANBgNVBAcMBuilv+WuiTEPMA0GA1UECgwG\n' + 1478 '5rWL6K+VMRUwEwYDVQQDDAzkuK3mlofmtYvor5UwHhcNMjUwMzA1MDk1MTIzWhcN\n' + 1479 'MzUwMzAzMDk1MTIzWjBXMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG6ZmV6KW/MQ8w\n' + 1480 'DQYDVQQHDAbopb/lrokxDzANBgNVBAoMBua1i+ivlTEVMBMGA1UEAwwM5Lit5paH\n' + 1481 '5rWL6K+VMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkonJ4UIuxRzX\n' + 1482 'gr8fLU1PjadDWJp/GrxkYGe30TXqQHDh7O14Rc0xxacj3aLMNffzj+rhxUzl3C9p\n' + 1483 'wLzIVO2e3iC3Fx2csRzOSIdbimR8879/3uaW8CPkgqlKQw8FDwrGk0S26sdDV8of\n' + 1484 '8AAHlrnUO2yyL53rAunn4ZKo4EyxHrvHmZKuv006onj0SByu8RNHx97v+4KaaY7p\n' + 1485 'HngTC55F0KVALiNGygJHeKP7GGxS7kpYV/CvBuABpA00WMqc7nmo2vCa4yC/mIk2\n' + 1486 '5CF7l860rQ50HLjrmlDYJHpc8p88NJ2BEyHQWiN4YkSKDAKNr+SssD3Tf2wHSYxA\n' + 1487 'UwdgsatGlwIDAQABo1MwUTAdBgNVHQ4EFgQUMFEfTXLVm7D6fsC7LYtTMhIgVQUw\n' + 1488 'HwYDVR0jBBgwFoAUMFEfTXLVm7D6fsC7LYtTMhIgVQUwDwYDVR0TAQH/BAUwAwEB\n' + 1489 '/zANBgkqhkiG9w0BAQsFAAOCAQEABCr9+iK30OSp67ksK1qhkKCzwKYDH2E5KEF4\n' + 1490 '1E1/o4haXIR14V+5DGcX/1OH3Znd863TecQdNnCFMGArWygq8j7O0uStbWMb3Rhu\n' + 1491 '+7RJ9GOCbBSeR3v2fC6+T3LI0Sm1G77xIYADmHGt33IW0DRKr44iOalwi6IbcqzD\n' + 1492 's9XlNO8e6ht2apeL656fjv1gCo/PA7e+A0QHn6zapggzEccEwKdFixCsw5ZMZaHm\n' + 1493 'adGz3lBCK+0QKYXYL1CtX/6wcDgQ9PuZSgdQgrudLKRN+843m3LJSUJ7AIyL1kQW\n' + 1494 'kY1ah7eSx4wwaKrLOM06ZkzORMnY5GAy8Aup+UCh6mWU3dPv3w==\n' + 1495 '-----END CERTIFICATE-----\n'; 1496 1497let encodingBlob: cert.EncodingBlob = { 1498 data: stringToUint8Array(certData), 1499 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1500 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1501}; 1502 1503cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1504 if (error) { 1505 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1506 } else { 1507 console.log('createX509Cert success'); 1508 try { 1509 let issuerName = x509Cert.getIssuerName(cert.EncodingType.ENCODING_UTF8); 1510 console.info('issuerName output is ' + issuerName); 1511 } catch (err) { 1512 let e: BusinessError = err as BusinessError; 1513 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1514 } 1515 } 1516}); 1517``` 1518 1519### getSubjectName 1520 1521getSubjectName(encodingType?: EncodingType) : DataBlob 1522 1523表示获取X509证书主体名称。 1524 1525> **说明:** 1526> 1527> 获取到的X509证书主体名称数据带字符串结束符。 1528 1529**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1530 1531**系统能力:** SystemCapability.Security.Cert 1532 1533**参数**: 1534 1535| 参数名 | 类型 | 必填 | 说明 | 1536| -------- | ------------------------------------- | ---- | ------------------------------ | 1537| encodingType | [EncodingType](#encodingtype12) | 否 | 编码类型。设置参数表示获取UTF8格式编码;不设置默认获取ASCII格式编码。<br>API 12后支持设置此参数。 | 1538 1539**返回值**: 1540 1541| 类型 | 说明 | 1542| --------------------- | -------------------- | 1543| [DataBlob](#datablob) | 表示X509证书主体名称,转化成字符串后使用逗号分隔相对可分辨名称。 | 1544 1545**错误码:** 1546 1547以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1548 1549| 错误码ID | 错误信息 | 1550| -------- | ------------------------------------------------- | 1551| 401 | invalid parameters. Possible causes: <br>1. Incorrect parameter types;<br>2. Parameter verification failed. | 1552| 19020001 | memory malloc failed. | 1553| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1554| 19030001 | crypto operation error.| 1555 1556**示例:** 1557 1558```ts 1559import { cert } from '@kit.DeviceCertificateKit'; 1560import { BusinessError } from '@kit.BasicServicesKit'; 1561 1562// string转Uint8Array。 1563function stringToUint8Array(str: string): Uint8Array { 1564 let arr: Array<number> = []; 1565 for (let i = 0, j = str.length; i < j; i++) { 1566 arr.push(str.charCodeAt(i)); 1567 } 1568 return new Uint8Array(arr); 1569} 1570 1571// 证书二进制数据,需业务自行赋值。 1572let certData = '-----BEGIN CERTIFICATE-----\n' + 1573 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1574 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1575 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1576 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1577 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1578 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1579 'Qw==\n' + 1580 '-----END CERTIFICATE-----\n'; 1581 1582let encodingBlob: cert.EncodingBlob = { 1583 data: stringToUint8Array(certData), 1584 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1585 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1586}; 1587 1588cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1589 if (error) { 1590 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1591 } else { 1592 console.log('createX509Cert success'); 1593 try { 1594 let subjectName = x509Cert.getSubjectName(); 1595 } catch (err) { 1596 let e: BusinessError = err as BusinessError; 1597 console.error('getSubjectName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1598 } 1599 try { 1600 let subjectNameutf8 = x509Cert.getSubjectName(cert.EncodingType.ENCODING_UTF8); 1601 } catch (err) { 1602 let e: BusinessError = err as BusinessError; 1603 console.error('getSubjectNameUtf8 failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1604 } 1605 } 1606}); 1607``` 1608 1609### getNotBeforeTime 1610 1611getNotBeforeTime() : string 1612 1613表示获取X509证书有效期起始时间。 1614 1615**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1616 1617**系统能力:** SystemCapability.Security.Cert 1618 1619**返回值**: 1620 1621| 类型 | 说明 | 1622| ------ | ------------------------------------------------------------ | 1623| string | 表示X509证书有效期起始时间,日期为ASN.1时间格式。 | 1624 1625**错误码:** 1626 1627以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1628 1629| 错误码ID | 错误信息 | 1630| -------- | ------------------------------------------------- | 1631| 19020001 | memory malloc failed. | 1632| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1633| 19030001 | crypto operation error.| 1634 1635**示例:** 1636 1637```ts 1638import { cert } from '@kit.DeviceCertificateKit'; 1639import { BusinessError } from '@kit.BasicServicesKit'; 1640 1641// string转Uint8Array。 1642function stringToUint8Array(str: string): Uint8Array { 1643 let arr: Array<number> = []; 1644 for (let i = 0, j = str.length; i < j; i++) { 1645 arr.push(str.charCodeAt(i)); 1646 } 1647 return new Uint8Array(arr); 1648} 1649 1650// 证书二进制数据,需业务自行赋值。 1651let certData = '-----BEGIN CERTIFICATE-----\n' + 1652 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1653 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1654 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1655 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1656 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1657 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1658 'Qw==\n' + 1659 '-----END CERTIFICATE-----\n'; 1660 1661let encodingBlob: cert.EncodingBlob = { 1662 data: stringToUint8Array(certData), 1663 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1664 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1665}; 1666 1667cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1668 if (error) { 1669 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1670 } else { 1671 console.log('createX509Cert success'); 1672 try { 1673 let notBefore = x509Cert.getNotBeforeTime(); 1674 } catch (err) { 1675 let e: BusinessError = err as BusinessError; 1676 console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1677 } 1678 } 1679}); 1680``` 1681 1682### getNotAfterTime 1683 1684getNotAfterTime() : string 1685 1686表示获取X509证书有效期截止时间。 1687 1688**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1689 1690**系统能力:** SystemCapability.Security.Cert 1691 1692**返回值**: 1693 1694| 类型 | 说明 | 1695| ------ | ------------------------------------------------------------ | 1696| string | 表示X509证书有效期截止时间,日期为ASN.1时间格式。 | 1697 1698**错误码:** 1699 1700以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1701 1702| 错误码ID | 错误信息 | 1703| -------- | ------------------------------------------------- | 1704| 19020001 | memory malloc failed. | 1705| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1706| 19030001 | crypto operation error.| 1707 1708**示例:** 1709 1710```ts 1711import { cert } from '@kit.DeviceCertificateKit'; 1712 1713import { BusinessError } from '@kit.BasicServicesKit'; 1714 1715// string转Uint8Array。 1716function stringToUint8Array(str: string): Uint8Array { 1717 let arr: Array<number> = []; 1718 for (let i = 0, j = str.length; i < j; i++) { 1719 arr.push(str.charCodeAt(i)); 1720 } 1721 return new Uint8Array(arr); 1722} 1723 1724// 证书二进制数据,需业务自行赋值。 1725let certData = '-----BEGIN CERTIFICATE-----\n' + 1726 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1727 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1728 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1729 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1730 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1731 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1732 'Qw==\n' + 1733 '-----END CERTIFICATE-----\n'; 1734 1735let encodingBlob: cert.EncodingBlob = { 1736 data: stringToUint8Array(certData), 1737 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1738 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1739}; 1740 1741cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1742 if (error) { 1743 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1744 } else { 1745 console.log('createX509Cert success'); 1746 try { 1747 let notAfter = x509Cert.getNotAfterTime(); 1748 } catch (err) { 1749 let e: BusinessError = err as BusinessError; 1750 console.error('getNotAfterTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1751 } 1752 } 1753}); 1754``` 1755 1756### getSignature 1757 1758getSignature() : DataBlob 1759 1760表示获取X509证书签名数据。 1761 1762**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1763 1764**系统能力:** SystemCapability.Security.Cert 1765 1766**返回值**: 1767 1768| 类型 | 说明 | 1769| --------------------- | -------------------- | 1770| [DataBlob](#datablob) | 表示X509证书签名数据。 | 1771 1772**错误码:** 1773 1774以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1775 1776| 错误码ID | 错误信息 | 1777| -------- | ------------------------------------------------- | 1778| 19020001 | memory malloc failed. | 1779| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1780| 19030001 | crypto operation error.| 1781 1782**示例:** 1783 1784```ts 1785import { cert } from '@kit.DeviceCertificateKit'; 1786 1787import { BusinessError } from '@kit.BasicServicesKit'; 1788 1789// string转Uint8Array。 1790function stringToUint8Array(str: string): Uint8Array { 1791 let arr: Array<number> = []; 1792 for (let i = 0, j = str.length; i < j; i++) { 1793 arr.push(str.charCodeAt(i)); 1794 } 1795 return new Uint8Array(arr); 1796} 1797 1798// 证书二进制数据,需业务自行赋值。 1799let certData = '-----BEGIN CERTIFICATE-----\n' + 1800 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1801 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1802 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1803 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1804 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1805 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1806 'Qw==\n' + 1807 '-----END CERTIFICATE-----\n'; 1808 1809let encodingBlob: cert.EncodingBlob = { 1810 data: stringToUint8Array(certData), 1811 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1812 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1813}; 1814 1815cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1816 if (error) { 1817 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1818 } else { 1819 console.log('createX509Cert success'); 1820 try { 1821 let signature = x509Cert.getSignature(); 1822 } catch (err) { 1823 let e: BusinessError = err as BusinessError; 1824 console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1825 } 1826 } 1827}); 1828``` 1829 1830### getSignatureAlgName 1831 1832getSignatureAlgName() : string 1833 1834表示获取X509证书签名算法名称。 1835 1836**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1837 1838**系统能力:** SystemCapability.Security.Cert 1839 1840**返回值**: 1841 1842| 类型 | 说明 | 1843| ------ | ------------------------ | 1844| string | 表示X509证书签名算法名称。 | 1845 1846**错误码:** 1847 1848以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1849 1850| 错误码ID | 错误信息 | 1851| -------- | ------------------------------------------------- | 1852| 19020001 | memory malloc failed. | 1853| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1854| 19030001 | crypto operation error.| 1855 1856**示例:** 1857 1858```ts 1859import { cert } from '@kit.DeviceCertificateKit'; 1860 1861import { BusinessError } from '@kit.BasicServicesKit'; 1862 1863// string转Uint8Array。 1864function stringToUint8Array(str: string): Uint8Array { 1865 let arr: Array<number> = []; 1866 for (let i = 0, j = str.length; i < j; i++) { 1867 arr.push(str.charCodeAt(i)); 1868 } 1869 return new Uint8Array(arr); 1870} 1871 1872// 证书二进制数据,需业务自行赋值。 1873let certData = '-----BEGIN CERTIFICATE-----\n' + 1874 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1875 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1876 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1877 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1878 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1879 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1880 'Qw==\n' + 1881 '-----END CERTIFICATE-----\n'; 1882 1883let encodingBlob: cert.EncodingBlob = { 1884 data: stringToUint8Array(certData), 1885 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1886 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1887}; 1888 1889cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1890 if (error) { 1891 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1892 } else { 1893 console.log('createX509Cert success'); 1894 try { 1895 let sigAlgName = x509Cert.getSignatureAlgName(); 1896 } catch (err) { 1897 let e: BusinessError = err as BusinessError; 1898 console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1899 } 1900 } 1901}); 1902``` 1903 1904### getSignatureAlgOid 1905 1906getSignatureAlgOid() : string 1907 1908表示获取X509证书签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 1909 1910**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1911 1912**系统能力:** SystemCapability.Security.Cert 1913 1914**返回值**: 1915 1916| 类型 | 说明 | 1917| ------ | --------------------------------- | 1918| string | 表示X509证书签名算法对象标志符OID。若OID长度超过128字节,则会被截断。 | 1919 1920**错误码:** 1921 1922以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1923 1924| 错误码ID | 错误信息 | 1925| -------- | ------------------------------------------------- | 1926| 19020001 | memory malloc failed. | 1927| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 1928| 19030001 | crypto operation error.| 1929 1930**示例:** 1931 1932```ts 1933import { cert } from '@kit.DeviceCertificateKit'; 1934import { BusinessError } from '@kit.BasicServicesKit'; 1935 1936// string转Uint8Array。 1937function stringToUint8Array(str: string): Uint8Array { 1938 let arr: Array<number> = []; 1939 for (let i = 0, j = str.length; i < j; i++) { 1940 arr.push(str.charCodeAt(i)); 1941 } 1942 return new Uint8Array(arr); 1943} 1944 1945// 证书二进制数据,需业务自行赋值。 1946let certData = '-----BEGIN CERTIFICATE-----\n' + 1947 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1948 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1949 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1950 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1951 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1952 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1953 'Qw==\n' + 1954 '-----END CERTIFICATE-----\n'; 1955 1956let encodingBlob: cert.EncodingBlob = { 1957 data: stringToUint8Array(certData), 1958 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 1959 encodingFormat: cert.EncodingFormat.FORMAT_PEM 1960}; 1961 1962cert.createX509Cert(encodingBlob, (error, x509Cert) => { 1963 if (error) { 1964 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1965 } else { 1966 console.log('createX509Cert success'); 1967 try { 1968 let sigAlgOid = x509Cert.getSignatureAlgOid(); 1969 } catch (err) { 1970 let e: BusinessError = err as BusinessError; 1971 console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1972 } 1973 } 1974}); 1975``` 1976 1977### getSignatureAlgParams 1978 1979getSignatureAlgParams() : DataBlob 1980 1981表示获取X509证书签名算法参数。 1982 1983**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1984 1985**系统能力:** SystemCapability.Security.Cert 1986 1987**返回值**: 1988 1989| 类型 | 说明 | 1990| --------------------- | ------------------------ | 1991| [DataBlob](#datablob) | 表示X509证书签名算法参数。 | 1992 1993**错误码:** 1994 1995以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1996 1997| 错误码ID | 错误信息 | 1998| -------- | ------------------------------------------------- | 1999| 801 | this operation is not supported. | 2000| 19020001 | memory malloc failed. | 2001| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2002| 19030001 | crypto operation error.| 2003 2004**示例:** 2005 2006```ts 2007import { cert } from '@kit.DeviceCertificateKit'; 2008import { BusinessError } from '@kit.BasicServicesKit'; 2009 2010// string转Uint8Array。 2011function stringToUint8Array(str: string): Uint8Array { 2012 let arr: Array<number> = []; 2013 for (let i = 0, j = str.length; i < j; i++) { 2014 arr.push(str.charCodeAt(i)); 2015 } 2016 return new Uint8Array(arr); 2017} 2018 2019// 证书二进制数据,需业务自行赋值。 2020let certData = '-----BEGIN CERTIFICATE-----\n' + 2021 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2022 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2023 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2024 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2025 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2026 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2027 'Qw==\n' + 2028 '-----END CERTIFICATE-----\n'; 2029 2030let encodingBlob: cert.EncodingBlob = { 2031 data: stringToUint8Array(certData), 2032 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2033 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2034}; 2035 2036cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2037 if (error) { 2038 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2039 } else { 2040 console.log('createX509Cert success'); 2041 try { 2042 let sigAlgParams = x509Cert.getSignatureAlgParams(); 2043 } catch (err) { 2044 let e: BusinessError = err as BusinessError; 2045 console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2046 } 2047 } 2048}); 2049``` 2050 2051### getKeyUsage 2052 2053getKeyUsage() : DataBlob 2054 2055表示获取X509证书秘钥用途。 2056 2057**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2058 2059**系统能力:** SystemCapability.Security.Cert 2060 2061**返回值**: 2062 2063| 类型 | 说明 | 2064| --------------------- | -------------------- | 2065| [DataBlob](#datablob) | 表示X509证书秘钥用途。 | 2066 2067**错误码:** 2068 2069以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2070 2071| 错误码ID | 错误信息 | 2072| -------- | ------------------------------------------------- | 2073| 19020001 | memory malloc failed. | 2074| 19030001 | crypto operation error.| 2075 2076**示例:** 2077 2078```ts 2079import { cert } from '@kit.DeviceCertificateKit'; 2080import { BusinessError } from '@kit.BasicServicesKit'; 2081 2082// string转Uint8Array。 2083function stringToUint8Array(str: string): Uint8Array { 2084 let arr: Array<number> = []; 2085 for (let i = 0, j = str.length; i < j; i++) { 2086 arr.push(str.charCodeAt(i)); 2087 } 2088 return new Uint8Array(arr); 2089} 2090 2091// 证书二进制数据,需业务自行赋值。 2092let certData = '-----BEGIN CERTIFICATE-----\n' + 2093 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2094 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2095 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2096 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2097 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2098 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2099 'Qw==\n' + 2100 '-----END CERTIFICATE-----\n'; 2101 2102let encodingBlob: cert.EncodingBlob = { 2103 data: stringToUint8Array(certData), 2104 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2105 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2106}; 2107 2108cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2109 if (error) { 2110 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2111 } else { 2112 console.log('createX509Cert success'); 2113 try { 2114 let keyUsage = x509Cert.getKeyUsage(); 2115 } catch (err) { 2116 let e: BusinessError = err as BusinessError; 2117 console.error('getKeyUsage failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2118 } 2119 } 2120}); 2121``` 2122 2123### getExtKeyUsage 2124 2125getExtKeyUsage() : DataArray 2126 2127表示获取X509证书扩展秘钥用途。 2128 2129**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2130 2131**系统能力:** SystemCapability.Security.Cert 2132 2133**返回值**: 2134 2135| 类型 | 说明 | 2136| ----------------------- | ------------------------ | 2137| [DataArray](#dataarray) | 表示X509证书扩展秘钥用途。 | 2138 2139**错误码:** 2140 2141以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2142 2143| 错误码ID | 错误信息 | 2144| -------- | ------------------------------------------------- | 2145| 19020001 | memory malloc failed. | 2146| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2147| 19030001 | crypto operation error.| 2148 2149**示例:** 2150 2151```ts 2152import { cert } from '@kit.DeviceCertificateKit'; 2153import { BusinessError } from '@kit.BasicServicesKit'; 2154 2155// string转Uint8Array。 2156function stringToUint8Array(str: string): Uint8Array { 2157 let arr: Array<number> = []; 2158 for (let i = 0, j = str.length; i < j; i++) { 2159 arr.push(str.charCodeAt(i)); 2160 } 2161 return new Uint8Array(arr); 2162} 2163 2164// 证书二进制数据,需业务自行赋值。 2165let certData = '-----BEGIN CERTIFICATE-----\n' + 2166 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2167 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2168 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2169 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2170 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2171 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2172 'Qw==\n' + 2173 '-----END CERTIFICATE-----\n'; 2174 2175let encodingBlob: cert.EncodingBlob = { 2176 data: stringToUint8Array(certData), 2177 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2178 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2179}; 2180 2181cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2182 if (error) { 2183 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2184 } else { 2185 console.log('createX509Cert success'); 2186 try { 2187 let extKeyUsage = x509Cert.getExtKeyUsage(); 2188 } catch (err) { 2189 let e: BusinessError = err as BusinessError; 2190 console.error('getExtKeyUsage failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2191 } 2192 } 2193}); 2194``` 2195 2196### getBasicConstraints 2197 2198getBasicConstraints() : number 2199 2200表示获取X509证书基本约束。 2201 2202**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2203 2204**系统能力:** SystemCapability.Security.Cert 2205 2206**返回值**: 2207 2208| 类型 | 说明 | 2209| ------ | -------------------- | 2210| number | 表示X509证书基本约束。 | 2211 2212**示例:** 2213 2214```ts 2215import { cert } from '@kit.DeviceCertificateKit'; 2216 2217// string转Uint8Array。 2218function stringToUint8Array(str: string): Uint8Array { 2219 let arr: Array<number> = []; 2220 for (let i = 0, j = str.length; i < j; i++) { 2221 arr.push(str.charCodeAt(i)); 2222 } 2223 return new Uint8Array(arr); 2224} 2225 2226// 证书二进制数据,需业务自行赋值。 2227let certData = '-----BEGIN CERTIFICATE-----\n' + 2228 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2229 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2230 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2231 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2232 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2233 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2234 'Qw==\n' + 2235 '-----END CERTIFICATE-----\n'; 2236 2237let encodingBlob: cert.EncodingBlob = { 2238 data: stringToUint8Array(certData), 2239 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2240 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2241}; 2242 2243cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2244 if (error) { 2245 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2246 } else { 2247 console.log('createX509Cert success'); 2248 let basicConstraints = x509Cert.getBasicConstraints(); 2249 } 2250}); 2251``` 2252 2253### getSubjectAltNames 2254 2255getSubjectAltNames() : DataArray 2256 2257表示获取X509证书主体可选名称。 2258 2259> **说明:** 2260> 2261> 获取到的X509证书主体可选名称数据带字符串结束符。 2262 2263**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2264 2265**系统能力:** SystemCapability.Security.Cert 2266 2267**返回值**: 2268 2269| 类型 | 说明 | 2270| ----------------------- | ------------------------ | 2271| [DataArray](#dataarray) | 表示X509证书主体可选名称。 | 2272 2273**错误码:** 2274 2275以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2276 2277| 错误码ID | 错误信息 | 2278| -------- | ------------------------------------------------- | 2279| 19020001 | memory malloc failed. | 2280| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2281| 19030001 | crypto operation error.| 2282 2283**示例:** 2284 2285```ts 2286import { cert } from '@kit.DeviceCertificateKit'; 2287import { BusinessError } from '@kit.BasicServicesKit'; 2288 2289// string转Uint8Array。 2290function stringToUint8Array(str: string): Uint8Array { 2291 let arr: Array<number> = []; 2292 for (let i = 0, j = str.length; i < j; i++) { 2293 arr.push(str.charCodeAt(i)); 2294 } 2295 return new Uint8Array(arr); 2296} 2297 2298// 证书二进制数据,需业务自行赋值。 2299let certData = '-----BEGIN CERTIFICATE-----\n' + 2300 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2301 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2302 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2303 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2304 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2305 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2306 'Qw==\n' + 2307 '-----END CERTIFICATE-----\n'; 2308 2309let encodingBlob: cert.EncodingBlob = { 2310 data: stringToUint8Array(certData), 2311 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2312 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2313}; 2314 2315cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2316 if (error) { 2317 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2318 } else { 2319 console.log('createX509Cert success'); 2320 try { 2321 let subjectAltNames = x509Cert.getSubjectAltNames(); 2322 } catch (err) { 2323 let e: BusinessError = err as BusinessError; 2324 console.error('getSubjectAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2325 } 2326 } 2327}); 2328``` 2329 2330### getIssuerAltNames 2331 2332getIssuerAltNames() : DataArray 2333 2334表示获取X509证书颁发者可选名称。 2335 2336> **说明:** 2337> 2338> 获取到的X509证书颁发者可选名称数据带字符串结束符。 2339 2340**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2341 2342**系统能力:** SystemCapability.Security.Cert 2343 2344**返回值**: 2345 2346| 类型 | 说明 | 2347| ----------------------- | -------------------------- | 2348| [DataArray](#dataarray) | 表示X509证书颁发者可选名称。 | 2349 2350**错误码:** 2351 2352以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2353 2354| 错误码ID | 错误信息 | 2355| -------- | ------------------------------------------------- | 2356| 19020001 | memory malloc failed. | 2357| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2358| 19030001 | crypto operation error.| 2359 2360**示例:** 2361 2362```ts 2363import { cert } from '@kit.DeviceCertificateKit'; 2364import { BusinessError } from '@kit.BasicServicesKit'; 2365 2366// string转Uint8Array。 2367function stringToUint8Array(str: string): Uint8Array { 2368 let arr: Array<number> = []; 2369 for (let i = 0, j = str.length; i < j; i++) { 2370 arr.push(str.charCodeAt(i)); 2371 } 2372 return new Uint8Array(arr); 2373} 2374 2375// 证书二进制数据,需业务自行赋值。 2376let certData = '-----BEGIN CERTIFICATE-----\n' + 2377 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2378 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2379 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2380 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2381 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2382 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2383 'Qw==\n' + 2384 '-----END CERTIFICATE-----\n'; 2385 2386let encodingBlob: cert.EncodingBlob = { 2387 data: stringToUint8Array(certData), 2388 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2389 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2390}; 2391 2392cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2393 if (error) { 2394 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2395 } else { 2396 console.log('createX509Cert success'); 2397 try { 2398 let issuerAltNames = x509Cert.getIssuerAltNames(); 2399 } catch (err) { 2400 let e: BusinessError = err as BusinessError; 2401 console.error('getIssuerAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2402 } 2403 } 2404}); 2405``` 2406 2407### getItem<sup>10+</sup> 2408 2409getItem(itemType: CertItemType) : DataBlob 2410 2411表示获取X509证书对应的字段。 2412 2413**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2414 2415**系统能力:** SystemCapability.Security.Cert 2416 2417**参数**: 2418 2419| 参数名 | 类型 | 必填 | 说明 | 2420| --------- | ------ | ---- | ------------------------------------------ | 2421| itemType | [CertItemType](#certitemtype10) | 是 | 表示需要获取的证书字段。 | 2422 2423**返回值**: 2424 2425| 类型 | 说明 | 2426| --------------------- | ----------------------------------------- | 2427| [DataBlob](#datablob) | 表示X509证书对应的字段,返回值为DER格式。 | 2428 2429**错误码:** 2430 2431以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2432 2433| 错误码ID | 错误信息 | 2434| -------- | ----------------------- | 2435| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2436| 19020001 | memory malloc failed. | 2437| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2438| 19030001 | crypto operation error. | 2439 2440**示例:** 2441 2442```ts 2443import { cert } from '@kit.DeviceCertificateKit'; 2444import { BusinessError } from '@kit.BasicServicesKit'; 2445 2446// string转Uint8Array。 2447function stringToUint8Array(str: string): Uint8Array { 2448 let arr: Array<number> = []; 2449 for (let i = 0, j = str.length; i < j; i++) { 2450 arr.push(str.charCodeAt(i)); 2451 } 2452 return new Uint8Array(arr); 2453} 2454 2455// 证书二进制数据,需业务自行赋值。 2456let certData = '-----BEGIN CERTIFICATE-----\n' + 2457 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2458 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2459 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2460 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2461 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2462 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2463 'Qw==\n' + 2464 '-----END CERTIFICATE-----\n'; 2465 2466let encodingBlob: cert.EncodingBlob = { 2467 data: stringToUint8Array(certData), 2468 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2469 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2470}; 2471 2472cert.createX509Cert(encodingBlob, (error, x509Cert) => { 2473 if (error) { 2474 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2475 } else { 2476 console.log('createX509Cert success'); 2477 try { 2478 let tbs = x509Cert.getItem(cert.CertItemType.CERT_ITEM_TYPE_TBS); 2479 let pubKey = x509Cert.getItem(cert.CertItemType.CERT_ITEM_TYPE_PUBLIC_KEY); 2480 } catch (err) { 2481 let e: BusinessError = err as BusinessError; 2482 console.error('getItem failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2483 } 2484 } 2485}); 2486``` 2487### match<sup>11+</sup> 2488 2489match(param: X509CertMatchParameters): boolean 2490 2491判断证书是否与输入参数匹配。 2492 2493**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2494 2495**系统能力:** SystemCapability.Security.Cert 2496 2497**参数**: 2498 2499| 参数名 | 类型 | 必填 | 说明 | 2500| --------- | ------ | ---- | ------------------------------------------ | 2501| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示需要匹配的参数。 | 2502 2503**返回值**: 2504 2505| 类型 | 说明 | 2506| --------------------- | ----------------------------------------- | 2507| boolean | 当参数匹配时,该方法返回true,否则返回false。 | 2508 2509**错误码:** 2510 2511以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2512 2513| 错误码ID | 错误信息 | 2514| -------- | ------------- | 2515| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2516| 19020001 | memory malloc failed. | 2517| 19030001 | crypto operation error. | 2518 2519**示例:** 2520 2521```ts 2522import { cert } from '@kit.DeviceCertificateKit'; 2523import { BusinessError } from '@kit.BasicServicesKit'; 2524 2525// string转Uint8Array。 2526function stringToUint8Array(str: string): Uint8Array { 2527 let arr: Array<number> = []; 2528 for (let i = 0, j = str.length; i < j; i++) { 2529 arr.push(str.charCodeAt(i)); 2530 } 2531 return new Uint8Array(arr); 2532} 2533 2534async function createX509Cert(): Promise<cert.X509Cert> { 2535 let certData = '-----BEGIN CERTIFICATE-----\n' + 2536 'MIIDTTCCAjWgAwIBAgIBAzANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 2537 'IENBMB4XDTI0MDMxOTAyMDM1NFoXDTM0MDMxNzAyMDM1NFowETEPMA0GA1UEAwwG\n' + 2538 'ZGV2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoGk2J0aKWTP\n' + 2539 'J3D7lS3oFdME3MMA1z0Y0ftthrtUKybE2xh8P90ztMV73bewmgAPqiApqhaWEZM/\n' + 2540 '6DSLc/MxbOeYjg6njveJIu721gchiuB2PFikDFSWlcLOJNw+CgBx77Ct3KllivHs\n' + 2541 'oi/gjuxrWiF/3VhbBErPNj/fw9se3pVrFRXIFdkcybtom2mUmkcxDfSg587SO14i\n' + 2542 'ZzXGM6nhMzYWXxLho6SJrsnzfs4pD6ifksWmY4089zitqsN+9jQXafY1+/sh1mgu\n' + 2543 'FvAwg9IbigGOBIiF8t5qdNGpqCHXbEHblNCWfT4fVNDV0Vc9pByjZaMYEGMhpz+6\n' + 2544 'lxlc2CqbNQIDAQABo4GuMIGrMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAEVpuP+pPpg\n' + 2545 'kr3dA3aV2XdFZ9rGMB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMB0G\n' + 2546 'A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwMgYIKwYB\n' + 2547 'BQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwczovLzEyNy4wLjAuMTo5OTk5MA0G\n' + 2548 'CSqGSIb3DQEBCwUAA4IBAQBjM1agcDcgVHsD0dS39gxtlyRbZRvDcW3YsdwgpN6S\n' + 2549 'e4wGzdZbhsiZv7y3+PSuozKwp5Yjn+UqnnEz7QuTGJRt/pzHDVY3QceNvlx2HPRe\n' + 2550 'fECS4bpGLcM5B17oZZjE4HenIrGmigXnnwYL5TjhC4ybtddXPYv/M6z2eFCnfQNa\n' + 2551 'zFwz8LJ7ukWvf5koBqcHq2zsuVByOIPXLIrAJPtMmBb/pHCFt8hxOxwqujdrxz16\n' + 2552 'pe5LQUYzvG1YCxw3Ye9OrM1yXJQr/4KYncQC1yQQo+UK7NsDRK30PsMEYxhierLA\n' + 2553 'JKyPn1xSlOJiGa2rRn/uevmEOhfagj5TtprU9Gu1+nZo\n' + 2554 '-----END CERTIFICATE-----\n'; 2555 2556 let encodingBlob: cert.EncodingBlob = { 2557 data: stringToUint8Array(certData), 2558 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2559 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2560 }; 2561 2562 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2563 try { 2564 x509Cert = await cert.createX509Cert(encodingBlob); 2565 } catch (err) { 2566 let e: BusinessError = err as BusinessError; 2567 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2568 } 2569 return x509Cert; 2570} 2571 2572async function matchX509Cert() { 2573 const x509Cert = await createX509Cert(); 2574 try { 2575 // 需业务自行赋值。 2576 const param: cert.X509CertMatchParameters = { 2577 x509Cert, 2578 validDate: '20241121074700Z', 2579 keyUsage: [true, false, false, false, false, false, false, false, false], 2580 publicKeyAlgID: '1.2.840.113549.1.1.1' 2581 }; 2582 const result = x509Cert.match(param); 2583 console.log('call x509Cert match success'); 2584 } catch (err) { 2585 console.error('call x509Cert match failed'); 2586 } 2587} 2588``` 2589 2590### getCRLDistributionPoint<sup>12+</sup> 2591 2592getCRLDistributionPoint(): DataArray 2593 2594获取X509证书CRL的分发点统一资源标识符。 2595 2596**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2597 2598**系统能力:** SystemCapability.Security.Cert 2599 2600**返回值**: 2601 2602| 类型 | 说明 | 2603| ----------------------- | -------------------------- | 2604| [DataArray](#dataarray) | 表示X509证书CRL的分发点统一资源标识符。 | 2605 2606**错误码:** 2607 2608以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2609 2610| 错误码ID | 错误信息 | 2611| -------- | ------------- | 2612| 19020001 | memory malloc failed. | 2613| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2614| 19030001 | crypto operation error. | 2615 2616**示例:** 2617 2618```ts 2619import { cert } from '@kit.DeviceCertificateKit'; 2620import { BusinessError } from '@kit.BasicServicesKit'; 2621 2622// string转Uint8Array。 2623function stringToUint8Array(str: string): Uint8Array { 2624 let arr: Array<number> = []; 2625 for (let i = 0, j = str.length; i < j; i++) { 2626 arr.push(str.charCodeAt(i)); 2627 } 2628 return new Uint8Array(arr); 2629} 2630 2631let certData = "-----BEGIN CERTIFICATE-----\n" + 2632 "MIIB/jCCAaSgAwIBAgICA+gwCgYIKoZIzj0EAwIwLDELMAkGA1UEBhMCQ04xDTAL\n" + 2633 "BgNVBAoMBHRlc3QxDjAMBgNVBAMMBXN1YmNhMB4XDTIzMTAwNzA0MDEwOFoXDTMz\n" + 2634 "MTAwNDA0MDEwOFowLDELMAkGA1UEBhMCQ04xDTALBgNVBAoMBHRlc3QxDjAMBgNV\n" + 2635 "BAMMBWxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZDPvdlJI6Yv4fiaR\n" + 2636 "nQHcusXVbukk90mQ0rBGOYRikFvgvm5cjTdaUGcQKEtwYIKDQl5n6Pf7ElCJ7GRz\n" + 2637 "raWZ+qOBtTCBsjAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl\n" + 2638 "bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU63Gbl8gIsUn0VyZ4rya3PCjm\n" + 2639 "sfEwHwYDVR0jBBgwFoAU77mynM0rz1SD43DQjleWM7bF+MEwNwYDVR0fBDAwLjAs\n" + 2640 "oCqgKIYmaHR0cDovL3Rlc3QudGVzdENSTGRwLmNvbS9DUkxfRFBfMS5jcmwwCgYI\n" + 2641 "KoZIzj0EAwIDSAAwRQIhAISKHH9u221mBgdDWfll3loLvEHJ3or9NUO5Zn6SrX6L\n" + 2642 "AiAtRlOa6/mTD68faQTdhsAaQP955QfW34B4yFqU2Bq72A==\n" + 2643 "-----END CERTIFICATE-----\n"; 2644 2645 // 证书二进制数据,需业务自行赋值。 2646let encodingBlob: cert.EncodingBlob = { 2647 data: stringToUint8Array(certData), 2648 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2649 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2650}; 2651 2652async function certGetCRLDistributionPoint() { 2653 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2654 try { 2655 x509Cert = await cert.createX509Cert(encodingBlob); 2656 console.log('createX509Cert success'); 2657 let point = x509Cert.getCRLDistributionPoint(); 2658 } catch (err) { 2659 let e: BusinessError = err as BusinessError; 2660 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2661 } 2662} 2663``` 2664 2665### getIssuerX500DistinguishedName<sup>12+</sup> 2666 2667getIssuerX500DistinguishedName(): X500DistinguishedName 2668 2669获取颁发者的X509可分辨名称。 2670 2671**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2672 2673**系统能力:** SystemCapability.Security.Cert 2674 2675**返回值**: 2676 2677| 类型 | 说明 | 2678| --------------------- | ----------------------------------------- | 2679| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 2680 2681**错误码:** 2682 2683以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2684 2685| 错误码ID | 错误信息 | 2686| -------- | ------------- | 2687| 19020001 | memory malloc failed. | 2688| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2689| 19030001 | crypto operation error. | 2690 2691**示例:** 2692 2693```ts 2694import { cert } from '@kit.DeviceCertificateKit'; 2695import { BusinessError } from '@kit.BasicServicesKit'; 2696 2697// string转Uint8Array。 2698function stringToUint8Array(str: string): Uint8Array { 2699 let arr: Array<number> = []; 2700 for (let i = 0, j = str.length; i < j; i++) { 2701 arr.push(str.charCodeAt(i)); 2702 } 2703 return new Uint8Array(arr); 2704} 2705 2706let certData = "-----BEGIN CERTIFICATE-----\n" + 2707 "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2708 "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2709 "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2710 "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2711 "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2712 "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2713 "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2714 "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2715 "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2716 "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2717 "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2718 "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2719 "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2720 "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2721 "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2722 "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2723 "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2724 "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2725 "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2726 "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2727 "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2728 "-----END CERTIFICATE-----\n" 2729 2730 // 证书二进制数据,需业务自行赋值。 2731 let encodingBlob: cert.EncodingBlob = { 2732 data: stringToUint8Array(certData), 2733 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2734 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2735 }; 2736 2737async function certGetIssuerX500DistinguishedName() { 2738 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2739 try { 2740 x509Cert = await cert.createX509Cert(encodingBlob); 2741 console.log('createX509Cert success'); 2742 let name = x509Cert.getIssuerX500DistinguishedName(); 2743 } catch (err) { 2744 let e: BusinessError = err as BusinessError; 2745 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2746 } 2747} 2748``` 2749 2750### getSubjectX500DistinguishedName<sup>12+</sup> 2751 2752getSubjectX500DistinguishedName(): X500DistinguishedName 2753 2754获取证书主题的X509可分辨名称。 2755 2756**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2757 2758**系统能力:** SystemCapability.Security.Cert 2759 2760**返回值**: 2761 2762| 类型 | 说明 | 2763| --------------------- | ----------------------------------------- | 2764| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 2765 2766**错误码:** 2767 2768以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2769 2770| 错误码ID | 错误信息 | 2771| -------- | ------------- | 2772| 19020001 | memory malloc failed. | 2773| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2774| 19030001 | crypto operation error. | 2775 2776**示例:** 2777 2778```ts 2779import { cert } from '@kit.DeviceCertificateKit'; 2780import { BusinessError } from '@kit.BasicServicesKit'; 2781 2782// string转Uint8Array。 2783function stringToUint8Array(str: string): Uint8Array { 2784 let arr: Array<number> = []; 2785 for (let i = 0, j = str.length; i < j; i++) { 2786 arr.push(str.charCodeAt(i)); 2787 } 2788 return new Uint8Array(arr); 2789} 2790 2791let certData = "-----BEGIN CERTIFICATE-----\n" + 2792 "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2793 "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2794 "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2795 "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2796 "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2797 "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2798 "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2799 "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2800 "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2801 "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2802 "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2803 "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2804 "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2805 "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2806 "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2807 "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2808 "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2809 "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2810 "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2811 "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2812 "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2813 "-----END CERTIFICATE-----\n" 2814 2815 // 证书二进制数据,需业务自行赋值。 2816 let encodingBlob: cert.EncodingBlob = { 2817 data: stringToUint8Array(certData), 2818 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2819 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2820 }; 2821 2822async function certGetSubjectX500DistinguishedName() { 2823 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2824 try { 2825 x509Cert = await cert.createX509Cert(encodingBlob); 2826 console.log('createX509Cert success'); 2827 let name = x509Cert.getSubjectX500DistinguishedName(); 2828 } catch (err) { 2829 let e: BusinessError = err as BusinessError; 2830 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2831 } 2832} 2833``` 2834 2835### toString<sup>12+</sup> 2836 2837toString(): string 2838 2839获取对象的字符串类型数据。 2840 2841**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2842 2843**系统能力:** SystemCapability.Security.Cert 2844 2845**返回值**: 2846 2847| 类型 | 说明 | 2848| --------------------- | ----------------------------------------- | 2849| string | 对象的字符串类型数据。| 2850 2851**错误码:** 2852 2853以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2854 2855| 错误码ID | 错误信息 | 2856| -------- | ------------- | 2857| 19020001 | memory malloc failed. | 2858| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2859| 19030001 | crypto operation error. | 2860 2861**示例:** 2862 2863```ts 2864import { cert } from '@kit.DeviceCertificateKit'; 2865import { BusinessError } from '@kit.BasicServicesKit'; 2866 2867// string转Uint8Array。 2868function stringToUint8Array(str: string): Uint8Array { 2869 let arr: Array<number> = []; 2870 for (let i = 0, j = str.length; i < j; i++) { 2871 arr.push(str.charCodeAt(i)); 2872 } 2873 return new Uint8Array(arr); 2874} 2875 2876let certData = "-----BEGIN CERTIFICATE-----\n" + 2877 "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2878 "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2879 "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2880 "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2881 "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2882 "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2883 "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2884 "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2885 "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2886 "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2887 "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2888 "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2889 "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2890 "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2891 "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2892 "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2893 "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2894 "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2895 "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2896 "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2897 "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2898 "-----END CERTIFICATE-----\n" 2899 2900 // 证书二进制数据,需业务自行赋值。 2901 let encodingBlob: cert.EncodingBlob = { 2902 data: stringToUint8Array(certData), 2903 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2904 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2905 }; 2906 2907async function certToString() { 2908 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2909 try { 2910 x509Cert = await cert.createX509Cert(encodingBlob); 2911 console.log('createX509Cert success'); 2912 console.info('certToString success: ' + JSON.stringify(x509Cert.toString())); 2913 } catch (err) { 2914 let e: BusinessError = err as BusinessError; 2915 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2916 } 2917} 2918``` 2919 2920### toString<sup>20+</sup> 2921 2922toString(encodingType: EncodingType): string 2923 2924根据编码类型获取对象的字符串类型数据。 2925 2926**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 2927 2928**系统能力:** SystemCapability.Security.Cert 2929 2930**参数**: 2931 2932| 参数名 | 类型 | 必填 | 说明 | 2933| -------- | ------------------------------------- | ---- | ------------------------------ | 2934| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。 | 2935 2936**返回值**: 2937 2938| 类型 | 说明 | 2939| --------------------- | ----------------------------------------- | 2940| string | 表示对象的字符串类型数据。| 2941 2942**错误码:** 2943 2944以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2945 2946| 错误码ID | 错误信息 | 2947| -------- | ------------- | 2948| 19020001 | memory malloc failed. | 2949| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 2950| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 2951| 19030001 | crypto operation error. | 2952 2953**示例:** 2954 2955```ts 2956import { cert } from '@kit.DeviceCertificateKit'; 2957import { BusinessError } from '@kit.BasicServicesKit'; 2958 2959// string转Uint8Array。 2960function stringToUint8Array(str: string): Uint8Array { 2961 let arr: Array<number> = []; 2962 for (let i = 0, j = str.length; i < j; i++) { 2963 arr.push(str.charCodeAt(i)); 2964 } 2965 return new Uint8Array(arr); 2966} 2967 2968let certData = '-----BEGIN CERTIFICATE-----\n' + 2969 'MIIDgTCCAmmgAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYT\n' + 2970 'AkNOMQ8wDQYDVQQIDAbpmZXopb8xDzANBgNVBAcMBuilv+WuiTEPMA0GA1UECgwG\n' + 2971 '5rWL6K+VMRUwEwYDVQQDDAzkuK3mlofmtYvor5UwHhcNMjUwMzA1MDk1MTIzWhcN\n' + 2972 'MzUwMzAzMDk1MTIzWjBXMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG6ZmV6KW/MQ8w\n' + 2973 'DQYDVQQHDAbopb/lrokxDzANBgNVBAoMBua1i+ivlTEVMBMGA1UEAwwM5Lit5paH\n' + 2974 '5rWL6K+VMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkonJ4UIuxRzX\n' + 2975 'gr8fLU1PjadDWJp/GrxkYGe30TXqQHDh7O14Rc0xxacj3aLMNffzj+rhxUzl3C9p\n' + 2976 'wLzIVO2e3iC3Fx2csRzOSIdbimR8879/3uaW8CPkgqlKQw8FDwrGk0S26sdDV8of\n' + 2977 '8AAHlrnUO2yyL53rAunn4ZKo4EyxHrvHmZKuv006onj0SByu8RNHx97v+4KaaY7p\n' + 2978 'HngTC55F0KVALiNGygJHeKP7GGxS7kpYV/CvBuABpA00WMqc7nmo2vCa4yC/mIk2\n' + 2979 '5CF7l860rQ50HLjrmlDYJHpc8p88NJ2BEyHQWiN4YkSKDAKNr+SssD3Tf2wHSYxA\n' + 2980 'UwdgsatGlwIDAQABo1MwUTAdBgNVHQ4EFgQUMFEfTXLVm7D6fsC7LYtTMhIgVQUw\n' + 2981 'HwYDVR0jBBgwFoAUMFEfTXLVm7D6fsC7LYtTMhIgVQUwDwYDVR0TAQH/BAUwAwEB\n' + 2982 '/zANBgkqhkiG9w0BAQsFAAOCAQEABCr9+iK30OSp67ksK1qhkKCzwKYDH2E5KEF4\n' + 2983 '1E1/o4haXIR14V+5DGcX/1OH3Znd863TecQdNnCFMGArWygq8j7O0uStbWMb3Rhu\n' + 2984 '+7RJ9GOCbBSeR3v2fC6+T3LI0Sm1G77xIYADmHGt33IW0DRKr44iOalwi6IbcqzD\n' + 2985 's9XlNO8e6ht2apeL656fjv1gCo/PA7e+A0QHn6zapggzEccEwKdFixCsw5ZMZaHm\n' + 2986 'adGz3lBCK+0QKYXYL1CtX/6wcDgQ9PuZSgdQgrudLKRN+843m3LJSUJ7AIyL1kQW\n' + 2987 'kY1ah7eSx4wwaKrLOM06ZkzORMnY5GAy8Aup+UCh6mWU3dPv3w==\n' + 2988 '-----END CERTIFICATE-----\n'; 2989 2990 // 证书二进制数据,需业务自行赋值。 2991 let encodingBlob: cert.EncodingBlob = { 2992 data: stringToUint8Array(certData), 2993 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 2994 encodingFormat: cert.EncodingFormat.FORMAT_PEM 2995 }; 2996 2997async function certToString() { 2998 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2999 try { 3000 x509Cert = await cert.createX509Cert(encodingBlob); 3001 console.log('createX509Cert success'); 3002 console.info('certToString success: ' + JSON.stringify(x509Cert.toString(cert.EncodingType.ENCODING_UTF8))); 3003 } catch (err) { 3004 let e: BusinessError = err as BusinessError; 3005 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3006 } 3007} 3008``` 3009 3010### hashCode<sup>12+</sup> 3011 3012hashCode(): Uint8Array 3013 3014获取DER格式数据的哈希值。 3015 3016**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3017 3018**系统能力:** SystemCapability.Security.Cert 3019 3020**返回值**: 3021 3022| 类型 | 说明 | 3023| --------------------- | ----------------------------------------- | 3024| Uint8Array | DER格式数据的哈希值。| 3025 3026**错误码:** 3027 3028以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3029 3030| 错误码ID | 错误信息 | 3031| -------- | ------------- | 3032| 19020001 | memory malloc failed. | 3033| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3034| 19030001 | crypto operation error. | 3035 3036**示例:** 3037 3038```ts 3039import { cert } from '@kit.DeviceCertificateKit'; 3040import { BusinessError } from '@kit.BasicServicesKit'; 3041 3042// string转Uint8Array。 3043function stringToUint8Array(str: string): Uint8Array { 3044 let arr: Array<number> = []; 3045 for (let i = 0, j = str.length; i < j; i++) { 3046 arr.push(str.charCodeAt(i)); 3047 } 3048 return new Uint8Array(arr); 3049} 3050 3051let certData = "-----BEGIN CERTIFICATE-----\n" + 3052 "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 3053 "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 3054 "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 3055 "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 3056 "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 3057 "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 3058 "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 3059 "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 3060 "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 3061 "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 3062 "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 3063 "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 3064 "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 3065 "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 3066 "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 3067 "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 3068 "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 3069 "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 3070 "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 3071 "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 3072 "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 3073 "-----END CERTIFICATE-----\n" 3074 3075 // 证书二进制数据,需业务自行赋值。 3076 let encodingBlob: cert.EncodingBlob = { 3077 data: stringToUint8Array(certData), 3078 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3079 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3080 }; 3081 3082async function certHashCode() { 3083 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 3084 try { 3085 x509Cert = await cert.createX509Cert(encodingBlob); 3086 console.log('createX509Cert success'); 3087 console.info('certHashCode success: ' + JSON.stringify(x509Cert.hashCode())); 3088 } catch (err) { 3089 let e: BusinessError = err as BusinessError; 3090 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3091 } 3092} 3093``` 3094 3095### getExtensionsObject<sup>12+</sup> 3096 3097getExtensionsObject(): CertExtension 3098 3099获取对应实体的扩展域DER格式数据。 3100 3101**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3102 3103**系统能力:** SystemCapability.Security.Cert 3104 3105**返回值**: 3106 3107| 类型 | 说明 | 3108| --------------------- | ----------------------------------------- | 3109| [CertExtension](#certextension10) | 证书扩展域段类对象。| 3110 3111**错误码:** 3112 3113以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3114 3115| 错误码ID | 错误信息 | 3116| -------- | ------------- | 3117| 19020001 | memory malloc failed. | 3118| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3119| 19030001 | crypto operation error. | 3120 3121**示例:** 3122 3123```ts 3124import { cert } from '@kit.DeviceCertificateKit'; 3125import { BusinessError } from '@kit.BasicServicesKit'; 3126 3127// string转Uint8Array。 3128function stringToUint8Array(str: string): Uint8Array { 3129 let arr: Array<number> = []; 3130 for (let i = 0, j = str.length; i < j; i++) { 3131 arr.push(str.charCodeAt(i)); 3132 } 3133 return new Uint8Array(arr); 3134} 3135 3136let certData = "-----BEGIN CERTIFICATE-----\n" + 3137 "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 3138 "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 3139 "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 3140 "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 3141 "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 3142 "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 3143 "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 3144 "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 3145 "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 3146 "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 3147 "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 3148 "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 3149 "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 3150 "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 3151 "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 3152 "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 3153 "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 3154 "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 3155 "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 3156 "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 3157 "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 3158 "-----END CERTIFICATE-----\n" 3159 3160 // 证书二进制数据,需业务自行赋值。 3161 let encodingBlob: cert.EncodingBlob = { 3162 data: stringToUint8Array(certData), 3163 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3164 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3165 }; 3166 3167async function certGetExtensionsObject() { 3168 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 3169 try { 3170 x509Cert = await cert.createX509Cert(encodingBlob); 3171 console.log('createX509Cert success'); 3172 let object = x509Cert.getExtensionsObject(); 3173 } catch (err) { 3174 let e: BusinessError = err as BusinessError; 3175 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3176 } 3177} 3178``` 3179 3180## cert.createCertExtension<sup>10+</sup> 3181 3182createCertExtension(inStream : EncodingBlob, callback : AsyncCallback\<CertExtension>) : void 3183 3184表示创建证书扩展域段的对象,使用Callback回调异步返回结果。 3185 3186**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3187 3188**系统能力:** SystemCapability.Security.Cert 3189 3190**参数**: 3191 3192| 参数名 | 类型 | 必填 | 说明 | 3193| -------- | ------------------------------------------------- | ---- | -------------------------- | 3194| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据。 | 3195| callback | AsyncCallback\<[CertExtension](#certextension10)> | 是 | 回调函数,表示扩展域段对象。 | 3196 3197**错误码:** 3198 3199以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3200 3201| 错误码ID | 错误信息 | 3202| -------- | ------------- | 3203| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3204| 801 | this operation is not supported. | 3205| 19020001 | memory malloc failed. | 3206| 19030001 | crypto operation error. | 3207 3208**示例:** 3209 3210```ts 3211import { cert } from '@kit.DeviceCertificateKit'; 3212 3213// 证书扩展域段二进制数据,需业务自行赋值。 3214let extData = new Uint8Array([ 3215 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3216 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3217 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3218 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3219 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3220 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3221 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3222 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3223 0xD9, 0xE4 3224]); 3225 3226let encodingBlob: cert.EncodingBlob = { 3227 data: extData, 3228 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3229 encodingFormat: cert.EncodingFormat.FORMAT_DER 3230}; 3231 3232cert.createCertExtension(encodingBlob, (error, certExt) => { 3233 if (error) { 3234 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3235 } else { 3236 console.log('createCertExtension success'); 3237 } 3238}); 3239``` 3240 3241## cert.createCertExtension<sup>10+</sup> 3242 3243createCertExtension(inStream : EncodingBlob) : Promise\<CertExtension> 3244 3245表示创建证书扩展域段的对象,使用Promise方式异步返回结果。 3246 3247**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3248 3249**系统能力:** SystemCapability.Security.Cert 3250 3251**参数**: 3252 3253| 参数名 | 类型 | 必填 | 说明 | 3254| -------- | ----------------------------- | ---- | -------------------------- | 3255| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据。 | 3256 3257**返回值**: 3258 3259| 类型 | 说明 | 3260| ------------------------------------------- | -------------------- | 3261| Promise\<[CertExtension](#certextension10)> | 表示证书扩展域段对象。 | 3262 3263**错误码:** 3264 3265以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3266 3267| 错误码ID | 错误信息 | 3268| -------- | ------------- | 3269| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3270| 801 | this operation is not supported. | 3271| 19020001 | memory malloc failed. | 3272| 19030001 | crypto operation error. | 3273 3274**示例:** 3275 3276```ts 3277import { cert } from '@kit.DeviceCertificateKit'; 3278import { BusinessError } from '@kit.BasicServicesKit'; 3279 3280// 证书扩展域段二进制数据,需业务自行赋值。 3281let extData = new Uint8Array([ 3282 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3283 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3284 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3285 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3286 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3287 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3288 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3289 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3290 0xD9, 0xE4 3291]); 3292 3293let encodingBlob: cert.EncodingBlob = { 3294 data: extData, 3295 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3296 encodingFormat: cert.EncodingFormat.FORMAT_DER 3297}; 3298 3299cert.createCertExtension(encodingBlob).then(certExt => { 3300 console.log('createCertExtension success'); 3301}).catch((error: BusinessError) => { 3302 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3303}); 3304``` 3305 3306## CertExtension<sup>10+</sup> 3307 3308证书扩展域段类。 3309 3310### getEncoded<sup>10+</sup> 3311 3312getEncoded() : EncodingBlob 3313 3314表示获取证书扩展域段序列化数据。 3315 3316**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3317 3318**系统能力:** SystemCapability.Security.Cert 3319 3320**返回值**: 3321 3322| 类型 | 说明 | 3323| ----------------------------- | ---------------------------- | 3324| [EncodingBlob](#encodingblob) | 表示证书扩展域段序列化数据。 | 3325 3326**错误码:** 3327 3328以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3329 3330| 错误码ID | 错误信息 | 3331| -------- | ----------------------- | 3332| 19020001 | memory malloc failed. | 3333| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3334| 19030001 | crypto operation error. | 3335 3336**示例:** 3337 3338```ts 3339import { cert } from '@kit.DeviceCertificateKit'; 3340import { BusinessError } from '@kit.BasicServicesKit'; 3341 3342// 证书扩展域段二进制数据,需业务自行赋值。 3343let extData = new Uint8Array([ 3344 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3345 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3346 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3347 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3348 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3349 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3350 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3351 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3352 0xD9, 0xE4 3353]); 3354 3355let encodingBlob: cert.EncodingBlob = { 3356 data: extData, 3357 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3358 encodingFormat: cert.EncodingFormat.FORMAT_DER 3359}; 3360 3361cert.createCertExtension(encodingBlob, (error, certExt) => { 3362 if (error) { 3363 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3364 } else { 3365 console.log('createCertExtension success'); 3366 try { 3367 let extEncodedBlob = certExt.getEncoded(); 3368 } catch (err) { 3369 let e: BusinessError = err as BusinessError; 3370 console.error('ext getEncoded failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3371 } 3372 } 3373}); 3374``` 3375 3376### getOidList<sup>10+</sup> 3377 3378getOidList(valueType : ExtensionOidType) : DataArray 3379 3380表示获取证书扩展域段对象标识符列表。 3381 3382**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3383 3384**系统能力:** SystemCapability.Security.Cert 3385 3386**参数**: 3387 3388| 参数名 | 类型 | 必填 | 说明 | 3389| --------- | ------------------------------------- | ---- | ------------------------------ | 3390| valueType | [ExtensionOidType](#extensionoidtype10) | 是 | 表示证书扩展域段对象标识符类型。 | 3391 3392**返回值**: 3393 3394| 类型 | 说明 | 3395| ----------------------- | -------------------------------- | 3396| [DataArray](#dataarray) | 表示证书扩展域段对象标识符列表。 | 3397 3398**错误码:** 3399 3400以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3401 3402| 错误码ID | 错误信息 | 3403| -------- | ----------------------- | 3404| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3405| 19020001 | memory malloc failed. | 3406| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3407| 19030001 | crypto operation error. | 3408 3409**示例:** 3410 3411```ts 3412import { cert } from '@kit.DeviceCertificateKit'; 3413import { BusinessError } from '@kit.BasicServicesKit'; 3414 3415// 证书扩展域段二进制数据,需业务自行赋值。 3416let extData = new Uint8Array([ 3417 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3418 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3419 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3420 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3421 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3422 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3423 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3424 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3425 0xD9, 0xE4 3426]); 3427 3428let encodingBlob: cert.EncodingBlob = { 3429 data: extData, 3430 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3431 encodingFormat: cert.EncodingFormat.FORMAT_DER 3432}; 3433 3434cert.createCertExtension(encodingBlob, (error, certExt) => { 3435 if (error) { 3436 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3437 } else { 3438 console.log('createCertExtension success'); 3439 try { 3440 let oidList = certExt.getOidList(cert.ExtensionOidType.EXTENSION_OID_TYPE_ALL); 3441 } catch (err) { 3442 let e: BusinessError = err as BusinessError; 3443 console.error('ext getOidList failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3444 } 3445 } 3446}); 3447``` 3448 3449### getEntry<sup>10+</sup> 3450 3451getEntry(valueType: ExtensionEntryType, oid : DataBlob) : DataBlob 3452 3453表示获取证书扩展域段对象信息。 3454 3455**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3456 3457**系统能力:** SystemCapability.Security.Cert 3458 3459**参数**: 3460 3461| 参数名 | 类型 | 必填 | 说明 | 3462| --------- | ----------------------------------------- | ---- | -------------------------------- | 3463| valueType | [ExtensionEntryType](#extensionentrytype10) | 是 | 表示证书扩展域段获取的类型。 | 3464| oid | [DataBlob](#datablob) | 是 | 表示证书扩展域段获取的对象标识符。 | 3465 3466**返回值**: 3467 3468| 类型 | 说明 | 3469| --------------------- | ---------------------------- | 3470| [DataBlob](#datablob) | 表示证书扩展域段对象的数据。 | 3471 3472**错误码:** 3473 3474以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3475 3476| 错误码ID | 错误信息 | 3477| -------- | ----------------------- | 3478| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3479| 19020001 | memory malloc failed. | 3480| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3481| 19030001 | crypto operation error. | 3482 3483**示例:** 3484 3485```ts 3486import { cert } from '@kit.DeviceCertificateKit'; 3487import { BusinessError } from '@kit.BasicServicesKit'; 3488 3489// 证书扩展域段二进制数据,需业务自行赋值。 3490let extData = new Uint8Array([ 3491 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3492 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3493 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3494 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3495 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3496 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3497 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3498 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3499 0xD9, 0xE4 3500]); 3501 3502let encodingBlob: cert.EncodingBlob = { 3503 data: extData, 3504 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3505 encodingFormat: cert.EncodingFormat.FORMAT_DER 3506}; 3507 3508cert.createCertExtension(encodingBlob, (error, certExt) => { 3509 if (error) { 3510 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3511 } else { 3512 console.log('createCertExtension success'); 3513 let oid = new Uint8Array([0x32, 0x2e, 0x35, 0x2e, 0x32, 0x39, 0x2e, 0x31, 0x35]); 3514 let oidBlob: cert.DataBlob = { 3515 data: oid 3516 } 3517 try { 3518 let entry = certExt.getEntry(cert.ExtensionEntryType.EXTENSION_ENTRY_TYPE_ENTRY, oidBlob); 3519 } catch (err) { 3520 let e: BusinessError = err as BusinessError; 3521 console.error('ext getEntry failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3522 } 3523 } 3524}); 3525``` 3526 3527 3528### checkCA<sup>10+</sup> 3529 3530checkCA() : number 3531 3532表示校验证书是否为CA证书。 3533 3534**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3535 3536**系统能力:** SystemCapability.Security.Cert 3537 3538**返回值**: 3539 3540| 类型 | 说明 | 3541| ------ | ------------------------------------------------------------ | 3542| number | 当证书扩展域段中密钥用途包含签名用途,并且基本约束中cA字段为true时,表示证书为CA证书。如果不是CA,则返回-1;否则返回基本约束中的路径长度。如果证书是CA证书,但是基本约束中未给定路径长度,则返回-2,表示无路径长度限制。 | 3543 3544**错误码:** 3545 3546以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3547 3548| 错误码ID | 错误信息 | 3549| -------- | ----------------------- | 3550| 19020001 | memory malloc failed. | 3551| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3552| 19030001 | crypto operation error. | 3553 3554**示例:** 3555 3556```ts 3557import { cert } from '@kit.DeviceCertificateKit'; 3558import { BusinessError } from '@kit.BasicServicesKit'; 3559 3560// 证书扩展域段二进制数据,需业务自行赋值。 3561let extData = new Uint8Array([ 3562 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3563 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3564 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3565 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3566 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3567 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3568 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3569 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3570 0xD9, 0xE4 3571]); 3572 3573let encodingBlob: cert.EncodingBlob = { 3574 data: extData, 3575 // 根据encodingData的格式进行赋值,仅支持FORMAT_DER。 3576 encodingFormat: cert.EncodingFormat.FORMAT_DER 3577}; 3578cert.createCertExtension(encodingBlob, (error, certExt) => { 3579 if (error) { 3580 console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3581 } else { 3582 console.log('createCertExtension success'); 3583 try { 3584 let res = certExt.checkCA(); 3585 } catch (err) { 3586 let e: BusinessError = err as BusinessError; 3587 console.error('ext checkCA failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3588 } 3589 } 3590}); 3591``` 3592 3593### hasUnsupportedCriticalExtension<sup>11+</sup> 3594 3595hasUnsupportedCriticalExtension(): boolean 3596 3597判断是否存在不支持的关键扩展。 3598 3599**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3600 3601**系统能力:** SystemCapability.Security.Cert 3602 3603**返回值**: 3604 3605| 类型 | 说明 | 3606| ------- | ------------------------------------------------------- | 3607| boolean | 当存在不支持的关键扩展时,该方法返回true,否则返回false。 | 3608 3609**错误码:** 3610 3611以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3612 3613| 错误码ID | 错误信息 | 3614| -------- | ----------------------- | 3615| 19020001 | memory malloc failed. | 3616| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 3617| 19030001 | crypto operation error. | 3618 3619**示例:** 3620 3621```ts 3622import { cert } from '@kit.DeviceCertificateKit'; 3623import { BusinessError } from '@kit.BasicServicesKit'; 3624 3625let encodingData = new Uint8Array([ 3626 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3627 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3628 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3629 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3630 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3631 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3632 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3633 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3634 0xD9, 0xE4 3635]); 3636let encodingBlob: cert.EncodingBlob = { 3637 data: new Uint8Array(encodingData), 3638 encodingFormat: cert.EncodingFormat.FORMAT_DER 3639}; 3640 3641cert.createCertExtension(encodingBlob).then((extensionObj) => { 3642 console.log('createCertExtension success!'); 3643 const result = extensionObj.hasUnsupportedCriticalExtension() 3644 console.log('has unsupported critical extension result is:' + result); 3645}).catch((err: BusinessError) => { 3646 console.error('createCertExtension failed'); 3647}); 3648``` 3649 3650## cert.createX509Crl<sup>(deprecated)</sup> 3651 3652createX509Crl(inStream : EncodingBlob, callback : AsyncCallback\<X509Crl>) : void 3653 3654表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。 3655 3656> **说明:** 3657> 3658> 从API version 11开始废弃,建议使用[cert.createX509CRL](#certcreatex509crl11)替代。 3659 3660**系统能力:** SystemCapability.Security.Cert 3661 3662**参数**: 3663 3664| 参数名 | 类型 | 必填 | 说明 | 3665| -------- | ----------------------------------- | ---- | ------------------------------ | 3666| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据。 | 3667| callback | AsyncCallback\<[X509Crl](#x509crldeprecated)> | 是 | 回调函数,表示证书吊销列表对象。 | 3668 3669**错误码:** 3670 3671以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3672 3673| 错误码ID | 错误信息 | 3674| -------- | ------------- | 3675| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3676| 801 | this operation is not supported. | 3677| 19020001 | memory malloc failed. | 3678 3679**示例:** 3680 3681```ts 3682import { cert } from '@kit.DeviceCertificateKit'; 3683 3684// string转Uint8Array。 3685function stringToUint8Array(str: string): Uint8Array { 3686 let arr: Array<number> = []; 3687 for (let i = 0, j = str.length; i < j; i++) { 3688 arr.push(str.charCodeAt(i)); 3689 } 3690 return new Uint8Array(arr); 3691} 3692 3693let crlData = '-----BEGIN X509 CRL-----\n' + 3694 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3695 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3696 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3697 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3698 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3699 'eavsH0Q3\n' + 3700 '-----END X509 CRL-----\n'; 3701 3702// 证书吊销列表二进制数据,需业务自行赋值。 3703let encodingBlob: cert.EncodingBlob = { 3704 data: stringToUint8Array(crlData), 3705 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3706 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3707}; 3708 3709cert.createX509Crl(encodingBlob, (error, x509Crl) => { 3710 if (error) { 3711 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3712 } else { 3713 console.log('createX509Crl success'); 3714 } 3715}); 3716``` 3717 3718## cert.createX509Crl<sup>(deprecated)</sup> 3719 3720createX509Crl(inStream : EncodingBlob) : Promise\<X509Crl> 3721 3722表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。 3723 3724> **说明:** 3725> 3726> 从API version 11开始废弃,建议使用[cert.createX509CRL](#certcreatex509crl11-1)替代。 3727 3728**系统能力:** SystemCapability.Security.Cert 3729 3730**参数**: 3731 3732| 参数名 | 类型 | 必填 | 说明 | 3733| -------- | ----------------------------- | ---- | -------------------------- | 3734| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据。 | 3735 3736**返回值**: 3737 3738| 类型 | 说明 | 3739| ----------------------------- | -------------------- | 3740| Promise\<[X509Crl](#x509crldeprecated)> | 表示证书吊销列表对象。 | 3741 3742**错误码:** 3743 3744以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3745 3746| 错误码ID | 错误信息 | 3747| -------- | ------------- | 3748| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3749| 801 | this operation is not supported. | 3750| 19020001 | memory malloc failed. | 3751 3752**示例:** 3753 3754```ts 3755import { cert } from '@kit.DeviceCertificateKit'; 3756import { BusinessError } from '@kit.BasicServicesKit'; 3757 3758// string转Uint8Array。 3759function stringToUint8Array(str: string): Uint8Array { 3760 let arr: Array<number> = []; 3761 for (let i = 0, j = str.length; i < j; i++) { 3762 arr.push(str.charCodeAt(i)); 3763 } 3764 return new Uint8Array(arr); 3765} 3766 3767let crlData = '-----BEGIN X509 CRL-----\n' + 3768 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3769 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3770 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3771 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3772 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3773 'eavsH0Q3\n' + 3774 '-----END X509 CRL-----\n'; 3775 3776// 证书吊销列表二进制数据,需业务自行赋值。 3777let encodingBlob: cert.EncodingBlob = { 3778 data: stringToUint8Array(crlData), 3779 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3780 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3781}; 3782 3783cert.createX509Crl(encodingBlob).then(x509Crl => { 3784 console.log('createX509Crl success'); 3785}).catch((error: BusinessError) => { 3786 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3787}); 3788``` 3789 3790## cert.createX509CRL<sup>11+</sup> 3791 3792createX509CRL(inStream : EncodingBlob, callback : AsyncCallback\<X509CRL>) : void 3793 3794表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。 3795 3796**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3797 3798**系统能力:** SystemCapability.Security.Cert 3799 3800**参数**: 3801 3802| 参数名 | 类型 | 必填 | 说明 | 3803| -------- | ------------------------------------- | ---- | ------------------------------ | 3804| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据。当前支持的数据长度不超过8192字节。 | 3805| callback | AsyncCallback\<[X509CRL](#x509crl11)> | 是 | 回调函数,表示证书吊销列表对象。 | 3806 3807**错误码:** 3808 3809以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3810 3811| 错误码ID | 错误信息 | 3812| -------- | ------------- | 3813| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3814| 801 | this operation is not supported. | 3815| 19020001 | memory malloc failed. | 3816 3817**示例:** 3818 3819```ts 3820import { cert } from '@kit.DeviceCertificateKit'; 3821 3822// string转Uint8Array。 3823function stringToUint8Array(str: string): Uint8Array { 3824 let arr: Array<number> = []; 3825 for (let i = 0, j = str.length; i < j; i++) { 3826 arr.push(str.charCodeAt(i)); 3827 } 3828 return new Uint8Array(arr); 3829} 3830 3831let crlData = '-----BEGIN X509 CRL-----\n' + 3832 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3833 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3834 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3835 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3836 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3837 'eavsH0Q3\n' + 3838 '-----END X509 CRL-----\n'; 3839 3840// 证书吊销列表二进制数据,需业务自行赋值。 3841let encodingBlob: cert.EncodingBlob = { 3842 data: stringToUint8Array(crlData), 3843 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3844 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3845}; 3846 3847cert.createX509CRL(encodingBlob, (error, X509CRL) => { 3848 if (error) { 3849 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3850 } else { 3851 console.log('createX509CRL success'); 3852 } 3853}); 3854``` 3855 3856## cert.createX509CRL<sup>11+</sup> 3857 3858createX509CRL(inStream : EncodingBlob) : Promise\<X509CRL> 3859 3860表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。 3861 3862**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3863 3864**系统能力:** SystemCapability.Security.Cert 3865 3866**参数**: 3867 3868| 参数名 | 类型 | 必填 | 说明 | 3869| -------- | ----------------------------- | ---- | -------------------------- | 3870| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据。当前支持的数据长度不超过8192字节。 | 3871 3872**返回值**: 3873 3874| 类型 | 说明 | 3875| ------------------------------- | -------------------- | 3876| Promise\<[X509CRL](#x509crl11)> | 表示证书吊销列表对象。 | 3877 3878**错误码:** 3879 3880以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3881 3882| 错误码ID | 错误信息 | 3883| -------- | ------------- | 3884| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3885| 801 | this operation is not supported. | 3886| 19020001 | memory malloc failed. | 3887 3888**示例:** 3889 3890```ts 3891import { cert } from '@kit.DeviceCertificateKit'; 3892import { BusinessError } from '@kit.BasicServicesKit'; 3893 3894// string转Uint8Array。 3895function stringToUint8Array(str: string): Uint8Array { 3896 let arr: Array<number> = []; 3897 for (let i = 0, j = str.length; i < j; i++) { 3898 arr.push(str.charCodeAt(i)); 3899 } 3900 return new Uint8Array(arr); 3901} 3902 3903let crlData = '-----BEGIN X509 CRL-----\n' + 3904 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3905 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3906 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3907 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3908 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3909 'eavsH0Q3\n' + 3910 '-----END X509 CRL-----\n'; 3911 3912// 证书吊销列表二进制数据,需业务自行赋值。 3913let encodingBlob: cert.EncodingBlob = { 3914 data: stringToUint8Array(crlData), 3915 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 3916 encodingFormat: cert.EncodingFormat.FORMAT_PEM 3917}; 3918 3919cert.createX509CRL(encodingBlob).then(X509CRL => { 3920 console.log('createX509CRL success'); 3921}).catch((error: BusinessError) => { 3922 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3923}); 3924``` 3925 3926## X509Crl<sup>(deprecated)</sup> 3927 3928X509证书吊销列表对象。 3929 3930> **说明:** 3931> 3932> 从API version 11开始废弃,建议使用[X509CRL](#x509crl11)替代。 3933 3934### isRevoked<sup>(deprecated)</sup> 3935 3936isRevoked(cert : X509Cert) : boolean 3937 3938表示检查证书是否吊销。 3939 3940> **说明:** 3941> 3942> 从API version 11开始废弃,建议使用[X509CRL.isRevoked](#isrevoked11)替代。 3943 3944**系统能力:** SystemCapability.Security.Cert 3945 3946**参数**: 3947 3948| 参数名 | 类型 | 必填 | 说明 | 3949| ------ | -------- | ---- | -------------------- | 3950| cert | X509Cert | 是 | 表示被检查的证书对象。 | 3951 3952**返回值**: 3953 3954| 类型 | 说明 | 3955| --------- | --------------------------------------------- | 3956| boolean | 表示证书吊销状态,true表示已吊销,false表示未吊销。 | 3957 3958**错误码:** 3959 3960以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3961 3962| 错误码ID | 错误信息 | 3963| -------- | ------------- | 3964| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3965 3966**示例:** 3967 3968```ts 3969import { cert } from '@kit.DeviceCertificateKit'; 3970import { BusinessError } from '@kit.BasicServicesKit'; 3971 3972// string转Uint8Array。 3973function stringToUint8Array(str: string): Uint8Array { 3974 let arr: Array<number> = []; 3975 for (let i = 0, j = str.length; i < j; i++) { 3976 arr.push(str.charCodeAt(i)); 3977 } 3978 return new Uint8Array(arr); 3979} 3980 3981let crlData = '-----BEGIN X509 CRL-----\n' + 3982 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3983 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3984 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3985 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3986 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3987 'eavsH0Q3\n' + 3988 '-----END X509 CRL-----\n'; 3989 3990let certData = '-----BEGIN CERTIFICATE-----\n' + 3991 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 3992 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 3993 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 3994 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 3995 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 3996 '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 3997 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 3998 '-----END CERTIFICATE-----\n'; 3999 4000// 证书吊销列表二进制数据,需业务自行赋值。 4001let encodingBlob: cert.EncodingBlob = { 4002 data: stringToUint8Array(crlData), 4003 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4004 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4005}; 4006 4007let certEncodingBlob: cert.EncodingBlob = { 4008 data: stringToUint8Array(certData), 4009 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4010 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4011}; 4012 4013cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4014 if (error) { 4015 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4016 } else { 4017 console.log('createX509Crl success'); 4018 // Create an X509Cert instance. 4019 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 4020 if (error) { 4021 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4022 } else { 4023 try { 4024 let revokedFlag = x509Crl.isRevoked(x509Cert); 4025 } catch (error) { 4026 let e: BusinessError = error as BusinessError; 4027 console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4028 } 4029 } 4030 }); 4031 } 4032}); 4033``` 4034 4035### getType<sup>(deprecated)</sup> 4036 4037getType() : string 4038 4039表示获取证书吊销列表类型。 4040 4041> **说明:** 4042> 4043> 从API version 11开始废弃,建议使用[X509CRL.getType](#gettype11)替代。 4044 4045**系统能力:** SystemCapability.Security.Cert 4046 4047**返回值**: 4048 4049| 类型 | 说明 | 4050| ------ | -------------------- | 4051| string | 表示证书吊销列表类型。 | 4052 4053**示例:** 4054 4055```ts 4056import { cert } from '@kit.DeviceCertificateKit'; 4057 4058// string转Uint8Array。 4059function stringToUint8Array(str: string): Uint8Array { 4060 let arr: Array<number> = []; 4061 for (let i = 0, j = str.length; i < j; i++) { 4062 arr.push(str.charCodeAt(i)); 4063 } 4064 return new Uint8Array(arr); 4065} 4066 4067let crlData = '-----BEGIN X509 CRL-----\n' + 4068 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4069 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4070 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4071 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4072 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4073 'eavsH0Q3\n' + 4074 '-----END X509 CRL-----\n'; 4075 4076// 证书吊销列表二进制数据,需业务自行赋值。 4077let encodingBlob: cert.EncodingBlob = { 4078 data: stringToUint8Array(crlData), 4079 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4080 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4081}; 4082 4083cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4084 if (error) { 4085 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4086 } else { 4087 console.log('createX509Crl success'); 4088 let type = x509Crl.getType(); 4089 } 4090}); 4091``` 4092 4093### getEncoded<sup>(deprecated)</sup> 4094 4095getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 4096 4097表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。 4098 4099> **说明:** 4100> 4101> 从API version 11开始废弃,建议使用[X509CRL.getEncoded](#getencoded11)替代。 4102 4103**系统能力:** SystemCapability.Security.Cert 4104 4105**参数**: 4106 4107| 参数名 | 类型 | 必填 | 说明 | 4108| -------- | ---------------------------- | ---- | ------------------------------------------ | 4109| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示X509证书吊销列表的序列化数据。 | 4110 4111**错误码:** 4112 4113以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4114 4115| 错误码ID | 错误信息 | 4116| -------- | ----------------------- | 4117| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 4118| 19020001 | memory malloc failed. | 4119| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 4120| 19030001 | crypto operation error. | 4121 4122**示例:** 4123 4124```ts 4125import { cert } from '@kit.DeviceCertificateKit'; 4126 4127// string转Uint8Array。 4128function stringToUint8Array(str: string): Uint8Array { 4129 let arr: Array<number> = []; 4130 for (let i = 0, j = str.length; i < j; i++) { 4131 arr.push(str.charCodeAt(i)); 4132 } 4133 return new Uint8Array(arr); 4134} 4135 4136let crlData = '-----BEGIN X509 CRL-----\n' + 4137 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4138 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4139 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4140 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4141 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4142 'eavsH0Q3\n' + 4143 '-----END X509 CRL-----\n'; 4144 4145// 证书吊销列表二进制数据,需业务自行赋值。 4146let encodingBlob: cert.EncodingBlob = { 4147 data: stringToUint8Array(crlData), 4148 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4149 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4150}; 4151 4152cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4153 if (error) { 4154 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4155 } else { 4156 console.log('createX509Crl success'); 4157 x509Crl.getEncoded((error, data) => { 4158 if (error) { 4159 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4160 } else { 4161 console.log('getEncoded success'); 4162 } 4163 }); 4164 } 4165}); 4166``` 4167 4168### getEncoded<sup>(deprecated)</sup> 4169 4170getEncoded() : Promise\<EncodingBlob> 4171 4172表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。 4173 4174> **说明:** 4175> 4176> 从API version 11开始废弃,建议使用[X509CRL.getEncoded](#getencoded11-1)替代。 4177 4178**系统能力:** SystemCapability.Security.Cert 4179 4180**返回值**: 4181 4182| 类型 | 说明 | 4183| ---------------------- | -------------------------------- | 4184| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书吊销列表的序列化数据。 | 4185 4186**错误码:** 4187 4188以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4189 4190| 错误码ID | 错误信息 | 4191| -------- | ----------------------- | 4192| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 4193| 19020001 | memory malloc failed. | 4194| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 4195| 19030001 | crypto operation error. | 4196 4197**示例:** 4198 4199```ts 4200import { cert } from '@kit.DeviceCertificateKit'; 4201import { BusinessError } from '@kit.BasicServicesKit'; 4202 4203// string转Uint8Array。 4204function stringToUint8Array(str: string): Uint8Array { 4205 let arr: Array<number> = []; 4206 for (let i = 0, j = str.length; i < j; i++) { 4207 arr.push(str.charCodeAt(i)); 4208 } 4209 return new Uint8Array(arr); 4210} 4211 4212let crlData = '-----BEGIN X509 CRL-----\n' + 4213 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4214 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4215 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4216 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4217 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4218 'eavsH0Q3\n' + 4219 '-----END X509 CRL-----\n'; 4220 4221// 证书吊销列表二进制数据,需业务自行赋值。 4222let encodingBlob: cert.EncodingBlob = { 4223 data: stringToUint8Array(crlData), 4224 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4225 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4226}; 4227 4228cert.createX509Crl(encodingBlob).then(x509Crl => { 4229 console.log('createX509Crl success'); 4230 x509Crl.getEncoded().then(result => { 4231 console.log('getEncoded success'); 4232 }).catch((error: BusinessError) => { 4233 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4234 }); 4235}).catch((error: BusinessError) => { 4236 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4237}); 4238``` 4239 4240### verify<sup>(deprecated)</sup> 4241 4242verify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 4243 4244表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。 4245 4246> **说明:** 4247> 4248> 从API version 11开始废弃,建议使用[X509CRL.verify](#verify11)替代。 4249 4250**系统能力:** SystemCapability.Security.Cert 4251 4252**参数**: 4253 4254| 参数名 | 类型 | 必填 | 说明 | 4255| -------- | -------------------- | ---- | ------------------------------------------------------------ | 4256| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 4257| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。 | 4258 4259**错误码:** 4260 4261以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4262 4263| 错误码ID | 错误信息 | 4264| -------- | ----------------------- | 4265| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4266| 19030001 | crypto operation error. | 4267 4268**示例:** 4269 4270```ts 4271import { cert } from '@kit.DeviceCertificateKit'; 4272import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4273import { BusinessError } from '@kit.BasicServicesKit'; 4274 4275// string转Uint8Array。 4276function stringToUint8Array(str: string): Uint8Array { 4277 let arr: Array<number> = []; 4278 for (let i = 0, j = str.length; i < j; i++) { 4279 arr.push(str.charCodeAt(i)); 4280 } 4281 return new Uint8Array(arr); 4282} 4283 4284let crlData = '-----BEGIN X509 CRL-----\n' + 4285 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4286 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4287 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4288 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4289 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4290 'eavsH0Q3\n' + 4291 '-----END X509 CRL-----\n'; 4292 4293let pubKeyData = new Uint8Array([ 4294 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 4295 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 4296 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 4297 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 4298 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 4299 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 4300 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 4301 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 4302 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 4303 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 4304 0x00, 0x01 4305]); 4306 4307let priKeyData = new Uint8Array([ 4308 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 4309 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 4310 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 4311 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 4312 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 4313 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 4314 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 4315 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 4316 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 4317 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 4318 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 4319 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 4320 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 4321 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 4322 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 4323 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 4324 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 4325 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 4326 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 4327 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 4328 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 4329 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 4330 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 4331 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 4332 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 4333 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 4334 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 4335 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 4336 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 4337 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 4338 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 4339 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 4340 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 4341 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 4342 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 4343 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 4344 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 4345 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 4346 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 4347 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 4348]); 4349 4350// 证书吊销列表二进制数据,需业务自行赋值。 4351let encodingBlob: cert.EncodingBlob = { 4352 data: stringToUint8Array(crlData), 4353 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4354 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4355}; 4356 4357cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4358 if (error) { 4359 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4360 } else { 4361 console.log('createX509Crl success'); 4362 try { 4363 // Generate the public key by AsyKeyGenerator. 4364 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 4365 console.log('createAsyKeyGenerator success'); 4366 let priEncodingBlob: cryptoFramework.DataBlob = { 4367 data: priKeyData, 4368 }; 4369 let pubEncodingBlob: cryptoFramework.DataBlob = { 4370 data: pubKeyData, 4371 }; 4372 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => { 4373 if (e) { 4374 console.error('convert key failed, message: ' + e.message + 'code: ' + e.code); 4375 } else { 4376 console.log('convert key success'); 4377 x509Crl.verify(keyPair.pubKey, (err, data) => { 4378 if (err) { 4379 console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 4380 } else { 4381 console.log('verify success'); 4382 } 4383 }); 4384 } 4385 }) 4386 } catch (error) { 4387 let e: BusinessError = error as BusinessError; 4388 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4389 } 4390 } 4391}); 4392``` 4393 4394### verify<sup>(deprecated)</sup> 4395 4396verify(key : cryptoFramework.PubKey) : Promise\<void> 4397 4398表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。 4399 4400> **说明:** 4401> 4402> 从API version 11开始废弃,建议使用[X509CRL.verify](#verify11-1)替代。 4403 4404**系统能力:** SystemCapability.Security.Cert 4405 4406**参数**: 4407 4408| 参数名 | 类型 | 必填 | 说明 | 4409| ------ | ------ | ---- | ---------------------- | 4410| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 4411 4412**返回值**: 4413 4414| 类型 | 说明 | 4415| ---- | ------------------------------------------------------------ | 4416| Promise\<void> | Promise对象。 | 4417 4418**错误码:** 4419 4420以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4421 4422| 错误码ID | 错误信息 | 4423| -------- | ----------------------- | 4424| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4425| 19030001 | crypto operation error. | 4426 4427**示例:** 4428 4429```ts 4430import { cert } from '@kit.DeviceCertificateKit'; 4431import { cryptoFramework } from '@kit.CryptoArchitectureKit' 4432import { BusinessError } from '@kit.BasicServicesKit'; 4433 4434// string转Uint8Array。 4435function stringToUint8Array(str: string): Uint8Array { 4436 let arr: Array<number> = []; 4437 for (let i = 0, j = str.length; i < j; i++) { 4438 arr.push(str.charCodeAt(i)); 4439 } 4440 return new Uint8Array(arr); 4441} 4442 4443let crlData = '-----BEGIN X509 CRL-----\n' + 4444 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4445 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4446 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4447 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4448 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4449 'eavsH0Q3\n' + 4450 '-----END X509 CRL-----\n'; 4451 4452let pubKeyData = new Uint8Array([ 4453 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 4454 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 4455 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 4456 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 4457 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 4458 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 4459 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 4460 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 4461 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 4462 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 4463 0x00, 0x01 4464]); 4465 4466let priKeyData = new Uint8Array([ 4467 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 4468 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 4469 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 4470 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 4471 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 4472 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 4473 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 4474 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 4475 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 4476 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 4477 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 4478 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 4479 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 4480 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 4481 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 4482 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 4483 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 4484 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 4485 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 4486 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 4487 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 4488 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 4489 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 4490 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 4491 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 4492 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 4493 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 4494 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 4495 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 4496 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 4497 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 4498 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 4499 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 4500 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 4501 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 4502 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 4503 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 4504 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 4505 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 4506 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 4507]); 4508 4509// 证书吊销列表二进制数据,需业务自行赋值。 4510let encodingBlob: cert.EncodingBlob = { 4511 data: stringToUint8Array(crlData), 4512 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4513 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4514}; 4515 4516cert.createX509Crl(encodingBlob).then(x509Crl => { 4517 console.log('createX509Crl success'); 4518 4519 try { 4520 // 生成公钥对象。 4521 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 4522 console.log('createAsyKeyGenerator success'); 4523 let priEncodingBlob: cryptoFramework.DataBlob = { 4524 data: priKeyData, 4525 }; 4526 let pubEncodingBlob: cryptoFramework.DataBlob = { 4527 data: pubKeyData, 4528 }; 4529 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => { 4530 console.log('convert key success'); 4531 x509Crl.verify(keyPair.pubKey).then(result => { 4532 console.log('verify success'); 4533 }).catch((error: BusinessError) => { 4534 console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4535 }); 4536 }).catch((error: BusinessError) => { 4537 console.error('convert key failed, message: ' + error.message + 'code: ' + error.code); 4538 }); 4539 } catch (error) { 4540 let e: BusinessError = error as BusinessError; 4541 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4542 } 4543}).catch((error: BusinessError) => { 4544 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4545}); 4546``` 4547 4548### getVersion<sup>(deprecated)</sup> 4549 4550getVersion() : number 4551 4552表示获取X509证书吊销列表的版本号。 4553 4554> **说明:** 4555> 4556> 从API version 11开始废弃,建议使用[X509CRL.getVersion](#getversion11)替代。 4557 4558**系统能力:** SystemCapability.Security.Cert 4559 4560**返回值**: 4561 4562| 类型 | 说明 | 4563| ------ | -------------------------------- | 4564| number | 表示获取X509证书吊销列表的版本号。 | 4565 4566**示例:** 4567 4568```ts 4569import { cert } from '@kit.DeviceCertificateKit'; 4570 4571// string转Uint8Array。 4572function stringToUint8Array(str: string): Uint8Array { 4573 let arr: Array<number> = []; 4574 for (let i = 0, j = str.length; i < j; i++) { 4575 arr.push(str.charCodeAt(i)); 4576 } 4577 return new Uint8Array(arr); 4578} 4579 4580let crlData = '-----BEGIN X509 CRL-----\n' + 4581 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4582 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4583 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4584 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4585 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4586 'eavsH0Q3\n' + 4587 '-----END X509 CRL-----\n'; 4588 4589// 证书吊销列表二进制数据,需业务自行赋值。 4590let encodingBlob: cert.EncodingBlob = { 4591 data: stringToUint8Array(crlData), 4592 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4593 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4594}; 4595 4596cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4597 if (error) { 4598 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4599 } else { 4600 console.log('createX509Crl success'); 4601 let version = x509Crl.getVersion(); 4602 } 4603}); 4604``` 4605 4606### getIssuerName<sup>(deprecated)</sup> 4607 4608getIssuerName() : DataBlob 4609 4610表示获取X509证书吊销列表颁发者名称。 4611 4612> **说明:** 4613> 4614> 从API version 11开始废弃,建议使用[X509CRL.getIssuerName](#getissuername11)替代。 4615 4616**系统能力:** SystemCapability.Security.Cert 4617 4618**返回值**: 4619 4620| 类型 | 说明 | 4621| --------------------- | ------------------------------ | 4622| [DataBlob](#datablob) | 表示X509证书吊销列表颁发者名称。 | 4623 4624**错误码:** 4625 4626以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4627 4628| 错误码ID | 错误信息 | 4629| -------- | ----------------------- | 4630| 19020001 | memory malloc failed. | 4631| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 4632| 19030001 | crypto operation error. | 4633 4634**示例:** 4635 4636```ts 4637import { cert } from '@kit.DeviceCertificateKit'; 4638import { BusinessError } from '@kit.BasicServicesKit'; 4639 4640// string转Uint8Array。 4641function stringToUint8Array(str: string): Uint8Array { 4642 let arr: Array<number> = []; 4643 for (let i = 0, j = str.length; i < j; i++) { 4644 arr.push(str.charCodeAt(i)); 4645 } 4646 return new Uint8Array(arr); 4647} 4648 4649let crlData = '-----BEGIN X509 CRL-----\n' + 4650 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4651 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4652 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4653 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4654 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4655 'eavsH0Q3\n' + 4656 '-----END X509 CRL-----\n'; 4657 4658// 证书吊销列表二进制数据,需业务自行赋值。 4659let encodingBlob: cert.EncodingBlob = { 4660 data: stringToUint8Array(crlData), 4661 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4662 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4663}; 4664 4665cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4666 if (error) { 4667 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4668 } else { 4669 console.log('createX509Crl success'); 4670 try { 4671 let issuerName = x509Crl.getIssuerName(); 4672 } catch (err) { 4673 let e: BusinessError = err as BusinessError; 4674 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4675 } 4676 } 4677}); 4678``` 4679 4680### getLastUpdate<sup>(deprecated)</sup> 4681 4682getLastUpdate() : string 4683 4684表示获取X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 4685 4686> **说明:** 4687> 4688> 从API version 11开始废弃,建议使用[X509CRL.getLastUpdate](#getlastupdate11)替代。 4689 4690**系统能力:** SystemCapability.Security.Cert 4691 4692**返回值**: 4693 4694| 类型 | 说明 | 4695| ------ | ------------------------------------ | 4696| string | 表示X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 | 4697 4698**错误码:** 4699 4700以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4701 4702| 错误码ID | 错误信息 | 4703| -------- | ----------------------- | 4704| 19020001 | memory malloc failed. | 4705| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 4706| 19030001 | crypto operation error. | 4707 4708**示例:** 4709 4710```ts 4711import { cert } from '@kit.DeviceCertificateKit'; 4712import { BusinessError } from '@kit.BasicServicesKit'; 4713 4714// string转Uint8Array。 4715function stringToUint8Array(str: string): Uint8Array { 4716 let arr: Array<number> = []; 4717 for (let i = 0, j = str.length; i < j; i++) { 4718 arr.push(str.charCodeAt(i)); 4719 } 4720 return new Uint8Array(arr); 4721} 4722 4723let crlData = '-----BEGIN X509 CRL-----\n' + 4724 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4725 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4726 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4727 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4728 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4729 'eavsH0Q3\n' + 4730 '-----END X509 CRL-----\n'; 4731 4732// 证书吊销列表二进制数据,需业务自行赋值。 4733let encodingBlob: cert.EncodingBlob = { 4734 data: stringToUint8Array(crlData), 4735 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4736 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4737}; 4738 4739cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4740 if (error) { 4741 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4742 } else { 4743 console.log('createX509Crl success'); 4744 try { 4745 let lastUpdate = x509Crl.getLastUpdate(); 4746 } catch (err) { 4747 let e: BusinessError = err as BusinessError; 4748 console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4749 } 4750 } 4751}); 4752``` 4753 4754### getNextUpdate<sup>(deprecated)</sup> 4755 4756getNextUpdate() : string 4757 4758表示获取证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 4759 4760> **说明:** 4761> 4762> 从API version 11开始废弃,建议使用[X509CRL.getNextUpdate](#getnextupdate11)替代。 4763 4764**系统能力:** SystemCapability.Security.Cert 4765 4766**返回值**: 4767 4768| 类型 | 说明 | 4769| ------ | ------------------------------------ | 4770| string | 表示X509证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 | 4771 4772**错误码:** 4773 4774以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4775 4776| 错误码ID | 错误信息 | 4777| -------- | ----------------------- | 4778| 19020001 | memory malloc failed. | 4779| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 4780| 19030001 | crypto operation error. | 4781 4782**示例:** 4783 4784```ts 4785import { cert } from '@kit.DeviceCertificateKit'; 4786import { BusinessError } from '@kit.BasicServicesKit'; 4787 4788// string转Uint8Array。 4789function stringToUint8Array(str: string): Uint8Array { 4790 let arr: Array<number> = []; 4791 for (let i = 0, j = str.length; i < j; i++) { 4792 arr.push(str.charCodeAt(i)); 4793 } 4794 return new Uint8Array(arr); 4795} 4796 4797let crlData = '-----BEGIN X509 CRL-----\n' + 4798 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4799 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4800 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4801 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4802 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4803 'eavsH0Q3\n' + 4804 '-----END X509 CRL-----\n'; 4805 4806// 证书吊销列表二进制数据,需业务自行赋值。 4807let encodingBlob: cert.EncodingBlob = { 4808 data: stringToUint8Array(crlData), 4809 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4810 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4811}; 4812 4813cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4814 if (error) { 4815 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4816 } else { 4817 console.log('createX509Crl success'); 4818 try { 4819 let nextUpdate = x509Crl.getNextUpdate(); 4820 } catch (err) { 4821 let e: BusinessError = err as BusinessError; 4822 console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4823 } 4824 } 4825}); 4826``` 4827 4828### getRevokedCert<sup>(deprecated)</sup> 4829 4830getRevokedCert(serialNumber : number) : X509CrlEntry 4831 4832表示通过指定证书序列号获取被吊销X509证书对象。 4833 4834> **说明:** 4835> 4836> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCert](#getrevokedcert11)替代。 4837 4838**系统能力:** SystemCapability.Security.Cert 4839 4840**参数**: 4841 4842| 参数名 | 类型 | 必填 | 说明 | 4843| ------------ | ------ | ---- | -------------- | 4844| serialNumber | number | 是 | 表示证书序列号。 | 4845 4846**返回值**: 4847 4848| 类型 | 说明 | 4849| ---------------------- | --------------------- | 4850| [X509CrlEntry](#x509crlentrydeprecated) | 表示被吊销X509证书对象。 | 4851 4852**错误码:** 4853 4854以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4855 4856| 错误码ID | 错误信息 | 4857| -------- | ----------------------- | 4858| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4859| 19020001 | memory malloc failed. | 4860| 19030001 | crypto operation error. | 4861 4862**示例:** 4863 4864```ts 4865import { cert } from '@kit.DeviceCertificateKit'; 4866import { BusinessError } from '@kit.BasicServicesKit'; 4867 4868// string转Uint8Array。 4869function stringToUint8Array(str: string): Uint8Array { 4870 let arr: Array<number> = []; 4871 for (let i = 0, j = str.length; i < j; i++) { 4872 arr.push(str.charCodeAt(i)); 4873 } 4874 return new Uint8Array(arr); 4875} 4876 4877let crlData = '-----BEGIN X509 CRL-----\n' + 4878 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4879 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4880 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4881 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4882 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4883 'eavsH0Q3\n' + 4884 '-----END X509 CRL-----\n'; 4885 4886// 证书吊销列表二进制数据,需业务自行赋值。 4887let encodingBlob: cert.EncodingBlob = { 4888 data: stringToUint8Array(crlData), 4889 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4890 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4891}; 4892 4893cert.createX509Crl(encodingBlob, (error, x509Crl) => { 4894 if (error) { 4895 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4896 } else { 4897 console.log('createX509Crl success'); 4898 let serialNumber = 1000; 4899 try { 4900 let entry = x509Crl.getRevokedCert(serialNumber); 4901 } catch (error) { 4902 let e: BusinessError = error as BusinessError; 4903 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4904 } 4905 } 4906}); 4907``` 4908 4909### getRevokedCertWithCert<sup>(deprecated)</sup> 4910 4911getRevokedCertWithCert(cert : X509Cert) : X509CrlEntry 4912 4913表示通过指定证书对象获取被吊销X509证书对象。 4914 4915> **说明:** 4916> 4917> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCertWithCert](#getrevokedcertwithcert11)替代。 4918 4919**系统能力:** SystemCapability.Security.Cert 4920 4921**参数**: 4922 4923| 参数名 | 类型 | 必填 | 说明 | 4924| ------ | --------------------- | ---- | ------------ | 4925| cert | [X509Cert](#x509cert) | 是 | 表示证书对象。 | 4926 4927**返回值**: 4928 4929| 类型 | 说明 | 4930| ------------ | -------------------- | 4931| [X509CrlEntry](#x509crlentrydeprecated) | 表示被吊销X509证书对象。 | 4932 4933**错误码:** 4934 4935以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4936 4937| 错误码ID | 错误信息 | 4938| -------- | ----------------------- | 4939| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4940| 19020001 | memory malloc failed. | 4941| 19030001 | crypto operation error. | 4942 4943**示例:** 4944 4945```ts 4946import { cert } from '@kit.DeviceCertificateKit'; 4947import { BusinessError } from '@kit.BasicServicesKit'; 4948 4949// string转Uint8Array。 4950function stringToUint8Array(str: string): Uint8Array { 4951 let arr: Array<number> = []; 4952 for (let i = 0, j = str.length; i < j; i++) { 4953 arr.push(str.charCodeAt(i)); 4954 } 4955 return new Uint8Array(arr); 4956} 4957 4958let crlData = '-----BEGIN X509 CRL-----\n' + 4959 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 4960 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 4961 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 4962 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 4963 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 4964 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 4965 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 4966 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 4967 '+i2osvdPWRia0dJCL1PCA14k\n' + 4968 '-----END X509 CRL-----\n'; 4969 4970// 证书二进制数据,需业务自行赋值。 4971let certData = '-----BEGIN CERTIFICATE-----\n' + 4972 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 4973 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 4974 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 4975 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 4976 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 4977 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 4978 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 4979 '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 4980 '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 4981 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 4982 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 4983 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 4984 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 4985 '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 4986 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 4987 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 4988 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 4989 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 4990 '-----END CERTIFICATE-----\n'; 4991 4992let certEncodingBlob: cert.EncodingBlob = { 4993 data: stringToUint8Array(certData), 4994 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 4995 encodingFormat: cert.EncodingFormat.FORMAT_PEM 4996}; 4997 4998// 证书吊销列表二进制数据,需业务自行赋值。 4999let encodingBlob: cert.EncodingBlob = { 5000 data: stringToUint8Array(crlData), 5001 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5002 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5003}; 5004 5005cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5006 if (error) { 5007 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5008 } else { 5009 console.log('createX509Crl success'); 5010 // 创建X509证书对象。 5011 cert.createX509Cert(certEncodingBlob).then((x509Cert) => { 5012 try { 5013 let entry = x509Crl.getRevokedCertWithCert(x509Cert); 5014 console.log('getRevokedCertWithCert success'); 5015 } catch (error) { 5016 let e: BusinessError = error as BusinessError; 5017 console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5018 } 5019 }).catch((error: BusinessError) => { 5020 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5021 }) 5022 } 5023}); 5024``` 5025 5026### getRevokedCerts<sup>(deprecated)</sup> 5027 5028getRevokedCerts(callback : AsyncCallback<Array\<X509CrlEntry>>) : void 5029 5030表示获取被吊销X509证书列表,使用Callback回调异步返回结果。 5031 5032> **说明:** 5033> 5034> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCerts](#getrevokedcerts11)替代。 5035 5036**系统能力:** SystemCapability.Security.Cert 5037 5038**参数**: 5039 5040| 参数名 | 类型 | 必填 | 说明 | 5041| -------- | ---------------------------------------------------- | ---- | -------------------------------- | 5042| callback | AsyncCallback<Array\<[X509CrlEntry](#x509crlentrydeprecated)>> | 是 | 回调函数,表示被吊销X509证书列表。 | 5043 5044**错误码:** 5045 5046以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5047 5048| 错误码ID | 错误信息 | 5049| -------- | ----------------------- | 5050| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5051| 19020001 | memory malloc failed. | 5052| 19030001 | crypto operation error. | 5053 5054**示例:** 5055 5056```ts 5057import { cert } from '@kit.DeviceCertificateKit'; 5058import { BusinessError } from '@kit.BasicServicesKit'; 5059 5060// string转Uint8Array。 5061function stringToUint8Array(str: string): Uint8Array { 5062 let arr: Array<number> = []; 5063 for (let i = 0, j = str.length; i < j; i++) { 5064 arr.push(str.charCodeAt(i)); 5065 } 5066 return new Uint8Array(arr); 5067} 5068 5069let crlData = '-----BEGIN X509 CRL-----\n' + 5070 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5071 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5072 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5073 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5074 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5075 'eavsH0Q3\n' + 5076 '-----END X509 CRL-----\n'; 5077 5078// 证书吊销列表二进制数据,需业务自行赋值。 5079let encodingBlob: cert.EncodingBlob = { 5080 data: stringToUint8Array(crlData), 5081 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5082 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5083}; 5084 5085cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5086 if (error) { 5087 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5088 } else { 5089 console.log('createX509Crl success'); 5090 x509Crl.getRevokedCerts((error, array) => { 5091 if (error) { 5092 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5093 } else { 5094 console.log('getRevokedCerts success'); 5095 } 5096 }); 5097 } 5098}); 5099``` 5100 5101### getRevokedCerts<sup>(deprecated)</sup> 5102 5103getRevokedCerts() : Promise<Array\<X509CrlEntry>> 5104 5105表示获取被吊销X509证书列表,使用Promise方式异步返回结果。 5106 5107> **说明:** 5108> 5109> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCerts](#getrevokedcerts11-1)替代。 5110 5111**系统能力:** SystemCapability.Security.Cert 5112 5113**返回值**: 5114 5115| 类型 | 说明 | 5116| ---------------------------------------------- | ---------------------- | 5117| Promise<Array\<[X509CrlEntry](#x509crlentrydeprecated)>> | 表示被吊销X509证书列表。 | 5118 5119**错误码:** 5120 5121以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5122 5123| 错误码ID | 错误信息 | 5124| -------- | ----------------------- | 5125| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5126| 19020001 | memory malloc failed. | 5127| 19030001 | crypto operation error. | 5128 5129**示例:** 5130 5131```ts 5132import { cert } from '@kit.DeviceCertificateKit'; 5133import { BusinessError } from '@kit.BasicServicesKit'; 5134 5135// string转Uint8Array。 5136function stringToUint8Array(str: string): Uint8Array { 5137 let arr: Array<number> = []; 5138 for (let i = 0, j = str.length; i < j; i++) { 5139 arr.push(str.charCodeAt(i)); 5140 } 5141 return new Uint8Array(arr); 5142} 5143 5144let crlData = '-----BEGIN X509 CRL-----\n' + 5145 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5146 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5147 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5148 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5149 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5150 'eavsH0Q3\n' + 5151 '-----END X509 CRL-----\n'; 5152 5153// 证书吊销列表二进制数据,需业务自行赋值。 5154let encodingBlob: cert.EncodingBlob = { 5155 data: stringToUint8Array(crlData), 5156 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5157 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5158}; 5159 5160cert.createX509Crl(encodingBlob).then(x509Crl => { 5161 console.log('createX509Crl success'); 5162 x509Crl.getRevokedCerts().then(array => { 5163 console.log('getRevokedCerts success'); 5164 }).catch((error: BusinessError) => { 5165 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5166 }); 5167}).catch((error: BusinessError) => { 5168 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5169}); 5170``` 5171 5172### getTbsInfo<sup>(deprecated)</sup> 5173 5174getTbsInfo() : DataBlob 5175 5176表示获取证书吊销列表的tbsCertList信息。 5177 5178> **说明:** 5179> 5180> 从API version 11开始废弃,建议使用[X509CRL.getTBSInfo](#gettbsinfo11)替代。 5181 5182**系统能力:** SystemCapability.Security.Cert 5183 5184**返回值**: 5185 5186| 类型 | 说明 | 5187| --------------------- | ------------------------------- | 5188| [DataBlob](#datablob) | 表示证书吊销列表的tbsCertList信息。 | 5189 5190**错误码:** 5191 5192以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5193 5194| 错误码ID | 错误信息 | 5195| -------- | ----------------------- | 5196| 19020001 | memory malloc failed. | 5197| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5198| 19030001 | crypto operation error. | 5199 5200**示例:** 5201 5202```ts 5203import { cert } from '@kit.DeviceCertificateKit'; 5204import { BusinessError } from '@kit.BasicServicesKit'; 5205 5206// string转Uint8Array。 5207function stringToUint8Array(str: string): Uint8Array { 5208 let arr: Array<number> = []; 5209 for (let i = 0, j = str.length; i < j; i++) { 5210 arr.push(str.charCodeAt(i)); 5211 } 5212 return new Uint8Array(arr); 5213} 5214 5215let crlData = '-----BEGIN X509 CRL-----\n' + 5216 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5217 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5218 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5219 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5220 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5221 'eavsH0Q3\n' + 5222 '-----END X509 CRL-----\n'; 5223 5224// 证书吊销列表二进制数据,需业务自行赋值。 5225let encodingBlob: cert.EncodingBlob = { 5226 data: stringToUint8Array(crlData), 5227 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5228 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5229}; 5230 5231cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5232 if (error) { 5233 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5234 } else { 5235 console.log('createX509Crl success'); 5236 try { 5237 let tbsInfo = x509Crl.getTbsInfo(); 5238 } catch (error) { 5239 let e: BusinessError = error as BusinessError; 5240 console.error('getTbsInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5241 } 5242 } 5243}); 5244``` 5245 5246### getSignature<sup>(deprecated)</sup> 5247 5248getSignature() : DataBlob 5249 5250表示获取X509证书吊销列表的签名数据。 5251 5252> **说明:** 5253> 5254> 从API version 11开始废弃,建议使用[X509CRL.getSignature](#getsignature11)替代。 5255 5256**系统能力:** SystemCapability.Security.Cert 5257 5258**返回值**: 5259 5260| 类型 | 说明 | 5261| --------------------- | ------------------------------ | 5262| [DataBlob](#datablob) | 表示X509证书吊销列表的签名数据。 | 5263 5264**错误码:** 5265 5266以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5267 5268| 错误码ID | 错误信息 | 5269| -------- | ----------------------- | 5270| 19020001 | memory malloc failed. | 5271| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5272| 19030001 | crypto operation error. | 5273 5274**示例:** 5275 5276```ts 5277import { cert } from '@kit.DeviceCertificateKit'; 5278import { BusinessError } from '@kit.BasicServicesKit'; 5279 5280// string转Uint8Array。 5281function stringToUint8Array(str: string): Uint8Array { 5282 let arr: Array<number> = []; 5283 for (let i = 0, j = str.length; i < j; i++) { 5284 arr.push(str.charCodeAt(i)); 5285 } 5286 return new Uint8Array(arr); 5287} 5288 5289let crlData = '-----BEGIN X509 CRL-----\n' + 5290 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5291 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5292 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5293 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5294 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5295 'eavsH0Q3\n' + 5296 '-----END X509 CRL-----\n'; 5297 5298// 证书吊销列表二进制数据,需业务自行赋值。 5299let encodingBlob: cert.EncodingBlob = { 5300 data: stringToUint8Array(crlData), 5301 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5302 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5303}; 5304 5305cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5306 if (error) { 5307 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5308 } else { 5309 console.log('createX509Crl success'); 5310 try { 5311 let signature = x509Crl.getSignature(); 5312 } catch (err) { 5313 let e: BusinessError = err as BusinessError; 5314 console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5315 } 5316 } 5317}); 5318``` 5319 5320### getSignatureAlgName<sup>(deprecated)</sup> 5321 5322getSignatureAlgName() : string 5323 5324表示获取X509证书吊销列表签名的算法名称。 5325 5326> **说明:** 5327> 5328> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgName](#getsignaturealgname11)替代。 5329 5330**系统能力:** SystemCapability.Security.Cert 5331 5332**返回值**: 5333 5334| 类型 | 说明 | 5335| ------ | -------------------------------- | 5336| string | 表示X509证书吊销列表签名的算法名。 | 5337 5338**错误码:** 5339 5340以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5341 5342| 错误码ID | 错误信息 | 5343| -------- | ----------------------- | 5344| 19020001 | memory malloc failed. | 5345| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5346| 19030001 | crypto operation error. | 5347 5348**示例:** 5349 5350```ts 5351import { cert } from '@kit.DeviceCertificateKit'; 5352import { BusinessError } from '@kit.BasicServicesKit'; 5353 5354// string转Uint8Array。 5355function stringToUint8Array(str: string): Uint8Array { 5356 let arr: Array<number> = []; 5357 for (let i = 0, j = str.length; i < j; i++) { 5358 arr.push(str.charCodeAt(i)); 5359 } 5360 return new Uint8Array(arr); 5361} 5362 5363let crlData = '-----BEGIN X509 CRL-----\n' + 5364 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5365 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5366 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5367 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5368 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5369 'eavsH0Q3\n' + 5370 '-----END X509 CRL-----\n'; 5371 5372// 证书吊销列表二进制数据,需业务自行赋值。 5373let encodingBlob: cert.EncodingBlob = { 5374 data: stringToUint8Array(crlData), 5375 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5376 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5377}; 5378 5379cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5380 if (error) { 5381 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5382 } else { 5383 console.log('createX509Crl success'); 5384 try { 5385 let sigAlgName = x509Crl.getSignatureAlgName(); 5386 } catch (err) { 5387 let e: BusinessError = err as BusinessError; 5388 console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5389 } 5390 } 5391}); 5392``` 5393 5394### getSignatureAlgOid<sup>(deprecated)</sup> 5395 5396getSignatureAlgOid() : string 5397 5398表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 5399 5400> **说明:** 5401> 5402> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgOid](#getsignaturealgoid11)替代。 5403 5404**系统能力:** SystemCapability.Security.Cert 5405 5406**返回值**: 5407 5408| 类型 | 说明 | 5409| ------ | --------------------------------------------- | 5410| string | 表示X509证书吊销列表签名算法的对象标志符OID。 | 5411 5412**错误码:** 5413 5414以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5415 5416| 错误码ID | 错误信息 | 5417| -------- | ----------------------- | 5418| 19020001 | memory malloc failed. | 5419| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5420| 19030001 | crypto operation error. | 5421 5422**示例:** 5423 5424```ts 5425import { cert } from '@kit.DeviceCertificateKit'; 5426import { BusinessError } from '@kit.BasicServicesKit'; 5427 5428// string转Uint8Array。 5429function stringToUint8Array(str: string): Uint8Array { 5430 let arr: Array<number> = []; 5431 for (let i = 0, j = str.length; i < j; i++) { 5432 arr.push(str.charCodeAt(i)); 5433 } 5434 return new Uint8Array(arr); 5435} 5436 5437let crlData = '-----BEGIN X509 CRL-----\n' + 5438 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5439 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5440 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5441 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5442 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5443 'eavsH0Q3\n' + 5444 '-----END X509 CRL-----\n'; 5445 5446// 证书吊销列表二进制数据,需业务自行赋值。 5447let encodingBlob: cert.EncodingBlob = { 5448 data: stringToUint8Array(crlData), 5449 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5450 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5451}; 5452 5453cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5454 if (error) { 5455 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5456 } else { 5457 console.log('createX509Crl success'); 5458 try { 5459 let sigAlgOid = x509Crl.getSignatureAlgOid(); 5460 } catch (err) { 5461 let e: BusinessError = err as BusinessError; 5462 console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5463 } 5464 } 5465}); 5466``` 5467 5468### getSignatureAlgParams<sup>(deprecated)</sup> 5469 5470getSignatureAlgParams() : DataBlob 5471 5472表示获取X509证书吊销列表签名的算法参数。 5473 5474> **说明:** 5475> 5476> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgParams](#getsignaturealgparams11)替代。 5477 5478**系统能力:** SystemCapability.Security.Cert 5479 5480**返回值**: 5481 5482| 类型 | 说明 | 5483| --------------------- | ---------------------------------- | 5484| [DataBlob](#datablob) | 表示X509证书吊销列表签名的算法参数。 | 5485 5486**错误码:** 5487 5488以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5489 5490| 错误码ID | 错误信息 | 5491| -------- | ----------------------- | 5492| 801 | this operation is not supported. | 5493| 19020001 | memory malloc failed. | 5494| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5495| 19030001 | crypto operation error. | 5496 5497**示例:** 5498 5499```ts 5500import { cert } from '@kit.DeviceCertificateKit'; 5501import { BusinessError } from '@kit.BasicServicesKit'; 5502 5503// string转Uint8Array。 5504function stringToUint8Array(str: string): Uint8Array { 5505 let arr: Array<number> = []; 5506 for (let i = 0, j = str.length; i < j; i++) { 5507 arr.push(str.charCodeAt(i)); 5508 } 5509 return new Uint8Array(arr); 5510} 5511 5512let crlData = '-----BEGIN X509 CRL-----\n' + 5513 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5514 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5515 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5516 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5517 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5518 'eavsH0Q3\n' + 5519 '-----END X509 CRL-----\n'; 5520 5521// 证书吊销列表二进制数据,需业务自行赋值。 5522let encodingBlob: cert.EncodingBlob = { 5523 data: stringToUint8Array(crlData), 5524 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5525 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5526}; 5527 5528cert.createX509Crl(encodingBlob, (error, x509Crl) => { 5529 if (error) { 5530 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5531 } else { 5532 console.log('createX509Crl success'); 5533 try { 5534 let sigAlgParams = x509Crl.getSignatureAlgParams(); 5535 } catch (err) { 5536 let e: BusinessError = err as BusinessError; 5537 console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5538 } 5539 } 5540}); 5541``` 5542## X509CRL<sup>11+</sup> 5543 5544被吊销证书列表对象。 5545 5546### isRevoked<sup>11+</sup> 5547 5548isRevoked(cert : X509Cert) : boolean 5549 5550表示检查证书是否吊销。 5551 5552**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5553 5554**系统能力:** SystemCapability.Security.Cert 5555 5556**参数**: 5557 5558| 参数名 | 类型 | 必填 | 说明 | 5559| ------ | -------- | ---- | -------------------- | 5560| cert | [X509Cert](#x509cert) | 是 | 表示被检查的证书对象。 | 5561 5562**返回值**: 5563 5564| 类型 | 说明 | 5565| ------- | ------------------------------------------------- | 5566| boolean | 表示证书吊销状态,true表示已吊销,false表示未吊销。 | 5567 5568**错误码:** 5569 5570以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5571 5572| 错误码ID | 错误信息 | 5573| -------- | ----------------------- | 5574| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5575 5576**示例:** 5577 5578```ts 5579import { cert } from '@kit.DeviceCertificateKit'; 5580import { BusinessError } from '@kit.BasicServicesKit'; 5581 5582// string转Uint8Array。 5583function stringToUint8Array(str: string): Uint8Array { 5584 let arr: Array<number> = []; 5585 for (let i = 0, j = str.length; i < j; i++) { 5586 arr.push(str.charCodeAt(i)); 5587 } 5588 return new Uint8Array(arr); 5589} 5590 5591let crlData = '-----BEGIN X509 CRL-----\n' + 5592 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5593 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5594 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5595 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5596 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5597 'eavsH0Q3\n' + 5598 '-----END X509 CRL-----\n'; 5599 5600let certData = '-----BEGIN CERTIFICATE-----\n' + 5601 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 5602 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 5603 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 5604 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 5605 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 5606 '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 5607 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 5608 '-----END CERTIFICATE-----\n'; 5609 5610// 证书吊销列表二进制数据,需业务自行赋值。 5611let encodingBlob: cert.EncodingBlob = { 5612 data: stringToUint8Array(crlData), 5613 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5614 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5615}; 5616 5617let certEncodingBlob: cert.EncodingBlob = { 5618 data: stringToUint8Array(certData), 5619 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5620 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5621}; 5622 5623cert.createX509CRL(encodingBlob, (error, x509CRL) => { 5624 if (error) { 5625 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5626 } else { 5627 console.log('createX509CRL success'); 5628 // Create an X509Cert instance. 5629 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 5630 if (error) { 5631 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5632 } else { 5633 try { 5634 let revokedFlag = x509CRL.isRevoked(x509Cert); 5635 } catch (error) { 5636 let e: BusinessError = error as BusinessError; 5637 console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5638 } 5639 } 5640 }); 5641 } 5642}); 5643``` 5644 5645### getType<sup>11+</sup> 5646 5647getType() : string 5648 5649表示获取证书吊销列表类型。 5650 5651**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5652 5653**系统能力:** SystemCapability.Security.Cert 5654 5655**返回值**: 5656 5657| 类型 | 说明 | 5658| ------ | -------------------- | 5659| string | 表示证书吊销列表类型。 | 5660 5661**示例:** 5662 5663```ts 5664import { cert } from '@kit.DeviceCertificateKit'; 5665 5666// string转Uint8Array。 5667function stringToUint8Array(str: string): Uint8Array { 5668 let arr: Array<number> = []; 5669 for (let i = 0, j = str.length; i < j; i++) { 5670 arr.push(str.charCodeAt(i)); 5671 } 5672 return new Uint8Array(arr); 5673} 5674 5675let crlData = '-----BEGIN X509 CRL-----\n' + 5676 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5677 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5678 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5679 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5680 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5681 'eavsH0Q3\n' + 5682 '-----END X509 CRL-----\n'; 5683 5684// 证书吊销列表二进制数据,需业务自行赋值。 5685let encodingBlob: cert.EncodingBlob = { 5686 data: stringToUint8Array(crlData), 5687 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5688 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5689}; 5690 5691cert.createX509CRL(encodingBlob, (error, x509CRL) => { 5692 if (error) { 5693 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5694 } else { 5695 console.log('createX509CRL success'); 5696 let type = x509CRL.getType(); 5697 } 5698}); 5699``` 5700 5701### getEncoded<sup>11+</sup> 5702 5703getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 5704 5705表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。 5706 5707**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5708 5709**系统能力:** SystemCapability.Security.Cert 5710 5711**参数**: 5712 5713| 参数名 | 类型 | 必填 | 说明 | 5714| -------- | --------------------------------------------- | ---- | ------------------------------------------ | 5715| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示X509证书吊销列表的序列化数据。 | 5716 5717**错误码:** 5718 5719以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5720 5721| 错误码ID | 错误信息 | 5722| -------- | ----------------------- | 5723| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5724| 19020001 | memory malloc failed. | 5725| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5726| 19030001 | crypto operation error. | 5727 5728**示例:** 5729 5730```ts 5731import { cert } from '@kit.DeviceCertificateKit'; 5732 5733// string转Uint8Array。 5734function stringToUint8Array(str: string): Uint8Array { 5735 let arr: Array<number> = []; 5736 for (let i = 0, j = str.length; i < j; i++) { 5737 arr.push(str.charCodeAt(i)); 5738 } 5739 return new Uint8Array(arr); 5740} 5741 5742let crlData = '-----BEGIN X509 CRL-----\n' + 5743 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5744 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5745 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5746 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5747 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5748 'eavsH0Q3\n' + 5749 '-----END X509 CRL-----\n'; 5750 5751// 证书吊销列表二进制数据,需业务自行赋值。 5752let encodingBlob: cert.EncodingBlob = { 5753 data: stringToUint8Array(crlData), 5754 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5755 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5756}; 5757 5758cert.createX509CRL(encodingBlob, (error, x509CRL) => { 5759 if (error) { 5760 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5761 } else { 5762 console.log('createX509CRL success'); 5763 x509CRL.getEncoded((error, data) => { 5764 if (error) { 5765 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5766 } else { 5767 console.log('getEncoded success'); 5768 } 5769 }); 5770 } 5771}); 5772``` 5773 5774### getEncoded<sup>11+</sup> 5775 5776getEncoded() : Promise\<EncodingBlob> 5777 5778表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。 5779 5780**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5781 5782**系统能力:** SystemCapability.Security.Cert 5783 5784**返回值**: 5785 5786| 类型 | 说明 | 5787| --------------------------------------- | -------------------------------- | 5788| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书吊销列表的序列化数据。 | 5789 5790**错误码:** 5791 5792以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5793 5794| 错误码ID | 错误信息 | 5795| -------- | ----------------------- | 5796| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5797| 19020001 | memory malloc failed. | 5798| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 5799| 19030001 | crypto operation error. | 5800 5801**示例:** 5802 5803```ts 5804import { cert } from '@kit.DeviceCertificateKit'; 5805import { BusinessError } from '@kit.BasicServicesKit'; 5806 5807// string转Uint8Array。 5808function stringToUint8Array(str: string): Uint8Array { 5809 let arr: Array<number> = []; 5810 for (let i = 0, j = str.length; i < j; i++) { 5811 arr.push(str.charCodeAt(i)); 5812 } 5813 return new Uint8Array(arr); 5814} 5815 5816let crlData = '-----BEGIN X509 CRL-----\n' + 5817 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5818 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5819 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5820 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5821 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5822 'eavsH0Q3\n' + 5823 '-----END X509 CRL-----\n'; 5824 5825// 证书吊销列表二进制数据,需业务自行赋值。 5826let encodingBlob: cert.EncodingBlob = { 5827 data: stringToUint8Array(crlData), 5828 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5829 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5830}; 5831 5832cert.createX509CRL(encodingBlob).then(x509CRL => { 5833 console.log('createX509CRL success'); 5834 x509CRL.getEncoded().then(result => { 5835 console.log('getEncoded success'); 5836 }).catch((error: BusinessError) => { 5837 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5838 }); 5839}).catch((error: BusinessError) => { 5840 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5841}); 5842``` 5843 5844### verify<sup>11+</sup> 5845 5846verify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 5847 5848表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。 5849 5850**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5851 5852**系统能力:** SystemCapability.Security.Cert 5853 5854**参数**: 5855 5856| 参数名 | 类型 | 必填 | 说明 | 5857| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------------ | 5858| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 5859| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。 | 5860 5861**错误码:** 5862 5863以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5864 5865| 错误码ID | 错误信息 | 5866| -------- | ----------------------- | 5867| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5868| 19030001 | crypto operation error. | 5869 5870**示例:** 5871 5872```ts 5873import { cert } from '@kit.DeviceCertificateKit'; 5874import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5875import { BusinessError } from '@kit.BasicServicesKit'; 5876 5877// string转Uint8Array。 5878function stringToUint8Array(str: string): Uint8Array { 5879 let arr: Array<number> = []; 5880 for (let i = 0, j = str.length; i < j; i++) { 5881 arr.push(str.charCodeAt(i)); 5882 } 5883 return new Uint8Array(arr); 5884} 5885 5886let crlData = '-----BEGIN X509 CRL-----\n' + 5887 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5888 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5889 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5890 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5891 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5892 'eavsH0Q3\n' + 5893 '-----END X509 CRL-----\n'; 5894 5895let pubKeyData = new Uint8Array([ 5896 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 5897 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 5898 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 5899 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 5900 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 5901 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 5902 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 5903 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 5904 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 5905 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 5906 0x00, 0x01 5907]); 5908 5909let priKeyData = new Uint8Array([ 5910 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 5911 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 5912 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 5913 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 5914 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 5915 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 5916 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 5917 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 5918 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 5919 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 5920 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 5921 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 5922 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 5923 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 5924 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 5925 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 5926 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 5927 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 5928 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 5929 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 5930 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 5931 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 5932 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 5933 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 5934 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 5935 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 5936 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 5937 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 5938 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 5939 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 5940 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 5941 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 5942 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 5943 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 5944 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 5945 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 5946 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 5947 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 5948 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 5949 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 5950]); 5951 5952// 证书吊销列表二进制数据,需业务自行赋值。 5953let encodingBlob: cert.EncodingBlob = { 5954 data: stringToUint8Array(crlData), 5955 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 5956 encodingFormat: cert.EncodingFormat.FORMAT_PEM 5957}; 5958 5959cert.createX509CRL(encodingBlob, (error, x509CRL) => { 5960 if (error) { 5961 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5962 } else { 5963 console.log('createX509Crl success'); 5964 try { 5965 // Generate the public key by AsyKeyGenerator. 5966 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 5967 console.log('createAsyKeyGenerator success'); 5968 let priEncodingBlob: cryptoFramework.DataBlob = { 5969 data: priKeyData, 5970 }; 5971 let pubEncodingBlob: cryptoFramework.DataBlob = { 5972 data: pubKeyData, 5973 }; 5974 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => { 5975 if (e) { 5976 console.error('convert key failed, message: ' + e.message + 'code: ' + e.code); 5977 } else { 5978 console.log('convert key success'); 5979 x509CRL.verify(keyPair.pubKey, (err, data) => { 5980 if (err) { 5981 console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 5982 } else { 5983 console.log('verify success'); 5984 } 5985 }); 5986 } 5987 }) 5988 } catch (error) { 5989 let e: BusinessError = error as BusinessError; 5990 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5991 } 5992 } 5993}); 5994``` 5995 5996### verify<sup>11+</sup> 5997 5998verify(key : cryptoFramework.PubKey) : Promise\<void> 5999 6000表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。 6001 6002**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6003 6004**系统能力:** SystemCapability.Security.Cert 6005 6006**参数**: 6007 6008| 参数名 | 类型 | 必填 | 说明 | 6009| ------ | ----------------------------------------------------------- | ---- | ------------------------ | 6010| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 6011 6012**返回值**: 6013 6014| 类型 | 说明 | 6015| -------------- | ----------- | 6016| Promise\<void> | Promise对象。 | 6017 6018**错误码:** 6019 6020以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6021 6022| 错误码ID | 错误信息 | 6023| -------- | ----------------------- | 6024| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6025| 19030001 | crypto operation error. | 6026 6027**示例:** 6028 6029```ts 6030import { cert } from '@kit.DeviceCertificateKit'; 6031import { cryptoFramework } from '@kit.CryptoArchitectureKit' 6032import { BusinessError } from '@kit.BasicServicesKit'; 6033 6034// string转Uint8Array。 6035function stringToUint8Array(str: string): Uint8Array { 6036 let arr: Array<number> = []; 6037 for (let i = 0, j = str.length; i < j; i++) { 6038 arr.push(str.charCodeAt(i)); 6039 } 6040 return new Uint8Array(arr); 6041} 6042 6043let crlData = '-----BEGIN X509 CRL-----\n' + 6044 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6045 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6046 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6047 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6048 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6049 'eavsH0Q3\n' + 6050 '-----END X509 CRL-----\n'; 6051 6052let pubKeyData = new Uint8Array([ 6053 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 6054 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 6055 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 6056 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 6057 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 6058 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 6059 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 6060 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 6061 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 6062 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 6063 0x00, 0x01 6064]); 6065 6066let priKeyData = new Uint8Array([ 6067 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 6068 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 6069 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 6070 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 6071 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 6072 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 6073 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 6074 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 6075 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 6076 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 6077 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 6078 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 6079 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 6080 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 6081 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 6082 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 6083 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 6084 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 6085 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 6086 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 6087 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 6088 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 6089 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 6090 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 6091 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 6092 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 6093 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 6094 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 6095 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 6096 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 6097 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 6098 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 6099 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 6100 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 6101 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 6102 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 6103 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 6104 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 6105 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 6106 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 6107]); 6108 6109// 证书吊销列表二进制数据,需业务自行赋值。 6110let encodingBlob: cert.EncodingBlob = { 6111 data: stringToUint8Array(crlData), 6112 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6113 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6114}; 6115 6116cert.createX509CRL(encodingBlob).then(x509CRL => { 6117 console.log('createX509Crl success'); 6118 6119 try { 6120 // 生成公钥对象。 6121 let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 6122 console.log('createAsyKeyGenerator success'); 6123 let priEncodingBlob: cryptoFramework.DataBlob = { 6124 data: priKeyData, 6125 }; 6126 let pubEncodingBlob: cryptoFramework.DataBlob = { 6127 data: pubKeyData, 6128 }; 6129 keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => { 6130 console.log('convert key success'); 6131 x509CRL.verify(keyPair.pubKey).then(result => { 6132 console.log('verify success'); 6133 }).catch((error: BusinessError) => { 6134 console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6135 }); 6136 }).catch((error: BusinessError) => { 6137 console.error('convert key failed, message: ' + error.message + 'code: ' + error.code); 6138 }); 6139 } catch (error) { 6140 let e: BusinessError = error as BusinessError; 6141 console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6142 } 6143}).catch((error: BusinessError) => { 6144 console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6145}); 6146``` 6147 6148### getVersion<sup>11+</sup> 6149 6150getVersion() : number 6151 6152表示获取X509证书吊销列表的版本号。 6153 6154**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6155 6156**系统能力:** SystemCapability.Security.Cert 6157 6158**返回值**: 6159 6160| 类型 | 说明 | 6161| ------ | -------------------------------- | 6162| number | 表示获取X509证书吊销列表的版本号。 | 6163 6164**示例:** 6165 6166```ts 6167import { cert } from '@kit.DeviceCertificateKit'; 6168 6169// string转Uint8Array。 6170function stringToUint8Array(str: string): Uint8Array { 6171 let arr: Array<number> = []; 6172 for (let i = 0, j = str.length; i < j; i++) { 6173 arr.push(str.charCodeAt(i)); 6174 } 6175 return new Uint8Array(arr); 6176} 6177 6178let crlData = '-----BEGIN X509 CRL-----\n' + 6179 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6180 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6181 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6182 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6183 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6184 'eavsH0Q3\n' + 6185 '-----END X509 CRL-----\n'; 6186 6187// 证书吊销列表二进制数据,需业务自行赋值。 6188let encodingBlob: cert.EncodingBlob = { 6189 data: stringToUint8Array(crlData), 6190 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6191 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6192}; 6193 6194cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6195 if (error) { 6196 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6197 } else { 6198 console.log('createX509CRL success'); 6199 let version = x509CRL.getVersion(); 6200 } 6201}); 6202``` 6203 6204### getIssuerName<sup>11+</sup> 6205 6206getIssuerName() : DataBlob 6207 6208表示获取X509证书吊销列表颁发者名称。 6209 6210> **说明:** 6211> 6212> 获取到的X509证书吊销列表颁发者名称数据带字符串结束符。 6213 6214**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6215 6216**系统能力:** SystemCapability.Security.Cert 6217 6218**返回值**: 6219 6220| 类型 | 说明 | 6221| --------------------- | ------------------------------ | 6222| [DataBlob](#datablob) | 表示X509证书吊销列表颁发者名称。 | 6223 6224**错误码:** 6225 6226以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6227 6228| 错误码ID | 错误信息 | 6229| -------- | ----------------------- | 6230| 19020001 | memory malloc failed. | 6231| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6232| 19030001 | crypto operation error. | 6233 6234**示例:** 6235 6236```ts 6237import { cert } from '@kit.DeviceCertificateKit'; 6238import { BusinessError } from '@kit.BasicServicesKit'; 6239 6240// string转Uint8Array。 6241function stringToUint8Array(str: string): Uint8Array { 6242 let arr: Array<number> = []; 6243 for (let i = 0, j = str.length; i < j; i++) { 6244 arr.push(str.charCodeAt(i)); 6245 } 6246 return new Uint8Array(arr); 6247} 6248 6249let crlData = '-----BEGIN X509 CRL-----\n' + 6250 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6251 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6252 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6253 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6254 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6255 'eavsH0Q3\n' + 6256 '-----END X509 CRL-----\n'; 6257 6258// 证书吊销列表二进制数据,需业务自行赋值。 6259let encodingBlob: cert.EncodingBlob = { 6260 data: stringToUint8Array(crlData), 6261 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6262 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6263}; 6264 6265cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6266 if (error) { 6267 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6268 } else { 6269 console.log('createX509CRL success'); 6270 try { 6271 let issuerName = x509CRL.getIssuerName(); 6272 } catch (err) { 6273 let e: BusinessError = err as BusinessError; 6274 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6275 } 6276 } 6277}); 6278``` 6279 6280### getIssuerName<sup>20+</sup> 6281 6282getIssuerName(encodingType: EncodingType): string 6283 6284根据编码类型获取X509证书吊销列表颁发者名称。 6285 6286**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 6287 6288**系统能力:** SystemCapability.Security.Cert 6289 6290**参数**: 6291 6292| 参数名 | 类型 | 必填 | 说明 | 6293| -------- | ------------------------------------- | ---- | ------------------------------ | 6294| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。 | 6295 6296**返回值**: 6297 6298| 类型 | 说明 | 6299| ------ | -------------------- | 6300| string | 表示X509证书吊销列表颁发者名称,使用逗号分隔相对可分辨名称。 | 6301 6302**错误码:** 6303 6304以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6305 6306| 错误码ID | 错误信息 | 6307| -------- | ------------------------------------------------- | 6308| 19020001 | memory malloc failed. | 6309| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6310| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 6311| 19030001 | crypto operation error. | 6312 6313**示例:** 6314 6315```ts 6316import { cert } from '@kit.DeviceCertificateKit'; 6317import { BusinessError } from '@kit.BasicServicesKit'; 6318 6319// string转Uint8Array。 6320function stringToUint8Array(str: string): Uint8Array { 6321 let arr: Array<number> = []; 6322 for (let i = 0, j = str.length; i < j; i++) { 6323 arr.push(str.charCodeAt(i)); 6324 } 6325 return new Uint8Array(arr); 6326} 6327 6328let crlData = '-----BEGIN X509 CRL-----\n' + 6329 'MIIByzCBtAIBATANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJDTjEPMA0GA1UE\n' + 6330 'CAwG6ZmV6KW/MQ8wDQYDVQQHDAbopb/lrokxDzANBgNVBAoMBua1i+ivlTEVMBMG\n' + 6331 'A1UEAwwM5Lit5paH5rWL6K+VFw0yNDEwMTYwODUwMDlaFw0yNDExMTUwODUwMDla\n' + 6332 'MBkwFwIGAXKnJjrAFw0yNDEwMTYwODQ5NDBaoA4wDDAKBgNVHRQEAwIBADANBgkq\n' + 6333 'hkiG9w0BAQsFAAOCAQEAU0JPK/DnGmjCi5lKyun506JE+FVDuQsEWuF5CZPqE2um\n' + 6334 'hA04Qffi+8AfwLpG2KPBaAYTteU4fx30y8Wm0kLutalk32FgrbQX0VQ7EaCOmkMU\n' + 6335 '2dnQMmFmaFiVcOTaRzgqDOYKuzSAptCo6hqtk9kgjbda5HnsNiVC7dNMRp1Jlzwr\n' + 6336 'k/42mqZ3fFIy3wYLaxRlq368BX3u94J9Cx754V2V/XEApiRI/FsiSRzRX+jfUBa4\n' + 6337 '+wwu3WhWxisQj6z3bBkQD4RTg3S+ic8hhP44wt/1MmSLG946Dc9uVYJKUVZqTco9\n' + 6338 'QDoDwYfBJBzcXjManSkPsGCb7RfTAr5HqcEtIHsK+w==\n' + 6339 '-----END X509 CRL-----\n'; 6340// 证书吊销列表二进制数据,需业务自行赋值。 6341let encodingBlob: cert.EncodingBlob = { 6342 data: stringToUint8Array(crlData), 6343 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6344 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6345}; 6346 6347cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6348 if (error) { 6349 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6350 } else { 6351 console.log('createX509CRL success'); 6352 try { 6353 let issuerName = x509CRL.getIssuerName(cert.EncodingType.ENCODING_UTF8); 6354 console.info('issuerName output is ' + issuerName); 6355 } catch (err) { 6356 let e: BusinessError = err as BusinessError; 6357 console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6358 } 6359 } 6360}); 6361``` 6362 6363### getLastUpdate<sup>11+</sup> 6364 6365getLastUpdate() : string 6366 6367表示获取X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 6368 6369**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6370 6371**系统能力:** SystemCapability.Security.Cert 6372 6373**返回值**: 6374 6375| 类型 | 说明 | 6376| ------ | ------------------------------------ | 6377| string | 表示X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 | 6378 6379**错误码:** 6380 6381以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6382 6383| 错误码ID | 错误信息 | 6384| -------- | ----------------------- | 6385| 19020001 | memory malloc failed. | 6386| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6387| 19030001 | crypto operation error. | 6388 6389**示例:** 6390 6391```ts 6392import { cert } from '@kit.DeviceCertificateKit'; 6393import { BusinessError } from '@kit.BasicServicesKit'; 6394 6395// string转Uint8Array。 6396function stringToUint8Array(str: string): Uint8Array { 6397 let arr: Array<number> = []; 6398 for (let i = 0, j = str.length; i < j; i++) { 6399 arr.push(str.charCodeAt(i)); 6400 } 6401 return new Uint8Array(arr); 6402} 6403 6404let crlData = '-----BEGIN X509 CRL-----\n' + 6405 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6406 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6407 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6408 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6409 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6410 'eavsH0Q3\n' + 6411 '-----END X509 CRL-----\n'; 6412 6413// 证书吊销列表二进制数据,需业务自行赋值。 6414let encodingBlob: cert.EncodingBlob = { 6415 data: stringToUint8Array(crlData), 6416 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6417 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6418}; 6419 6420cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6421 if (error) { 6422 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6423 } else { 6424 console.log('createX509CRL success'); 6425 try { 6426 let lastUpdate = x509CRL.getLastUpdate(); 6427 } catch (err) { 6428 let e: BusinessError = err as BusinessError; 6429 console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6430 } 6431 } 6432}); 6433``` 6434 6435### getNextUpdate<sup>11+</sup> 6436 6437getNextUpdate() : string 6438 6439表示获取证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 6440 6441**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6442 6443**系统能力:** SystemCapability.Security.Cert 6444 6445**返回值**: 6446 6447| 类型 | 说明 | 6448| ------ | ------------------------------------ | 6449| string | 表示X509证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 | 6450 6451**错误码:** 6452 6453以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6454 6455| 错误码ID | 错误信息 | 6456| -------- | ----------------------- | 6457| 19020001 | memory malloc failed. | 6458| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6459| 19030001 | crypto operation error. | 6460 6461**示例:** 6462 6463```ts 6464import { cert } from '@kit.DeviceCertificateKit'; 6465import { BusinessError } from '@kit.BasicServicesKit'; 6466 6467// string转Uint8Array。 6468function stringToUint8Array(str: string): Uint8Array { 6469 let arr: Array<number> = []; 6470 for (let i = 0, j = str.length; i < j; i++) { 6471 arr.push(str.charCodeAt(i)); 6472 } 6473 return new Uint8Array(arr); 6474} 6475 6476let crlData = '-----BEGIN X509 CRL-----\n' + 6477 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6478 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6479 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6480 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6481 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6482 'eavsH0Q3\n' + 6483 '-----END X509 CRL-----\n'; 6484 6485// 证书吊销列表二进制数据,需业务自行赋值。 6486let encodingBlob: cert.EncodingBlob = { 6487 data: stringToUint8Array(crlData), 6488 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6489 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6490}; 6491 6492cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6493 if (error) { 6494 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6495 } else { 6496 console.log('createX509CRL success'); 6497 try { 6498 let nextUpdate = x509CRL.getNextUpdate(); 6499 } catch (err) { 6500 let e: BusinessError = err as BusinessError; 6501 console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6502 } 6503 } 6504}); 6505``` 6506 6507### getRevokedCert<sup>11+</sup> 6508 6509getRevokedCert(serialNumber : bigint) : X509CRLEntry 6510 6511表示通过指定证书序列号获取被吊销X509证书对象。 6512 6513**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6514 6515**系统能力:** SystemCapability.Security.Cert 6516 6517**参数**: 6518 6519| 参数名 | 类型 | 必填 | 说明 | 6520| ------------ | ------ | ---- | -------------- | 6521| serialNumber | bigint | 是 | 表示证书序列号。 | 6522 6523**返回值**: 6524 6525| 类型 | 说明 | 6526| ------------------------------- | ---------------------- | 6527| [X509CRLEntry](#x509crlentry11) | 表示被吊销X509证书对象。 | 6528 6529**错误码:** 6530 6531以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6532 6533| 错误码ID | 错误信息 | 6534| -------- | ----------------------- | 6535| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6536| 19020001 | memory malloc failed. | 6537| 19030001 | crypto operation error. | 6538 6539**示例:** 6540 6541```ts 6542import { cert } from '@kit.DeviceCertificateKit'; 6543import { BusinessError } from '@kit.BasicServicesKit'; 6544 6545// string转Uint8Array。 6546function stringToUint8Array(str: string): Uint8Array { 6547 let arr: Array<number> = []; 6548 for (let i = 0, j = str.length; i < j; i++) { 6549 arr.push(str.charCodeAt(i)); 6550 } 6551 return new Uint8Array(arr); 6552} 6553 6554let crlData = '-----BEGIN X509 CRL-----\n' + 6555 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6556 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6557 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6558 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6559 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6560 'eavsH0Q3\n' + 6561 '-----END X509 CRL-----\n'; 6562 6563// 证书吊销列表二进制数据,需业务自行赋值。 6564let encodingBlob: cert.EncodingBlob = { 6565 data: stringToUint8Array(crlData), 6566 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6567 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6568}; 6569 6570cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6571 if (error) { 6572 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6573 } else { 6574 console.log('createX509CRL success'); 6575 let serialNumber = BigInt(1000); 6576 try { 6577 let entry = x509CRL.getRevokedCert(serialNumber); 6578 } catch (error) { 6579 let e: BusinessError = error as BusinessError; 6580 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6581 } 6582 } 6583}); 6584``` 6585 6586### getRevokedCertWithCert<sup>11+</sup> 6587 6588getRevokedCertWithCert(cert : X509Cert) : X509CRLEntry 6589 6590表示通过指定证书对象获取被吊销X509证书对象。 6591 6592**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6593 6594**系统能力:** SystemCapability.Security.Cert 6595 6596**参数**: 6597 6598| 参数名 | 类型 | 必填 | 说明 | 6599| ------ | --------------------- | ---- | ------------ | 6600| cert | [X509Cert](#x509cert) | 是 | 表示证书对象。 | 6601 6602**返回值**: 6603 6604| 类型 | 说明 | 6605| ------------------------------- | ---------------------- | 6606| [X509CRLEntry](#x509crlentry11) | 表示被吊销X509证书对象。 | 6607 6608**错误码:** 6609 6610以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6611 6612| 错误码ID | 错误信息 | 6613| -------- | ----------------------- | 6614| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6615| 19020001 | memory malloc failed. | 6616| 19030001 | crypto operation error. | 6617 6618**示例:** 6619 6620```ts 6621import { cert } from '@kit.DeviceCertificateKit'; 6622import { BusinessError } from '@kit.BasicServicesKit'; 6623 6624// string转Uint8Array。 6625function stringToUint8Array(str: string): Uint8Array { 6626 let arr: Array<number> = []; 6627 for (let i = 0, j = str.length; i < j; i++) { 6628 arr.push(str.charCodeAt(i)); 6629 } 6630 return new Uint8Array(arr); 6631} 6632 6633let crlData = '-----BEGIN X509 CRL-----\n' + 6634 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 6635 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 6636 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 6637 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 6638 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 6639 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 6640 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 6641 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 6642 '+i2osvdPWRia0dJCL1PCA14k\n' + 6643 '-----END X509 CRL-----\n'; 6644 6645// 证书二进制数据,需业务自行赋值。 6646let certData = '-----BEGIN CERTIFICATE-----\n' + 6647 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 6648 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 6649 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 6650 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 6651 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 6652 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 6653 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 6654 '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 6655 '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 6656 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 6657 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 6658 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 6659 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 6660 '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 6661 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 6662 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 6663 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 6664 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 6665 '-----END CERTIFICATE-----\n'; 6666 6667let certEncodingBlob: cert.EncodingBlob = { 6668 data: stringToUint8Array(certData), 6669 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6670 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6671}; 6672 6673// 证书吊销列表二进制数据,需业务自行赋值。 6674let encodingBlob: cert.EncodingBlob = { 6675 data: stringToUint8Array(crlData), 6676 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6677 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6678}; 6679 6680cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6681 if (error) { 6682 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6683 } else { 6684 console.log('createX509CRL success'); 6685 // 创建X509证书对象。 6686 cert.createX509Cert(certEncodingBlob).then((x509Cert) => { 6687 try { 6688 let entry = x509CRL.getRevokedCertWithCert(x509Cert); 6689 console.log('getRevokedCertWithCert success'); 6690 } catch (error) { 6691 let e: BusinessError = error as BusinessError; 6692 console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6693 } 6694 }).catch((error: BusinessError) => { 6695 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6696 }) 6697 } 6698}); 6699``` 6700 6701### getRevokedCerts<sup>11+</sup> 6702 6703getRevokedCerts(callback : AsyncCallback<Array\<X509CRLEntry>>) : void 6704 6705表示获取被吊销X509证书列表,使用Callback回调异步返回结果。 6706 6707**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6708 6709**系统能力:** SystemCapability.Security.Cert 6710 6711**参数**: 6712 6713| 参数名 | 类型 | 必填 | 说明 | 6714| -------- | ------------------------------------------------------ | ---- | -------------------------------- | 6715| callback | AsyncCallback<Array\<[X509CRLEntry](#x509crlentry11)>> | 是 | 回调函数,表示被吊销X509证书列表。 | 6716 6717**错误码:** 6718 6719以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6720 6721| 错误码ID | 错误信息 | 6722| -------- | ----------------------- | 6723| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 6724| 19020001 | memory malloc failed. | 6725| 19030001 | crypto operation error. | 6726 6727**示例:** 6728 6729```ts 6730import { cert } from '@kit.DeviceCertificateKit'; 6731import { BusinessError } from '@kit.BasicServicesKit'; 6732 6733// string转Uint8Array。 6734function stringToUint8Array(str: string): Uint8Array { 6735 let arr: Array<number> = []; 6736 for (let i = 0, j = str.length; i < j; i++) { 6737 arr.push(str.charCodeAt(i)); 6738 } 6739 return new Uint8Array(arr); 6740} 6741 6742let crlData = '-----BEGIN X509 CRL-----\n' + 6743 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6744 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6745 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6746 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6747 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6748 'eavsH0Q3\n' + 6749 '-----END X509 CRL-----\n'; 6750 6751// 证书吊销列表二进制数据,需业务自行赋值。 6752let encodingBlob: cert.EncodingBlob = { 6753 data: stringToUint8Array(crlData), 6754 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6755 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6756}; 6757 6758cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6759 if (error) { 6760 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6761 } else { 6762 console.log('createX509CRL success'); 6763 x509CRL.getRevokedCerts((error, array) => { 6764 if (error) { 6765 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6766 } else { 6767 console.log('getRevokedCerts success'); 6768 } 6769 }); 6770 } 6771}); 6772``` 6773 6774### getRevokedCerts<sup>11+</sup> 6775 6776getRevokedCerts() : Promise<Array\<X509CRLEntry>> 6777 6778表示获取被吊销X509证书列表,使用Promise方式异步返回结果。 6779 6780**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6781 6782**系统能力:** SystemCapability.Security.Cert 6783 6784**返回值**: 6785 6786| 类型 | 说明 | 6787| ------------------------------------------------ | ---------------------- | 6788| Promise<Array\<[X509CRLEntry](#x509crlentry11)>> | 表示被吊销X509证书列表。 | 6789 6790**错误码:** 6791 6792以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6793 6794| 错误码ID | 错误信息 | 6795| -------- | ----------------------- | 6796| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 6797| 19020001 | memory malloc failed. | 6798| 19030001 | crypto operation error. | 6799 6800**示例:** 6801 6802```ts 6803import { cert } from '@kit.DeviceCertificateKit'; 6804import { BusinessError } from '@kit.BasicServicesKit'; 6805 6806// string转Uint8Array。 6807function stringToUint8Array(str: string): Uint8Array { 6808 let arr: Array<number> = []; 6809 for (let i = 0, j = str.length; i < j; i++) { 6810 arr.push(str.charCodeAt(i)); 6811 } 6812 return new Uint8Array(arr); 6813} 6814 6815let crlData = '-----BEGIN X509 CRL-----\n' + 6816 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6817 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6818 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6819 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6820 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6821 'eavsH0Q3\n' + 6822 '-----END X509 CRL-----\n'; 6823 6824// 证书吊销列表二进制数据,需业务自行赋值。 6825let encodingBlob: cert.EncodingBlob = { 6826 data: stringToUint8Array(crlData), 6827 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6828 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6829}; 6830 6831cert.createX509CRL(encodingBlob).then(x509CRL => { 6832 console.log('createX509CRL success'); 6833 x509CRL.getRevokedCerts().then(array => { 6834 console.log('getRevokedCerts success'); 6835 }).catch((error: BusinessError) => { 6836 console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6837 }); 6838}).catch((error: BusinessError) => { 6839 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6840}); 6841``` 6842 6843### getSignature<sup>11+</sup> 6844 6845getSignature() : DataBlob 6846 6847表示获取X509证书吊销列表的签名数据。 6848 6849**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6850 6851**系统能力:** SystemCapability.Security.Cert 6852 6853**返回值**: 6854 6855| 类型 | 说明 | 6856| --------------------- | ------------------------------ | 6857| [DataBlob](#datablob) | 表示X509证书吊销列表的签名数据。 | 6858 6859**错误码:** 6860 6861以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6862 6863| 错误码ID | 错误信息 | 6864| -------- | ----------------------- | 6865| 19020001 | memory malloc failed. | 6866| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6867| 19030001 | crypto operation error. | 6868 6869**示例:** 6870 6871```ts 6872import { cert } from '@kit.DeviceCertificateKit'; 6873import { BusinessError } from '@kit.BasicServicesKit'; 6874 6875// string转Uint8Array。 6876function stringToUint8Array(str: string): Uint8Array { 6877 let arr: Array<number> = []; 6878 for (let i = 0, j = str.length; i < j; i++) { 6879 arr.push(str.charCodeAt(i)); 6880 } 6881 return new Uint8Array(arr); 6882} 6883 6884let crlData = '-----BEGIN X509 CRL-----\n' + 6885 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6886 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6887 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6888 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6889 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6890 'eavsH0Q3\n' + 6891 '-----END X509 CRL-----\n'; 6892 6893// 证书吊销列表二进制数据,需业务自行赋值。 6894let encodingBlob: cert.EncodingBlob = { 6895 data: stringToUint8Array(crlData), 6896 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6897 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6898}; 6899 6900cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6901 if (error) { 6902 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6903 } else { 6904 console.log('createX509CRL success'); 6905 try { 6906 let signature = x509CRL.getSignature(); 6907 } catch (err) { 6908 let e: BusinessError = err as BusinessError; 6909 console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6910 } 6911 } 6912}); 6913``` 6914 6915### getSignatureAlgName<sup>11+</sup> 6916 6917getSignatureAlgName() : string 6918 6919表示获取X509证书吊销列表签名的算法名称。 6920 6921**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6922 6923**系统能力:** SystemCapability.Security.Cert 6924 6925**返回值**: 6926 6927| 类型 | 说明 | 6928| ------ | -------------------------------- | 6929| string | 表示X509证书吊销列表签名的算法名。 | 6930 6931**错误码:** 6932 6933以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6934 6935| 错误码ID | 错误信息 | 6936| -------- | ----------------------- | 6937| 19020001 | memory malloc failed. | 6938| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 6939| 19030001 | crypto operation error. | 6940 6941**示例:** 6942 6943```ts 6944import { cert } from '@kit.DeviceCertificateKit'; 6945import { BusinessError } from '@kit.BasicServicesKit'; 6946 6947// string转Uint8Array。 6948function stringToUint8Array(str: string): Uint8Array { 6949 let arr: Array<number> = []; 6950 for (let i = 0, j = str.length; i < j; i++) { 6951 arr.push(str.charCodeAt(i)); 6952 } 6953 return new Uint8Array(arr); 6954} 6955 6956let crlData = '-----BEGIN X509 CRL-----\n' + 6957 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6958 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6959 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6960 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6961 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6962 'eavsH0Q3\n' + 6963 '-----END X509 CRL-----\n'; 6964 6965// 证书吊销列表二进制数据,需业务自行赋值。 6966let encodingBlob: cert.EncodingBlob = { 6967 data: stringToUint8Array(crlData), 6968 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 6969 encodingFormat: cert.EncodingFormat.FORMAT_PEM 6970}; 6971 6972cert.createX509CRL(encodingBlob, (error, x509CRL) => { 6973 if (error) { 6974 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6975 } else { 6976 console.log('createX509CRL success'); 6977 try { 6978 let sigAlgName = x509CRL.getSignatureAlgName(); 6979 } catch (err) { 6980 let e: BusinessError = err as BusinessError; 6981 console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6982 } 6983 } 6984}); 6985``` 6986 6987### getSignatureAlgOid<sup>11+</sup> 6988 6989getSignatureAlgOid() : string 6990 6991表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 6992 6993**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6994 6995**系统能力:** SystemCapability.Security.Cert 6996 6997**返回值**: 6998 6999| 类型 | 说明 | 7000| ------ | --------------------------------------------- | 7001| string | 表示X509证书吊销列表签名算法的对象标志符OID。 | 7002 7003**错误码:** 7004 7005以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7006 7007| 错误码ID | 错误信息 | 7008| -------- | ----------------------- | 7009| 19020001 | memory malloc failed. | 7010| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7011| 19030001 | crypto operation error. | 7012 7013**示例:** 7014 7015```ts 7016import { cert } from '@kit.DeviceCertificateKit'; 7017import { BusinessError } from '@kit.BasicServicesKit'; 7018 7019// string转Uint8Array。 7020function stringToUint8Array(str: string): Uint8Array { 7021 let arr: Array<number> = []; 7022 for (let i = 0, j = str.length; i < j; i++) { 7023 arr.push(str.charCodeAt(i)); 7024 } 7025 return new Uint8Array(arr); 7026} 7027 7028let crlData = '-----BEGIN X509 CRL-----\n' + 7029 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7030 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7031 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7032 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7033 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7034 'eavsH0Q3\n' + 7035 '-----END X509 CRL-----\n'; 7036 7037// 证书吊销列表二进制数据,需业务自行赋值。 7038let encodingBlob: cert.EncodingBlob = { 7039 data: stringToUint8Array(crlData), 7040 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7041 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7042}; 7043 7044cert.createX509CRL(encodingBlob, (error, x509CRL) => { 7045 if (error) { 7046 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7047 } else { 7048 console.log('createX509CRL success'); 7049 try { 7050 let sigAlgOid = x509CRL.getSignatureAlgOid(); 7051 } catch (err) { 7052 let e: BusinessError = err as BusinessError; 7053 console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7054 } 7055 } 7056}); 7057``` 7058 7059### getSignatureAlgParams<sup>11+</sup> 7060 7061getSignatureAlgParams() : DataBlob 7062 7063表示获取X509证书吊销列表签名的算法参数。 7064 7065**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7066 7067**系统能力:** SystemCapability.Security.Cert 7068 7069**返回值**: 7070 7071| 类型 | 说明 | 7072| --------------------- | ---------------------------------- | 7073| [DataBlob](#datablob) | 表示X509证书吊销列表签名的算法参数。 | 7074 7075**错误码:** 7076 7077以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7078 7079| 错误码ID | 错误信息 | 7080| -------- | ----------------------- | 7081| 801 | this operation is not supported. | 7082| 19020001 | memory malloc failed. | 7083| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7084| 19030001 | crypto operation error. | 7085 7086**示例:** 7087 7088```ts 7089import { cert } from '@kit.DeviceCertificateKit'; 7090import { BusinessError } from '@kit.BasicServicesKit'; 7091 7092// string转Uint8Array。 7093function stringToUint8Array(str: string): Uint8Array { 7094 let arr: Array<number> = []; 7095 for (let i = 0, j = str.length; i < j; i++) { 7096 arr.push(str.charCodeAt(i)); 7097 } 7098 return new Uint8Array(arr); 7099} 7100 7101let crlData = '-----BEGIN X509 CRL-----\n' + 7102 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7103 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7104 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7105 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7106 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7107 'eavsH0Q3\n' + 7108 '-----END X509 CRL-----\n'; 7109 7110// 证书吊销列表二进制数据,需业务自行赋值。 7111let encodingBlob: cert.EncodingBlob = { 7112 data: stringToUint8Array(crlData), 7113 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7114 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7115}; 7116 7117cert.createX509CRL(encodingBlob, (error, x509CRL) => { 7118 if (error) { 7119 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7120 } else { 7121 console.log('createX509CRL success'); 7122 try { 7123 let sigAlgParams = x509CRL.getSignatureAlgParams(); 7124 } catch (err) { 7125 let e: BusinessError = err as BusinessError; 7126 console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7127 } 7128 } 7129}); 7130``` 7131 7132### getTBSInfo<sup>11+</sup> 7133 7134getTBSInfo() : DataBlob 7135 7136表示获取证书吊销列表的tbsCertList信息。 7137 7138**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7139 7140**系统能力:** SystemCapability.Security.Cert 7141 7142**返回值**: 7143 7144| 类型 | 说明 | 7145| --------------------- | --------------------------------- | 7146| [DataBlob](#datablob) | 表示证书吊销列表的tbsCertList信息。 | 7147 7148**错误码:** 7149 7150以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7151 7152| 错误码ID | 错误信息 | 7153| -------- | ----------------------- | 7154| 19020001 | memory malloc failed. | 7155| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7156| 19030001 | crypto operation error. | 7157 7158**示例:** 7159 7160```ts 7161import { cert } from '@kit.DeviceCertificateKit'; 7162import { BusinessError } from '@kit.BasicServicesKit'; 7163 7164// string转Uint8Array。 7165function stringToUint8Array(str: string): Uint8Array { 7166 let arr: Array<number> = []; 7167 for (let i = 0, j = str.length; i < j; i++) { 7168 arr.push(str.charCodeAt(i)); 7169 } 7170 return new Uint8Array(arr); 7171} 7172 7173let crlData = '-----BEGIN X509 CRL-----\n' + 7174 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7175 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7176 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7177 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7178 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7179 'eavsH0Q3\n' + 7180 '-----END X509 CRL-----\n'; 7181 7182// 证书吊销列表二进制数据,需业务自行赋值。 7183let encodingBlob: cert.EncodingBlob = { 7184 data: stringToUint8Array(crlData), 7185 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7186 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7187}; 7188 7189cert.createX509CRL(encodingBlob, (error, x509CRL) => { 7190 if (error) { 7191 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7192 } else { 7193 console.log('createX509CRL success'); 7194 try { 7195 let tbsInfo = x509CRL.getTBSInfo(); 7196 } catch (error) { 7197 let e: BusinessError = error as BusinessError; 7198 console.error('getTBSInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7199 } 7200 } 7201}); 7202``` 7203 7204### getExtensions<sup>11+</sup> 7205 7206getExtensions(): DataBlob 7207 7208表示获取CRL的扩展。 7209 7210**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7211 7212**系统能力:** SystemCapability.Security.Cert 7213 7214**返回值**: 7215 7216| 类型 | 说明 | 7217| --------------------- | ------------------- | 7218| [DataBlob](#datablob) | 表示X509CRL扩展用途。 | 7219 7220**错误码:** 7221 7222以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7223 7224| 错误码ID | 错误信息 | 7225| -------- | ----------------------- | 7226| 19020001 | memory malloc failed. | 7227| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7228| 19030001 | crypto operation error. | 7229 7230**示例:** 7231 7232```ts 7233import { cert } from '@kit.DeviceCertificateKit'; 7234import { BusinessError } from '@kit.BasicServicesKit'; 7235 7236// string转Uint8Array。 7237function stringToUint8Array(str: string): Uint8Array { 7238 let arr: Array<number> = []; 7239 for (let i = 0, j = str.length; i < j; i++) { 7240 arr.push(str.charCodeAt(i)); 7241 } 7242 return new Uint8Array(arr); 7243} 7244 7245let crlData = '-----BEGIN X509 CRL-----\n' + 7246 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 7247 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 7248 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 7249 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 7250 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 7251 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 7252 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 7253 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 7254 '+i2osvdPWRia0dJCL1PCA14k\n' + 7255 '-----END X509 CRL-----\n'; 7256 7257// 证书吊销列表二进制数据,需业务自行赋值。 7258let encodingBlob: cert.EncodingBlob = { 7259 data: stringToUint8Array(crlData), 7260 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7261 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7262}; 7263 7264cert.createX509CRL(encodingBlob, (error, x509CRL) => { 7265 if (error) { 7266 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7267 } else { 7268 console.log('createX509CRL success'); 7269 try { 7270 let extensions = x509CRL.getExtensions(); 7271 } catch (error) { 7272 let e: BusinessError = error as BusinessError; 7273 console.error('getExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7274 } 7275 } 7276}); 7277``` 7278 7279### match<sup>11+</sup> 7280 7281match(param: X509CRLMatchParameters): boolean 7282 7283判断证书吊销列表是否与输入参数匹配。 7284 7285**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7286 7287**系统能力:** SystemCapability.Security.Cert 7288 7289**参数**: 7290 7291| 参数名 | 类型 | 必填 | 说明 | 7292| --------- | ------ | ---- | ------------------------------------------ | 7293| param | [X509CRLMatchParameters](#x509crlmatchparameters11)| 是 | 表示需要匹配的参数。 | 7294 7295**返回值**: 7296 7297| 类型 | 说明 | 7298| --------------------- | ----------------------------------------- | 7299| boolean | 当参数匹配时,该方法返回true,否则返回false。 | 7300 7301**错误码:** 7302 7303以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7304 7305| 错误码ID | 错误信息 | 7306| -------- | -------------- | 7307| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7308| 19020001 | memory malloc failed. | 7309| 19030001 | crypto operation error. | 7310 7311**示例:** 7312 7313```ts 7314import { cert } from '@kit.DeviceCertificateKit'; 7315import { BusinessError } from '@kit.BasicServicesKit'; 7316 7317// string转Uint8Array。 7318function stringToUint8Array(str: string): Uint8Array { 7319 let arr: Array<number> = []; 7320 for (let i = 0, j = str.length; i < j; i++) { 7321 arr.push(str.charCodeAt(i)); 7322 } 7323 return new Uint8Array(arr); 7324} 7325 7326let crlData = '-----BEGIN X509 CRL-----\n' + 7327 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7328 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7329 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7330 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7331 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7332 'eavsH0Q3\n' + 7333 '-----END X509 CRL-----\n'; 7334 7335// 证书吊销列表二进制数据,需业务自行赋值。 7336let crlEncodingBlob: cert.EncodingBlob = { 7337 data: stringToUint8Array(crlData), 7338 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7339 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7340}; 7341 7342const certData = "-----BEGIN CERTIFICATE-----\r\n" + 7343 "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 7344 "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 7345 "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 7346 "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 7347 "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 7348 "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 7349 "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 7350 "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 7351 "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 7352 "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 7353 "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 7354 "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 7355 "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 7356 "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 7357 "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 7358 "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 7359 "-----END CERTIFICATE-----\r\n"; 7360const certEncodingBlob: cert.EncodingBlob = { 7361 data: stringToUint8Array(certData), 7362 encodingFormat: cert.EncodingFormat.FORMAT_PEM, 7363}; 7364 7365async function crlMatch() { 7366 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 7367 try { 7368 x509Cert = await cert.createX509Cert(certEncodingBlob); 7369 console.log('createX509Cert success'); 7370 } catch (err) { 7371 console.error('createX509Cert failed'); 7372 } 7373 7374 cert.createX509CRL(crlEncodingBlob, (error, x509CRL) => { 7375 if (error) { 7376 console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7377 } else { 7378 console.log('createX509CRL success'); 7379 try { 7380 const param: cert.X509CRLMatchParameters = { 7381 issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 7382 x509Cert: x509Cert 7383 } 7384 const result = x509CRL.match(param); 7385 } catch (error) { 7386 let e: BusinessError = error as BusinessError; 7387 console.error('x509CRL match failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7388 } 7389 } 7390 }); 7391} 7392``` 7393 7394### getIssuerX500DistinguishedName<sup>12+</sup> 7395 7396getIssuerX500DistinguishedName(): X500DistinguishedName 7397 7398获取颁发者的X509可分辨名称。 7399 7400**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7401 7402**系统能力:** SystemCapability.Security.Cert 7403 7404**返回值**: 7405 7406| 类型 | 说明 | 7407| --------------------- | ----------------------------------------- | 7408| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。 | 7409 7410**错误码:** 7411 7412以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7413 7414| 错误码ID | 错误信息 | 7415| -------- | -------------- | 7416| 19020001 | memory malloc failed. | 7417| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7418| 19030001 | crypto operation error. | 7419 7420**示例:** 7421 7422```ts 7423import { cert } from '@kit.DeviceCertificateKit'; 7424import { BusinessError } from '@kit.BasicServicesKit'; 7425 7426// string转Uint8Array。 7427function stringToUint8Array(str: string): Uint8Array { 7428 let arr: Array<number> = []; 7429 for (let i = 0, j = str.length; i < j; i++) { 7430 arr.push(str.charCodeAt(i)); 7431 } 7432 return new Uint8Array(arr); 7433} 7434 7435let crlData = '-----BEGIN X509 CRL-----\n' + 7436 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7437 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7438 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7439 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7440 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7441 'eavsH0Q3\n' + 7442 '-----END X509 CRL-----\n'; 7443 7444// 证书吊销列表二进制数据,需业务自行赋值。 7445let crlEncodingBlob: cert.EncodingBlob = { 7446 data: stringToUint8Array(crlData), 7447 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7448 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7449}; 7450 7451async function crlGetIssuerX500DistinguishedName() { 7452 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7453 try { 7454 x509Crl = await cert.createX509CRL(crlEncodingBlob); 7455 console.log('createX509CRL success'); 7456 let name = x509Crl.getIssuerX500DistinguishedName(); 7457 } catch (err) { 7458 let e: BusinessError = err as BusinessError; 7459 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7460 } 7461} 7462``` 7463 7464### toString<sup>12+</sup> 7465 7466toString(): string 7467 7468获取对象的字符串类型数据。 7469 7470**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7471 7472**系统能力:** SystemCapability.Security.Cert 7473 7474**返回值**: 7475 7476| 类型 | 说明 | 7477| --------------------- | ----------------------------------------- | 7478| string | 对象的字符串类型数据。 | 7479 7480**错误码:** 7481 7482以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7483 7484| 错误码ID | 错误信息 | 7485| -------- | -------------- | 7486| 19020001 | memory malloc failed. | 7487| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7488| 19030001 | crypto operation error. | 7489 7490**示例:** 7491 7492```ts 7493import { cert } from '@kit.DeviceCertificateKit'; 7494import { BusinessError } from '@kit.BasicServicesKit'; 7495 7496// string转Uint8Array。 7497function stringToUint8Array(str: string): Uint8Array { 7498 let arr: Array<number> = []; 7499 for (let i = 0, j = str.length; i < j; i++) { 7500 arr.push(str.charCodeAt(i)); 7501 } 7502 return new Uint8Array(arr); 7503} 7504 7505let crlData = '-----BEGIN X509 CRL-----\n' + 7506 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7507 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7508 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7509 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7510 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7511 'eavsH0Q3\n' + 7512 '-----END X509 CRL-----\n'; 7513 7514// 证书吊销列表二进制数据,需业务自行赋值。 7515let crlEncodingBlob: cert.EncodingBlob = { 7516 data: stringToUint8Array(crlData), 7517 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7518 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7519}; 7520 7521async function crlToString() { 7522 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7523 try { 7524 x509Crl = await cert.createX509CRL(crlEncodingBlob); 7525 console.log('createX509CRL success'); 7526 console.info('crlToString success: ' + JSON.stringify(x509Crl.toString())); 7527 } catch (err) { 7528 let e: BusinessError = err as BusinessError; 7529 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7530 } 7531} 7532``` 7533 7534### toString<sup>20+</sup> 7535 7536toString(encodingType: EncodingType): string 7537 7538根据编码类型获取对象的字符串类型数据。 7539 7540**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 7541 7542**系统能力:** SystemCapability.Security.Cert 7543 7544**参数**: 7545 7546| 参数名 | 类型 | 必填 | 说明 | 7547| -------- | ------------------------------------- | ---- | ------------------------------ | 7548| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。 | 7549 7550**返回值**: 7551 7552| 类型 | 说明 | 7553| ------ | -------------------- | 7554| string | 表示对象的字符串类型数据。 | 7555 7556**错误码:** 7557 7558以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7559 7560| 错误码ID | 错误信息 | 7561| -------- | ------------------------------------------------- | 7562| 19020001 | memory malloc failed. | 7563| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7564| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 7565| 19030001 | crypto operation error. | 7566 7567**示例:** 7568 7569```ts 7570import { cert } from '@kit.DeviceCertificateKit'; 7571import { BusinessError } from '@kit.BasicServicesKit'; 7572 7573// string转Uint8Array。 7574function stringToUint8Array(str: string): Uint8Array { 7575 let arr: Array<number> = []; 7576 for (let i = 0, j = str.length; i < j; i++) { 7577 arr.push(str.charCodeAt(i)); 7578 } 7579 return new Uint8Array(arr); 7580} 7581 7582let crlData = '-----BEGIN X509 CRL-----\n' + 7583 'MIIByzCBtAIBATANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJDTjEPMA0GA1UE\n' + 7584 'CAwG6ZmV6KW/MQ8wDQYDVQQHDAbopb/lrokxDzANBgNVBAoMBua1i+ivlTEVMBMG\n' + 7585 'A1UEAwwM5Lit5paH5rWL6K+VFw0yNDEwMTYwODUwMDlaFw0yNDExMTUwODUwMDla\n' + 7586 'MBkwFwIGAXKnJjrAFw0yNDEwMTYwODQ5NDBaoA4wDDAKBgNVHRQEAwIBADANBgkq\n' + 7587 'hkiG9w0BAQsFAAOCAQEAU0JPK/DnGmjCi5lKyun506JE+FVDuQsEWuF5CZPqE2um\n' + 7588 'hA04Qffi+8AfwLpG2KPBaAYTteU4fx30y8Wm0kLutalk32FgrbQX0VQ7EaCOmkMU\n' + 7589 '2dnQMmFmaFiVcOTaRzgqDOYKuzSAptCo6hqtk9kgjbda5HnsNiVC7dNMRp1Jlzwr\n' + 7590 'k/42mqZ3fFIy3wYLaxRlq368BX3u94J9Cx754V2V/XEApiRI/FsiSRzRX+jfUBa4\n' + 7591 '+wwu3WhWxisQj6z3bBkQD4RTg3S+ic8hhP44wt/1MmSLG946Dc9uVYJKUVZqTco9\n' + 7592 'QDoDwYfBJBzcXjManSkPsGCb7RfTAr5HqcEtIHsK+w==\n' + 7593 '-----END X509 CRL-----\n'; 7594// 证书吊销列表二进制数据,需业务自行赋值。 7595let crlEncodingBlob: cert.EncodingBlob = { 7596 data: stringToUint8Array(crlData), 7597 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7598 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7599}; 7600 7601async function crlToString() { 7602 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7603 try { 7604 x509Crl = await cert.createX509CRL(crlEncodingBlob); 7605 console.log('createX509CRL success'); 7606 console.info('crlToString success: ' + JSON.stringify(x509Crl.toString(cert.EncodingType.ENCODING_UTF8))); 7607 } catch (err) { 7608 let e: BusinessError = err as BusinessError; 7609 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7610 } 7611} 7612``` 7613 7614### hashCode<sup>12+</sup> 7615 7616hashCode(): Uint8Array 7617 7618获取DER格式数据的哈希值。 7619 7620**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7621 7622**系统能力:** SystemCapability.Security.Cert 7623 7624**返回值**: 7625 7626| 类型 | 说明 | 7627| --------------------- | ----------------------------------------- | 7628| Uint8Array | DER格式数据的哈希值。 | 7629 7630**错误码:** 7631 7632以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7633 7634| 错误码ID | 错误信息 | 7635| -------- | -------------- | 7636| 19020001 | memory malloc failed. | 7637| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7638| 19030001 | crypto operation error. | 7639 7640**示例:** 7641 7642```ts 7643import { cert } from '@kit.DeviceCertificateKit'; 7644import { BusinessError } from '@kit.BasicServicesKit'; 7645 7646// string转Uint8Array。 7647function stringToUint8Array(str: string): Uint8Array { 7648 let arr: Array<number> = []; 7649 for (let i = 0, j = str.length; i < j; i++) { 7650 arr.push(str.charCodeAt(i)); 7651 } 7652 return new Uint8Array(arr); 7653} 7654 7655let crlData = '-----BEGIN X509 CRL-----\n' + 7656 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7657 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7658 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7659 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7660 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7661 'eavsH0Q3\n' + 7662 '-----END X509 CRL-----\n'; 7663 7664// 证书吊销列表二进制数据,需业务自行赋值。 7665let crlEncodingBlob: cert.EncodingBlob = { 7666 data: stringToUint8Array(crlData), 7667 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7668 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7669}; 7670 7671async function crlHashCode() { 7672 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7673 try { 7674 x509Crl = await cert.createX509CRL(crlEncodingBlob); 7675 console.log('createX509CRL success'); 7676 console.info('crlHashCode success: ' + JSON.stringify(x509Crl.hashCode())); 7677 } catch (err) { 7678 let e: BusinessError = err as BusinessError; 7679 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7680 } 7681} 7682``` 7683 7684### getExtensionsObject<sup>12+</sup> 7685 7686getExtensionsObject(): CertExtension 7687 7688获取对应实体的扩展域DER格式数据。 7689 7690**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7691 7692**系统能力:** SystemCapability.Security.Cert 7693 7694**返回值**: 7695 7696| 类型 | 说明 | 7697| --------------------- | ----------------------------------------- | 7698| [CertExtension](#certextension10) | 证书扩展域段类对象。| 7699 7700**错误码:** 7701 7702以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7703 7704| 错误码ID | 错误信息 | 7705| -------- | -------------- | 7706| 19020001 | memory malloc failed. | 7707| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7708| 19030001 | crypto operation error. | 7709 7710**示例:** 7711 7712```ts 7713import { cert } from '@kit.DeviceCertificateKit'; 7714import { BusinessError } from '@kit.BasicServicesKit'; 7715 7716// string转Uint8Array。 7717function stringToUint8Array(str: string): Uint8Array { 7718 let arr: Array<number> = []; 7719 for (let i = 0, j = str.length; i < j; i++) { 7720 arr.push(str.charCodeAt(i)); 7721 } 7722 return new Uint8Array(arr); 7723} 7724 7725let crlData = '-----BEGIN X509 CRL-----\n' + 7726 'MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV\n' + 7727 'BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD\n' + 7728 'VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG\n' + 7729 '9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy\n' + 7730 'NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+\n' + 7731 '1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq\n' + 7732 'jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU\n' + 7733 '+gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe\n' + 7734 'Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw\n' + 7735 'diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx\n' + 7736 '+X48g7VE2o2X4cfy\n' + 7737 '-----END X509 CRL-----\n'; 7738 7739// 证书吊销列表二进制数据,需业务自行赋值。 7740let crlEncodingBlob: cert.EncodingBlob = { 7741 data: stringToUint8Array(crlData), 7742 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7743 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7744}; 7745 7746async function crlHashCode() { 7747 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7748 try { 7749 x509Crl = await cert.createX509CRL(crlEncodingBlob); 7750 console.log('createX509CRL success'); 7751 let object = x509Crl.getExtensionsObject(); 7752 } catch (err) { 7753 let e: BusinessError = err as BusinessError; 7754 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7755 } 7756} 7757``` 7758 7759## cert.createCertChainValidator 7760 7761createCertChainValidator(algorithm :string) : CertChainValidator 7762 7763表示创建证书链校验器对象。 7764 7765**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7766 7767**系统能力:** SystemCapability.Security.Cert 7768 7769**参数**: 7770 7771| 参数名 | 类型 | 必填 | 说明 | 7772| --------- | ------ | ---- | ------------------------------------------ | 7773| algorithm | string | 是 | 表示证书链校验器算法。当前仅支持输入“PKIX”。 | 7774 7775**返回值**: 7776 7777| 类型 | 说明 | 7778| ------------------ | -------------------- | 7779| [CertChainValidator](#certchainvalidator) | 表示证书链校验器对象。 | 7780 7781**错误码:** 7782 7783以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7784 7785| 错误码ID | 错误信息 | 7786| -------- | ----------------------- | 7787| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7788| 801 | this operation is not supported. | 7789| 19020001 | memory malloc failed. | 7790| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7791| 19030001 | crypto operation error. | 7792 7793**示例:** 7794 7795```ts 7796import { cert } from '@kit.DeviceCertificateKit'; 7797import { BusinessError } from '@kit.BasicServicesKit'; 7798 7799try { 7800 let validator = cert.createCertChainValidator('PKIX'); 7801} catch (error) { 7802 let e: BusinessError = error as BusinessError; 7803 console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7804} 7805``` 7806 7807## CertChainValidator 7808 7809证书链校验器对象。 7810 7811 7812**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7813 7814**系统能力:** SystemCapability.Security.Cert 7815 7816| 名称 | 类型 | 只读 | 可选 | 说明 | 7817| ------- | ------ | ---- | ---- | -------------------------- | 7818| algorithm | string | 是 | 否 | X509证书链校验器算法名称。 | 7819 7820 7821### validate 7822 7823validate(certChain : CertChainData, callback : AsyncCallback\<void>) : void 7824 7825表示校验X509证书链,使用Callback回调异步返回结果。 7826由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/DeviceCertificateKit/certificate-framework-overview.md#证书规格)。 7827 7828**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7829 7830**系统能力:** SystemCapability.Security.Cert 7831 7832**参数**: 7833 7834| 参数名 | 类型 | 必填 | 说明 | 7835| --------- | ------------------------------- | ---- | ------------------------------------------------------------ | 7836| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据。 | 7837| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否校验成功,error为null表示成功,error不为null表示失败。 | 7838 7839**错误码:** 7840 7841以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7842 7843| 错误码ID | 错误信息 | 7844| -------- | ------------------------------------------------- | 7845| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7846| 19020001 | memory malloc failed. | 7847| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7848| 19030001 | crypto operation error. | 7849| 19030002 | the certificate signature verification failed. | 7850| 19030003 | the certificate has not taken effect. | 7851| 19030004 | the certificate has expired. | 7852| 19030005 | failed to obtain the certificate issuer. | 7853| 19030006 | the key cannot be used for signing a certificate. | 7854| 19030007 | the key cannot be used for digital signature. | 7855 7856**示例:** 7857 7858```ts 7859import { cert } from '@kit.DeviceCertificateKit'; 7860import { BusinessError } from '@kit.BasicServicesKit'; 7861 7862// string转Uint8Array。 7863function stringToUint8Array(str: string): Uint8Array { 7864 let arr: Array<number> = []; 7865 for (let i = 0, j = str.length; i < j; i++) { 7866 arr.push(str.charCodeAt(i)); 7867 } 7868 return new Uint8Array(arr); 7869} 7870 7871// 证书链二进制数据。 7872let certPem = '-----BEGIN CERTIFICATE-----\n' + 7873 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7874 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 7875 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 7876 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 7877 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 7878 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 7879 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 7880 '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 7881 '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 7882 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 7883 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 7884 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 7885 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 7886 '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 7887 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 7888 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 7889 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 7890 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 7891 '-----END CERTIFICATE-----'; 7892 7893let caPem = '-----BEGIN CERTIFICATE-----\n' + 7894'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7895'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 7896'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 7897'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 7898'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 7899'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 7900'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 7901'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 7902'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 7903'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 7904'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 7905'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 7906'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 7907'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 7908'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 7909'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 7910'sSus\n' + 7911'-----END CERTIFICATE-----'; 7912 7913let certPemData = stringToUint8Array(certPem); 7914let caPemData = stringToUint8Array(caPem); 7915 7916let certPemDataLenData = new Uint8Array(new Uint16Array([certPemData.length]).buffer) 7917let caPemDataLenData = new Uint8Array(new Uint16Array([caPemData.length]).buffer) 7918 7919let certChainBuff = new Uint8Array(certPemDataLenData.length + certPemData.length + caPemDataLenData.length + caPemData.length) 7920certChainBuff.set(certPemDataLenData) 7921certChainBuff.set(certPemData, certPemDataLenData.length) 7922certChainBuff.set(caPemDataLenData, certPemDataLenData.length + certPemData.length) 7923certChainBuff.set(caPemData, certPemDataLenData.length + certPemData.length + caPemDataLenData.length) 7924 7925let certChainData: cert.CertChainData = { 7926 data: certChainBuff, 7927 // 证书链包含的证书个数,需业务自行赋值。 7928 count: 2, 7929 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 7930 encodingFormat: cert.EncodingFormat.FORMAT_PEM 7931}; 7932 7933try { 7934 let validator = cert.createCertChainValidator('PKIX'); 7935 validator.validate(certChainData, (error, data) => { 7936 if (error) { 7937 console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7938 } else { 7939 console.log('validate success'); 7940 } 7941 }); 7942} catch (error) { 7943 let e: BusinessError = error as BusinessError; 7944 console.error('validate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7945} 7946``` 7947 7948### validate 7949 7950validate(certChain : CertChainData) : Promise\<void> 7951 7952表示校验X509证书链,使用Promise方式异步返回结果。 7953由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/DeviceCertificateKit/certificate-framework-overview.md#证书规格)。 7954 7955**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7956 7957**系统能力:** SystemCapability.Security.Cert 7958 7959**参数**: 7960 7961| 参数名 | 类型 | 必填 | 说明 | 7962| --------- | ------------------------------- | ---- | -------------------------- | 7963| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据。 | 7964 7965**返回值**: 7966 7967| 类型 | 说明 | 7968| -------------- | ----------- | 7969| Promise\<void> | Promise对象。 | 7970 7971**错误码:** 7972 7973以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7974 7975| 错误码ID | 错误信息 | 7976| -------- | ------------------------------------------------- | 7977| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7978| 19020001 | memory malloc failed. | 7979| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 7980| 19030001 | crypto operation error. | 7981| 19030002 | the certificate signature verification failed. | 7982| 19030003 | the certificate has not taken effect. | 7983| 19030004 | the certificate has expired. | 7984| 19030005 | failed to obtain the certificate issuer. | 7985| 19030006 | the key cannot be used for signing a certificate. | 7986| 19030007 | the key cannot be used for digital signature. | 7987 7988**示例:** 7989 7990```ts 7991import { cert } from '@kit.DeviceCertificateKit'; 7992import { BusinessError } from '@kit.BasicServicesKit'; 7993 7994// string转Uint8Array。 7995function stringToUint8Array(str: string): Uint8Array { 7996 let arr: Array<number> = []; 7997 for (let i = 0, j = str.length; i < j; i++) { 7998 arr.push(str.charCodeAt(i)); 7999 } 8000 return new Uint8Array(arr); 8001} 8002 8003// 证书链数据。 8004let certPem = '-----BEGIN CERTIFICATE-----\n' + 8005 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 8006 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 8007 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 8008 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 8009 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 8010 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 8011 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 8012 '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 8013 '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 8014 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 8015 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 8016 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 8017 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 8018 '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 8019 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 8020 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 8021 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 8022 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 8023 '-----END CERTIFICATE-----'; 8024 8025let caPem = '-----BEGIN CERTIFICATE-----\n' + 8026'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 8027'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 8028'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 8029'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 8030'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 8031'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 8032'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 8033'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 8034'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 8035'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 8036'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 8037'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 8038'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 8039'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 8040'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 8041'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 8042'sSus\n' + 8043'-----END CERTIFICATE-----'; 8044 8045let certPemData = stringToUint8Array(certPem); 8046let caPemData = stringToUint8Array(caPem); 8047 8048let certPemDataLenData = new Uint8Array(new Uint16Array([certPemData.length]).buffer) 8049let caPemDataLenData = new Uint8Array(new Uint16Array([caPemData.length]).buffer) 8050 8051let certChainBuff = new Uint8Array(certPemDataLenData.length + certPemData.length + caPemDataLenData.length + caPemData.length) 8052certChainBuff.set(certPemDataLenData) 8053certChainBuff.set(certPemData, certPemDataLenData.length) 8054certChainBuff.set(caPemDataLenData, certPemDataLenData.length + certPemData.length) 8055certChainBuff.set(caPemData, certPemDataLenData.length + certPemData.length + caPemDataLenData.length) 8056 8057let certChainData: cert.CertChainData = { 8058 data: certChainBuff, 8059 // 证书链包含的证书个数,需业务自行赋值。 8060 count: 2, 8061 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8062 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8063}; 8064 8065try { 8066 let validator = cert.createCertChainValidator('PKIX'); 8067 validator.validate(certChainData).then(result => { 8068 console.log('validate success'); 8069 }).catch((error: BusinessError) => { 8070 console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8071 }); 8072} catch (error) { 8073 let e: BusinessError = error as BusinessError; 8074 console.error('validate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8075} 8076``` 8077 8078## X509CrlEntry<sup>(deprecated)</sup> 8079 8080被吊销证书对象。 8081 8082> **说明:** 8083> 8084> 从API version 11开始废弃,建议使用[X509CrlEntry](#x509crlentry11)替代。 8085 8086### getEncoded<sup>(deprecated)</sup> 8087 8088getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 8089 8090表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。 8091 8092> **说明:** 8093> 8094> 从API version 11开始废弃,建议使用[X509CRLEntry.getEncoded](#getencoded11-2)替代。 8095 8096**系统能力:** SystemCapability.Security.Cert 8097 8098**参数**: 8099 8100| 参数名 | 类型 | 必填 | 说明 | 8101| -------- | --------------------------------------------- | ---- | ------------------------------------ | 8102| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示被吊销证书的序列化数据。 | 8103 8104**错误码:** 8105 8106以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8107 8108| 错误码ID | 错误信息 | 8109| -------- | ----------------------- | 8110| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 8111| 19020001 | memory malloc failed. | 8112| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8113| 19030001 | crypto operation error. | 8114 8115**示例:** 8116 8117```ts 8118import { cert } from '@kit.DeviceCertificateKit'; 8119import { BusinessError } from '@kit.BasicServicesKit'; 8120 8121// string转Uint8Array。 8122function stringToUint8Array(str: string): Uint8Array { 8123 let arr: Array<number> = []; 8124 for (let i = 0, j = str.length; i < j; i++) { 8125 arr.push(str.charCodeAt(i)); 8126 } 8127 return new Uint8Array(arr); 8128} 8129 8130let crlData = '-----BEGIN X509 CRL-----\n' + 8131 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8132 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8133 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8134 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8135 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8136 'eavsH0Q3\n' + 8137 '-----END X509 CRL-----\n' 8138 8139let encodingBlob: cert.EncodingBlob = { 8140 data: stringToUint8Array(crlData), 8141 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8142 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8143}; 8144 8145cert.createX509Crl(encodingBlob, (err, x509Crl) => { 8146 if (err) { 8147 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8148 } else { 8149 console.log('create x509 crl success'); 8150 8151 try { 8152 let serialNumber = 1000; 8153 let crlEntry = x509Crl.getRevokedCert(serialNumber); 8154 crlEntry.getEncoded((error, data) => { 8155 if (error) { 8156 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8157 } else { 8158 console.log('getEncoded success'); 8159 } 8160 }); 8161 } catch (error) { 8162 let e: BusinessError = error as BusinessError; 8163 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8164 } 8165 } 8166}) 8167``` 8168 8169### getEncoded<sup>(deprecated)</sup> 8170 8171getEncoded() : Promise\<EncodingBlob> 8172 8173表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。 8174 8175> **说明:** 8176> 8177> 从API version 11开始废弃,建议使用[X509CRLEntry.getEncoded](#getencoded11-3)替代。 8178 8179**系统能力:** SystemCapability.Security.Cert 8180 8181**返回值**: 8182 8183| 类型 | 说明 | 8184| --------------------------------------- | -------------------------- | 8185| Promise\<[EncodingBlob](#encodingblob)> | 表示被吊销证书的序列化数据。 | 8186 8187**错误码:** 8188 8189以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8190 8191| 错误码ID | 错误信息 | 8192| -------- | ----------------------- | 8193| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 8194| 19020001 | memory malloc failed. | 8195| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8196| 19030001 | crypto operation error. | 8197 8198**示例:** 8199 8200```ts 8201import { cert } from '@kit.DeviceCertificateKit'; 8202import { BusinessError } from '@kit.BasicServicesKit'; 8203 8204// string转Uint8Array。 8205function stringToUint8Array(str: string): Uint8Array { 8206 let arr: Array<number> = []; 8207 for (let i = 0, j = str.length; i < j; i++) { 8208 arr.push(str.charCodeAt(i)); 8209 } 8210 return new Uint8Array(arr); 8211} 8212 8213let crlData = '-----BEGIN X509 CRL-----\n' + 8214 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8215 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8216 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8217 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8218 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8219 'eavsH0Q3\n' + 8220 '-----END X509 CRL-----\n' 8221 8222let encodingBlob: cert.EncodingBlob = { 8223 data: stringToUint8Array(crlData), 8224 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8225 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8226}; 8227 8228cert.createX509Crl(encodingBlob, (err, x509Crl) => { 8229 if (err) { 8230 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8231 } else { 8232 console.log('create x509 crl success'); 8233 8234 try { 8235 let serialNumber = 1000; 8236 let crlEntry = x509Crl.getRevokedCert(serialNumber); 8237 crlEntry.getEncoded().then(result => { 8238 console.log('getEncoded success'); 8239 }).catch((error: BusinessError) => { 8240 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8241 }); 8242 } catch (error) { 8243 let e: BusinessError = error as BusinessError; 8244 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8245 } 8246 } 8247}) 8248``` 8249 8250### getSerialNumber<sup>(deprecated)</sup> 8251 8252getSerialNumber() : number 8253 8254表示获取被吊销证书的序列号。 8255 8256> **说明:** 8257> 8258> 从API version 11开始废弃,建议使用[X509CRLEntry.getSerialNumber](#getserialnumber11)替代。 8259 8260**系统能力:** SystemCapability.Security.Cert 8261 8262**返回值**: 8263 8264| 类型 | 说明 | 8265| ------ | ---------------------- | 8266| number | 表示被吊销证书的序列号。 | 8267 8268**示例:** 8269 8270```ts 8271import { cert } from '@kit.DeviceCertificateKit'; 8272import { BusinessError } from '@kit.BasicServicesKit'; 8273 8274// string转Uint8Array。 8275function stringToUint8Array(str: string): Uint8Array { 8276 let arr: Array<number> = []; 8277 for (let i = 0, j = str.length; i < j; i++) { 8278 arr.push(str.charCodeAt(i)); 8279 } 8280 return new Uint8Array(arr); 8281} 8282 8283let crlData = '-----BEGIN X509 CRL-----\n' + 8284 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8285 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8286 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8287 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8288 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8289 'eavsH0Q3\n' + 8290 '-----END X509 CRL-----\n' 8291 8292let encodingBlob: cert.EncodingBlob = { 8293 data: stringToUint8Array(crlData), 8294 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8295 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8296}; 8297 8298cert.createX509Crl(encodingBlob, (err, x509Crl) => { 8299 if (err) { 8300 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8301 } else { 8302 console.log('create x509 crl success'); 8303 8304 try { 8305 let serialNumber = 1000; 8306 let crlEntry = x509Crl.getRevokedCert(serialNumber); 8307 serialNumber = crlEntry.getSerialNumber(); 8308 } catch (error) { 8309 let e: BusinessError = error as BusinessError; 8310 console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8311 } 8312 } 8313}) 8314``` 8315 8316### getCertIssuer<sup>(deprecated)</sup> 8317 8318getCertIssuer() : DataBlob 8319 8320表示获取被吊销证书的颁发者信息。 8321 8322> **说明:** 8323> 8324> 从API version 11开始废弃,建议使用[X509CRLEntry.getCertIssuer](#getcertissuer11)替代。 8325 8326**系统能力:** SystemCapability.Security.Cert 8327 8328**返回值**: 8329 8330| 类型 | 说明 | 8331| --------------------- | ----------------------- | 8332| [DataBlob](#datablob) | 表示被吊销证书的颁发者信息。 | 8333 8334**错误码:** 8335 8336以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8337 8338| 错误码ID | 错误信息 | 8339| -------- | -------------- | 8340| 801 | this operation is not supported. | 8341| 19020001 | memory malloc failed. | 8342| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8343 8344**示例:** 8345 8346```ts 8347import { cert } from '@kit.DeviceCertificateKit'; 8348import { BusinessError } from '@kit.BasicServicesKit'; 8349 8350// string转Uint8Array。 8351function stringToUint8Array(str: string): Uint8Array { 8352 let arr: Array<number> = []; 8353 for (let i = 0, j = str.length; i < j; i++) { 8354 arr.push(str.charCodeAt(i)); 8355 } 8356 return new Uint8Array(arr); 8357} 8358 8359let crlData = '-----BEGIN X509 CRL-----\n' + 8360 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8361 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8362 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8363 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8364 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8365 'eavsH0Q3\n' + 8366 '-----END X509 CRL-----\n' 8367 8368let encodingBlob: cert.EncodingBlob = { 8369 data: stringToUint8Array(crlData), 8370 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8371 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8372}; 8373 8374cert.createX509Crl(encodingBlob, (err, x509Crl) => { 8375 if (err) { 8376 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8377 } else { 8378 console.log('create x509 crl success'); 8379 8380 try { 8381 let serialNumber = 1000; 8382 let crlEntry = x509Crl.getRevokedCert(serialNumber); 8383 let issuer = crlEntry.getCertIssuer(); 8384 } catch (error) { 8385 let e: BusinessError = error as BusinessError; 8386 console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8387 } 8388 } 8389}) 8390``` 8391 8392### getRevocationDate<sup>(deprecated)</sup> 8393 8394getRevocationDate() : string 8395 8396表示获取证书被吊销的日期,日期为ASN.1时间格式。 8397 8398> **说明:** 8399> 8400> 从API version 11开始废弃,建议使用[X509CRLEntry.getRevocationDate](#getrevocationdate11)替代。 8401 8402**系统能力:** SystemCapability.Security.Cert 8403 8404**返回值**: 8405 8406| 类型 | 说明 | 8407| ------ | ------------------ | 8408| string | 表示证书被吊销的日期,日期为ASN.1时间格式。 | 8409 8410**错误码:** 8411 8412以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8413 8414| 错误码ID | 错误信息 | 8415| -------- | ----------------------- | 8416| 19020001 | memory malloc failed. | 8417| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8418| 19030001 | crypto operation error. | 8419 8420**示例:** 8421 8422```ts 8423import { cert } from '@kit.DeviceCertificateKit'; 8424import { BusinessError } from '@kit.BasicServicesKit'; 8425 8426// string转Uint8Array。 8427function stringToUint8Array(str: string): Uint8Array { 8428 let arr: Array<number> = []; 8429 for (let i = 0, j = str.length; i < j; i++) { 8430 arr.push(str.charCodeAt(i)); 8431 } 8432 return new Uint8Array(arr); 8433} 8434 8435let crlData = '-----BEGIN X509 CRL-----\n' + 8436 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8437 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8438 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8439 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8440 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8441 'eavsH0Q3\n' + 8442 '-----END X509 CRL-----\n' 8443 8444let encodingBlob: cert.EncodingBlob = { 8445 data: stringToUint8Array(crlData), 8446 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8447 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8448}; 8449 8450cert.createX509Crl(encodingBlob, (err, x509Crl) => { 8451 if (err) { 8452 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8453 } else { 8454 console.log('create x509 crl success'); 8455 8456 try { 8457 let serialNumber = 1000; 8458 let crlEntry = x509Crl.getRevokedCert(serialNumber); 8459 let date = crlEntry.getRevocationDate(); 8460 } catch (error) { 8461 let e: BusinessError = error as BusinessError; 8462 console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8463 } 8464 } 8465}) 8466``` 8467 8468## X509CRLEntry<sup>11+</sup> 8469 8470被吊销证书对象。 8471 8472### getEncoded<sup>11+</sup> 8473 8474getEncoded(callback : AsyncCallback\<EncodingBlob>) : void 8475 8476表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。 8477 8478**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8479 8480**系统能力:** SystemCapability.Security.Cert 8481 8482**参数**: 8483 8484| 参数名 | 类型 | 必填 | 说明 | 8485| -------- | --------------------------------------------- | ---- | ------------------------------------ | 8486| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示被吊销证书的序列化数据。 | 8487 8488**错误码:** 8489 8490以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8491 8492| 错误码ID | 错误信息 | 8493| -------- | ----------------------- | 8494| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 8495| 19020001 | memory malloc failed. | 8496| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8497| 19030001 | crypto operation error. | 8498 8499**示例:** 8500 8501```ts 8502import { cert } from '@kit.DeviceCertificateKit'; 8503import { BusinessError } from '@kit.BasicServicesKit'; 8504 8505// string转Uint8Array。 8506function stringToUint8Array(str: string): Uint8Array { 8507 let arr: Array<number> = []; 8508 for (let i = 0, j = str.length; i < j; i++) { 8509 arr.push(str.charCodeAt(i)); 8510 } 8511 return new Uint8Array(arr); 8512} 8513 8514let crlData = '-----BEGIN X509 CRL-----\n' + 8515 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8516 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8517 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8518 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8519 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8520 'eavsH0Q3\n' + 8521 '-----END X509 CRL-----\n' 8522 8523let encodingBlob: cert.EncodingBlob = { 8524 data: stringToUint8Array(crlData), 8525 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8526 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8527}; 8528 8529cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8530 if (err) { 8531 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8532 } else { 8533 console.log('create x509 CRL success'); 8534 8535 try { 8536 let serialNumber = BigInt(1000); 8537 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8538 crlEntry.getEncoded((error, data) => { 8539 if (error) { 8540 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8541 } else { 8542 console.log('getEncoded success'); 8543 } 8544 }); 8545 } catch (error) { 8546 let e: BusinessError = error as BusinessError; 8547 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8548 } 8549 } 8550}) 8551``` 8552 8553### getEncoded<sup>11+</sup> 8554 8555getEncoded() : Promise\<EncodingBlob> 8556 8557表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。 8558 8559**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8560 8561**系统能力:** SystemCapability.Security.Cert 8562 8563**返回值**: 8564 8565| 类型 | 说明 | 8566| --------------------------------------- | -------------------------- | 8567| Promise\<[EncodingBlob](#encodingblob)> | 表示被吊销证书的序列化数据。 | 8568 8569**错误码:** 8570 8571以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8572 8573| 错误码ID | 错误信息 | 8574| -------- | ----------------------- | 8575| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 8576| 19020001 | memory malloc failed. | 8577| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8578| 19030001 | crypto operation error. | 8579 8580**示例:** 8581 8582```ts 8583import { cert } from '@kit.DeviceCertificateKit'; 8584import { BusinessError } from '@kit.BasicServicesKit'; 8585 8586// string转Uint8Array。 8587function stringToUint8Array(str: string): Uint8Array { 8588 let arr: Array<number> = []; 8589 for (let i = 0, j = str.length; i < j; i++) { 8590 arr.push(str.charCodeAt(i)); 8591 } 8592 return new Uint8Array(arr); 8593} 8594 8595let crlData = '-----BEGIN X509 CRL-----\n' + 8596 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8597 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8598 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8599 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8600 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8601 'eavsH0Q3\n' + 8602 '-----END X509 CRL-----\n' 8603 8604let encodingBlob: cert.EncodingBlob = { 8605 data: stringToUint8Array(crlData), 8606 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8607 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8608}; 8609 8610cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8611 if (err) { 8612 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8613 } else { 8614 console.log('create x509 CRL success'); 8615 8616 try { 8617 let serialNumber = BigInt(1000); 8618 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8619 crlEntry.getEncoded().then(result => { 8620 console.log('getEncoded success'); 8621 }).catch((error: BusinessError) => { 8622 console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8623 }); 8624 } catch (error) { 8625 let e: BusinessError = error as BusinessError; 8626 console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8627 } 8628 } 8629}) 8630``` 8631 8632### getSerialNumber<sup>11+</sup> 8633 8634getSerialNumber() : bigint 8635 8636表示获取被吊销证书的序列号。 8637 8638**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8639 8640**系统能力:** SystemCapability.Security.Cert 8641 8642**返回值**: 8643 8644| 类型 | 说明 | 8645| ------ | ---------------------- | 8646| bigint | 表示被吊销证书的序列号。 | 8647 8648**错误码:** 8649 8650以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8651 8652| 错误码ID | 错误信息 | 8653| -------- | ----------------------- | 8654| 19020001 | memory malloc failed. | 8655| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8656| 19030001 | crypto operation error. | 8657 8658**示例:** 8659 8660```ts 8661import { cert } from '@kit.DeviceCertificateKit'; 8662import { BusinessError } from '@kit.BasicServicesKit'; 8663 8664// string转Uint8Array。 8665function stringToUint8Array(str: string): Uint8Array { 8666 let arr: Array<number> = []; 8667 for (let i = 0, j = str.length; i < j; i++) { 8668 arr.push(str.charCodeAt(i)); 8669 } 8670 return new Uint8Array(arr); 8671} 8672 8673let crlData = '-----BEGIN X509 CRL-----\n' + 8674 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8675 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8676 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8677 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8678 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8679 'eavsH0Q3\n' + 8680 '-----END X509 CRL-----\n' 8681 8682let encodingBlob: cert.EncodingBlob = { 8683 data: stringToUint8Array(crlData), 8684 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8685 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8686}; 8687 8688cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8689 if (err) { 8690 console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8691 } else { 8692 console.log('create x509 crl success'); 8693 8694 try { 8695 let serialNumber = BigInt(1000); 8696 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8697 serialNumber = crlEntry.getSerialNumber(); 8698 } catch (error) { 8699 let e: BusinessError = error as BusinessError; 8700 console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8701 } 8702 } 8703}) 8704``` 8705 8706### getCertIssuer<sup>11+</sup> 8707 8708getCertIssuer() : DataBlob 8709 8710表示获取被吊销证书的颁发者信息。 8711 8712> **说明:** 8713> 8714> 获取到的被吊销证书的颁发者信息数据带字符串结束符。 8715 8716**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8717 8718**系统能力:** SystemCapability.Security.Cert 8719 8720**返回值**: 8721 8722| 类型 | 说明 | 8723| --------------------- | -------------------------- | 8724| [DataBlob](#datablob) | 表示被吊销证书的颁发者信息。 | 8725 8726**错误码:** 8727 8728以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8729 8730| 错误码ID | 错误信息 | 8731| -------- | ----------------------- | 8732| 801 | this operation is not supported. | 8733| 19020001 | memory malloc failed. | 8734| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8735| 19030001 | crypto operation error. | 8736 8737**示例:** 8738 8739```ts 8740import { cert } from '@kit.DeviceCertificateKit'; 8741import { BusinessError } from '@kit.BasicServicesKit'; 8742 8743// string转Uint8Array。 8744function stringToUint8Array(str: string): Uint8Array { 8745 let arr: Array<number> = []; 8746 for (let i = 0, j = str.length; i < j; i++) { 8747 arr.push(str.charCodeAt(i)); 8748 } 8749 return new Uint8Array(arr); 8750} 8751 8752let crlData = '-----BEGIN X509 CRL-----\n' + 8753 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8754 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8755 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8756 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8757 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8758 'eavsH0Q3\n' + 8759 '-----END X509 CRL-----\n' 8760 8761let encodingBlob: cert.EncodingBlob = { 8762 data: stringToUint8Array(crlData), 8763 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8764 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8765}; 8766 8767cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8768 if (err) { 8769 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8770 } else { 8771 console.log('create x509 CRL success'); 8772 8773 try { 8774 let serialNumber = BigInt(1000); 8775 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8776 let issuer = crlEntry.getCertIssuer(); 8777 } catch (error) { 8778 let e: BusinessError = error as BusinessError; 8779 console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8780 } 8781 } 8782}) 8783``` 8784 8785### getCertIssuer<sup>20+</sup> 8786 8787getCertIssuer(encodingType: EncodingType): string 8788 8789根据编码类型获取被吊销证书的颁发者信息。 8790 8791**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 8792 8793**系统能力:** SystemCapability.Security.Cert 8794 8795**参数**: 8796 8797| 参数名 | 类型 | 必填 | 说明 | 8798| -------- | ------------------------------------- | ---- | ------------------------------ | 8799| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。 | 8800 8801**返回值**: 8802 8803| 类型 | 说明 | 8804| ------ | -------------------- | 8805| string | 表示被吊销证书的颁发者信息,使用逗号分隔相对可分辨名称。 | 8806 8807**错误码:** 8808 8809以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8810 8811| 错误码ID | 错误信息 | 8812| -------- | ------------------------------------------------- | 8813| 801 | this operation is not supported. | 8814| 19020001 | memory malloc failed. | 8815| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8816| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 8817| 19030001 | crypto operation error. | 8818 8819**示例:** 8820 8821```ts 8822import { cert } from '@kit.DeviceCertificateKit'; 8823import { BusinessError } from '@kit.BasicServicesKit'; 8824 8825// string转Uint8Array。 8826function stringToUint8Array(str: string): Uint8Array { 8827 let arr: Array<number> = []; 8828 for (let i = 0, j = str.length; i < j; i++) { 8829 arr.push(str.charCodeAt(i)); 8830 } 8831 return new Uint8Array(arr); 8832} 8833 8834 let crlData = '-----BEGIN X509 CRL-----\n' + 8835 'MIIBTDCBtgIBATANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwJDTjEPMA0GA1UE\n' + 8836 'CAwG6ZmV6KW/MQ8wDQYDVQQHDAbopb/lrokxDzANBgNVBAoMBua1i+ivlTEXMBUG\n' + 8837 'A1UEAwwO5Lit5paH5rWL6K+VIyMXDTI1MDMyNDA5MTExNVoXDTI1MDQyMzA5MTEx\n' + 8838 'NVowGTAXAgYBcqcmOsAXDTI1MDIyMDA2MTMwM1qgDjAMMAoGA1UdFAQDAgECMA0G\n' + 8839 'CSqGSIb3DQEBCwUAA4GBACedFnn4unfYLiRCl1ZAFXx6LFdX6U+IZ/buW44xKAWi\n' + 8840 'fyvcSxKIeGtMVjmQSs4HeNfNujIjaDN1+/J2nLSmHPiQ/c0LAc47zefVt2VnFuR4\n' + 8841 'TMUJEDUlnekYfDMxQqtihAO/Bpw33twK6otDvaAPm9vJoCu8JmGXxt6g+8vbYuNT\n' + 8842 '-----END X509 CRL-----\n'; 8843 8844let encodingBlob: cert.EncodingBlob = { 8845 data: stringToUint8Array(crlData), 8846 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8847 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8848}; 8849 8850cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8851 if (err) { 8852 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8853 } else { 8854 console.log('create x509 CRL success'); 8855 8856 try { 8857 let serialNumber = BigInt(1591942200000); 8858 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8859 let issuer = crlEntry.getCertIssuer(cert.EncodingType.ENCODING_UTF8); 8860 console.info('issuer output is ' + issuer); 8861 } catch (error) { 8862 let e: BusinessError = error as BusinessError; 8863 console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8864 } 8865 } 8866}) 8867``` 8868 8869### getRevocationDate<sup>11+</sup> 8870 8871getRevocationDate() : string 8872 8873表示获取证书被吊销的日期。 8874 8875**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8876 8877**系统能力:** SystemCapability.Security.Cert 8878 8879**返回值**: 8880 8881| 类型 | 说明 | 8882| ------ | -------------------- | 8883| string | 表示证书被吊销的日期。 | 8884 8885**错误码:** 8886 8887以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8888 8889| 错误码ID | 错误信息 | 8890| -------- | ----------------------- | 8891| 19020001 | memory malloc failed. | 8892| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8893| 19030001 | crypto operation error. | 8894 8895**示例:** 8896 8897```ts 8898import { cert } from '@kit.DeviceCertificateKit'; 8899import { BusinessError } from '@kit.BasicServicesKit'; 8900 8901// string转Uint8Array。 8902function stringToUint8Array(str: string): Uint8Array { 8903 let arr: Array<number> = []; 8904 for (let i = 0, j = str.length; i < j; i++) { 8905 arr.push(str.charCodeAt(i)); 8906 } 8907 return new Uint8Array(arr); 8908} 8909 8910let crlData = '-----BEGIN X509 CRL-----\n' + 8911 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8912 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8913 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8914 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8915 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8916 'eavsH0Q3\n' + 8917 '-----END X509 CRL-----\n' 8918 8919let encodingBlob: cert.EncodingBlob = { 8920 data: stringToUint8Array(crlData), 8921 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8922 encodingFormat: cert.EncodingFormat.FORMAT_PEM 8923}; 8924 8925cert.createX509CRL(encodingBlob, (err, x509CRL) => { 8926 if (err) { 8927 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8928 } else { 8929 console.log('create x509 CRL success'); 8930 8931 try { 8932 let serialNumber = BigInt(1000); 8933 let crlEntry = x509CRL.getRevokedCert(serialNumber); 8934 let date = crlEntry.getRevocationDate(); 8935 } catch (error) { 8936 let e: BusinessError = error as BusinessError; 8937 console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8938 } 8939 } 8940}) 8941``` 8942 8943### getExtensions<sup>11+</sup> 8944 8945getExtensions(): DataBlob 8946 8947表示获取CRL的扩展。 8948 8949**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8950 8951**系统能力:** SystemCapability.Security.Cert 8952 8953**返回值**: 8954 8955| 类型 | 说明 | 8956| --------------------- | ------------------------ | 8957| [DataBlob](#datablob) | 表示X509CRLEntry扩展用途。 | 8958 8959**错误码:** 8960 8961以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8962 8963| 错误码ID | 错误信息 | 8964| -------- | ----------------------- | 8965| 19020001 | memory malloc failed. | 8966| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 8967| 19030001 | crypto operation error. | 8968 8969**示例:** 8970 8971```ts 8972import { cert } from '@kit.DeviceCertificateKit'; 8973import { BusinessError } from '@kit.BasicServicesKit'; 8974 8975// string转Uint8Array。 8976function stringToUint8Array(str: string): Uint8Array { 8977 let arr: Array<number> = []; 8978 for (let i = 0, j = str.length; i < j; i++) { 8979 arr.push(str.charCodeAt(i)); 8980 } 8981 return new Uint8Array(arr); 8982} 8983 8984let crlData = '-----BEGIN X509 CRL-----\n' + 8985 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 8986 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 8987 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 8988 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 8989 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 8990 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 8991 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 8992 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 8993 '+i2osvdPWRia0dJCL1PCA14k\n' + 8994 '-----END X509 CRL-----\n'; 8995 8996let encodingBlob: cert.EncodingBlob = { 8997 data: stringToUint8Array(crlData), 8998 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 8999 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9000}; 9001 9002cert.createX509CRL(encodingBlob, (err, x509CRL) => { 9003 if (err) { 9004 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9005 } else { 9006 console.log('create x509 CRL success'); 9007 9008 try { 9009 let serialNumber = BigInt(4); 9010 let crlEntry = x509CRL.getRevokedCert(serialNumber); 9011 let extensions = crlEntry.getExtensions(); 9012 } catch (error) { 9013 let e: BusinessError = error as BusinessError; 9014 console.error('getRevokedCert or getExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9015 } 9016 } 9017}) 9018``` 9019 9020### hasExtensions<sup>11+</sup> 9021 9022hasExtensions(): boolean 9023 9024表示判断CRL Entry是否有扩展。 9025 9026**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9027 9028**系统能力:** SystemCapability.Security.Cert 9029 9030**返回值**: 9031 9032| 类型 | 说明 | 9033| ------- | ---------------------------------------------------- | 9034| boolean | 返回true则表示CRL Entry有扩展,返回false则表示无扩展。 | 9035 9036**错误码:** 9037 9038以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9039 9040| 错误码ID | 错误信息 | 9041| -------- | ----------------------- | 9042| 19020001 | memory malloc failed. | 9043| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 9044| 19030001 | crypto operation error. | 9045 9046**示例:** 9047 9048```ts 9049import { cert } from '@kit.DeviceCertificateKit'; 9050import { BusinessError } from '@kit.BasicServicesKit'; 9051 9052// string转Uint8Array。 9053function stringToUint8Array(str: string): Uint8Array { 9054 let arr: Array<number> = []; 9055 for (let i = 0, j = str.length; i < j; i++) { 9056 arr.push(str.charCodeAt(i)); 9057 } 9058 return new Uint8Array(arr); 9059} 9060 9061let crlData = '-----BEGIN X509 CRL-----\n' + 9062 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9063 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9064 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9065 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9066 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9067 'eavsH0Q3\n' + 9068 '-----END X509 CRL-----\n' 9069 9070let encodingBlob: cert.EncodingBlob = { 9071 data: stringToUint8Array(crlData), 9072 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9073 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9074}; 9075 9076cert.createX509CRL(encodingBlob, (err, x509CRL) => { 9077 if (err) { 9078 console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9079 } else { 9080 console.log('create x509 CRL success'); 9081 9082 try { 9083 let serialNumber = BigInt(1000); 9084 let crlEntry = x509CRL.getRevokedCert(serialNumber); 9085 let hasExtensions = crlEntry.hasExtensions(); 9086 } catch (error) { 9087 let e: BusinessError = error as BusinessError; 9088 console.error('getRevokedCert or hasExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9089 } 9090 } 9091}) 9092``` 9093 9094### getCertIssuerX500DistinguishedName<sup>12+</sup> 9095 9096getCertIssuerX500DistinguishedName(): X500DistinguishedName 9097 9098获取证书颁发者的X509可分辨名称。 9099 9100**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9101 9102**系统能力:** SystemCapability.Security.Cert 9103 9104**返回值**: 9105 9106| 类型 | 说明 | 9107| ------- | ---------------------------------------------------- | 9108| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 9109 9110**错误码:** 9111 9112以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9113 9114| 错误码ID | 错误信息 | 9115| -------- | ----------------------- | 9116| 19020001 | memory malloc failed. | 9117| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 9118| 19030001 | crypto operation error. | 9119 9120**示例:** 9121 9122```ts 9123import { cert } from '@kit.DeviceCertificateKit'; 9124import { BusinessError } from '@kit.BasicServicesKit'; 9125 9126// string转Uint8Array。 9127function stringToUint8Array(str: string): Uint8Array { 9128 let arr: Array<number> = []; 9129 for (let i = 0, j = str.length; i < j; i++) { 9130 arr.push(str.charCodeAt(i)); 9131 } 9132 return new Uint8Array(arr); 9133} 9134 9135let crlData = '-----BEGIN X509 CRL-----\n' + 9136 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9137 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9138 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9139 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9140 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9141 'eavsH0Q3\n' + 9142 '-----END X509 CRL-----\n' 9143 9144let encodingBlob: cert.EncodingBlob = { 9145 data: stringToUint8Array(crlData), 9146 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9147 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9148}; 9149 9150async function certGetCertIssuerX500DistinguishedName() { 9151 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 9152 try { 9153 x509Crl = await cert.createX509CRL(encodingBlob); 9154 console.log('createX509CRL success'); 9155 let name = x509Crl.getRevokedCert(BigInt(1000)).getCertIssuerX500DistinguishedName(); 9156 } catch (error) { 9157 let e: BusinessError = error as BusinessError; 9158 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9159 } 9160} 9161``` 9162 9163### toString<sup>12+</sup> 9164 9165toString(): string 9166 9167获取对象的字符串类型数据。 9168 9169**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9170 9171**系统能力:** SystemCapability.Security.Cert 9172 9173**返回值**: 9174 9175| 类型 | 说明 | 9176| ------- | ---------------------------------------------------- | 9177| string | 对象的字符串类型数据。| 9178 9179**错误码:** 9180 9181以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9182 9183| 错误码ID | 错误信息 | 9184| -------- | ----------------------- | 9185| 19020001 | memory malloc failed. | 9186| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 9187| 19030001 | crypto operation error. | 9188 9189**示例:** 9190 9191```ts 9192import { cert } from '@kit.DeviceCertificateKit'; 9193import { BusinessError } from '@kit.BasicServicesKit'; 9194 9195// string转Uint8Array。 9196function stringToUint8Array(str: string): Uint8Array { 9197 let arr: Array<number> = []; 9198 for (let i = 0, j = str.length; i < j; i++) { 9199 arr.push(str.charCodeAt(i)); 9200 } 9201 return new Uint8Array(arr); 9202} 9203 9204let crlData = '-----BEGIN X509 CRL-----\n' + 9205 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9206 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9207 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9208 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9209 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9210 'eavsH0Q3\n' + 9211 '-----END X509 CRL-----\n' 9212 9213let encodingBlob: cert.EncodingBlob = { 9214 data: stringToUint8Array(crlData), 9215 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9216 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9217}; 9218 9219async function certToString() { 9220 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 9221 try { 9222 x509Crl = await cert.createX509CRL(encodingBlob); 9223 console.log('createX509CRL success'); 9224 console.info('toString success: ' + JSON.stringify(x509Crl.getRevokedCert(BigInt(1000)).toString())); 9225 } catch (error) { 9226 let e: BusinessError = error as BusinessError; 9227 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9228 } 9229} 9230``` 9231 9232### hashCode<sup>12+</sup> 9233 9234hashCode(): Uint8Array 9235 9236获取DER格式数据的哈希值。 9237 9238**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9239 9240**系统能力:** SystemCapability.Security.Cert 9241 9242**返回值**: 9243 9244| 类型 | 说明 | 9245| ------- | ---------------------------------------------------- | 9246| Uint8Array | DER格式数据的哈希值。| 9247 9248**错误码:** 9249 9250以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9251 9252| 错误码ID | 错误信息 | 9253| -------- | ----------------------- | 9254| 19020001 | memory malloc failed. | 9255| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 9256| 19030001 | crypto operation error. | 9257 9258**示例:** 9259 9260```ts 9261import { cert } from '@kit.DeviceCertificateKit'; 9262import { BusinessError } from '@kit.BasicServicesKit'; 9263 9264// string转Uint8Array。 9265function stringToUint8Array(str: string): Uint8Array { 9266 let arr: Array<number> = []; 9267 for (let i = 0, j = str.length; i < j; i++) { 9268 arr.push(str.charCodeAt(i)); 9269 } 9270 return new Uint8Array(arr); 9271} 9272 9273let crlData = '-----BEGIN X509 CRL-----\n' + 9274 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9275 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9276 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9277 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9278 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9279 'eavsH0Q3\n' + 9280 '-----END X509 CRL-----\n' 9281 9282let encodingBlob: cert.EncodingBlob = { 9283 data: stringToUint8Array(crlData), 9284 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9285 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9286}; 9287 9288async function certHashCode() { 9289 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 9290 try { 9291 x509Crl = await cert.createX509CRL(encodingBlob); 9292 console.log('createX509CRL success'); 9293 console.info('hashCode success: ' + JSON.stringify(x509Crl.getRevokedCert(BigInt(1000)).hashCode())); 9294 } catch (error) { 9295 let e: BusinessError = error as BusinessError; 9296 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9297 } 9298} 9299``` 9300 9301### getExtensionsObject<sup>12+</sup> 9302 9303getExtensionsObject(): CertExtension 9304 9305获取对应实体的扩展域DER格式数据。 9306 9307**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9308 9309**系统能力:** SystemCapability.Security.Cert 9310 9311**返回值**: 9312 9313| 类型 | 说明 | 9314| ------- | ---------------------------------------------------- | 9315| [CertExtension](#certextension10) | 证书扩展域段类对象。| 9316 9317**错误码:** 9318 9319以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9320 9321| 错误码ID | 错误信息 | 9322| -------- | ----------------------- | 9323| 19020001 | memory malloc failed. | 9324| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 9325| 19030001 | crypto operation error. | 9326 9327**示例:** 9328 9329```ts 9330import { cert } from '@kit.DeviceCertificateKit'; 9331import { BusinessError } from '@kit.BasicServicesKit'; 9332 9333// string转Uint8Array。 9334function stringToUint8Array(str: string): Uint8Array { 9335 let arr: Array<number> = []; 9336 for (let i = 0, j = str.length; i < j; i++) { 9337 arr.push(str.charCodeAt(i)); 9338 } 9339 return new Uint8Array(arr); 9340} 9341 9342let crlData = '-----BEGIN X509 CRL-----\n' + 9343 'MIINlTCCDH0CAQEwDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCVVMxFTATBgNV\n' + 9344 'BAoTDERpZ2lDZXJ0IEluYzEmMCQGA1UEAxMdRGlnaUNlcnQgU2VjdXJlIFNpdGUg\n' + 9345 'Q04gQ0EgRzMXDTI0MDMxMjE4NDQ0NVoXDTI0MDMxOTE4NDQ0NVowggvJMCECEAbk\n' + 9346 'wC/+N2YXfpw7vgDJ2xAXDTIzMDIwNzA1NTg1OFowIQIQDonqcHww7uhlmWH+OfIe\n' + 9347 'PhcNMjMwMzA5MDcwMzI1WjAvAhAM4CTrULrJUEinWgT9AFPvFw0yMzAzMjAxOTE4\n' + 9348 'NTRaMAwwCgYDVR0VBAMKAQQwIQIQBQP4xflKkcRehoJ2NaA/jhcNMjMwMzIyMDk0\n' + 9349 'NTI5WjAvAhAOmgzoiIqznAaFec53PVPUFw0yMzAzMjcyMDI4MDNaMAwwCgYDVR0V\n' + 9350 'BAMKAQQwLwIQBaC2Z3D4dcQ/O7HnzFU9KBcNMjMwMzI5MTc1OTQ1WjAMMAoGA1Ud\n' + 9351 'FQQDCgEFMCECEAlz9Rg1b+9La4oFqsHUc4AXDTIzMDMzMTAyMzk0MVowIQIQD9yW\n' + 9352 '92pX6BinUKVBVSSTmBcNMjMwNDExMDExNjI5WjAvAhAIIarHUWWee4V9W/Yzm86k\n' + 9353 'Fw0yMzA0MTQyMDE5MTJaMAwwCgYDVR0VBAMKAQQwIQIQC2OiM3VIJX2dEe8/pf8f\n' + 9354 'hRcNMjMwNDIxMDMzMDIyWjAhAhAP0ueyg5n/7b2Hotml7f42Fw0yMzA0MjYwMjU3\n' + 9355 'NDJaMCECEAqMu61nkOEmTOdMbUZTMrkXDTIzMDUxNzAxMzI0NVowLwIQDYv1rt0K\n' + 9356 'olvP+nQoi5LeLRcNMjMwNTIzMTc0MDE4WjAMMAoGA1UdFQQDCgEEMC8CEA8WMKlw\n' + 9357 'iCK36PruJvup5bUXDTIzMDUyMzE3NDA1M1owDDAKBgNVHRUEAwoBBDAvAhAJ5uwT\n' + 9358 'aqwgLzNVpxh4u9EPFw0yMzA1MjUxNzEwNTBaMAwwCgYDVR0VBAMKAQQwIQIQCg0k\n' + 9359 '5UadwDH5xm14yxcgLRcNMjMwNjA3MDcyNDAwWjAhAhAEByUhbBR6/pZRFUH2PTxE\n' + 9360 'Fw0yMzA2MDgwMjIwMzBaMCECEATquAQcy3W1kUOkb4VoOvEXDTIzMDYyNjA5MDIw\n' + 9361 'NlowIQIQBrF5sueIjk1snKdO0ISOXhcNMjMwNjMwMDI0MDA0WjAhAhAJEG72WQtV\n' + 9362 'lTOYiA0xjVk5Fw0yMzA3MDUwMjEyMzdaMCECEAmXIuCMJv9gllYuKfCHm5EXDTIz\n' + 9363 'MDcwNTAyMTIzN1owIQIQAotQots0ngzRwACzrS9mCBcNMjMwNzA2MDU0NDU3WjAh\n' + 9364 'AhAG2hyGc9SfXrLc0Uk2J1BeFw0yMzA3MjQwMTUwNDBaMCECEAJhm5FSlVyTG9UK\n' + 9365 'zS+ecUgXDTIzMDcyNjA2NDQzM1owIQIQC4mlxBQuFxWC4pF7/P8BDxcNMjMwNzMx\n' + 9366 'MTAzMjU0WjAhAhADCEp333/avF3m6HZtBImOFw0yMzA3MzExMDMzNTBaMCECEAKd\n' + 9367 'P7fydlXUcS4v/YnZMMwXDTIzMDczMTEwMzQzOFowIQIQC+m5EUcRd1E0lEIPj17Z\n' + 9368 'rRcNMjMwODAxMDYwNDE4WjAvAhAF4QcgQQlWpAi4FVflzbKxFw0yMzA4MDMxNjIz\n' + 9369 'MTdaMAwwCgYDVR0VBAMKAQQwIQIQAn01GEZ50Y5ugIcEuGfF9BcNMjMwODA4MDE1\n' + 9370 'NzM1WjAhAhAFHj3FDKeP9q9CM924d8RIFw0yMzA4MDgwMTU5NDhaMC8CEAnkNPSD\n' + 9371 'U5yiMsV3fU06a6oXDTIzMDgwODE5MjIwMlowDDAKBgNVHRUEAwoBBDAvAhAETU4z\n' + 9372 '13iMKiwQujsxJDRhFw0yMzA4MTAyMDU4NDdaMAwwCgYDVR0VBAMKAQQwIQIQB1oD\n' + 9373 'M2mOYuse7e/nTqx+8xcNMjMwOTA0MDUwOTU3WjAhAhALf3Bp63so6O+R5QbWPWu6\n' + 9374 'Fw0yMzEwMDkwNjE5NTVaMCECEAKFHdXcy/zBXRtMj3BVhO0XDTIzMTAwOTA2MTk1\n' + 9375 'N1owIQIQDNNmVHN4tMu1xth6IAe4ZhcNMjMxMDEyMDc0MjQ1WjAhAhACNNJA2oMM\n' + 9376 'pr+giIgczvHOFw0yMzEwMTYwNTEyMzdaMCECEAoQun7uSHhvy6GBoxG7XOkXDTIz\n' + 9377 'MTExNjA3MDAzN1owLwIQA1NsI22PLvohCvKwdtAJwBcNMjMxMjA2MTgyNzUzWjAM\n' + 9378 'MAoGA1UdFQQDCgEEMCECEAWagozDt4jfBzi+aDGFr88XDTIzMTIxMTA3MjM1OFow\n' + 9379 'IQIQD1g7NdEk7t05zg6yweYc5hcNMjMxMjExMDcyNTM3WjAhAhAMJnRjUQAzFQFH\n' + 9380 'kwIguRz2Fw0yMzEyMTEwNzI2NDJaMCECEAT0bVxyPKkeTV8JQuPxfcwXDTIzMTIx\n' + 9381 'MTA3MjcyNlowIQIQA/5BlE0Ushtw24Ol9L2sexcNMjMxMjExMDcyODA2WjAhAhAL\n' + 9382 'Ij6FAKVJDnKAwwt19+/RFw0yMzEyMTEwNzI5MDJaMCECEAmPyfX3FuOHgryS2i8c\n' + 9383 'SrUXDTIzMTIxMTA3Mjk0M1owIQIQC+uGa6tmPRPCB0jW+6WWUhcNMjMxMjExMDcz\n' + 9384 'MDIzWjAhAhAJCq59mFZj6SWLH/m18Fq2Fw0yMzEyMTEwNzMwNTJaMCECEAp0Po24\n' + 9385 'WHmdEMTVyp9AMssXDTIzMTIxMTA3MzEyNlowIQIQAcf+793qPEHipkAhjf7MghcN\n' + 9386 'MjMxMjExMDczMTQ5WjAhAhAElLuCARMBoDIH0Y2D1DpSFw0yMzEyMTEwNzMyMTla\n' + 9387 'MCECEAWlgWhTXqKOB61zA7Ao8vQXDTIzMTIxMTA3MzI0OFowIQIQAeZqfkFYc/6t\n' + 9388 'zO7j/FVYwBcNMjMxMjExMDczMzM1WjAhAhAHzftyRhskxV6opTfHb59OFw0yMzEy\n' + 9389 'MTEwNzM0MDNaMCECEASXrBHdRYUm9VIZ1wN4qAsXDTIzMTIxMTA3MzQyN1owIQIQ\n' + 9390 'BDFb/OY65CZ1sTdMPAc+IhcNMjMxMjExMDczNTEzWjAhAhAFg7mRyWvWXc+KT014\n' + 9391 'Ro5AFw0yMzEyMTEwNzM1NDhaMCECEA+wAstqfBUEkSvinYlWeOwXDTIzMTIxMTA3\n' + 9392 'MzYyNVowIQIQB3Z75ksHGnvGmuHbvwbheRcNMjMxMjExMDczNjU5WjAhAhALfrIn\n' + 9393 'OGRVeePivKkJ+d1xFw0yMzEyMTEwNzM4MDFaMCECEAnm5NfU36m+FXNlJiUsXpMX\n' + 9394 'DTIzMTIxMTA3MzgzNVowIQIQCrBoHo4X2md3Amteqh7h3RcNMjMxMjExMDczOTA3\n' + 9395 'WjAhAhAGxHlqrHu66ifOwTTMhHHFFw0yMzEyMTEwNzM5NDNaMCECEA2BDG1SI7Se\n' + 9396 '2GAt+b9UnF8XDTIzMTIxMTA3NDAyNFowLwIQDZvl5jkmAwjTweDCtrXbLRcNMjMx\n' + 9397 'MjExMjA0NDQ3WjAMMAoGA1UdFQQDCgEEMCECEAzgcwGVpyXXZSmLLF4MExQXDTIz\n' + 9398 'MTIxOTE3MjczMlowIQIQARB9nVoMuE5GSFeb3U553hcNMjMxMjE5MTcyODA1WjAh\n' + 9399 'AhAD+JIH7lFcX9UNqTogrMcPFw0yMzEyMTkxNzI5MDZaMCECEAux1kd8ugXs4mI+\n' + 9400 'xMfXgpsXDTIzMTIxOTE3MjkyOFowIQIQCUO5VqAmbxA8Jdly97msLhcNMjMxMjE5\n' + 9401 'MTcyOTU0WjAhAhAFyzrU1JtsiPNPeWrfdvGvFw0yMzEyMTkxNzMwNDlaMCECEAwT\n' + 9402 'tMq5EsBTUhQwm6nWhnAXDTIzMTIyMDE3NDc1NlowIQIQBx3qL8rMclE9gxamaa14\n' + 9403 'xBcNMjMxMjIwMTc0ODM2WjAhAhAOnKUlrCaxs+lRqLrBmk2PFw0yNDAxMzAxOTMw\n' + 9404 'MTVaMCECEAtYs/5ZRsrMAxQVDA44eWYXDTI0MDIwNjA2MjYwMFowIQIQDjrMV1d3\n' + 9405 '0NhxngX5rqqxjBcNMjQwMjIxMDc0ODEwWjAhAhAPGohz3+JyS6H4JzHCjLrXFw0y\n' + 9406 'NDAyMjgyMDQxMjZaMC8CEAqZ2QktAMprzZmtolbOXlgXDTI0MDIyOTE4MDYzMVow\n' + 9407 'DDAKBgNVHRUEAwoBBDAhAhAMAHgNfiburtKDp8OJuzRCFw0yNDAzMDQwNjA3MzJa\n' + 9408 'MCECEA/HgrXcSBqkb2JdfrFDAfgXDTI0MDMwNDA2MDczMlqgMDAuMB8GA1UdIwQY\n' + 9409 'MBaAFETZyEozjtNSjaeSlGEfmsilt+zLMAsGA1UdFAQEAgIFrDANBgkqhkiG9w0B\n' + 9410 'AQsFAAOCAQEAJ5rSr0Av5sH59J2LXW5hZ8SJTzDbR8ADdi/CCLolbUUnE0oaAZ+2\n' + 9411 '9z0niAD5m8HQikNz8K+FKAsQatN/CAj4bzRMeF37hQCiZpqNtxP69JDGeWpGPiH2\n' + 9412 'K/YfpzL9iSbBOxFmosxUX8J/iX36mCUl+3OUHh+qSYeElboxeAmTCnY5Pl5Bq9is\n' + 9413 'gp0MmzNYCo7GEFrtS03p2msK25uRqQl6Qn0NZS0yGjdUG7RTZe4xua5drjEkB1o/\n' + 9414 '15f+mtYj6DtWM1twi1q3VYVxhRSsk6XmmS0BViTEl+MT0BRAPwBSdlyt++1Pnnrd\n' + 9415 'BsQoO8O2EVpJ54fxKMCSDOkJf1hNCxi3eQ==\n' + 9416 '-----END X509 CRL-----\n'; 9417 9418let encodingBlob: cert.EncodingBlob = { 9419 data: stringToUint8Array(crlData), 9420 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9421 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9422}; 9423 9424async function certGetExtensionsObject() { 9425 let x509Crl: cert.X509CRL = {} as cert.X509CRL; 9426 try { 9427 x509Crl = await cert.createX509CRL(encodingBlob); 9428 console.log('createX509CRL success'); 9429 let object = x509Crl.getRevokedCert(BigInt('14091103387070223745671018446433705560')).getExtensionsObject(); 9430 } catch (error) { 9431 let e: BusinessError = error as BusinessError; 9432 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9433 } 9434} 9435``` 9436 9437## cert.createCertCRLCollection<sup>11+</sup> 9438 9439createCertCRLCollection(certs: Array\<X509Cert>, crls?: Array\<X509CRL>): CertCRLCollection 9440 9441表示创建证书和证书吊销列表集合对象,并返回相应的结果。 9442 9443**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9444 9445**系统能力:** SystemCapability.Security.Cert 9446 9447**参数**: 9448 9449| 参数名 | 类型 | 必填 | 说明 | 9450| -------- | ------------------------------------- | ---- | ------------------------------ | 9451| certs | Array\<[X509Cert](#x509cert)> | 是 | X509Cert数组。 | 9452| crls | Array\<[X509CRL](#x509crl11)> | 否 | X509CRL数组。 | 9453 9454**返回值**: 9455 9456| 类型 | 说明 | 9457| ------------------ | -------------------- | 9458| [CertCRLCollection](#certcrlcollection11) | 表示证书和证书吊销列表集合对象。 | 9459 9460**错误码:** 9461 9462以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9463 9464| 错误码ID | 错误信息 | 9465| -------- | ----------------------- | 9466| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9467| 19020001 | memory malloc failed. | 9468 9469**示例:** 9470 9471```ts 9472import { cert } from '@kit.DeviceCertificateKit'; 9473import { BusinessError } from '@kit.BasicServicesKit'; 9474 9475// string转Uint8Array。 9476function stringToUint8Array(str: string): Uint8Array { 9477 let arr: Array<number> = []; 9478 for (let i = 0, j = str.length; i < j; i++) { 9479 arr.push(str.charCodeAt(i)); 9480 } 9481 return new Uint8Array(arr); 9482} 9483 9484async function createX509CRL(): Promise<cert.X509CRL> { 9485 let crlData = '-----BEGIN X509 CRL-----\n' + 9486 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9487 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9488 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9489 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9490 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9491 'eavsH0Q3\n' + 9492 '-----END X509 CRL-----\n'; 9493 9494 // 证书吊销列表二进制数据,需业务自行赋值。 9495 let encodingBlob: cert.EncodingBlob = { 9496 data: stringToUint8Array(crlData), 9497 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9498 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9499 }; 9500 let x509CRL: cert.X509CRL = {} as cert.X509CRL; 9501 try { 9502 x509CRL = await cert.createX509CRL(encodingBlob); 9503 } catch (err) { 9504 let e: BusinessError = err as BusinessError; 9505 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9506 } 9507 return x509CRL; 9508} 9509 9510async function createX509Cert(): Promise<cert.X509Cert> { 9511 let certData = '-----BEGIN CERTIFICATE-----\n' + 9512 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 9513 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 9514 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 9515 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 9516 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 9517 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 9518 'Qw==\n' + 9519 '-----END CERTIFICATE-----\n'; 9520 9521 let encodingBlob: cert.EncodingBlob = { 9522 data: stringToUint8Array(certData), 9523 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9524 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9525 }; 9526 9527 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9528 try { 9529 x509Cert = await cert.createX509Cert(encodingBlob); 9530 } catch (err) { 9531 let e: BusinessError = err as BusinessError; 9532 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9533 } 9534 return x509Cert; 9535} 9536 9537async function createCollection() { 9538 const x509Cert = await createX509Cert(); 9539 const x509CRL = await createX509CRL(); 9540 try { 9541 const collection: cert.CertCRLCollection = cert.createCertCRLCollection([x509Cert], [x509CRL]); 9542 console.log('createCertCRLCollection success'); 9543 } catch (err) { 9544 console.error('createCertCRLCollection failed'); 9545 } 9546} 9547``` 9548 9549## CertCRLCollection<sup>11+</sup> 9550 9551证书和证书吊销列表集合对象。 9552 9553### selectCerts<sup>11+</sup> 9554 9555selectCerts(param: X509CertMatchParameters): Promise\<Array\<X509Cert>> 9556 9557查找证书和证书吊销列表集合中所有与参数匹配的证书对象,使用Promise方式异步返回结果。 9558 9559**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9560 9561**系统能力:** SystemCapability.Security.Cert 9562 9563**参数**: 9564 9565| 参数名 | 类型 | 必填 | 说明 | 9566| --------- | ------------------------------- | ---- | ------------ | 9567| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示证书需匹配的参数。 | 9568 9569**返回值**: 9570 9571| 类型 | 说明 | 9572| --------------------------------------- | --------------------------------------- | 9573| Promise\<Array\<[X509Cert](#x509cert)>> | Promise对象。表示匹配到的证书对象数组。 | 9574 9575**错误码:** 9576 9577以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9578 9579| 错误码ID | 错误信息 | 9580| -------- | ----------------------- | 9581| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9582| 19020001 | memory malloc failed. | 9583| 19030001 | crypto operation error. | 9584 9585**示例:** 9586 9587```ts 9588import { cert } from '@kit.DeviceCertificateKit'; 9589import { BusinessError } from '@kit.BasicServicesKit'; 9590 9591// string转Uint8Array。 9592function stringToUint8Array(str: string): Uint8Array { 9593 let arr: Array<number> = []; 9594 for (let i = 0, j = str.length; i < j; i++) { 9595 arr.push(str.charCodeAt(i)); 9596 } 9597 return new Uint8Array(arr); 9598} 9599 9600async function createX509Cert(): Promise<cert.X509Cert> { 9601 let certData = '-----BEGIN CERTIFICATE-----\n' + 9602 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 9603 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 9604 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 9605 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 9606 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 9607 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 9608 'Qw==\n' + 9609 '-----END CERTIFICATE-----\n'; 9610 9611 let encodingBlob: cert.EncodingBlob = { 9612 data: stringToUint8Array(certData), 9613 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9614 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9615 }; 9616 9617 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9618 try { 9619 x509Cert = await cert.createX509Cert(encodingBlob); 9620 } catch (err) { 9621 let e: BusinessError = err as BusinessError; 9622 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9623 } 9624 return x509Cert; 9625} 9626 9627async function selectCerts() { 9628 const x509Cert = await createX509Cert(); 9629 const collection = cert.createCertCRLCollection([x509Cert]); 9630 9631 try { 9632 const param: cert.X509CertMatchParameters = { 9633 x509Cert, 9634 validDate: '20231121074700Z', 9635 issuer: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9636 subject: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9637 publicKeyAlgID: '1.2.840.10045.2.1' 9638 }; 9639 const certs = await collection.selectCerts(param); 9640 console.log('call selectCerts success'); 9641 } catch (err) { 9642 console.error('call selectCerts failed'); 9643 } 9644} 9645``` 9646 9647### selectCerts<sup>11+</sup> 9648 9649selectCerts(param: X509CertMatchParameters, callback: AsyncCallback\<Array\<X509Cert>>): void 9650 9651查找证书和证书吊销列表集合中所有与参数匹配的证书对象, 使用Callback回调异步返回结果。 9652 9653**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9654 9655**系统能力:** SystemCapability.Security.Cert 9656 9657**参数**: 9658 9659| 参数名 | 类型 | 必填 | 说明 | 9660| --------- | ------------------------------- | ---- | ----------------- | 9661| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示证书需匹配的参数。 | 9662| callback | AsyncCallback\<Array\<[X509Cert](#x509cert)>> | 是 | 回调函数,表示匹配到的证书对象数组。 | 9663 9664**错误码:** 9665 9666以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9667 9668| 错误码ID | 错误信息 | 9669| -------- | ----------------------- | 9670| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9671| 19020001 | memory malloc failed. | 9672| 19030001 | crypto operation error. | 9673 9674**示例:** 9675 9676```ts 9677import { cert } from '@kit.DeviceCertificateKit'; 9678import { BusinessError } from '@kit.BasicServicesKit'; 9679 9680// string转Uint8Array。 9681function stringToUint8Array(str: string): Uint8Array { 9682 let arr: Array<number> = []; 9683 for (let i = 0, j = str.length; i < j; i++) { 9684 arr.push(str.charCodeAt(i)); 9685 } 9686 return new Uint8Array(arr); 9687} 9688 9689async function createX509Cert(): Promise<cert.X509Cert> { 9690 let certData = '-----BEGIN CERTIFICATE-----\n' + 9691 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 9692 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 9693 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 9694 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 9695 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 9696 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 9697 'Qw==\n' + 9698 '-----END CERTIFICATE-----\n'; 9699 9700 let encodingBlob: cert.EncodingBlob = { 9701 data: stringToUint8Array(certData), 9702 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9703 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9704 }; 9705 9706 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9707 try { 9708 x509Cert = await cert.createX509Cert(encodingBlob); 9709 } catch (err) { 9710 let e: BusinessError = err as BusinessError; 9711 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9712 } 9713 return x509Cert; 9714} 9715 9716async function selectCerts() { 9717 const x509Cert = await createX509Cert(); 9718 const collection = cert.createCertCRLCollection([x509Cert]); 9719 // 需业务自行赋值。 9720 const param: cert.X509CertMatchParameters = { 9721 x509Cert, 9722 validDate: '20231121074700Z', 9723 issuer: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9724 subject: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9725 publicKeyAlgID: '1.2.840.10045.2.1' 9726 }; 9727 collection.selectCerts(param, (err, certs) => { 9728 if (err) { 9729 console.error('selectCerts failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9730 } else { 9731 console.log('selectCerts success'); 9732 } 9733 }); 9734} 9735``` 9736 9737### selectCRLs<sup>11+</sup> 9738 9739selectCRLs(param: X509CRLMatchParameters): Promise\<Array\<X509CRL>> 9740 9741查找证书和证书吊销列表集合中所有与参数匹配的证书吊销列表对象, 使用Promise方式异步返回结果。 9742 9743**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9744 9745**系统能力:** SystemCapability.Security.Cert 9746 9747**参数**: 9748 9749| 参数名 | 类型 | 必填 | 说明 | 9750| --------- | ------------------------------- | ---- | ------------ | 9751| param | [X509CRLMatchParameters](#x509crlmatchparameters11) | 是 | 表示证书吊销列表需匹配的参数。 | 9752 9753**返回值**: 9754 9755| 类型 | 说明 | 9756| -------------- | ----------- | 9757| Promise\<Array\<[X509CRL](#x509crl11)>> | Promise对象,表示匹配到的证书吊销列表对象数组。 | 9758 9759**错误码:** 9760 9761以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9762 9763| 错误码ID | 错误信息 | 9764| -------- | ----------------------- | 9765| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9766| 19020001 | memory malloc failed. | 9767| 19030001 | crypto operation error. | 9768 9769**示例:** 9770 9771```ts 9772import { cert } from '@kit.DeviceCertificateKit'; 9773import { BusinessError } from '@kit.BasicServicesKit'; 9774 9775// string转Uint8Array。 9776function stringToUint8Array(str: string): Uint8Array { 9777 let arr: Array<number> = []; 9778 for (let i = 0, j = str.length; i < j; i++) { 9779 arr.push(str.charCodeAt(i)); 9780 } 9781 return new Uint8Array(arr); 9782} 9783 9784async function createX509CRL(): Promise<cert.X509CRL> { 9785 let crlData = '-----BEGIN X509 CRL-----\n' + 9786 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9787 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9788 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9789 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9790 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9791 'eavsH0Q3\n' + 9792 '-----END X509 CRL-----\n'; 9793 9794 // 证书吊销列表二进制数据,需业务自行赋值。 9795 let encodingBlob: cert.EncodingBlob = { 9796 data: stringToUint8Array(crlData), 9797 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9798 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9799 }; 9800 let x509CRL: cert.X509CRL = {} as cert.X509CRL; 9801 try { 9802 x509CRL = await cert.createX509CRL(encodingBlob); 9803 } catch (err) { 9804 let e: BusinessError = err as BusinessError; 9805 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9806 } 9807 return x509CRL; 9808} 9809 9810async function createX509Cert(): Promise<cert.X509Cert> { 9811 const certData = "-----BEGIN CERTIFICATE-----\r\n" + 9812 "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 9813 "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 9814 "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 9815 "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 9816 "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 9817 "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 9818 "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 9819 "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 9820 "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 9821 "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 9822 "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 9823 "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 9824 "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 9825 "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 9826 "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 9827 "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 9828 "-----END CERTIFICATE-----\r\n"; 9829 const certEncodingBlob: cert.EncodingBlob = { 9830 data: stringToUint8Array(certData), 9831 encodingFormat: cert.EncodingFormat.FORMAT_PEM, 9832 }; 9833 9834 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9835 try { 9836 x509Cert = await cert.createX509Cert(certEncodingBlob); 9837 console.log('createX509Cert success'); 9838 } catch (err) { 9839 console.error('createX509Cert failed'); 9840 } 9841 return x509Cert; 9842} 9843 9844async function selectCRLs() { 9845 const x509CRL = await createX509CRL(); 9846 const x509Cert = await createX509Cert(); 9847 const collection = cert.createCertCRLCollection([], [x509CRL]); 9848 9849 const param: cert.X509CRLMatchParameters = { 9850 issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 9851 x509Cert: x509Cert 9852 } 9853 try { 9854 const crls = await collection.selectCRLs(param); 9855 console.log('selectCRLs success'); 9856 } catch (err) { 9857 console.error('selectCRLs failed'); 9858 } 9859} 9860``` 9861 9862### selectCRLs<sup>11+</sup> 9863 9864selectCRLs(param: X509CRLMatchParameters, callback: AsyncCallback\<Array\<X509CRL>>): void 9865 9866查找证书和证书吊销列表集合中所有与参数匹配的证书吊销列表对象, 使用Callback回调异步返回结果。 9867 9868**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9869 9870**系统能力:** SystemCapability.Security.Cert 9871 9872**参数**: 9873 9874| 参数名 | 类型 | 必填 | 说明 | 9875| --------- | ------------------------------- | ---- | ----------------- | 9876| param | [X509CRLMatchParameters](#x509crlmatchparameters11) | 是 | 表示证书吊销列表需匹配的参数对象。 | 9877| callback | AsyncCallback\<Array\<[X509CRL](#x509crl11)>> | 是 | 回调函数,表示匹配到的证书吊销列表对象数组。 | 9878 9879**错误码:** 9880 9881以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9882 9883| 错误码ID | 错误信息 | 9884| -------- | ----------------------- | 9885| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9886| 19020001 | memory malloc failed. | 9887| 19030001 | crypto operation error. | 9888 9889**示例:** 9890 9891```ts 9892import { cert } from '@kit.DeviceCertificateKit'; 9893import { BusinessError } from '@kit.BasicServicesKit'; 9894 9895// string转Uint8Array。 9896function stringToUint8Array(str: string): Uint8Array { 9897 let arr: Array<number> = []; 9898 for (let i = 0, j = str.length; i < j; i++) { 9899 arr.push(str.charCodeAt(i)); 9900 } 9901 return new Uint8Array(arr); 9902} 9903 9904async function createX509CRL(): Promise<cert.X509CRL> { 9905 let crlData = '-----BEGIN X509 CRL-----\n' + 9906 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9907 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9908 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9909 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9910 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9911 'eavsH0Q3\n' + 9912 '-----END X509 CRL-----\n'; 9913 9914 // 证书吊销列表二进制数据,需业务自行赋值。 9915 let encodingBlob: cert.EncodingBlob = { 9916 data: stringToUint8Array(crlData), 9917 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 9918 encodingFormat: cert.EncodingFormat.FORMAT_PEM 9919 }; 9920 let x509CRL: cert.X509CRL = {} as cert.X509CRL; 9921 try { 9922 x509CRL = await cert.createX509CRL(encodingBlob); 9923 } catch (err) { 9924 let e: BusinessError = err as BusinessError; 9925 console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9926 } 9927 return x509CRL; 9928} 9929 9930async function createX509Cert(): Promise<cert.X509Cert> { 9931 const certData = "-----BEGIN CERTIFICATE-----\r\n" + 9932 "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 9933 "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 9934 "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 9935 "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 9936 "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 9937 "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 9938 "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 9939 "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 9940 "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 9941 "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 9942 "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 9943 "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 9944 "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 9945 "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 9946 "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 9947 "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 9948 "-----END CERTIFICATE-----\r\n"; 9949 const certEncodingBlob: cert.EncodingBlob = { 9950 data: stringToUint8Array(certData), 9951 encodingFormat: cert.EncodingFormat.FORMAT_PEM, 9952 }; 9953 9954 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9955 try { 9956 x509Cert = await cert.createX509Cert(certEncodingBlob); 9957 console.log('createX509Cert success'); 9958 } catch (err) { 9959 console.error('createX509Cert failed'); 9960 } 9961 return x509Cert; 9962} 9963 9964async function selectCRLs() { 9965 const x509CRL = await createX509CRL(); 9966 const x509Cert = await createX509Cert(); 9967 const collection = cert.createCertCRLCollection([], [x509CRL]); 9968 9969 const param: cert.X509CRLMatchParameters = { 9970 issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 9971 x509Cert: x509Cert 9972 } 9973 collection.selectCRLs(param, (err, crls) => { 9974 if (err) { 9975 console.error('selectCRLs failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9976 } else { 9977 console.log('selectCRLs success'); 9978 } 9979 }); 9980} 9981``` 9982 9983## cert.createX509CertChain<sup>11+</sup> 9984 9985createX509CertChain(inStream: EncodingBlob): Promise\<X509CertChain> 9986 9987表示创建X509证书链对象,使用Promise方式异步返回结果。 9988 9989**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9990 9991**系统能力:** SystemCapability.Security.Cert 9992 9993**参数:** 9994 9995| 参数名 | 类型 | 必填 | 说明 | 9996| -------- | ----------------------------- | ---- | -------------------- | 9997| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 9998 9999**返回值:** 10000 10001| 类型 | 说明 | 10002| ------------------------------- | ---------------- | 10003| Promise\<[X509CertChain](#x509certchain11)> | 表示X509证书链对象。 | 10004 10005**错误码:** 10006 10007以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10008 10009| 错误码ID | 错误信息 | 10010| -------- | ------------- | 10011| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10012| 19020001 | memory malloc failed. | 10013| 19030001 | crypto operation error. | 10014 10015**示例:** 10016 10017```ts 10018import { cert } from '@kit.DeviceCertificateKit'; 10019import { BusinessError } from '@kit.BasicServicesKit'; 10020 10021// string转Uint8Array。 10022function stringToUint8Array(str: string): Uint8Array { 10023 let arr: Array<number> = []; 10024 for (let i = 0, j = str.length; i < j; i++) { 10025 arr.push(str.charCodeAt(i)); 10026 } 10027 return new Uint8Array(arr); 10028} 10029 10030async function createX509CertChain(): Promise<cert.X509CertChain> { 10031 let certChainData = "-----BEGIN CERTIFICATE-----\n" + 10032 "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10033 "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10034 "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10035 "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10036 "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10037 "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10038 "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10039 "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10040 "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10041 "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10042 "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10043 "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10044 "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10045 "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10046 "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10047 "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10048 "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10049 "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10050 "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10051 "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10052 "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10053 "-----END CERTIFICATE-----\n" + 10054 "-----BEGIN CERTIFICATE-----\n" + 10055 "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10056 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10057 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10058 "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10059 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10060 "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10061 "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10062 "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10063 "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10064 "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10065 "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10066 "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10067 "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10068 "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10069 "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10070 "uKPWR9dKBA==\n" + 10071 "-----END CERTIFICATE-----\n" + 10072 "-----BEGIN CERTIFICATE-----\n" + 10073 "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10074 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10075 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10076 "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10077 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10078 "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10079 "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10080 "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10081 "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10082 "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10083 "xjoE\n" + 10084 "-----END CERTIFICATE-----\n"; 10085 10086 // 证书链二进制数据,需业务自行赋值。 10087 let encodingBlob: cert.EncodingBlob = { 10088 data: stringToUint8Array(certChainData), 10089 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 10090 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10091 }; 10092 let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10093 try { 10094 x509CertChain = await cert.createX509CertChain(encodingBlob); 10095 } catch (error) { 10096 let e: BusinessError = error as BusinessError; 10097 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10098 } 10099 return x509CertChain; 10100} 10101 10102createX509CertChain(); 10103``` 10104 10105## cert.createX509CertChain<sup>11+</sup> 10106 10107createX509CertChain(inStream: EncodingBlob, callback: AsyncCallback\<X509CertChain>): void 10108 10109表示创建X509证书链对象,使用Callback回调异步返回结果。 10110 10111**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10112 10113**系统能力:** SystemCapability.Security.Cert 10114 10115**参数:** 10116 10117| 参数名 | 类型 | 必填 | 说明 | 10118| -------- | ------------------------------------- | ---- | -------------------------- | 10119| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 10120| callback | AsyncCallback\<[X509CertChain](#x509certchain11)> | 是 | 回调函数,表示X509证书链对象。 | 10121 10122**错误码:** 10123 10124以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10125 10126| 错误码ID | 错误信息 | 10127| -------- | ------------- | 10128| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10129| 19020001 | memory malloc failed. | 10130| 19030001 | crypto operation error. | 10131 10132**示例:** 10133 10134```ts 10135import { cert } from '@kit.DeviceCertificateKit'; 10136 10137// string转Uint8Array。 10138function stringToUint8Array(str: string): Uint8Array { 10139 let arr: Array<number> = []; 10140 for (let i = 0, j = str.length; i < j; i++) { 10141 arr.push(str.charCodeAt(i)); 10142 } 10143 return new Uint8Array(arr); 10144} 10145 10146let certChainData = "-----BEGIN CERTIFICATE-----\n" + 10147 "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10148 "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10149 "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10150 "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10151 "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10152 "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10153 "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10154 "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10155 "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10156 "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10157 "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10158 "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10159 "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10160 "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10161 "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10162 "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10163 "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10164 "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10165 "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10166 "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10167 "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10168 "-----END CERTIFICATE-----\n" + 10169 "-----BEGIN CERTIFICATE-----\n" + 10170 "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10171 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10172 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10173 "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10174 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10175 "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10176 "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10177 "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10178 "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10179 "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10180 "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10181 "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10182 "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10183 "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10184 "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10185 "uKPWR9dKBA==\n" + 10186 "-----END CERTIFICATE-----\n" + 10187 "-----BEGIN CERTIFICATE-----\n" + 10188 "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10189 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10190 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10191 "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10192 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10193 "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10194 "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10195 "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10196 "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10197 "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10198 "xjoE\n" + 10199 "-----END CERTIFICATE-----\n"; 10200 10201// 证书链二进制数据,需业务自行赋值。 10202let encodingBlob: cert.EncodingBlob = { 10203 data: stringToUint8Array(certChainData), 10204 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 10205 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10206}; 10207 10208cert.createX509CertChain(encodingBlob, (err, certChain) => { 10209 if (err) { 10210 console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 10211 } else { 10212 console.log('createX509CertChain success'); 10213 } 10214}); 10215``` 10216 10217## cert.createX509CertChain<sup>11+</sup> 10218 10219createX509CertChain(certs: Array\<X509Cert>): X509CertChain 10220 10221表示使用X509Cert数组方式创建X509证书链对象,并同步返回结果。 10222 10223**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10224 10225**系统能力:** SystemCapability.Security.Cert 10226 10227**参数:** 10228 10229| 参数名 | 类型 | 必填 | 说明 | 10230| -------- | -------------------- | ---- | -------------------------- | 10231| certs | Array\<[X509Cert](#x509cert)> | 是 | X509证书对象数组。 | 10232 10233**返回值:** 10234 10235| 类型 | 说明 | 10236| --------------------------------- | -------------------- | 10237| [X509CertChain](#x509certchain11) | 表示X509证书链对象。 | 10238 10239**错误码:** 10240 10241以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10242 10243| 错误码ID | 错误信息 | 10244| -------- | ------------- | 10245| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10246| 19020001 | memory malloc failed. | 10247| 19030001 | crypto operation error. | 10248 10249**示例:** 10250 10251```ts 10252import { cert } from '@kit.DeviceCertificateKit'; 10253import { BusinessError } from '@kit.BasicServicesKit'; 10254 10255// string转Uint8Array。 10256function stringToUint8Array(str: string): Uint8Array { 10257 let arr: Array<number> = []; 10258 for (let i = 0, j = str.length; i < j; i++) { 10259 arr.push(str.charCodeAt(i)); 10260 } 10261 return new Uint8Array(arr); 10262} 10263 10264async function createX509Cert(): Promise<cert.X509Cert> { 10265 let certData = '-----BEGIN CERTIFICATE-----\n' + 10266 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 10267 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 10268 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 10269 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 10270 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 10271 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 10272 'Qw==\n' + 10273 '-----END CERTIFICATE-----\n'; 10274 10275 // 证书二进制数据,需业务自行赋值。 10276 let encodingBlob: cert.EncodingBlob = { 10277 data: stringToUint8Array(certData), 10278 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 10279 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10280 }; 10281 10282 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 10283 try { 10284 x509Cert = await cert.createX509Cert(encodingBlob); 10285 } catch (error) { 10286 let e: BusinessError = error as BusinessError; 10287 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10288 } 10289 return x509Cert; 10290} 10291 10292async function createX509CertChain(): Promise<cert.X509CertChain> { 10293 const x509Cert = await createX509Cert(); 10294 let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10295 try { 10296 x509CertChain = cert.createX509CertChain([x509Cert]); 10297 } catch (error) { 10298 let e: BusinessError = error as BusinessError; 10299 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10300 } 10301 return x509CertChain; 10302} 10303 10304createX509CertChain(); 10305``` 10306 10307## cert.buildX509CertChain<sup>12+</sup> 10308 10309buildX509CertChain(param: [CertChainBuildParameters](#certchainbuildparameters12)): Promise\<CertChainBuildResult> 10310 10311表示使用CertChainBuildParameters对象方式创建X509证书链对象,并用Promise方式返回结果。 10312 10313**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10314 10315**系统能力:** SystemCapability.Security.Cert 10316 10317**参数:** 10318 10319| 参数名 | 类型 | 必填 | 说明 | 10320| -------- | -------------------- | ---- | -------------------------- | 10321| param | [CertChainBuildParameters](#certchainbuildparameters12) | 是 | 构建证书链的参数对象。 <br> [CertChainBuildParameters](#certchainbuildparameters12)中的maxLength要小于证书集合中证书数量。| 10322 10323**返回值:** 10324 10325| 类型 | 说明 | 10326| --------------------------------- | -------------------- | 10327| Promise\<[CertChainBuildResult](#certchainbuildresult12)> | 表示X509证书链对象。 | 10328 10329**错误码:** 10330 10331以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10332 10333| 错误码ID | 错误信息 | 10334| -------- | ------------------------------------------------- | 10335| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10336| 19020001 | memory malloc failed. | 10337| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 10338| 19030001 | crypto operation error. | 10339| 19030002 | the certificate signature verification failed. | 10340| 19030003 | the certificate has not taken effect. | 10341| 19030004 | the certificate has expired. | 10342| 19030005 | failed to obtain the certificate issuer. | 10343| 19030006 | the key cannot be used for signing a certificate. | 10344| 19030007 | the key cannot be used for digital signature. | 10345 10346**示例:** 10347 10348```ts 10349import { cert } from '@kit.DeviceCertificateKit'; 10350import { BusinessError } from '@kit.BasicServicesKit'; 10351 10352// string转Uint8Array。 10353function stringToUint8Array(str: string): Uint8Array { 10354 let arr: Array<number> = []; 10355 for (let i = 0, j = str.length; i < j; i++) { 10356 arr.push(str.charCodeAt(i)); 10357 } 10358 return new Uint8Array(arr); 10359} 10360 10361// 证书链数据。 10362let certPem = '-----BEGIN CERTIFICATE-----\n' + 10363 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 10364 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 10365 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 10366 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 10367 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 10368 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 10369 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 10370 '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 10371 '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 10372 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 10373 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 10374 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 10375 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 10376 '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 10377 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 10378 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 10379 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 10380 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 10381 '-----END CERTIFICATE-----'; 10382 10383let caPem = '-----BEGIN CERTIFICATE-----\n' + 10384'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 10385'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 10386'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 10387'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 10388'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 10389'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 10390'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 10391'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 10392'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 10393'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 10394'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 10395'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 10396'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 10397'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 10398'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 10399'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 10400'sSus\n' + 10401'-----END CERTIFICATE-----'; 10402 10403async function createX509Cert(certData: string): Promise<cert.X509Cert> { 10404 // 证书二进制数据,需业务自行赋值。 10405 let encodingBlob: cert.EncodingBlob = { 10406 data: stringToUint8Array(certData), 10407 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 10408 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10409 }; 10410 10411 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 10412 try { 10413 x509Cert = await cert.createX509Cert(encodingBlob); 10414 } catch (error) { 10415 let e: BusinessError = error as BusinessError; 10416 console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10417 } 10418 return x509Cert; 10419} 10420 10421async function buildX509CertChain() { 10422 try { 10423 const caCert = await createX509Cert(caPem); 10424 const x509Cert = await createX509Cert(certPem); 10425 let certCrlCollection = cert.createCertCRLCollection([x509Cert]); 10426 let param: cert.CertChainBuildParameters = { 10427 certMatchParameters: {validDate:'20240812080000Z'}, 10428 maxLength: 3, 10429 validationParameters: { 10430 date: '20240812080000Z', 10431 certCRLs: [certCrlCollection], 10432 trustAnchors: [{CACert:caCert}, {CACert:caCert}], 10433 } 10434 } 10435 let certChainBuildResult = await cert.buildX509CertChain(param); 10436 console.info("cert issuer name: " + certChainBuildResult.validationResult.entityCert.getIssuerName().data) 10437 console.info("ca subject name: " + certChainBuildResult.validationResult.trustAnchor.CACert?.getSubjectName().data) 10438 } catch (error) { 10439 let e: BusinessError = error as BusinessError; 10440 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10441 } 10442} 10443 10444buildX509CertChain(); 10445``` 10446 10447## cert.parsePkcs12<sup>18+</sup> 10448 10449parsePkcs12(data: Uint8Array, config: Pkcs12ParsingConfig): Pkcs12Data 10450 10451表示从P12文件中解析证书、私钥及其他证书合集,并返回结果。 10452 10453**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 10454 10455**系统能力:** SystemCapability.Security.Cert 10456 10457**参数:** 10458 10459| 参数名 | 类型 | 必填 | 说明 | 10460| -------- | -------------------- | ---- | -------------------------- | 10461| data | Uint8Array | 是 | P12文件,DER格式。 | 10462| config | [Pkcs12ParsingConfig](#pkcs12parsingconfig18) | 是 | P12文件的解析配置。 | 10463 10464**返回值:** 10465 10466| 类型 | 说明 | 10467| --------------------------------- | -------------------- | 10468| [Pkcs12Data](#pkcs12data18) | 表示P12文件解析后的证书、私钥及其他证书合集。 | 10469 10470**错误码:** 10471 10472以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10473 10474| 错误码ID | 错误信息 | 10475| -------- | ------------------------------------------------- | 10476| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10477| 19020001 | memory malloc failed. | 10478| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 10479| 19030001 | crypto operation error. | 10480| 19030008 | maybe wrong password. | 10481 10482**示例:** 10483 10484```ts 10485import { cert } from '@kit.DeviceCertificateKit'; 10486import { BusinessError } from '@kit.BasicServicesKit'; 10487 10488function doTestParsePkcs12() { 10489 try { 10490 let p12_cert = new Uint8Array([0x30, 0x82, 0x09, 0x51, 0x02, 0x01, 0x03, 0x30, 0x82, 0x09, 0x17, 0x06, 0x09, 0x2a, 0x86, 0x48, 10491 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x09, 0x08, 0x04, 0x82, 0x09, 0x04, 0x30, 0x82, 10492 0x09, 0x00, 0x30, 0x82, 0x03, 0xb7, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 10493 0x06, 0xa0, 0x82, 0x03, 0xa8, 0x30, 0x82, 0x03, 0xa4, 0x02, 0x01, 0x00, 0x30, 0x82, 0x03, 0x9d, 10494 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 10495 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06, 0x30, 0x0e, 0x04, 0x08, 0x7c, 0xd8, 0x60, 10496 0x3a, 0x07, 0xfb, 0x87, 0x8b, 0x02, 0x02, 0x08, 0x00, 0x80, 0x82, 0x03, 0x70, 0x4d, 0x64, 0xbe, 10497 0x82, 0xc2, 0x59, 0x58, 0x65, 0xf0, 0x37, 0x46, 0x4f, 0x6b, 0xfa, 0x43, 0x2e, 0x9d, 0xd9, 0x4f, 10498 0xd3, 0x54, 0x71, 0x69, 0x6e, 0x03, 0xf8, 0xb8, 0xf9, 0x05, 0xa2, 0x70, 0xa8, 0x70, 0xfb, 0xe6, 10499 0xda, 0x73, 0xdb, 0x4e, 0xdf, 0x72, 0xcd, 0xb6, 0x88, 0x81, 0xec, 0x3f, 0x8d, 0x7b, 0xdc, 0xa6, 10500 0x62, 0xd3, 0xd1, 0xdc, 0xef, 0xb9, 0x76, 0xb5, 0xd3, 0xb3, 0xfb, 0x61, 0x50, 0xeb, 0x22, 0x9b, 10501 0x72, 0x20, 0xb4, 0xe9, 0x7c, 0x5e, 0xaf, 0xa9, 0xb6, 0x40, 0x69, 0x70, 0xea, 0x79, 0x02, 0x1d, 10502 0x66, 0x71, 0x62, 0x39, 0x31, 0xd3, 0x31, 0xb1, 0x6f, 0x2a, 0x2d, 0x13, 0x59, 0xe9, 0xb7, 0x98, 10503 0xbe, 0x67, 0xfa, 0x5d, 0x6f, 0x8f, 0x7a, 0x43, 0x10, 0x5a, 0x3f, 0x13, 0xda, 0xb0, 0x94, 0x08, 10504 0x82, 0xf4, 0x39, 0x1d, 0x42, 0x26, 0x4a, 0xbe, 0x13, 0xe9, 0x89, 0x55, 0x52, 0xa4, 0x16, 0x3d, 10505 0x50, 0x83, 0x5c, 0xb9, 0x00, 0x5e, 0x03, 0x35, 0x65, 0x13, 0x1f, 0xd8, 0xf8, 0xeb, 0x28, 0xe5, 10506 0x00, 0x09, 0x9a, 0x62, 0x65, 0xab, 0x28, 0x21, 0x2e, 0x55, 0x11, 0x77, 0x7e, 0x64, 0xae, 0x12, 10507 0xc1, 0x5e, 0x85, 0xf2, 0xe7, 0xf7, 0x2b, 0x51, 0x46, 0xa6, 0xf8, 0x55, 0x2c, 0xc4, 0x0a, 0x80, 10508 0x6a, 0xc2, 0xa8, 0xba, 0x94, 0xf8, 0xee, 0x18, 0xf7, 0x32, 0x50, 0x53, 0xcc, 0x1e, 0x53, 0x85, 10509 0xeb, 0x0d, 0x1e, 0xec, 0xe2, 0xbb, 0xc2, 0xf3, 0xf7, 0x80, 0xfd, 0x81, 0x63, 0x8f, 0x87, 0x98, 10510 0x09, 0x47, 0x72, 0xee, 0x2d, 0x5a, 0x18, 0x89, 0x6b, 0x95, 0xef, 0x52, 0xde, 0x4d, 0xf5, 0x48, 10511 0x2a, 0x38, 0x6f, 0x4b, 0x98, 0x3c, 0x6d, 0x41, 0xdd, 0x1b, 0xfd, 0x65, 0x1b, 0x87, 0x8a, 0xcf, 10512 0xec, 0x47, 0xe3, 0x7a, 0xa0, 0x56, 0xd9, 0x36, 0x36, 0xcb, 0x17, 0xaa, 0x1b, 0x24, 0x79, 0x96, 10513 0xc6, 0x60, 0xd4, 0xe4, 0xa8, 0x59, 0x35, 0x5e, 0x4e, 0x00, 0xbf, 0x9a, 0xf5, 0x5c, 0x2a, 0xd7, 10514 0xd7, 0x92, 0x98, 0x79, 0xad, 0x13, 0xda, 0xea, 0xde, 0xcd, 0x65, 0x81, 0x26, 0xbd, 0x55, 0x0f, 10515 0xa4, 0x73, 0x54, 0x7b, 0x2f, 0x55, 0x2a, 0x2f, 0xb9, 0x2d, 0x6e, 0x04, 0xc8, 0x37, 0x5e, 0x93, 10516 0x09, 0xa7, 0x7f, 0xb1, 0x6b, 0x4a, 0x9f, 0xea, 0x59, 0x19, 0x57, 0xd0, 0xc1, 0xa1, 0x6b, 0xaf, 10517 0x27, 0x2b, 0xac, 0x81, 0xec, 0xcd, 0x2e, 0xa2, 0xa6, 0x08, 0x01, 0xfc, 0xa1, 0xbc, 0xc9, 0xdc, 10518 0x97, 0xb9, 0x48, 0xa8, 0x65, 0x5d, 0x63, 0xdb, 0x5c, 0x7e, 0x55, 0xe7, 0x47, 0xf2, 0x74, 0x17, 10519 0x67, 0xfe, 0x56, 0x20, 0x54, 0x65, 0x11, 0xdf, 0xec, 0x75, 0x70, 0x49, 0x59, 0xd1, 0xea, 0x6b, 10520 0x8f, 0x39, 0xec, 0x5d, 0x81, 0x82, 0x9a, 0xec, 0xce, 0x6c, 0x0c, 0x32, 0x14, 0xbd, 0xef, 0xac, 10521 0xae, 0x04, 0xd0, 0x75, 0x62, 0xf5, 0x82, 0x16, 0xd1, 0xa8, 0xfb, 0x22, 0x2a, 0xc2, 0xe7, 0x7a, 10522 0x75, 0x08, 0x59, 0x99, 0x34, 0x3d, 0xd9, 0xd7, 0x66, 0xb8, 0xcd, 0xaa, 0xf4, 0x48, 0xcc, 0x21, 10523 0x25, 0x83, 0xae, 0xad, 0x55, 0x0e, 0xff, 0x44, 0xf3, 0xcc, 0xd1, 0x89, 0x72, 0x0f, 0x9f, 0xe3, 10524 0xe5, 0xc7, 0xd4, 0x53, 0x94, 0xd6, 0xfb, 0x35, 0xd5, 0xd8, 0x2f, 0xa7, 0x4b, 0xf9, 0x50, 0x15, 10525 0x1e, 0x35, 0xfc, 0x3d, 0xca, 0xad, 0xb6, 0x49, 0x16, 0xee, 0xff, 0xd7, 0x8a, 0xcc, 0xf0, 0x96, 10526 0x11, 0x97, 0x22, 0xf3, 0xf7, 0x7c, 0x7a, 0x50, 0x49, 0x12, 0x68, 0x6e, 0x0e, 0x62, 0x32, 0xc7, 10527 0xe9, 0xc3, 0xa0, 0x1b, 0xfe, 0x29, 0x8c, 0x46, 0xc2, 0x7e, 0xe1, 0xea, 0xc3, 0xcb, 0x30, 0xaf, 10528 0xe4, 0x60, 0xe5, 0xa5, 0xa5, 0xb8, 0xf4, 0x16, 0xfa, 0x19, 0xd0, 0x1c, 0x14, 0xce, 0xf9, 0xa8, 10529 0x0b, 0x3f, 0x87, 0x89, 0xd3, 0xed, 0x9e, 0x16, 0x14, 0xbb, 0xd3, 0x64, 0xeb, 0x00, 0xe7, 0x48, 10530 0x1f, 0xd4, 0x47, 0xbc, 0xa9, 0x6f, 0x03, 0xe0, 0x0e, 0xaf, 0xb9, 0xad, 0x05, 0xa0, 0x1d, 0xee, 10531 0x0a, 0xcd, 0x0f, 0xd0, 0xb8, 0xf1, 0x35, 0x80, 0xa7, 0x72, 0xcd, 0x36, 0x8e, 0xce, 0x72, 0xf9, 10532 0x9f, 0xd5, 0x29, 0xae, 0x02, 0xb7, 0xbe, 0x65, 0xff, 0x38, 0x45, 0xf8, 0x8d, 0x87, 0x2f, 0xf8, 10533 0xdd, 0xc1, 0x72, 0x17, 0x2b, 0xdd, 0x3e, 0xfe, 0x01, 0xa0, 0x59, 0xb3, 0x19, 0x92, 0xf0, 0x59, 10534 0xf5, 0x06, 0x77, 0x8b, 0x1a, 0x41, 0x1d, 0x8b, 0x80, 0x74, 0x95, 0x8b, 0x30, 0x03, 0x18, 0xdd, 10535 0x1e, 0x1b, 0x21, 0x36, 0xdf, 0xde, 0xc3, 0xa2, 0x68, 0xe0, 0x3d, 0x94, 0x37, 0x6b, 0x48, 0xb2, 10536 0xb9, 0x41, 0x53, 0xd6, 0x65, 0xef, 0x7a, 0x3d, 0xdc, 0x09, 0x17, 0x66, 0xb4, 0x05, 0x58, 0x8a, 10537 0x5d, 0x2f, 0x40, 0x4a, 0x91, 0x8a, 0xa5, 0xb7, 0x29, 0xfb, 0x37, 0x81, 0x71, 0x77, 0x50, 0x8d, 10538 0x34, 0x80, 0x7e, 0xab, 0xb9, 0xc8, 0xdc, 0xb7, 0x2c, 0x7e, 0xbc, 0xad, 0x7c, 0x14, 0x5c, 0xf6, 10539 0x90, 0x88, 0x0e, 0x0d, 0x50, 0x7a, 0x4e, 0xa6, 0x85, 0xe4, 0x2a, 0xe7, 0x67, 0x21, 0x53, 0xbb, 10540 0x73, 0xd5, 0x30, 0x78, 0xbd, 0x08, 0x2b, 0x42, 0x44, 0x3e, 0x5d, 0x2b, 0x2f, 0x09, 0x8e, 0x82, 10541 0xc3, 0x5b, 0x9e, 0xd8, 0x20, 0xc6, 0xb7, 0x42, 0xe5, 0xb3, 0x60, 0x0b, 0x9b, 0x01, 0x76, 0x26, 10542 0xf7, 0xc1, 0xf7, 0xe1, 0xd1, 0x46, 0xf7, 0x9c, 0x21, 0xfd, 0x66, 0xb7, 0x14, 0x1d, 0x89, 0xb5, 10543 0xd3, 0xa1, 0x4e, 0x57, 0x97, 0xe7, 0xe4, 0x63, 0x96, 0xe2, 0x6f, 0x10, 0x6a, 0xb7, 0x8e, 0x83, 10544 0x64, 0x22, 0x10, 0x02, 0x27, 0x87, 0x6d, 0xb6, 0x11, 0x51, 0xe9, 0xe6, 0x68, 0x1a, 0xc8, 0xd3, 10545 0x6b, 0x23, 0x33, 0x68, 0x66, 0xab, 0x4d, 0xf9, 0x92, 0x11, 0x67, 0x9d, 0x24, 0xee, 0x18, 0xa8, 10546 0x3c, 0x5a, 0xfe, 0x79, 0x76, 0x99, 0xeb, 0x9f, 0x19, 0x9d, 0x74, 0xee, 0x13, 0xd9, 0xb1, 0x7b, 10547 0x4e, 0xcf, 0x30, 0x05, 0xdb, 0x5a, 0x3e, 0x00, 0x7e, 0x0a, 0xed, 0x6f, 0xaf, 0x0d, 0x1b, 0xf3, 10548 0x61, 0x24, 0x06, 0xe7, 0xf2, 0x57, 0x72, 0xf8, 0x61, 0x4d, 0x5f, 0x00, 0x78, 0x1f, 0x4d, 0xc7, 10549 0x28, 0x5e, 0xc4, 0x9b, 0xed, 0xac, 0x4f, 0x16, 0xaf, 0x81, 0x85, 0x33, 0x16, 0xbd, 0x6a, 0xb9, 10550 0xb2, 0x8e, 0x25, 0xbc, 0xaf, 0xfd, 0xea, 0xb7, 0x20, 0x32, 0x15, 0x62, 0x77, 0x52, 0xa1, 0xf2, 10551 0xd0, 0x9d, 0x12, 0x4c, 0x85, 0x71, 0x08, 0x03, 0xa7, 0x94, 0x34, 0xb4, 0x96, 0x30, 0x82, 0x05, 10552 0x41, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x05, 0x32, 10553 0x04, 0x82, 0x05, 0x2e, 0x30, 0x82, 0x05, 0x2a, 0x30, 0x82, 0x05, 0x26, 0x06, 0x0b, 0x2a, 0x86, 10554 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x04, 0xee, 0x30, 0x82, 0x04, 10555 0xea, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 10556 0x0e, 0x04, 0x08, 0x30, 0xee, 0xbd, 0x7c, 0xcb, 0xb5, 0xa5, 0x1b, 0x02, 0x02, 0x08, 0x00, 0x04, 10557 0x82, 0x04, 0xc8, 0x1e, 0xd0, 0x7f, 0x7e, 0x86, 0x1c, 0x6f, 0x0e, 0xac, 0x6c, 0xe3, 0x35, 0xcb, 10558 0xff, 0xe4, 0x84, 0x88, 0x97, 0x45, 0xf3, 0x48, 0xa9, 0x98, 0xeb, 0x74, 0x91, 0x53, 0x07, 0x7a, 10559 0xe4, 0x78, 0x89, 0x13, 0xe7, 0xce, 0xa3, 0xc5, 0xab, 0x2c, 0x16, 0xe5, 0x02, 0x64, 0xc6, 0xb5, 10560 0x11, 0x36, 0x69, 0x0b, 0x5f, 0x7e, 0x95, 0x27, 0x59, 0x9a, 0xac, 0x98, 0x12, 0x76, 0x39, 0x31, 10561 0xaa, 0x4f, 0x22, 0x55, 0x21, 0x71, 0x20, 0xeb, 0x4e, 0x5e, 0x2d, 0xd8, 0xab, 0xd9, 0x64, 0x38, 10562 0x13, 0x9a, 0x14, 0x48, 0x7f, 0x48, 0x05, 0xec, 0x49, 0x55, 0x80, 0x49, 0xaf, 0x4e, 0x29, 0xdf, 10563 0x4a, 0xfb, 0xa1, 0x20, 0x2f, 0x98, 0x35, 0xf7, 0x8f, 0xb9, 0x41, 0x8b, 0x00, 0x14, 0x23, 0x9a, 10564 0x43, 0xfe, 0x55, 0xfc, 0xe5, 0x57, 0x19, 0xa9, 0x74, 0x44, 0x1f, 0xdd, 0xc3, 0xc8, 0x9f, 0xfa, 10565 0x9f, 0x67, 0x93, 0xed, 0x79, 0x11, 0xe1, 0x4e, 0xed, 0xd6, 0x20, 0x82, 0xc8, 0x85, 0xdf, 0x4e, 10566 0xa0, 0xcd, 0xd8, 0x36, 0x37, 0x4f, 0x67, 0x9d, 0x84, 0x44, 0x14, 0xce, 0xc0, 0xc9, 0xa6, 0xbd, 10567 0x73, 0x06, 0x27, 0xb7, 0x16, 0x97, 0x8c, 0x61, 0xd9, 0x63, 0xb2, 0x56, 0x8d, 0x28, 0x9e, 0x2e, 10568 0xcf, 0xa3, 0xfe, 0x8d, 0xaa, 0xef, 0x69, 0x32, 0x7b, 0x32, 0xbe, 0xd5, 0x62, 0x2c, 0x2e, 0x7f, 10569 0x72, 0xdb, 0x3c, 0x4b, 0xe4, 0x76, 0xa3, 0xa9, 0xa1, 0x67, 0x84, 0x86, 0xea, 0x14, 0x15, 0x6c, 10570 0x74, 0xd2, 0xac, 0x0e, 0xe2, 0x54, 0x54, 0xd4, 0x31, 0xa3, 0x88, 0x66, 0x89, 0x31, 0x7b, 0xf7, 10571 0x3c, 0x92, 0xce, 0x3e, 0x86, 0xfb, 0x57, 0xc8, 0x65, 0xae, 0x85, 0x6d, 0x48, 0xf6, 0xe6, 0x37, 10572 0xeb, 0x77, 0xcf, 0x06, 0xd6, 0x9e, 0x54, 0xb4, 0xd8, 0x9a, 0x5f, 0xdd, 0xc5, 0xa5, 0x05, 0xa0, 10573 0x4b, 0xd1, 0x54, 0xab, 0x4f, 0xd0, 0x3e, 0x6b, 0x8f, 0x03, 0x66, 0xd4, 0xe2, 0x90, 0xea, 0x2d, 10574 0x9b, 0x6a, 0x2b, 0xc4, 0x7b, 0x9d, 0xf1, 0xb5, 0x22, 0xdf, 0x86, 0xc2, 0xfd, 0x13, 0x0a, 0x69, 10575 0x29, 0x59, 0xe9, 0x45, 0xcd, 0xdf, 0xcd, 0xa5, 0x71, 0x7e, 0x70, 0xc3, 0x60, 0x9e, 0x47, 0x5d, 10576 0xd4, 0x6c, 0xcc, 0x15, 0x51, 0x23, 0x5b, 0x4e, 0xee, 0x72, 0x80, 0x49, 0xd6, 0xac, 0x89, 0x16, 10577 0x65, 0xf4, 0x95, 0x57, 0x19, 0x13, 0xab, 0x9c, 0x08, 0xe8, 0xdf, 0x0a, 0xe2, 0x39, 0xfc, 0xff, 10578 0x42, 0x02, 0xac, 0xaf, 0xf1, 0xb6, 0x56, 0xef, 0x75, 0x60, 0x2f, 0xc2, 0x5d, 0xef, 0xf5, 0x79, 10579 0xb5, 0x46, 0xa0, 0xb5, 0x03, 0x67, 0xef, 0x78, 0x3d, 0x49, 0xd0, 0xc5, 0x0e, 0xff, 0x42, 0x72, 10580 0x02, 0x86, 0x99, 0x93, 0xaa, 0xa3, 0x9e, 0x2c, 0xc7, 0xec, 0xa2, 0xdf, 0x25, 0x4e, 0x28, 0x81, 10581 0x82, 0x3e, 0x29, 0xd3, 0x37, 0xfd, 0x32, 0xf4, 0x85, 0x46, 0x42, 0xb9, 0x94, 0x44, 0x8a, 0xbf, 10582 0xd9, 0x14, 0xcb, 0xb6, 0xd3, 0xc5, 0xe7, 0x6b, 0x28, 0x70, 0xc3, 0x9c, 0xc2, 0x93, 0x9d, 0x2f, 10583 0xab, 0xd6, 0xb2, 0x19, 0x28, 0x9a, 0xda, 0x0d, 0x90, 0x5b, 0xba, 0x64, 0x6f, 0xcc, 0x11, 0xef, 10584 0x6c, 0x88, 0x18, 0x4f, 0x86, 0x6e, 0xed, 0xcf, 0xde, 0x0d, 0xec, 0xe2, 0x12, 0xc3, 0x89, 0x0a, 10585 0x3f, 0xbb, 0x3d, 0x8c, 0x8f, 0xa9, 0x40, 0xe6, 0xf8, 0xd1, 0x1a, 0x9a, 0x7e, 0x8a, 0xd7, 0x7b, 10586 0x56, 0xf4, 0x5d, 0x80, 0x64, 0xd5, 0x88, 0x86, 0x85, 0x18, 0x30, 0x5d, 0x64, 0x04, 0xb3, 0xc2, 10587 0xc7, 0x80, 0xda, 0x3e, 0xc4, 0xd6, 0xf6, 0xc4, 0x95, 0x56, 0xd5, 0xad, 0x82, 0x86, 0xcc, 0x1a, 10588 0x05, 0x69, 0x06, 0x08, 0x5b, 0x19, 0xea, 0x10, 0xc5, 0xcd, 0x67, 0x93, 0xab, 0x0f, 0xe3, 0xba, 10589 0xb0, 0x0d, 0xac, 0x99, 0x0d, 0x35, 0x6f, 0xe5, 0x41, 0xb2, 0x7c, 0x87, 0x91, 0x6c, 0xe2, 0x75, 10590 0x9b, 0x64, 0x62, 0x06, 0x2a, 0x8b, 0xd9, 0x4d, 0x23, 0xcd, 0x2b, 0xef, 0xf5, 0x61, 0x82, 0x8e, 10591 0x3f, 0xf6, 0x2b, 0xe1, 0x6f, 0xcf, 0xbd, 0xaa, 0x07, 0x97, 0x49, 0x4e, 0x02, 0x9d, 0xa5, 0x9e, 10592 0xc5, 0xd7, 0x8b, 0xd3, 0xe1, 0xd9, 0x35, 0x96, 0x9d, 0x1f, 0xa2, 0xf6, 0x91, 0xee, 0xd1, 0x3b, 10593 0xa8, 0xfe, 0x4d, 0xeb, 0xf9, 0xfc, 0xe4, 0xab, 0x60, 0xb7, 0x86, 0x9d, 0x2a, 0x35, 0xb0, 0x00, 10594 0xd4, 0x3c, 0x2a, 0x7e, 0x6d, 0x65, 0x5f, 0xf3, 0x7c, 0x23, 0x57, 0x52, 0x2a, 0x8c, 0x5b, 0x36, 10595 0x74, 0xb7, 0x61, 0x49, 0xf0, 0xdf, 0xcf, 0x8a, 0x28, 0xc5, 0x8d, 0xbc, 0x20, 0xcc, 0xac, 0x86, 10596 0x20, 0xd8, 0x2d, 0x86, 0x99, 0xf5, 0xf0, 0xdb, 0xed, 0x8d, 0xf9, 0xd7, 0x4e, 0xa8, 0xde, 0x84, 10597 0x35, 0x50, 0xc1, 0x7c, 0xbd, 0xdf, 0xc2, 0x24, 0x1a, 0x49, 0x24, 0x9a, 0x37, 0x93, 0xca, 0x2d, 10598 0x73, 0x47, 0x8f, 0x83, 0xed, 0x4d, 0xca, 0xf8, 0xf0, 0xd3, 0x9b, 0xe0, 0x4b, 0x3b, 0xf1, 0x86, 10599 0xeb, 0x78, 0x7b, 0x42, 0xa1, 0xb9, 0x36, 0x15, 0xde, 0x63, 0xab, 0x8b, 0x8b, 0x5d, 0xa2, 0x92, 10600 0x10, 0x95, 0xdf, 0xda, 0xd7, 0xba, 0xa0, 0x26, 0xb9, 0xdc, 0x83, 0xeb, 0xdc, 0xd2, 0x1f, 0xf1, 10601 0xb1, 0x8d, 0x21, 0x51, 0x71, 0x59, 0x0e, 0xe8, 0x7e, 0xf1, 0x53, 0x08, 0x98, 0x79, 0x05, 0x3b, 10602 0x22, 0xf1, 0xda, 0x07, 0x0d, 0xf7, 0x89, 0x5e, 0xc4, 0x62, 0x8c, 0xf9, 0x19, 0xc8, 0xbc, 0xa4, 10603 0x0c, 0x6f, 0x41, 0x34, 0x56, 0x22, 0x6b, 0xe6, 0xee, 0x7c, 0x4a, 0xd9, 0x26, 0x8c, 0x56, 0x12, 10604 0xf3, 0x03, 0x12, 0x1c, 0x5b, 0x8d, 0x64, 0x5c, 0x1c, 0xb6, 0x0f, 0x93, 0xaf, 0xb1, 0x67, 0x6f, 10605 0x13, 0xdd, 0xe3, 0xcf, 0x0e, 0xe6, 0x06, 0xf3, 0xb2, 0xbc, 0x99, 0xf5, 0xb0, 0xd7, 0xe9, 0x7e, 10606 0xb0, 0x6a, 0xb9, 0xb5, 0xda, 0xcf, 0x88, 0xf1, 0xc5, 0x58, 0x54, 0x05, 0x5c, 0x9d, 0x79, 0xc2, 10607 0xcd, 0xbb, 0xc6, 0xf2, 0x69, 0xa9, 0xe3, 0x4e, 0x05, 0x0d, 0x02, 0xb6, 0x4d, 0x8e, 0x7d, 0x60, 10608 0x8e, 0xda, 0x4d, 0x28, 0xd2, 0xec, 0x8a, 0x11, 0xe3, 0xe7, 0x17, 0x20, 0x07, 0x7b, 0xfc, 0x9b, 10609 0x4e, 0xf7, 0x79, 0xf5, 0x0a, 0x6e, 0xd1, 0x1e, 0x7b, 0x83, 0x66, 0x5e, 0x1b, 0x9d, 0x36, 0x32, 10610 0x89, 0xf6, 0x72, 0xa5, 0x58, 0x54, 0x42, 0xba, 0x90, 0xf3, 0xbb, 0x05, 0x46, 0xa4, 0x91, 0x1c, 10611 0xdb, 0xab, 0xf3, 0x68, 0x56, 0x7a, 0xd3, 0xff, 0x3f, 0x9f, 0xc5, 0x4a, 0x47, 0xbd, 0x89, 0x46, 10612 0xf6, 0x94, 0x3a, 0x94, 0xd4, 0x30, 0xd3, 0xae, 0x0d, 0x99, 0x95, 0xf7, 0x75, 0xfe, 0x14, 0x10, 10613 0x9e, 0xed, 0x21, 0x0f, 0x0d, 0x54, 0x7d, 0x54, 0xc5, 0x80, 0x21, 0x4d, 0xf2, 0xaf, 0x67, 0xaf, 10614 0x8a, 0x76, 0x9e, 0x34, 0x32, 0x74, 0x89, 0x2a, 0x32, 0xf9, 0x48, 0x20, 0x90, 0xe6, 0x4a, 0xa3, 10615 0x7f, 0xf2, 0x2a, 0x51, 0x22, 0x93, 0xe5, 0xdd, 0x59, 0xb3, 0x83, 0xa8, 0x47, 0xf5, 0x6b, 0x38, 10616 0x24, 0xc2, 0xac, 0x2d, 0x03, 0xda, 0xb1, 0x17, 0x19, 0xe0, 0x38, 0x2c, 0xb3, 0xa6, 0x4c, 0x8e, 10617 0xae, 0x63, 0xa7, 0xae, 0x96, 0xb1, 0x07, 0x8c, 0x8f, 0x6a, 0x08, 0x32, 0x15, 0x1f, 0x33, 0x97, 10618 0x21, 0x3b, 0x51, 0x70, 0xc5, 0x1f, 0xa6, 0xa3, 0x8a, 0xd0, 0x8f, 0x0b, 0xda, 0x64, 0xab, 0xbe, 10619 0xee, 0x4b, 0x14, 0xfd, 0x32, 0x87, 0x9e, 0xa7, 0x19, 0x75, 0xc9, 0xaa, 0xd3, 0xed, 0xa7, 0xa0, 10620 0x01, 0xe7, 0xa0, 0xe5, 0x28, 0xdd, 0x3b, 0x7c, 0x49, 0xe4, 0x24, 0x7d, 0x92, 0x86, 0x25, 0x03, 10621 0xb3, 0x66, 0x04, 0xf3, 0xa1, 0x40, 0x11, 0x35, 0x3a, 0x1d, 0xbf, 0x1c, 0x02, 0x83, 0x3d, 0x37, 10622 0x51, 0x88, 0xa3, 0x2b, 0x10, 0x8c, 0x8e, 0x10, 0xdd, 0xdc, 0xef, 0xa4, 0xe9, 0x14, 0x77, 0xb6, 10623 0x8e, 0x75, 0xb6, 0x8e, 0xea, 0xaa, 0x57, 0x16, 0x1f, 0xb0, 0x0c, 0xbc, 0x44, 0xed, 0x92, 0x94, 10624 0x9a, 0xb4, 0xf3, 0x31, 0x64, 0x02, 0x5c, 0xa1, 0x51, 0x63, 0x39, 0x42, 0x74, 0x7a, 0x1d, 0xf2, 10625 0xf5, 0x92, 0x50, 0xf1, 0x5a, 0x8a, 0xde, 0xb3, 0x4e, 0xf1, 0x6e, 0x67, 0xd9, 0x5b, 0x00, 0xa7, 10626 0xd1, 0x90, 0x58, 0x36, 0xc4, 0x15, 0x80, 0xbb, 0xa5, 0xbb, 0x98, 0xc0, 0x8a, 0x9b, 0x17, 0x35, 10627 0x36, 0x3b, 0x62, 0x0f, 0x29, 0xcd, 0xe9, 0x04, 0x0e, 0x9d, 0xca, 0x43, 0x04, 0xdf, 0x17, 0x49, 10628 0xbf, 0xb6, 0x7a, 0x7a, 0x3c, 0xdb, 0x0d, 0x6d, 0xd5, 0x89, 0xb9, 0x69, 0x94, 0xd8, 0xb2, 0xd6, 10629 0x38, 0x8a, 0xcc, 0x78, 0x44, 0x40, 0x63, 0x9f, 0x1e, 0x0e, 0x40, 0x33, 0x51, 0xd3, 0x65, 0xf8, 10630 0xf1, 0x42, 0x06, 0x75, 0x84, 0xe7, 0xb1, 0xe9, 0xd6, 0xa4, 0x5e, 0x7f, 0xb0, 0x48, 0x6f, 0x80, 10631 0x92, 0xf8, 0xfc, 0x2a, 0xdb, 0x18, 0x97, 0xe5, 0xe7, 0xc7, 0x46, 0xb6, 0x59, 0x8c, 0x3a, 0x09, 10632 0x91, 0xc1, 0x49, 0x55, 0xf9, 0xf3, 0x87, 0x19, 0xdc, 0x72, 0x56, 0xd3, 0x20, 0x5e, 0xc5, 0x3d, 10633 0xfb, 0x19, 0xea, 0x6a, 0xdf, 0x09, 0xb2, 0x8f, 0xb6, 0xdd, 0x26, 0x31, 0x25, 0x30, 0x23, 0x06, 10634 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15, 0x31, 0x16, 0x04, 0x14, 0x3b, 0xd2, 10635 0xb3, 0x51, 0x4c, 0x57, 0xd0, 0xca, 0x34, 0xa4, 0xf0, 0x06, 0xdd, 0xe9, 0x76, 0x08, 0xdb, 0x7b, 10636 0x3a, 0xb0, 0x30, 0x31, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 10637 0x00, 0x04, 0x14, 0x8e, 0x7f, 0x87, 0x67, 0x78, 0x64, 0x93, 0x36, 0x35, 0xe5, 0x93, 0x9d, 0xac, 10638 0x61, 0x09, 0x4f, 0xdc, 0x95, 0xd7, 0x4f, 0x04, 0x08, 0x23, 0xc2, 0xc0, 0xc6, 0x8d, 0x5f, 0x70, 10639 0x7e, 0x02, 0x02, 0x08, 0x00]); 10640 10641 let conf: cert.Pkcs12ParsingConfig = { 10642 password: "123456", 10643 needsCert: false, 10644 needsPrivateKey: true, 10645 privateKeyFormat: cert.EncodingBaseFormat.DER, 10646 needsOtherCerts: false, 10647 }; 10648 let p12: cert.Pkcs12Data = cert.parsePkcs12(p12_cert, conf); 10649 console.info("parsePKCS12 succeed."); 10650 if (p12.privateKey) { 10651 console.info("privateKey:" + p12.privateKey.toString()) 10652 } 10653 } catch (error) { 10654 console.error('parsePKCS12 failed:' + JSON.stringify(error)); 10655 } 10656} 10657``` 10658 10659## cert.createTrustAnchorsWithKeyStore<sup>12+</sup> 10660 10661createTrustAnchorsWithKeyStore(keystore: Uint8Array, pwd: string): Promise<Array\<[X509TrustAnchor](#x509trustanchor11)>> 10662 10663表示从P12文件中读取ca证书来构造[TrustAnchor](#x509trustanchor11)对象数组,并用Promise方式返回结果。 10664 10665**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10666 10667**系统能力:** SystemCapability.Security.Cert 10668 10669**参数:** 10670 10671| 参数名 | 类型 | 必填 | 说明 | 10672| -------- | -------------------- | ---- | -------------------------- | 10673| keystore | Uint8Array | 是 | P12文件,DER格式。 | 10674| pwd | string | 是 | P12文件的密码。 | 10675 10676**返回值:** 10677 10678| 类型 | 说明 | 10679| --------------------------------- | -------------------- | 10680| Promise\<Array\<[X509TrustAnchor](#x509trustanchor11)>> | 表示X509TrustAnchor对象数组。 | 10681 10682**错误码:** 10683 10684以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10685 10686| 错误码ID | 错误信息 | 10687| -------- | ------------------------------------------------- | 10688| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10689| 19020001 | memory malloc failed. | 10690| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 10691| 19030001 | crypto operation error. | 10692| 19030002 | the certificate signature verification failed. | 10693| 19030003 | the certificate has not taken effect. | 10694| 19030004 | the certificate has expired. | 10695| 19030005 | failed to obtain the certificate issuer. | 10696| 19030006 | the key cannot be used for signing a certificate. | 10697| 19030007 | the key cannot be used for digital signature. | 10698 10699**示例:** 10700 10701```ts 10702import { cert } from '@kit.DeviceCertificateKit'; 10703import { BusinessError } from '@kit.BasicServicesKit'; 10704 10705try { 10706 cert.createTrustAnchorsWithKeyStore( 10707 new Uint8Array([0x30, 0x82, 0x07, 0x5C, 0x02, 0x01, 0x03, 0x30, 0x82, 0x07, 0x12, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0xA0, 0x82, 0x07, 0x03, 0x04, 0x82, 0x06, 0xFF, 0x30, 0x82, 0x06, 0xFB, 0x30, 0x82, 0x05, 0xB2, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06, 0xA0, 0x82, 0x05, 0xA3, 0x30, 0x82, 0x05, 0x9F, 0x02, 0x01, 0x00, 0x30, 0x82, 0x05, 0x98, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0x30, 0x57, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D, 0x30, 0x4A, 0x30, 0x29, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C, 0x30, 0x1C, 0x04, 0x08, 0xA9, 0x1C, 0x1B, 0x19, 0x36, 0xDE, 0xD4, 0x20, 0x02, 0x02, 0x08, 0x00, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x09, 0x05, 0x00, 0x30, 0x1D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2A, 0x04, 0x10, 0x7D, 0xE5, 0x23, 0x96, 0x18, 0x8B, 0xF4, 0xBC, 0x9F, 0x4E, 0xE8, 0xE9, 0xAA, 0x52, 0x18, 0x39, 0x80, 0x82, 0x05, 0x30, 0x02, 0x2D, 0x59, 0xA9, 0x96, 0x5A, 0xFE, 0x20, 0x18, 0xB2, 0x25, 0xEA, 0xFC, 0x86, 0x0F, 0xA8, 0x3C, 0x2B, 0x26, 0x2F, 0x44, 0x6E, 0xF3, 0x15, 0xB7, 0x94, 0xE4, 0x43, 0xEE, 0xE6, 0xC3, 0xBB, 0x3C, 0x9E, 0x60, 0x08, 0xF8, 0x15, 0x61, 0x44, 0xD0, 0xEA, 0xD5, 0x6D, 0x1A, 0x3B, 0x9F, 0x4E, 0x2A, 0x1E, 0xBB, 0xB9, 0x4E, 0x15, 0x43, 0xB8, 0x68, 0xDB, 0x1A, 0x4E, 0x41, 0xBA, 0x29, 0x8E, 0x75, 0xEB, 0x12, 0xC1, 0xF0, 0x4B, 0x0D, 0x13, 0xB2, 0xC2, 0x48, 0x6F, 0xC4, 0xC4, 0x82, 0xF2, 0x26, 0xD4, 0x3D, 0x1F, 0x42, 0x7D, 0x67, 0xB0, 0x37, 0x55, 0x9E, 0xD9, 0x46, 0x99, 0x98, 0xB4, 0xE7, 0x4B, 0x07, 0x08, 0x3F, 0xD3, 0x96, 0x9A, 0xC5, 0xDA, 0x37, 0x74, 0x08, 0x5D, 0x3B, 0x06, 0x8A, 0x16, 0x6D, 0x81, 0x63, 0x01, 0x83, 0x94, 0xDA, 0x1B, 0x0E, 0x04, 0xCE, 0x18, 0xF0, 0x51, 0x22, 0xD8, 0x2D, 0xF1, 0x69, 0x0C, 0xCB, 0xC9, 0x51, 0x17, 0x07, 0x1F, 0x2B, 0xCF, 0x74, 0x26, 0xD7, 0x73, 0xB3, 0x2D, 0xF2, 0x82, 0xF0, 0x38, 0x5B, 0x8A, 0x8F, 0xCD, 0x84, 0x69, 0x40, 0x59, 0xCE, 0xB3, 0x39, 0xFE, 0xF6, 0xB7, 0x24, 0x89, 0x34, 0xFF, 0xF4, 0x40, 0x50, 0x06, 0x4D, 0xC6, 0x13, 0x82, 0xAF, 0x7F, 0x84, 0xB1, 0x67, 0x3C, 0x89, 0xBB, 0x5D, 0x32, 0xC3, 0xA6, 0xF1, 0x7D, 0xF5, 0x72, 0x68, 0x75, 0xCE, 0x69, 0xAB, 0x6C, 0x32, 0xDA, 0x16, 0x3B, 0xC4, 0xCA, 0x47, 0x45, 0xE9, 0x59, 0x1E, 0xB1, 0x70, 0xDA, 0x8A, 0x00, 0x69, 0x80, 0x40, 0xCA, 0x60, 0xE6, 0x07, 0x16, 0xF0, 0xA2, 0xF9, 0x12, 0x7D, 0x09, 0x43, 0x66, 0x46, 0x78, 0x35, 0xA6, 0x94, 0x35, 0x60, 0x82, 0xFC, 0xB8, 0x5E, 0x39, 0xE7, 0xA1, 0x22, 0xAD, 0xCC, 0x6F, 0x5E, 0xCE, 0x01, 0x6B, 0xA1, 0xDD, 0xE5, 0xDD, 0x79, 0x9B, 0xA1, 0x28, 0xC4, 0x03, 0x84, 0x8D, 0x6C, 0x07, 0xD4, 0xFE, 0x57, 0xFB, 0x89, 0x3F, 0x43, 0x44, 0x69, 0xF1, 0x9E, 0x53, 0x6C, 0x11, 0x11, 0x96, 0x79, 0xE4, 0xB8, 0x3B, 0x49, 0x2E, 0xF6, 0x3B, 0xC5, 0x6C, 0x76, 0x21, 0x22, 0x15, 0x85, 0x77, 0x8A, 0xDD, 0xD2, 0x43, 0x85, 0x73, 0x39, 0x77, 0x9F, 0xFA, 0x8F, 0xCF, 0xCB, 0xEA, 0x62, 0xBD, 0x5C, 0x66, 0x45, 0xCD, 0xB0, 0xCA, 0x42, 0xCC, 0xB9, 0xCF, 0xE3, 0x84, 0x63, 0x9F, 0x63, 0xCE, 0x49, 0xE9, 0x74, 0x26, 0xCC, 0x26, 0x78, 0xCE, 0x9F, 0x4E, 0x38, 0xA2, 0x9C, 0xEB, 0x75, 0xC5, 0x33, 0x6B, 0x00, 0x83, 0x85, 0xA3, 0x0F, 0xE7, 0xE1, 0x11, 0xA6, 0x48, 0xDC, 0xEF, 0x0C, 0x05, 0xB3, 0xDE, 0x94, 0xB9, 0x69, 0xCB, 0x27, 0x09, 0xAB, 0x27, 0xD8, 0x06, 0xED, 0x25, 0xBC, 0xA6, 0x2E, 0xB7, 0xF9, 0x2E, 0xAD, 0x84, 0x1D, 0xDD, 0x73, 0xD8, 0xC0, 0x46, 0x8A, 0xFE, 0x9A, 0xDF, 0x07, 0xE1, 0x33, 0xE2, 0x1C, 0x37, 0x6A, 0x8E, 0xA2, 0x91, 0x0B, 0xD7, 0x76, 0xEF, 0x3C, 0x87, 0x4A, 0x53, 0x84, 0xFA, 0xFA, 0xC5, 0x71, 0x76, 0xC0, 0x75, 0x70, 0x67, 0x67, 0x71, 0x9D, 0x8B, 0x81, 0x6F, 0x68, 0xC5, 0xB1, 0xFC, 0xA3, 0x59, 0xB5, 0xD0, 0x03, 0x56, 0xE7, 0x89, 0x03, 0xD7, 0x99, 0xDE, 0x66, 0x33, 0xFA, 0x53, 0x50, 0x5F, 0xB4, 0x9D, 0xB3, 0x90, 0x8F, 0x57, 0x20, 0xF0, 0x8B, 0xDB, 0x73, 0xCA, 0xA4, 0x71, 0x61, 0x67, 0x6A, 0x6D, 0xA5, 0xCA, 0x88, 0xD4, 0xCC, 0x82, 0x34, 0xC9, 0x3E, 0x10, 0x10, 0x57, 0xD1, 0x08, 0x96, 0x80, 0x09, 0xA8, 0xBB, 0x6F, 0x53, 0x8F, 0xFD, 0x87, 0xCF, 0x73, 0xFC, 0xE1, 0x3A, 0x92, 0x2E, 0x78, 0x66, 0xFB, 0x86, 0x5D, 0x62, 0xE0, 0xC4, 0x58, 0x55, 0x3F, 0xA4, 0xEA, 0xA1, 0xBE, 0x5B, 0x5E, 0x8E, 0x46, 0x50, 0x5E, 0x7C, 0x01, 0xD6, 0x63, 0xAA, 0x6F, 0xD5, 0xFD, 0xAF, 0xC5, 0x1D, 0xB3, 0x90, 0x9C, 0xD8, 0x5F, 0x8D, 0xF2, 0x81, 0xEB, 0xBF, 0xA1, 0xDE, 0xB7, 0x9D, 0xCD, 0x24, 0x82, 0x06, 0x0B, 0x63, 0xE6, 0xBF, 0x57, 0x51, 0xF0, 0xB6, 0xE9, 0x7F, 0xAA, 0x7B, 0x10, 0xBD, 0xCD, 0x85, 0x41, 0xE0, 0xD7, 0xF1, 0x53, 0xB7, 0xF8, 0x46, 0x91, 0x9E, 0x8D, 0x4B, 0xCB, 0x28, 0x35, 0x40, 0x37, 0x1E, 0x83, 0x64, 0x6A, 0x70, 0x01, 0x9D, 0xBF, 0xF1, 0x0E, 0xB6, 0x2E, 0x7A, 0xB7, 0x8F, 0x0F, 0x8C, 0x69, 0xD6, 0xF2, 0xD1, 0xF6, 0x1E, 0xCD, 0x08, 0xA8, 0xD4, 0x1B, 0xCB, 0x38, 0xEA, 0x26, 0x37, 0x5C, 0x60, 0x3A, 0x38, 0x5B, 0x12, 0x1D, 0x00, 0x7B, 0xEC, 0xCE, 0xFB, 0x89, 0x23, 0x8A, 0x11, 0xE1, 0x1B, 0xDE, 0x54, 0x91, 0x6A, 0x26, 0x22, 0xD0, 0x1C, 0x2E, 0xBA, 0xD0, 0x92, 0x87, 0xDA, 0xF0, 0x93, 0xBB, 0x3A, 0x2C, 0x52, 0xFB, 0xB2, 0xA9, 0xA8, 0x92, 0x19, 0xE3, 0x19, 0xDC, 0xB0, 0x0E, 0xC5, 0xE7, 0x9D, 0xFB, 0xF9, 0xA3, 0x23, 0x32, 0xD0, 0x4E, 0x2C, 0x05, 0x2D, 0x76, 0xDB, 0x93, 0x53, 0x5B, 0x0E, 0x2A, 0xA3, 0xDD, 0x5F, 0xD3, 0x1A, 0x3B, 0x1E, 0x1F, 0x26, 0x88, 0x43, 0xAD, 0x10, 0x1F, 0xA9, 0xC4, 0xF9, 0x1F, 0xCD, 0xA5, 0xD2, 0xDC, 0x24, 0x95, 0x1D, 0xE7, 0x57, 0xE1, 0x02, 0x0A, 0x20, 0xEA, 0x6A, 0x78, 0x4E, 0x96, 0xE2, 0xE5, 0x6D, 0x6F, 0xFD, 0x81, 0x7B, 0x61, 0x85, 0xA3, 0x3D, 0xC5, 0x7B, 0xEF, 0xAE, 0x58, 0xA2, 0xDB, 0x91, 0x73, 0xDB, 0x47, 0x8E, 0xD1, 0x7D, 0xD7, 0x8F, 0x56, 0x06, 0x28, 0x8C, 0x78, 0x73, 0x02, 0x65, 0xB0, 0x16, 0x4B, 0xE6, 0xA3, 0xD7, 0x06, 0x7C, 0xEA, 0x7D, 0xE2, 0xAE, 0xBB, 0xE5, 0xD2, 0xEB, 0xF0, 0x91, 0x71, 0x7C, 0xBC, 0xA6, 0x1A, 0xE8, 0x9F, 0xD3, 0xA9, 0x3C, 0x5D, 0x60, 0xCF, 0x59, 0x26, 0x46, 0x45, 0xF2, 0x7F, 0x85, 0x6B, 0xE7, 0xC2, 0x58, 0x52, 0x90, 0x12, 0x07, 0xBA, 0xE6, 0xB8, 0xE5, 0xD7, 0x24, 0x93, 0xD5, 0x6E, 0xB1, 0x74, 0x6C, 0xAA, 0xA0, 0x60, 0xBF, 0xF3, 0x32, 0x41, 0x0B, 0xA2, 0x01, 0x84, 0x0D, 0x83, 0xE4, 0x43, 0xD1, 0xBA, 0xC1, 0x92, 0x84, 0x26, 0xF8, 0xF2, 0x77, 0x20, 0x1B, 0xF2, 0x8F, 0x00, 0x69, 0x18, 0x2F, 0x6C, 0xA8, 0x58, 0xB5, 0x5D, 0xFA, 0x27, 0xD2, 0x38, 0xD2, 0x49, 0x6E, 0xDF, 0x55, 0x79, 0xAF, 0x1C, 0x44, 0xDA, 0x5A, 0xD7, 0x44, 0x53, 0x50, 0x8B, 0x77, 0x70, 0x4D, 0x91, 0xEC, 0x07, 0xA5, 0x64, 0x21, 0x3C, 0x31, 0x09, 0x68, 0x65, 0xB4, 0xFA, 0xBE, 0x23, 0xF9, 0xDF, 0x77, 0x46, 0xA2, 0x9A, 0x5D, 0xE3, 0xBE, 0x1E, 0xE3, 0x84, 0xEF, 0xAE, 0x7D, 0xF8, 0x1C, 0x54, 0xE8, 0x4E, 0xAE, 0xB5, 0xBB, 0xD6, 0xC3, 0x8D, 0x56, 0x79, 0xE8, 0x7C, 0x43, 0xDC, 0xF3, 0xB3, 0x7A, 0x30, 0x22, 0x09, 0xBC, 0x10, 0xD6, 0x84, 0xC4, 0x0F, 0x4C, 0x0B, 0xA2, 0xD1, 0xCB, 0xCD, 0x1F, 0x50, 0x3D, 0xF7, 0x23, 0x45, 0x55, 0x18, 0x21, 0x3D, 0x64, 0x05, 0x2E, 0x52, 0x3A, 0x73, 0xFD, 0xF2, 0xA9, 0xCA, 0x3F, 0xF6, 0x7F, 0x87, 0xE8, 0x56, 0x9B, 0x68, 0x6B, 0x20, 0xB0, 0x1D, 0x83, 0x04, 0x2F, 0x59, 0xFD, 0x84, 0x57, 0x7D, 0x82, 0x97, 0x96, 0xE8, 0xFB, 0xDF, 0x71, 0x8C, 0x26, 0x47, 0x85, 0xA5, 0xBE, 0xFB, 0xF5, 0x05, 0x4C, 0xD3, 0x3D, 0x73, 0xF4, 0xA5, 0xF1, 0xA3, 0x99, 0x98, 0x1B, 0x84, 0x8B, 0xB3, 0x53, 0xCE, 0x4D, 0xEA, 0x5A, 0x48, 0xD2, 0xB9, 0x7E, 0xB6, 0xEB, 0x9B, 0x94, 0x6F, 0xDD, 0x44, 0x80, 0x89, 0xD2, 0x78, 0x6D, 0xB9, 0xDA, 0x8B, 0x83, 0x49, 0xE0, 0x4D, 0x49, 0xDF, 0x6B, 0xFF, 0xF7, 0x04, 0x00, 0x32, 0xAA, 0x1D, 0x4F, 0x8D, 0x4B, 0xDE, 0xB8, 0x0D, 0xC6, 0x54, 0x1C, 0xB2, 0xCD, 0x60, 0x29, 0x72, 0x0A, 0x7E, 0xE7, 0xEB, 0x7A, 0xF6, 0x5B, 0x04, 0x3F, 0x5B, 0x93, 0x12, 0x0D, 0xD5, 0xFF, 0x7A, 0x41, 0x44, 0x0B, 0x37, 0x12, 0x82, 0x3D, 0xDD, 0x1E, 0x59, 0xB9, 0xBE, 0x0F, 0x9E, 0xD6, 0xD0, 0x68, 0x69, 0x74, 0xF9, 0xB1, 0x21, 0xA3, 0x70, 0x4F, 0xDA, 0xF8, 0x9F, 0xB9, 0x49, 0x3F, 0xC6, 0xB2, 0x69, 0xC8, 0xD8, 0x60, 0xF1, 0x6A, 0x52, 0x07, 0xFA, 0x42, 0xFD, 0xA9, 0x06, 0xCF, 0x97, 0x4A, 0x0E, 0xC5, 0xFC, 0x63, 0x27, 0x54, 0xC8, 0xBE, 0x8B, 0x4F, 0xB6, 0x42, 0xBC, 0xA2, 0xCC, 0x70, 0x4A, 0x6B, 0x24, 0x5B, 0x68, 0x28, 0x47, 0xFA, 0x6B, 0x89, 0x28, 0x07, 0x5D, 0xE0, 0x2C, 0x4A, 0xD9, 0x22, 0xE3, 0xB3, 0x2F, 0xAA, 0xC2, 0xA0, 0x7C, 0x0F, 0x92, 0xC5, 0xDD, 0xB6, 0x23, 0x8F, 0x73, 0x73, 0x0F, 0xD7, 0x73, 0x71, 0x2F, 0x0A, 0x78, 0xE8, 0x5B, 0xDB, 0xC2, 0xE0, 0xDB, 0xC9, 0x3E, 0xC3, 0x72, 0x9C, 0x14, 0xD7, 0xD1, 0x28, 0xFD, 0xF4, 0xEE, 0xBC, 0x0E, 0x13, 0x37, 0xCA, 0x85, 0x9F, 0xB9, 0xA2, 0x0E, 0xF6, 0xE7, 0x49, 0xD1, 0xD0, 0x11, 0x76, 0x53, 0xA3, 0x73, 0x95, 0x2A, 0x23, 0xC8, 0x0E, 0x97, 0x83, 0x07, 0x64, 0xB2, 0x51, 0xB7, 0xC8, 0x51, 0x9F, 0xA4, 0x3E, 0x7B, 0xA4, 0x18, 0x6D, 0x99, 0xF0, 0x6E, 0xC3, 0x97, 0xAE, 0xF4, 0xB7, 0x66, 0x37, 0xFA, 0x65, 0xFC, 0x5E, 0xE2, 0x57, 0xFA, 0x8B, 0x4C, 0x86, 0x10, 0xB4, 0x5C, 0xA4, 0xD2, 0x60, 0x83, 0x69, 0x1E, 0xFF, 0x36, 0x9B, 0xF9, 0x84, 0xFB, 0xB8, 0x83, 0x64, 0xF1, 0x41, 0xA5, 0x25, 0x56, 0x21, 0xBA, 0x13, 0x98, 0x0C, 0x3B, 0x04, 0xAA, 0x6C, 0x9A, 0xD4, 0xE3, 0x13, 0x15, 0x54, 0x05, 0x4C, 0x5C, 0xE1, 0x7A, 0x31, 0x5E, 0x90, 0xCF, 0x48, 0x4E, 0x83, 0xD7, 0x7F, 0xED, 0x93, 0x22, 0xAB, 0x67, 0xE7, 0x76, 0x32, 0x64, 0xBA, 0x5A, 0x21, 0x3E, 0x30, 0x82, 0x01, 0x41, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0xA0, 0x82, 0x01, 0x32, 0x04, 0x82, 0x01, 0x2E, 0x30, 0x82, 0x01, 0x2A, 0x30, 0x82, 0x01, 0x26, 0x06, 0x0B, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x02, 0xA0, 0x81, 0xEF, 0x30, 0x81, 0xEC, 0x30, 0x57, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D, 0x30, 0x4A, 0x30, 0x29, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C, 0x30, 0x1C, 0x04, 0x08, 0xED, 0x3E, 0xED, 0x07, 0x5C, 0x1F, 0x71, 0xAD, 0x02, 0x02, 0x08, 0x00, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x09, 0x05, 0x00, 0x30, 0x1D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2A, 0x04, 0x10, 0xA7, 0x49, 0xA4, 0x6E, 0x00, 0x19, 0x75, 0x59, 0x75, 0x59, 0xBA, 0x4B, 0xC7, 0x24, 0x88, 0x34, 0x04, 0x81, 0x90, 0xCA, 0x23, 0x82, 0xAA, 0x16, 0x57, 0x99, 0xFA, 0x94, 0x9F, 0xAE, 0x32, 0x5C, 0x5B, 0xE7, 0x01, 0xD0, 0xED, 0xA7, 0x58, 0x57, 0x52, 0xBF, 0x57, 0x13, 0xD4, 0x15, 0xB0, 0x06, 0xF5, 0x38, 0xCC, 0x64, 0x23, 0x09, 0xD5, 0x8C, 0x0D, 0x64, 0x31, 0xFA, 0x74, 0xAA, 0x96, 0x7E, 0x9B, 0x16, 0xCA, 0x21, 0xFD, 0xC0, 0x54, 0x91, 0x40, 0x7F, 0xB3, 0xF2, 0xA3, 0xEC, 0xA1, 0x4A, 0x07, 0xF0, 0x87, 0x22, 0xDB, 0x8A, 0x49, 0x89, 0xF7, 0xF2, 0x6A, 0xFC, 0x8D, 0x03, 0x6E, 0x32, 0x4F, 0xD0, 0xD8, 0x93, 0x92, 0xA5, 0xF1, 0x41, 0xBD, 0xEA, 0xE1, 0x38, 0xA9, 0xD8, 0x9D, 0xAB, 0xB4, 0x8E, 0x4A, 0x40, 0x0E, 0xC7, 0xE3, 0xE9, 0xBF, 0x0E, 0xBA, 0x8D, 0xAA, 0x3E, 0x93, 0x53, 0x88, 0xEE, 0x0A, 0x2C, 0x71, 0xF1, 0x61, 0x44, 0xA5, 0xAD, 0xED, 0x3E, 0xAB, 0x32, 0x9A, 0x32, 0x85, 0x08, 0xF5, 0x8B, 0xCC, 0x15, 0x35, 0xEE, 0xFA, 0x17, 0x27, 0x97, 0x8D, 0xD9, 0x1C, 0x5E, 0x74, 0x9D, 0x7B, 0x31, 0x25, 0x30, 0x23, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x15, 0x31, 0x16, 0x04, 0x14, 0x5F, 0x8E, 0xAB, 0x9C, 0x5F, 0xE2, 0x3B, 0xB1, 0x5C, 0x1A, 0x36, 0x1D, 0x7D, 0xCB, 0x90, 0x45, 0x20, 0x3C, 0x3B, 0xAC, 0x30, 0x41, 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0x93, 0x25, 0xC4, 0x3E, 0x2A, 0x6D, 0x4C, 0x30, 0x87, 0x0F, 0xE3, 0x5A, 0x95, 0xB0, 0xF2, 0x6C, 0xBA, 0x07, 0x89, 0x7D, 0xFB, 0xCF, 0xCF, 0x1D, 0x54, 0xA3, 0x36, 0x24, 0x7B, 0x30, 0x97, 0xB5, 0x04, 0x08, 0xE7, 0x96, 0x59, 0xCC, 0x42, 0x9F, 0xEF, 0xFC, 0x02, 0x02, 0x08, 0x00]), 10708 '123456').then((data) => { 10709 console.log('createTrustAnchorsWithKeyStore success, number of the result is: ' + JSON.stringify(data.length)); 10710 }).catch((err : BusinessError) => { 10711 console.error('createTrustAnchorsWithKeyStore failed:' + JSON.stringify(err)); 10712 }) 10713} catch (error) { 10714 console.error('createTrustAnchorsWithKeyStore failed:' + JSON.stringify(error)); 10715} 10716``` 10717 10718## X509CertChain<sup>11+</sup> 10719 10720X509证书链对象。 10721 10722### getCertList<sup>11+</sup> 10723 10724getCertList(): Array\<X509Cert> 10725 10726获取X509证书列表。 10727 10728**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10729 10730**系统能力:** SystemCapability.Security.Cert 10731 10732**返回值**: 10733 10734| 类型 | 说明 | 10735| -------------- | ----------- | 10736| Array\<[X509Cert](#x509cert)> | X509证书数组。 | 10737 10738**错误码:** 10739 10740以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10741 10742| 错误码ID | 错误信息 | 10743| -------- | ----------------------- | 10744| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10745| 19020001 | memory malloc failed. | 10746| 19030001 | crypto operation error. | 10747 10748**示例:** 10749 10750```ts 10751import { cert } from '@kit.DeviceCertificateKit'; 10752import { BusinessError } from '@kit.BasicServicesKit'; 10753 10754// string转Uint8Array。 10755function stringToUint8Array(str: string): Uint8Array { 10756 let arr: Array<number> = []; 10757 for (let i = 0, j = str.length; i < j; i++) { 10758 arr.push(str.charCodeAt(i)); 10759 } 10760 return new Uint8Array(arr); 10761} 10762 10763let certChainData = "-----BEGIN CERTIFICATE-----\n" + 10764 "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10765 "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10766 "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10767 "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10768 "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10769 "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10770 "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10771 "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10772 "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10773 "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10774 "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10775 "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10776 "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10777 "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10778 "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10779 "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10780 "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10781 "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10782 "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10783 "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10784 "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10785 "-----END CERTIFICATE-----\n" + 10786 "-----BEGIN CERTIFICATE-----\n" + 10787 "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10788 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10789 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10790 "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10791 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10792 "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10793 "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10794 "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10795 "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10796 "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10797 "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10798 "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10799 "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10800 "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10801 "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10802 "uKPWR9dKBA==\n" + 10803 "-----END CERTIFICATE-----\n" + 10804 "-----BEGIN CERTIFICATE-----\n" + 10805 "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10806 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10807 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10808 "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10809 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10810 "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10811 "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10812 "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10813 "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10814 "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10815 "xjoE\n" + 10816 "-----END CERTIFICATE-----\n"; 10817 10818// 证书链二进制数据,需业务自行赋值。 10819let encodingBlob: cert.EncodingBlob = { 10820 data: stringToUint8Array(certChainData), 10821 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 10822 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10823}; 10824 10825cert.createX509CertChain(encodingBlob, (err, certChain) => { 10826 if (err) { 10827 console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 10828 } else { 10829 console.log('createX509CertChain success'); 10830 try { 10831 let certList = certChain.getCertList(); 10832 } catch (err) { 10833 let e: BusinessError = err as BusinessError; 10834 console.error('X509CertChain getCertList failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10835 } 10836 } 10837}); 10838``` 10839 10840### validate<sup>11+</sup> 10841 10842validate(param: CertChainValidationParameters): Promise\<CertChainValidationResult> 10843 10844校验证书链,并使用Promise方式异步返回结果。 10845 10846**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10847 10848**系统能力:** SystemCapability.Security.Cert 10849 10850**参数**: 10851 10852| 参数名 | 类型 | 必填 | 说明 | 10853| --------- | ------------------------------- | ---- | ----------------- | 10854| param | [CertChainValidationParameters](#certchainvalidationparameters11) | 是 | 表示校验X509证书链的参数。 | 10855 10856**返回值**: 10857 10858| 类型 | 说明 | 10859| ------------------------------------------------------------ | --------------------------------- | 10860| Promise\<[CertChainValidationResult](#certchainvalidationresult11)> | Promise对象,返回证书链校验结果。 | 10861 10862**错误码:** 10863 10864以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10865 10866| 错误码ID | 错误信息 | 10867| -------- | ----------------------- | 10868| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10869| 19020001 | memory malloc failed. | 10870| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 10871| 19030001 | crypto operation error. | 10872| 19030002 | the certificate signature verification failed. | 10873| 19030003 | the certificate has not taken effect. | 10874| 19030004 | the certificate has expired. | 10875| 19030005 | failed to obtain the certificate issuer. | 10876| 19030006 | the key cannot be used for signing a certificate. | 10877| 19030007 | the key cannot be used for digital signature. | 10878 10879**示例:** 10880 10881```ts 10882import { cert } from '@kit.DeviceCertificateKit'; 10883import { BusinessError } from '@kit.BasicServicesKit'; 10884 10885// string转Uint8Array。 10886function stringToUint8Array(str: string): Uint8Array { 10887 let arr: Array<number> = []; 10888 for (let i = 0, j = str.length; i < j; i++) { 10889 arr.push(str.charCodeAt(i)); 10890 } 10891 return new Uint8Array(arr); 10892} 10893 10894async function createX509CertChain(): Promise<cert.X509CertChain> { 10895 let certChainData = "-----BEGIN CERTIFICATE-----\n" + 10896 "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10897 "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10898 "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10899 "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10900 "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10901 "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10902 "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10903 "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10904 "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10905 "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10906 "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10907 "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10908 "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10909 "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10910 "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10911 "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10912 "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10913 "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10914 "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10915 "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10916 "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10917 "-----END CERTIFICATE-----\n" + 10918 "-----BEGIN CERTIFICATE-----\n" + 10919 "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10920 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10921 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10922 "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10923 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10924 "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10925 "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10926 "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10927 "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10928 "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10929 "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10930 "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10931 "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10932 "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10933 "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10934 "uKPWR9dKBA==\n" + 10935 "-----END CERTIFICATE-----\n" + 10936 "-----BEGIN CERTIFICATE-----\n" + 10937 "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10938 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10939 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10940 "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10941 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10942 "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10943 "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10944 "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10945 "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10946 "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10947 "xjoE\n" + 10948 "-----END CERTIFICATE-----\n"; 10949 10950 // 证书链二进制数据,需业务自行赋值。 10951 let encodingBlob: cert.EncodingBlob = { 10952 data: stringToUint8Array(certChainData), 10953 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 10954 encodingFormat: cert.EncodingFormat.FORMAT_PEM 10955 }; 10956 let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10957 try { 10958 x509CertChain = await cert.createX509CertChain(encodingBlob); 10959 } 10960 catch (error) { 10961 let e: BusinessError = error as BusinessError; 10962 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10963 } 10964 return x509CertChain; 10965} 10966 10967async function validate() { 10968 const certChain = await createX509CertChain(); 10969 // 证书链校验数据,需业务自行赋值。 10970 const param: cert.CertChainValidationParameters = { 10971 date: '20231212080000Z', 10972 trustAnchors: [{ 10973 CAPubKey: new Uint8Array([0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0xbb, 0x16,0x9d, 0x8f, 0x5c, 0x30, 0xd0, 0xba, 0x8f, 0x37, 0x6e, 0x33, 0xaf, 0x6f, 0x23, 0x71, 0x23, 0xa5, 0x49, 0x60,0x1e, 0xd1, 0x07, 0x4b, 0xc9, 0x11, 0x7e, 0x66, 0x01, 0xba, 0x92, 0x52]), 10974 CASubject: new Uint8Array([0x30, 0x5a, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x45,0x4e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x45, 0x6e, 0x67, 0x6c, 0x61, 0x6e,0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x06, 0x4c, 0x6f, 0x6e, 0x64, 0x6f, 0x6e,0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a,0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04,0x03, 0x13, 0x03, 0x74, 0x73, 0x31]), 10975 }] 10976 } 10977 try { 10978 const validationRes = await certChain.validate(param); 10979 console.log('X509CertChain validate success'); 10980 } 10981 catch (err) { 10982 console.error('X509CertChain validate failed'); 10983 } 10984} 10985 10986validate(); 10987``` 10988 10989### validate<sup>11+</sup> 10990 10991validate(param: CertChainValidationParameters, callback: AsyncCallback\<CertChainValidationResult>): void 10992 10993使用校验参数校验证书链并使用callback方式异步返回结果。 10994 10995**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10996 10997**系统能力:** SystemCapability.Security.Cert 10998 10999**参数**: 11000 11001| 参数名 | 类型 | 必填 | 说明 | 11002| --------- | ------------------------------- | ---- | ------------ | 11003| param | [CertChainValidationParameters](#certchainvalidationparameters11) | 是 | 表示校验X509证书链的参数。 | 11004| callback | AsyncCallback\<[CertChainValidationResult](#certchainvalidationresult11)> | 是 | 回调函数,返回证书链校验结果。 | 11005 11006**错误码:** 11007 11008以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11009 11010| 错误码ID | 错误信息 | 11011| -------- | ----------------------- | 11012| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11013| 19020001 | memory malloc failed. | 11014| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11015| 19030001 | crypto operation error. | 11016| 19030002 | the certificate signature verification failed. | 11017| 19030003 | the certificate has not taken effect. | 11018| 19030004 | the certificate has expired. | 11019| 19030005 | failed to obtain the certificate issuer. | 11020| 19030006 | the key cannot be used for signing a certificate. | 11021| 19030007 | the key cannot be used for digital signature. | 11022 11023**示例:** 11024 11025```ts 11026import { cert } from '@kit.DeviceCertificateKit'; 11027 11028// string转Uint8Array。 11029function stringToUint8Array(str: string): Uint8Array { 11030 let arr: Array<number> = []; 11031 for (let i = 0, j = str.length; i < j; i++) { 11032 arr.push(str.charCodeAt(i)); 11033 } 11034 return new Uint8Array(arr); 11035} 11036 11037let certChainData = "-----BEGIN CERTIFICATE-----\n" + 11038 "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 11039 "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 11040 "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 11041 "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 11042 "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 11043 "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 11044 "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 11045 "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 11046 "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 11047 "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 11048 "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 11049 "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 11050 "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 11051 "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 11052 "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 11053 "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 11054 "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 11055 "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 11056 "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 11057 "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 11058 "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 11059 "-----END CERTIFICATE-----\n" + 11060 "-----BEGIN CERTIFICATE-----\n" + 11061 "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 11062 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 11063 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 11064 "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 11065 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 11066 "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 11067 "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 11068 "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 11069 "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 11070 "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 11071 "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 11072 "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 11073 "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 11074 "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 11075 "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 11076 "uKPWR9dKBA==\n" + 11077 "-----END CERTIFICATE-----\n" + 11078 "-----BEGIN CERTIFICATE-----\n" + 11079 "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 11080 "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 11081 "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 11082 "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 11083 "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 11084 "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 11085 "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 11086 "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 11087 "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 11088 "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 11089 "xjoE\n" + 11090 "-----END CERTIFICATE-----\n"; 11091 11092// 证书链二进制数据,需业务自行赋值。 11093let encodingBlob: cert.EncodingBlob = { 11094 data: stringToUint8Array(certChainData), 11095 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 11096 encodingFormat: cert.EncodingFormat.FORMAT_PEM 11097}; 11098 11099// 证书链校验数据,需业务自行赋值。 11100let param: cert.CertChainValidationParameters = { 11101 date: '20231212080000Z', 11102 trustAnchors: [{ 11103 CAPubKey: new Uint8Array([0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0xbb, 0x16,0x9d, 0x8f, 0x5c, 0x30, 0xd0, 0xba, 0x8f, 0x37, 0x6e, 0x33, 0xaf, 0x6f, 0x23, 0x71, 0x23, 0xa5, 0x49, 0x60,0x1e, 0xd1, 0x07, 0x4b, 0xc9, 0x11, 0x7e, 0x66, 0x01, 0xba, 0x92, 0x52]), 11104 CASubject: new Uint8Array([0x30, 0x5a, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x45,0x4e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x45, 0x6e, 0x67, 0x6c, 0x61, 0x6e,0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x06, 0x4c, 0x6f, 0x6e, 0x64, 0x6f, 0x6e,0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a,0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04,0x03, 0x13, 0x03, 0x74, 0x73, 0x31]), 11105 }] 11106}; 11107 11108cert.createX509CertChain(encodingBlob, (err, certChain) => { 11109 if (err) { 11110 console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 11111 } else { 11112 console.log('createX509CertChain success'); 11113 certChain.validate(param, (error, validationRes) => { 11114 if (error) { 11115 console.error('X509CertChain validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 11116 } else { 11117 console.log('X509CertChain validate success'); 11118 } 11119 }); 11120 } 11121}); 11122``` 11123 11124### toString<sup>12+</sup> 11125 11126toString(): string 11127 11128获取对象的字符串类型数据。 11129 11130**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11131 11132**系统能力:** SystemCapability.Security.Cert 11133 11134**返回值**: 11135 11136| 类型 | 说明 | 11137| ------- | ---------------------------------------------------- | 11138| string | 对象的字符串类型数据。| 11139 11140**错误码:** 11141 11142以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11143 11144| 错误码ID | 错误信息 | 11145| -------- | ----------------------- | 11146| 19020001 | memory malloc failed. | 11147| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11148| 19030001 | crypto operation error. | 11149 11150**示例:** 11151 11152```ts 11153import { cert } from '@kit.DeviceCertificateKit'; 11154import { BusinessError } from '@kit.BasicServicesKit'; 11155 11156// string转Uint8Array。 11157function stringToUint8Array(str: string): Uint8Array { 11158 let arr: Array<number> = []; 11159 for (let i = 0, j = str.length; i < j; i++) { 11160 arr.push(str.charCodeAt(i)); 11161 } 11162 return new Uint8Array(arr); 11163} 11164 11165let certChainData = '-----BEGIN CERTIFICATE-----\n' + 11166 'MIIGVjCCBT6gAwIBAgIQBMO0W3CU9LWVw1bE/jqYojANBgkqhkiG9w0BAQsFADBE\n' + 11167 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH\n' + 11168 'ZW9UcnVzdCBSU0EgQ04gQ0EgRzIwHhcNMjMwMzIzMDAwMDAwWhcNMjQwNDIyMjM1\n' + 11169 'OTU5WjB1MQswCQYDVQQGEwJDTjERMA8GA1UECBMIemhlamlhbmcxETAPBgNVBAcT\n' + 11170 'CGhhbmd6aG91MSwwKgYDVQQKEyNOZXRFYXNlIChIYW5nemhvdSkgTmV0d29yayBD\n' + 11171 'by4sIEx0ZDESMBAGA1UEAwwJKi4xNjMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n' + 11172 'AQ8AMIIBCgKCAQEAwELks0Q1Z81u1OpbGdEFE2Snm/WpLfmiC5YFj5nFrinSX+UZ\n' + 11173 'MIk42euBdjYSsWFxbljmWDdUCjstMhG8vRAjz3Nt1QniMCunHHFGujR5rSNLWYHE\n' + 11174 'vCPhfptIhqOaE/rvkWGZZr2KjTQQN0dRf8dm9Oewy8DHu95c9jW6c9AVgKWUVOni\n' + 11175 'tTOcJCnrndWjgCIPfKmKgrwaNaMnuQyy5nPIUHl/5EGzuGHrwjwlF+w+cT+Fwdix\n' + 11176 'C3msEOCwX6wzo6baDs4og2EzuPNyTp4n4UqH5aHhLePgBFboOAyJwWp3+XJNpNGw\n' + 11177 'GkU56cUUy7+AAn268EVvUNr7uQ65t2t+Ys32bQIDAQABo4IDETCCAw0wHwYDVR0j\n' + 11178 'BBgwFoAUJG+RP4mHhw4ywkAY38VM60/ISTIwHQYDVR0OBBYEFD1HyRYJ5jqkvYL7\n' + 11179 'C6TSt8/y3e7hMB0GA1UdEQQWMBSCCSouMTYzLmNvbYIHMTYzLmNvbTAOBgNVHQ8B\n' + 11180 'Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2\n' + 11181 'MDQwMqAwoC6GLGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vR2VvVHJ1c3RSU0FDTkNB\n' + 11182 'RzIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6\n' + 11183 'Ly93d3cuZGlnaWNlcnQuY29tL0NQUzBxBggrBgEFBQcBAQRlMGMwIwYIKwYBBQUH\n' + 11184 'MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMDwGCCsGAQUFBzAChjBodHRwOi8v\n' + 11185 'Y2FjZXJ0cy5kaWdpY2VydC5jbi9HZW9UcnVzdFJTQUNOQ0FHMi5jcnQwCQYDVR0T\n' + 11186 'BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7s3QZNXbGs7FXLedtM0T\n' + 11187 'ojKHRny87N7DUUhZRnEftZsAAAGHDSE15QAABAMARjBEAiBRpmsJ3F9AI8wFxqOQ\n' + 11188 'bHp+RL6F8cvNydajQ0Bqxjvd3AIgefAU/po3jBm+96dFVdbX+AG1uss67DL3VL5I\n' + 11189 'nUmVva8AdgBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYcNITZS\n' + 11190 'AAAEAwBHMEUCID/sUP12odF7uTTEyE0PjCpKo3nF7A3ba3b5wJJsZrDrAiEAxrat\n' + 11191 'W2eeZTD458LPSPrMMBb1/o6zibWXqJCQye+bVFwAdwBIsONr2qZHNA/lagL6nTDr\n' + 11192 'HFIBy1bdLIHZu7+rOdiEcwAAAYcNITYeAAAEAwBIMEYCIQCCJ2ktM1F+d1I5mQju\n' + 11193 'Tn7oDYxy3GCGyG3u/yhu8k7EaAIhANSP8cAaMQFV6y8B2tubKY5eSQtgkF3a6NNq\n' + 11194 'QJjtPnoHMA0GCSqGSIb3DQEBCwUAA4IBAQC8dK/G4nvs/SyQe/mnK+rUYIdSFs+4\n' + 11195 'lgzatmq8V/I1tBly+Sv/FPhnn4F3iCrqy9j8y202FP51ev95DGbjlJRTIFPqVAO8\n' + 11196 'ywYrLhvl1SJhV0b/8NF0Pr3dZVnK5Vfn11+LSBUg0cBB2hcVV30nv3IuVhz3d12n\n' + 11197 'P+VseYQgMpQf7ad+ttpZtA7yqHzrUm4fzr03G7q88GztACRSHoYiPbOlz99SeTgW\n' + 11198 '7bzZl1I4taxy2Q3b0ZBGfUt/kPY05tpKzKwDTbbqSErYszCt5X1RfVvf3coxF8Mo\n' + 11199 '9bHbs2wYIzQBdujDQ/hU0u6ItERer3SUItZoxaSIxdrZ9eXFwVvXsT/g\n' + 11200 '-----END CERTIFICATE-----\n' + 11201 '-----BEGIN CERTIFICATE-----\n' + 11202 'MIIFDzCCA/egAwIBAgIQCxNitu5qnT6WiTDxbiB9OTANBgkqhkiG9w0BAQsFADBh\n' + 11203 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n' + 11204 'd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n' + 11205 'QTAeFw0yMDAzMDQxMjA0NDBaFw0zMDAzMDQxMjA0NDBaMEQxCzAJBgNVBAYTAlVT\n' + 11206 'MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD\n' + 11207 'TiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANA1OZJJtZUI\n' + 11208 '7zj4qFHT79g+Otks4TEfmUEDhrNKBEEjb/i29GBfnpvFdT36azCg2VODJRSjIzFn\n' + 11209 '4qADcc84EmfKiDEM97HFsQPp9RRkqxH5cB51EU2eBE9Ua95x+wQp/KSdCqITCQ/v\n' + 11210 'yvm3J4Upjl0wlW8wRCPCWcYw3pKClGRkNzVtI1KXnfpn7fG3N84n7wlBb9IGKJFa\n' + 11211 'c/6+hxvZx2qnfLsxdIKR0Q/biGoU6Z8Iy/R/p7GoPO8vamV090+QHEL5AdSzKtEh\n' + 11212 'U9vdvcuWjjLxVnaJLfj/6WoGZj8UWn3zFbEoTVaAfp2xqdzW7yRvi2r148m9ev7l\n' + 11213 'jDqHo8UX69sCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQkb5E/iYeHDjLCQBjfxUzr\n' + 11214 'T8hJMjAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E\n' + 11215 'BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI\n' + 11216 'MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz\n' + 11217 'cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj\n' + 11218 'ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHVMIHSMIHF\n' + 11219 'BglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0\n' + 11220 'LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZp\n' + 11221 'Y2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5\n' + 11222 'IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9y\n' + 11223 'cGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQCzkcXq0TN0oSn4UeXp\n' + 11224 'FBW7U8zrHBIhH9MXHNBp+Yy/yN19133UY05uuHXHaU2Uv0hxefckjPdkaX7ARso+\n' + 11225 'O3Ar6nf7YfBwCqSpqsNckKT7KKtf3Ot95wYFpKDa64jcRUfxzRWnmq12IVzczqHI\n' + 11226 'sIvUZQINw/UHSQcWekdUnMg58bQSHyTjwkj9jcX2RURxaVZkr15wxo/Z3Ydo2PVK\n' + 11227 '3afEr0/vcuFvE7QeGXiI2DJdVt3JefatZ3rj4VTW2aUZwHGUiWWIUudBfQKR0JEp\n' + 11228 'lJ8MFaKDh4/A2VEJnXILu1iwvc1m3jCaPuzZKdoHM/1234bznJI2aAfhfIhoHw90\n' + 11229 'tPO+\n' + 11230 '-----END CERTIFICATE-----\n'; 11231 11232// 证书链二进制数据,需业务自行赋值。 11233let encodingBlob: cert.EncodingBlob = { 11234 data: stringToUint8Array(certChainData), 11235 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 11236 encodingFormat: cert.EncodingFormat.FORMAT_PEM 11237}; 11238 11239async function certChainToString() { 11240 let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 11241 try { 11242 x509CertChain = await cert.createX509CertChain(encodingBlob); 11243 console.log('createX509CertChain success'); 11244 console.info('toString success: ' + JSON.stringify(x509CertChain.toString())); 11245 } catch (error) { 11246 let e: BusinessError = error as BusinessError; 11247 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 11248 } 11249} 11250``` 11251### hashCode<sup>12+</sup> 11252 11253hashCode(): Uint8Array 11254 11255获取DER格式数据的哈希值。 11256 11257**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11258 11259**系统能力:** SystemCapability.Security.Cert 11260 11261**返回值**: 11262 11263| 类型 | 说明 | 11264| ------- | ---------------------------------------------------- | 11265| Uint8Array | DER格式数据的哈希值。| 11266 11267**错误码:** 11268 11269以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11270 11271| 错误码ID | 错误信息 | 11272| -------- | ----------------------- | 11273| 19020001 | memory malloc failed. | 11274| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11275| 19030001 | crypto operation error. | 11276 11277**示例:** 11278 11279```ts 11280import { cert } from '@kit.DeviceCertificateKit'; 11281import { BusinessError } from '@kit.BasicServicesKit'; 11282 11283// string转Uint8Array。 11284function stringToUint8Array(str: string): Uint8Array { 11285 let arr: Array<number> = []; 11286 for (let i = 0, j = str.length; i < j; i++) { 11287 arr.push(str.charCodeAt(i)); 11288 } 11289 return new Uint8Array(arr); 11290} 11291 11292let certChainData = '-----BEGIN CERTIFICATE-----\n' + 11293 'MIIGVjCCBT6gAwIBAgIQBMO0W3CU9LWVw1bE/jqYojANBgkqhkiG9w0BAQsFADBE\n' + 11294 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH\n' + 11295 'ZW9UcnVzdCBSU0EgQ04gQ0EgRzIwHhcNMjMwMzIzMDAwMDAwWhcNMjQwNDIyMjM1\n' + 11296 'OTU5WjB1MQswCQYDVQQGEwJDTjERMA8GA1UECBMIemhlamlhbmcxETAPBgNVBAcT\n' + 11297 'CGhhbmd6aG91MSwwKgYDVQQKEyNOZXRFYXNlIChIYW5nemhvdSkgTmV0d29yayBD\n' + 11298 'by4sIEx0ZDESMBAGA1UEAwwJKi4xNjMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n' + 11299 'AQ8AMIIBCgKCAQEAwELks0Q1Z81u1OpbGdEFE2Snm/WpLfmiC5YFj5nFrinSX+UZ\n' + 11300 'MIk42euBdjYSsWFxbljmWDdUCjstMhG8vRAjz3Nt1QniMCunHHFGujR5rSNLWYHE\n' + 11301 'vCPhfptIhqOaE/rvkWGZZr2KjTQQN0dRf8dm9Oewy8DHu95c9jW6c9AVgKWUVOni\n' + 11302 'tTOcJCnrndWjgCIPfKmKgrwaNaMnuQyy5nPIUHl/5EGzuGHrwjwlF+w+cT+Fwdix\n' + 11303 'C3msEOCwX6wzo6baDs4og2EzuPNyTp4n4UqH5aHhLePgBFboOAyJwWp3+XJNpNGw\n' + 11304 'GkU56cUUy7+AAn268EVvUNr7uQ65t2t+Ys32bQIDAQABo4IDETCCAw0wHwYDVR0j\n' + 11305 'BBgwFoAUJG+RP4mHhw4ywkAY38VM60/ISTIwHQYDVR0OBBYEFD1HyRYJ5jqkvYL7\n' + 11306 'C6TSt8/y3e7hMB0GA1UdEQQWMBSCCSouMTYzLmNvbYIHMTYzLmNvbTAOBgNVHQ8B\n' + 11307 'Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2\n' + 11308 'MDQwMqAwoC6GLGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vR2VvVHJ1c3RSU0FDTkNB\n' + 11309 'RzIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6\n' + 11310 'Ly93d3cuZGlnaWNlcnQuY29tL0NQUzBxBggrBgEFBQcBAQRlMGMwIwYIKwYBBQUH\n' + 11311 'MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMDwGCCsGAQUFBzAChjBodHRwOi8v\n' + 11312 'Y2FjZXJ0cy5kaWdpY2VydC5jbi9HZW9UcnVzdFJTQUNOQ0FHMi5jcnQwCQYDVR0T\n' + 11313 'BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7s3QZNXbGs7FXLedtM0T\n' + 11314 'ojKHRny87N7DUUhZRnEftZsAAAGHDSE15QAABAMARjBEAiBRpmsJ3F9AI8wFxqOQ\n' + 11315 'bHp+RL6F8cvNydajQ0Bqxjvd3AIgefAU/po3jBm+96dFVdbX+AG1uss67DL3VL5I\n' + 11316 'nUmVva8AdgBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYcNITZS\n' + 11317 'AAAEAwBHMEUCID/sUP12odF7uTTEyE0PjCpKo3nF7A3ba3b5wJJsZrDrAiEAxrat\n' + 11318 'W2eeZTD458LPSPrMMBb1/o6zibWXqJCQye+bVFwAdwBIsONr2qZHNA/lagL6nTDr\n' + 11319 'HFIBy1bdLIHZu7+rOdiEcwAAAYcNITYeAAAEAwBIMEYCIQCCJ2ktM1F+d1I5mQju\n' + 11320 'Tn7oDYxy3GCGyG3u/yhu8k7EaAIhANSP8cAaMQFV6y8B2tubKY5eSQtgkF3a6NNq\n' + 11321 'QJjtPnoHMA0GCSqGSIb3DQEBCwUAA4IBAQC8dK/G4nvs/SyQe/mnK+rUYIdSFs+4\n' + 11322 'lgzatmq8V/I1tBly+Sv/FPhnn4F3iCrqy9j8y202FP51ev95DGbjlJRTIFPqVAO8\n' + 11323 'ywYrLhvl1SJhV0b/8NF0Pr3dZVnK5Vfn11+LSBUg0cBB2hcVV30nv3IuVhz3d12n\n' + 11324 'P+VseYQgMpQf7ad+ttpZtA7yqHzrUm4fzr03G7q88GztACRSHoYiPbOlz99SeTgW\n' + 11325 '7bzZl1I4taxy2Q3b0ZBGfUt/kPY05tpKzKwDTbbqSErYszCt5X1RfVvf3coxF8Mo\n' + 11326 '9bHbs2wYIzQBdujDQ/hU0u6ItERer3SUItZoxaSIxdrZ9eXFwVvXsT/g\n' + 11327 '-----END CERTIFICATE-----\n' + 11328 '-----BEGIN CERTIFICATE-----\n' + 11329 'MIIFDzCCA/egAwIBAgIQCxNitu5qnT6WiTDxbiB9OTANBgkqhkiG9w0BAQsFADBh\n' + 11330 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n' + 11331 'd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n' + 11332 'QTAeFw0yMDAzMDQxMjA0NDBaFw0zMDAzMDQxMjA0NDBaMEQxCzAJBgNVBAYTAlVT\n' + 11333 'MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD\n' + 11334 'TiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANA1OZJJtZUI\n' + 11335 '7zj4qFHT79g+Otks4TEfmUEDhrNKBEEjb/i29GBfnpvFdT36azCg2VODJRSjIzFn\n' + 11336 '4qADcc84EmfKiDEM97HFsQPp9RRkqxH5cB51EU2eBE9Ua95x+wQp/KSdCqITCQ/v\n' + 11337 'yvm3J4Upjl0wlW8wRCPCWcYw3pKClGRkNzVtI1KXnfpn7fG3N84n7wlBb9IGKJFa\n' + 11338 'c/6+hxvZx2qnfLsxdIKR0Q/biGoU6Z8Iy/R/p7GoPO8vamV090+QHEL5AdSzKtEh\n' + 11339 'U9vdvcuWjjLxVnaJLfj/6WoGZj8UWn3zFbEoTVaAfp2xqdzW7yRvi2r148m9ev7l\n' + 11340 'jDqHo8UX69sCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQkb5E/iYeHDjLCQBjfxUzr\n' + 11341 'T8hJMjAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E\n' + 11342 'BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI\n' + 11343 'MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz\n' + 11344 'cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj\n' + 11345 'ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHVMIHSMIHF\n' + 11346 'BglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0\n' + 11347 'LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZp\n' + 11348 'Y2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5\n' + 11349 'IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9y\n' + 11350 'cGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQCzkcXq0TN0oSn4UeXp\n' + 11351 'FBW7U8zrHBIhH9MXHNBp+Yy/yN19133UY05uuHXHaU2Uv0hxefckjPdkaX7ARso+\n' + 11352 'O3Ar6nf7YfBwCqSpqsNckKT7KKtf3Ot95wYFpKDa64jcRUfxzRWnmq12IVzczqHI\n' + 11353 'sIvUZQINw/UHSQcWekdUnMg58bQSHyTjwkj9jcX2RURxaVZkr15wxo/Z3Ydo2PVK\n' + 11354 '3afEr0/vcuFvE7QeGXiI2DJdVt3JefatZ3rj4VTW2aUZwHGUiWWIUudBfQKR0JEp\n' + 11355 'lJ8MFaKDh4/A2VEJnXILu1iwvc1m3jCaPuzZKdoHM/1234bznJI2aAfhfIhoHw90\n' + 11356 'tPO+\n' + 11357 '-----END CERTIFICATE-----\n'; 11358 11359// 证书链二进制数据,需业务自行赋值。 11360let encodingBlob: cert.EncodingBlob = { 11361 data: stringToUint8Array(certChainData), 11362 // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7。 11363 encodingFormat: cert.EncodingFormat.FORMAT_PEM 11364}; 11365 11366async function certChainHashCode() { 11367 let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 11368 try { 11369 x509CertChain = await cert.createX509CertChain(encodingBlob); 11370 console.log('createX509CertChain success'); 11371 console.info('hashCode success: ' + JSON.stringify(x509CertChain.hashCode())); 11372 } catch (error) { 11373 let e: BusinessError = error as BusinessError; 11374 console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 11375 } 11376} 11377``` 11378 11379## cert.generateCsr<sup>18+</sup> 11380 11381generateCsr(keyInfo: PrivateKeyInfo, config: CsrGenerationConfig): string | Uint8Array 11382 11383表示使用指定的RSA私钥,传入主体、扩展、摘要算法、输出格式等配置参数去生成CSR。 11384 11385**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 11386 11387**系统能力:** SystemCapability.Security.Cert 11388 11389**参数:** 11390 11391| 参数名 | 类型 | 必填 | 说明 | 11392| -------- | ----------------------------- | ---- | -------------------- | 11393| keyInfo | [PrivateKeyInfo](#privatekeyinfo18) | 是 | 包含私钥跟口令的配置参数。 | 11394| config | [CsrGenerationConfig](#csrgenerationconfig18) | 是 | 包含生成CSR的配置参数。 | 11395 11396**返回值:** 11397 11398| 类型 | 说明 | 11399| ------------------------------- | ---------------- | 11400| string \| Uint8Array | 表示生成的CSR数据。| 11401 11402**错误码:** 11403 11404以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11405 11406| 错误码ID | 错误信息 | 11407| -------- | ------------- | 11408| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11409| 19020001 | memory malloc failed. | 11410| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11411| 19030001 | crypto operation error. | 11412| 19030008 | maybe wrong password. | 11413 11414**示例:** 11415 11416```ts 11417import { cert } from '@kit.DeviceCertificateKit'; 11418import { BusinessError } from '@kit.BasicServicesKit'; 11419 11420async function createCsrTest() { 11421 let nameStr = '/CN=John Doe/OU=IT Department/O=ACME Inc./L=San Francisco/ST=California/C=US/CN=ALN C/CN=XTS'; 11422 let prikeyEnstr: string = 11423 '-----BEGIN RSA PRIVATE KEY-----\n' + 11424 'Proc-Type: 4,ENCRYPTED\n' + 11425 'DEK-Info: AES-128-CBC,B5FFA3AEEE7176106FDDB0988B532F07\n\n' + 11426 't3zNRGKp5X4BNkcsYATad/Le+94yMIX9CoNAGsBIDzQw+773UMGIoeGEYVlXWc8x\n' + 11427 'N1XWDinn4ytWw9x9OfUYgmNnrdkWRSaIuw+SpQfBgJip+MsNERYOHZ5TYWTR8n3k\n' + 11428 '7/jHY8eCgTsP3hbNtyaePIrtbTLZGZAHG1YWY5UmLaYoI1O6/Vvobx72lx3b43Tx\n' + 11429 '4j5lkknpLl85fcs1s4TYMOd8vEwhdpouR4VY8kfRSm44WQLtGXrce0An3MG3pXyZ\n' + 11430 'GhpmJyTcg0epTEYVzglENlBJrBVDL+bJ8uvHGH4tmeQb77e6ILXoxZntM7zQMMFo\n' + 11431 'A7dilqO6FBxu20n2TidVGCa0Yn+DZLpry2OdwVUC2nXyCHCehr3jAZz6k20FWg5B\n' + 11432 'EsU16yOIB+bp9BUKdTpJVtc/pmZJtnlA9pSCUVmWdltOsjjxkE94wfAUOYhO3Mvz\n' + 11433 'gF9KR1/bdAbLw4t7bGeuyV4N2iYr83FodLLXpupM6Qfb51+HVgHvm2aaHv2Q4sf3\n' + 11434 'poCVTNlegoVV9x3+7HqXY6MjlG8aU6LcWqH34ySqRBQrKL1PuDzQSY5/RmP7PUhG\n' + 11435 'ym4l6KbEaRC2H/XS2qKa4VCMgBCgA0hoiw4s48Xd4h2GUTuxLM9wGyW89OEaHky7\n' + 11436 'VE7t3O9a2zhkRTYDDYQ8QCycKhNrsKySyItRUWn/w2lXvuKM7PpAzYH7Ey3W1eZG\n' + 11437 'PyyeGG9exjpdIvD3tx5Hl/OWwBkW1DAzO40gT6sdD5FXzRv4fCHuCrIow5QMLF4T\n' + 11438 'd5Y4a6q13V4O5b73T5INmKl8rEbPGIw7WLR7BNj05QuzNcn5kA1aBFIJqsxQv46l\n' + 11439 '-----END RSA PRIVATE KEY-----\n'; 11440 let priKeyInfo: cert.PrivateKeyInfo = { 11441 key: prikeyEnstr, 11442 password : "123abc" 11443 } 11444 let keyUsage: cert.CsrAttribute = { 11445 type: "keyUsage", 11446 value: "digitalSignature, keyEncipherment" 11447 }; 11448 11449 let challengePassword: cert.CsrAttribute = { 11450 type:"challengePassword", 11451 value: "123456" 11452 }; 11453 let attribute: cert.CsrAttribute[] = [ 11454 keyUsage,challengePassword 11455 ]; 11456 try { 11457 let data = await cert.createX500DistinguishedName(nameStr); 11458 console.info('createX500DistinguishedName success' + data.getName("CN").toString()); 11459 let conf: cert.CsrGenerationConfig = { 11460 subject: data, 11461 mdName: "SHA256", 11462 outFormat: cert.EncodingBaseFormat.PEM, 11463 attributes: attribute 11464 } 11465 try { 11466 let csrStr = cert.generateCsr(priKeyInfo, conf) 11467 console.log('generateCsr success return str is' + csrStr.toString()) 11468 } catch (error) { 11469 let e: BusinessError = error as BusinessError; 11470 console.error('generateCsr failed, errCode: ' + e.code + ', errMsg: ' + e.message); 11471 } 11472 } catch (error) { 11473 let e: BusinessError = error as BusinessError; 11474 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11475 } 11476} 11477``` 11478 11479## cert.createX500DistinguishedName<sup>12+</sup> 11480 11481createX500DistinguishedName(nameStr: string): Promise\<X500DistinguishedName> 11482 11483表示使用字符串格式的名称创建X500DistinguishedName对象,使用Promise方式异步返回结果。 11484 11485**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11486 11487**系统能力:** SystemCapability.Security.Cert 11488 11489**参数:** 11490 11491| 参数名 | 类型 | 必填 | 说明 | 11492| -------- | ----------------------------- | ---- | -------------------- | 11493| nameStr | string | 是 |X509定义的string类型的Name字符串格式数据。| 11494 11495**返回值:** 11496 11497| 类型 | 说明 | 11498| ------------------------------- | ---------------- | 11499| Promise\<[X500DistinguishedName](#x500distinguishedname12)> | 表示X509的可分辨对象。| 11500 11501**错误码:** 11502 11503以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11504 11505| 错误码ID | 错误信息 | 11506| -------- | ------------- | 11507| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11508| 19020001 | memory malloc failed. | 11509| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11510| 19030001 | crypto operation error. | 11511| 19030002 | the certificate signature verification failed. | 11512| 19030003 | the certificate has not taken effect. | 11513| 19030004 | the certificate has expired. | 11514| 19030005 | failed to obtain the certificate issuer. | 11515| 19030006 | the key cannot be used for signing a certificate. | 11516| 19030007 | the key cannot be used for digital signature. | 11517 11518**示例:** 11519 11520```ts 11521import { cert } from '@kit.DeviceCertificateKit'; 11522import { BusinessError } from '@kit.BasicServicesKit'; 11523 11524// string转Uint8Array。 11525function stringToUint8Array(str: string): Uint8Array { 11526 let arr: Array<number> = []; 11527 for (let i = 0, j = str.length; i < j; i++) { 11528 arr.push(str.charCodeAt(i)); 11529 } 11530 return new Uint8Array(arr); 11531} 11532 11533let nameStr = '/CN=John Doe/OU=IT Department/O=ACME Inc./L=San Francisco/ST=California/C=US/CN=ALN C/CN=XTS'; 11534async function createX500DistinguishedName() { 11535 try { 11536 cert.createX500DistinguishedName(nameStr) 11537 .then((data) => { 11538 console.log('createX500DistinguishedName success'); 11539 }) 11540 .catch((err: BusinessError) => { 11541 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11542 }) 11543 } catch (error) { 11544 let e: BusinessError = error as BusinessError; 11545 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11546 } 11547} 11548``` 11549 11550## cert.createX500DistinguishedName<sup>12+</sup> 11551 11552createX500DistinguishedName(nameDer: Uint8Array): Promise\<X500DistinguishedName> 11553 11554表示使用DER格式的名称创建X500DistinguishedName对象,使用Promise方式异步返回结果。 11555 11556**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11557 11558**系统能力:** SystemCapability.Security.Cert 11559 11560**参数:** 11561 11562| 参数名 | 类型 | 必填 | 说明 | 11563| -------- | ----------------------------- | ---- | -------------------- | 11564| nameDer | Uint8Array | 是 |X509定义的Uint8Array类型的DER格式数据。| 11565 11566**返回值:** 11567 11568| 类型 | 说明 | 11569| ------------------------------- | ---------------- | 11570| Promise\<[X500DistinguishedName](#x500distinguishedname12)> | 表示X509的可分辨对象。| 11571 11572**错误码:** 11573 11574以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11575 11576| 错误码ID | 错误信息 | 11577| -------- | ------------- | 11578| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11579| 19020001 | memory malloc failed. | 11580| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11581| 19030001 | crypto operation error. | 11582| 19030002 | the certificate signature verification failed. | 11583| 19030003 | the certificate has not taken effect. | 11584| 19030004 | the certificate has expired. | 11585| 19030005 | failed to obtain the certificate issuer. | 11586| 19030006 | the key cannot be used for signing a certificate. | 11587| 19030007 | the key cannot be used for digital signature. | 11588 11589**示例:** 11590 11591```ts 11592import { cert } from '@kit.DeviceCertificateKit'; 11593import { BusinessError } from '@kit.BasicServicesKit'; 11594 11595let nameDer = new Uint8Array([48,41,49,11,48,9,6,3,85,4,3,12,2,67,65,49,13,48,11,6,3,85,4,10,12,4,116,101,115,116,49,11,48,9,6,3,85,4,6,19,2,67,78]); 11596async function createX500DistinguishedName() { 11597 try { 11598 cert.createX500DistinguishedName(nameDer) 11599 .then((data) => { 11600 console.log('createX500DistinguishedName success'); 11601 }) 11602 .catch((err: BusinessError) => { 11603 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11604 }) 11605 } catch (error) { 11606 let e: BusinessError = error as BusinessError; 11607 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11608 } 11609} 11610``` 11611## X500DistinguishedName<sup>12+</sup> 11612 11613X509定义的Name类型的对象。 11614 11615### getName<sup>12+</sup> 11616 11617getName(): string 11618 11619获取可分辨名的字符串。 11620 11621**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11622 11623**系统能力:** SystemCapability.Security.Cert 11624 11625**返回值**: 11626 11627| 类型 | 说明 | 11628| ------- | ------------------------------------------------- | 11629| string | 可分辨名的字符串。| 11630 11631**错误码:** 11632 11633以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11634 11635| 错误码ID | 错误信息 | 11636| -------- | ------------- | 11637| 19020001 | memory malloc failed. | 11638| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11639| 19030001 | crypto operation error. | 11640 11641**示例:** 11642 11643```ts 11644import { cert } from '@kit.DeviceCertificateKit'; 11645import { BusinessError } from '@kit.BasicServicesKit'; 11646 11647let nameDer = new Uint8Array([48,41,49,11,48,9,6,3,85,4,3,12,2,67,65,49,13,48,11,6,3,85,4,10,12,4,116,101,115,116,49,11,48,9,6,3,85,4,6,19,2,67,78]); 11648async function getName() { 11649 try { 11650 cert.createX500DistinguishedName(nameDer) 11651 .then((data) => { 11652 console.log('createX500DistinguishedName success'); 11653 console.info('createX500DistinguishedName getName: ' + JSON.stringify(data.getName())) 11654 }) 11655 .catch((err: BusinessError) => { 11656 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11657 }) 11658 } catch (error) { 11659 let e: BusinessError = error as BusinessError; 11660 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11661 } 11662} 11663``` 11664 11665### getName<sup>12+</sup> 11666 11667getName(type: string): Array\<string> 11668 11669按类型获取可分辨名的字符串。 11670 11671**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11672 11673**系统能力:** SystemCapability.Security.Cert 11674 11675**参数**: 11676 11677| 参数名 | 类型 | 必填 | 说明 | 11678| ------------ | ------ | ---- | -------------- | 11679| type | string | 是 | 指定类型的名称。| 11680 11681**返回值**: 11682 11683| 类型 | 说明 | 11684| ------- | ------------------------------------------------- | 11685| Array\<string> | 可分辨名的字符串数组。| 11686 11687**错误码:** 11688 11689以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11690 11691| 错误码ID | 错误信息 | 11692| -------- | ------------- | 11693| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11694| 19020001 | memory malloc failed. | 11695| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11696| 19030001 | crypto operation error. | 11697 11698**示例:** 11699 11700```ts 11701import { cert } from '@kit.DeviceCertificateKit'; 11702import { BusinessError } from '@kit.BasicServicesKit'; 11703 11704let nameStr = '/CN=Example CA/OU=test cert/O=test/L=XA/ST=SX/C=CN/CN=RSA CA/CN=XTS'; 11705async function getName() { 11706 try { 11707 cert.createX500DistinguishedName(nameStr) 11708 .then((data) => { 11709 console.log('createX500DistinguishedName success'); 11710 console.info('createX500DistinguishedName getName: ' + JSON.stringify(data.getName("CN"))) 11711 }) 11712 .catch((err: BusinessError) => { 11713 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11714 }) 11715 } catch (error) { 11716 let e: BusinessError = error as BusinessError; 11717 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11718 } 11719} 11720``` 11721 11722### getName<sup>20+</sup> 11723 11724getName(encodingType: EncodingType): string 11725 11726根据指定的编码类型获取可分辨名的字符串。 11727 11728**原子化服务API:** 从API version 20开始,该接口支持在原子化服务中使用。 11729 11730**系统能力:** SystemCapability.Security.Cert 11731 11732**参数:** 11733 11734| 参数名 | 类型 | 必填 | 说明 | 11735| ------------ | ------------- | ---- | -------------- | 11736| encodingType | [EncodingType](#encodingtype12) | 是 | 表示编码类型。| 11737 11738**返回值**: 11739 11740| 类型 | 说明 | 11741| ------- | ------------------------------------------------- | 11742| string | 表示可分辨名的字符串,使用逗号分隔相对可分辨名称。| 11743 11744**错误码:** 11745 11746以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11747 11748| 错误码ID | 错误信息 | 11749| -------- | ------------- | 11750| 19020001 | memory malloc failed. | 11751| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11752| 19020003 | parameter check failed. Possible causes: <br>1. The value of encodingType is not in the EncodingType enumeration range.| 11753| 19030001 | crypto operation error. | 11754 11755**示例:** 11756 11757```ts 11758import { cert } from '@kit.DeviceCertificateKit'; 11759import { BusinessError } from '@kit.BasicServicesKit'; 11760 11761let nameStr = '/CN=陕西@西安/OU=IT Department/O=ACME Inc./L=San Francisco/ST=California/C=US/CN=ALN C/CN=XTS'; 11762async function getName() { 11763 try { 11764 cert.createX500DistinguishedName(nameStr) 11765 .then((data) => { 11766 console.log('createX500DistinguishedName success'); 11767 console.info('createX500DistinguishedName getName: ' + JSON.stringify(data.getName(cert.EncodingType.ENCODING_UTF8))) 11768 }) 11769 .catch((err: BusinessError) => { 11770 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11771 }) 11772 } catch (error) { 11773 let e: BusinessError = error as BusinessError; 11774 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11775 } 11776} 11777``` 11778 11779### getEncoded<sup>12+</sup> 11780 11781getEncoded(): EncodingBlob 11782 11783获取X509证书扩展域的数据。 11784 11785**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 11786 11787**系统能力:** SystemCapability.Security.Cert 11788 11789**返回值**: 11790 11791| 类型 | 说明 | 11792| ------- | ------------------------------------------------- | 11793| [EncodingBlob](#encodingblob) | X509证书序列化数据。| 11794 11795**错误码:** 11796 11797以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11798 11799| 错误码ID | 错误信息 | 11800| -------- | ------------- | 11801| 19020001 | memory malloc failed. | 11802| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11803| 19030001 | crypto operation error. | 11804 11805**示例:** 11806 11807```ts 11808import { cert } from '@kit.DeviceCertificateKit'; 11809import { BusinessError } from '@kit.BasicServicesKit'; 11810 11811let nameStr = '/CN=Example CA/OU=test cert/O=test/L=XA/ST=SX/C=CN/CN=RSA CA/CN=XTS'; 11812async function getEncoded() { 11813 try { 11814 cert.createX500DistinguishedName(nameStr) 11815 .then((data) => { 11816 console.log('createX500DistinguishedName success'); 11817 let encodingBlobData = data.getEncoded(); 11818 }) 11819 .catch((err: BusinessError) => { 11820 console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 11821 }) 11822 } catch (error) { 11823 let e: BusinessError = error as BusinessError; 11824 console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 11825 } 11826} 11827``` 11828 11829## cert.createCmsGenerator<sup>18+</sup> 11830 11831createCmsGenerator(contentType: CmsContentType): CmsGenerator 11832 11833表示创建CmsGenerator对象。 11834 11835**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 11836 11837**系统能力:** SystemCapability.Security.Cert 11838 11839**参数:** 11840 11841| 参数名 | 类型 | 必填 | 说明 | 11842| -------- | ----------------------------- | ---- | -------------------- | 11843| contentType | [CmsContentType](#cmscontenttype18) | 是 | 指定CMS内容类型。| 11844 11845**返回值:** 11846 11847| 类型 | 说明 | 11848| ------------------------------- | ---------------- | 11849| [CmsGenerator](#cmsgenerator18) | CmsGenerator对象。 | 11850 11851**错误码:** 11852 11853以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11854 11855| 错误码ID | 错误信息 | 11856| -------- | ------------- | 11857| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 11858| 19020001 | memory malloc failed. | 11859| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11860| 19030001 | crypto operation error. | 11861 11862**示例:** 11863 11864```ts 11865import { cert } from '@kit.DeviceCertificateKit'; 11866import { BusinessError } from '@kit.BasicServicesKit'; 11867 11868let certData = '-----BEGIN CERTIFICATE-----\n' + 11869 'MIICXjCCAcegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYT\n' + 11870 'AkNOMQwwCgYDVQQIDANzaGExDTALBgNVBAcMBHhpYW4xDTALBgNVBAoMBHRlc3Qx\n' + 11871 'DTALBgNVBAMMBHRlc3QwHhcNMjQxMTIyMDkwNTIyWhcNMzQxMTIwMDkwNTIyWjBI\n' + 11872 'MQswCQYDVQQGEwJDTjEMMAoGA1UECAwDc2hhMQ0wCwYDVQQHDAR4aWFuMQ0wCwYD\n' + 11873 'VQQKDAR0ZXN0MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n' + 11874 'iQKBgQC6nCZTM16Rk2c4P/hwfVm++jqe6GCA/PXXGe4YL218q1dTKMHBGEw8kXi0\n' + 11875 'XLDcyyC2yUn8ywN2QSyly6ke9EE6PGfZywStLp4g2PTTWB04sS3aXT2y+fToiTXQ\n' + 11876 '3AxfFYRpB+EgSdSCkJs6jKXVwbzu54kEtQTfs8UdBQ9nVKaJLwIDAQABo1MwUTAd\n' + 11877 'BgNVHQ4EFgQU6QXnt1smb2HRSO/2zuRQnz/SDxowHwYDVR0jBBgwFoAU6QXnt1sm\n' + 11878 'b2HRSO/2zuRQnz/SDxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\n' + 11879 'gQBPR/+5xzFG1XlTdgwWVvqVxvhGUkbMTGW0IviJ+jbKsi57vnVsOtFzEA6y+bYx\n' + 11880 'xG/kEOcwLtzeVHOQA+ZU5SVcc+qc0dfFiWjL2PSAG4bpqSTjujpuUk+g8ugixbG1\n' + 11881 'a26pkDJhNeB/E3eBIbeydSY0A/dIGb6vbGo6BSq2KvnWAA==\n' + 11882 '-----END CERTIFICATE-----\n'; 11883 11884// string转Uint8Array 11885function stringToUint8Array(str: string): Uint8Array { 11886 let arr: Array<number> = []; 11887 for (let i = 0, j = str.length; i < j; i++) { 11888 arr.push(str.charCodeAt(i)); 11889 } 11890 return new Uint8Array(arr); 11891} 11892 11893function testcreateCmsGenerator() { 11894 let certEncodingBlob: cert.EncodingBlob = { 11895 data: stringToUint8Array(certData), 11896 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 11897 encodingFormat: cert.EncodingFormat.FORMAT_PEM 11898 }; 11899 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 11900 if (error) { 11901 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 11902 } else { 11903 try { 11904 let cmsContentType = cert.CmsContentType.SIGNED_DATA; 11905 let cmsGenerator = cert.createCmsGenerator(cmsContentType); 11906 console.info('testcreateCmsGenerator createCmsGenerator success.'); 11907 } catch (err) { 11908 let e: BusinessError = err as BusinessError; 11909 console.error('createCmsGenerator failed, errCode: ' + e.code + ', errMsg: ' + e.message); 11910 } 11911 } 11912 }); 11913} 11914``` 11915 11916## CmsGenerator<sup>18+</sup> 11917 11918CmsGenerator对象用于生成CMS(Cryptographic Message Syntax)格式的消息。 11919 11920> **说明:** 11921> 11922> PKCS#7是用于存储签名或加密数据的标准语法。注意CMS是PKCS#7的扩展,PKCS#7支持的数据类型包括数据、签名数据、信封数据、 11923> 签名和信封数据、摘要数据、加密数据。常用于保护数据的完整性和机密性。 11924 11925### addSigner<sup>18+</sup> 11926 11927addSigner(cert: X509Cert, keyInfo: PrivateKeyInfo, config: CmsSignerConfig): void; 11928 11929用于添加签名者信息。 11930 11931**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 11932 11933**系统能力:** SystemCapability.Security.Cert 11934 11935**参数:** 11936 11937| 参数名 | 类型 | 必填 | 说明 | 11938| ------------ | ------ | ---- | -------------- | 11939| cert | [X509Cert](#x509cert) | 是 | 指定X509证书。| 11940| keyInfo | [PrivateKeyInfo](#privatekeyinfo18) | 是 | 指定私钥信息。| 11941| config | [CmsSignerConfig](#cmssignerconfig18) | 是 | 指定签名者选项。| 11942 11943**错误码:** 11944 11945以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 11946 11947| 错误码ID | 错误信息 | 11948| -------- | ------------- | 11949| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 11950| 19020001 | memory malloc failed. | 11951| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 11952| 19030001 | crypto operation error. | 11953| 19030008 | maybe wrong password. | 11954 11955**示例:** 11956 11957```ts 11958import { cert } from '@kit.DeviceCertificateKit'; 11959import { BusinessError } from '@kit.BasicServicesKit'; 11960 11961let certData = '-----BEGIN CERTIFICATE-----\n' + 11962 'MIICXjCCAcegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYT\n' + 11963 'AkNOMQwwCgYDVQQIDANzaGExDTALBgNVBAcMBHhpYW4xDTALBgNVBAoMBHRlc3Qx\n' + 11964 'DTALBgNVBAMMBHRlc3QwHhcNMjQxMTIyMDkwNTIyWhcNMzQxMTIwMDkwNTIyWjBI\n' + 11965 'MQswCQYDVQQGEwJDTjEMMAoGA1UECAwDc2hhMQ0wCwYDVQQHDAR4aWFuMQ0wCwYD\n' + 11966 'VQQKDAR0ZXN0MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n' + 11967 'iQKBgQC6nCZTM16Rk2c4P/hwfVm++jqe6GCA/PXXGe4YL218q1dTKMHBGEw8kXi0\n' + 11968 'XLDcyyC2yUn8ywN2QSyly6ke9EE6PGfZywStLp4g2PTTWB04sS3aXT2y+fToiTXQ\n' + 11969 '3AxfFYRpB+EgSdSCkJs6jKXVwbzu54kEtQTfs8UdBQ9nVKaJLwIDAQABo1MwUTAd\n' + 11970 'BgNVHQ4EFgQU6QXnt1smb2HRSO/2zuRQnz/SDxowHwYDVR0jBBgwFoAU6QXnt1sm\n' + 11971 'b2HRSO/2zuRQnz/SDxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\n' + 11972 'gQBPR/+5xzFG1XlTdgwWVvqVxvhGUkbMTGW0IviJ+jbKsi57vnVsOtFzEA6y+bYx\n' + 11973 'xG/kEOcwLtzeVHOQA+ZU5SVcc+qc0dfFiWjL2PSAG4bpqSTjujpuUk+g8ugixbG1\n' + 11974 'a26pkDJhNeB/E3eBIbeydSY0A/dIGb6vbGo6BSq2KvnWAA==\n' + 11975 '-----END CERTIFICATE-----\n'; 11976 11977let rsaStr1024: string = 11978 '-----BEGIN RSA PRIVATE KEY-----\n' + 11979 'Proc-Type: 4,ENCRYPTED\n' + 11980 'DEK-Info: DES-EDE3-CBC,DB0AC6E3BEE16420\n\n' + 11981 '1N5xykdckthZnswMV7blxXm2RCqe/OByBfMwFI7JoXR8STtMiStd4xA3W405k1Ma\n' + 11982 'ExpsHgWwZaS23x+sQ1sL1dsqIPMrw1Vr+KrL20vQcCVjXPpGKauafVbtcWQ1r2PZ\n' + 11983 'QJ4KWP6FhUp+sGt2ItODW3dK+1GdqL22ZtANrgFzS42Wh8FSn0UMCf6RG62DK62J\n' + 11984 'z2jtf4XaorrGSjdTeY+fyyGfSyKidIMMBe+IXwlhCgAe7aHSaqXtMsv+BibB7PJ3\n' + 11985 'XmEp1D/0ptL3r46txyYcuy8jSNCkW8er93KKnlRN6KbuYZPvPNncWkzZBzV17t5d\n' + 11986 'QgtvVh32AKgqk5jm8YVnspOFiPrbrK9UN3IW15juFkfnhriM3IrKap4/kW+tfawZ\n' + 11987 'DmHkSyl8xqFK413Rv0UvYBTjOcGbs2BSJYEvp8CIjtA17SvLmNw70K2nXWuQYutY\n' + 11988 '+HyucPtHfEqUPQRzWTAMMntTru77u7dxo2WMMMxOtMJO5h7MAnZH9bAFiuO3ewcY\n' + 11989 'eEePg10d8Owcfh9G6kc0HIGT9MMLMi0mTXhpoQTuWPYuSx6uUZL1fsp1x2fuM0qn\n' + 11990 'bdf3+UnATYUu4tgvBHrMV7405Y6Y3PnqOFxVMeAHeOTo6UThtJ10mfeCPXGcUaHo\n' + 11991 'P5enw7h4145cha3+S4hNrUwj3skrtavld7tY74p4DvgZSlCMF3JAm3DhpnEMVcYP\n' + 11992 'Y6TkSevvxOpBvEHE41Y4VBCBwd9clcixI6cSBJKPUU4A/sc/kkNdGFcbzLQCg/zR\n' + 11993 '1m7YmBROb2qy4w3lv/uwVnPGLg/YV465irRaN3hgz7/1lm8STKQhmQ==\n' + 11994 '-----END RSA PRIVATE KEY-----\n'; 11995 11996// string转Uint8Array。 11997function stringToUint8Array(str: string): Uint8Array { 11998 let arr: Array<number> = []; 11999 for (let i = 0, j = str.length; i < j; i++) { 12000 arr.push(str.charCodeAt(i)); 12001 } 12002 return new Uint8Array(arr); 12003} 12004 12005function testAddSigner() { 12006 let certEncodingBlob: cert.EncodingBlob = { 12007 data: stringToUint8Array(certData), 12008 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 12009 encodingFormat: cert.EncodingFormat.FORMAT_PEM 12010 }; 12011 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 12012 if (error) { 12013 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 12014 } else { 12015 try { 12016 let cmsContentType = cert.CmsContentType.SIGNED_DATA; 12017 let cmsGenerator = cert.createCmsGenerator(cmsContentType); 12018 console.info('testAddSigner createCmsGenerator success.'); 12019 let privateKeyInfo: cert.PrivateKeyInfo = { 12020 key: rsaStr1024, 12021 password: '123456' 12022 }; 12023 // addCert设置为true时,第二次addSigner增加相同的证书,会报错。 12024 let config: cert.CmsSignerConfig = { 12025 mdName:'SHA256', 12026 addCert:false, 12027 addAttr:false, 12028 addSmimeCapAttr:false 12029 } 12030 cmsGenerator.addSigner(x509Cert, privateKeyInfo, config); 12031 console.info('testAddSigner addSigner success.'); 12032 } catch (err) { 12033 let e: BusinessError = err as BusinessError; 12034 console.error('testAddSigner failed, errCode: ' + e.code + ', errMsg: ' + e.message); 12035 } 12036 } 12037 }); 12038} 12039``` 12040 12041### addCert<sup>18+</sup> 12042 12043addCert(cert: X509Cert): void 12044 12045用于添加证书,例如签名证书的颁发者证书。 12046 12047**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 12048 12049**系统能力:** SystemCapability.Security.Cert 12050 12051**参数:** 12052 12053| 参数名 | 类型 | 必填 | 说明 | 12054| ------ | --------- | ---- | ------------------------ | 12055| cert | [X509Cert](#x509cert) | 是 | 要添加的X509证书。 | 12056 12057**错误码:** 12058 12059以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 12060 12061| 错误码ID | 错误信息 | 12062| -------- | ------------- | 12063| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 12064| 19020001 | memory malloc failed. | 12065| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 12066| 19030001 | crypto operation error. | 12067 12068**示例:** 12069 12070```ts 12071import { cert } from '@kit.DeviceCertificateKit'; 12072import { BusinessError } from '@kit.BasicServicesKit'; 12073 12074let certData = '-----BEGIN CERTIFICATE-----\n' + 12075 'MIICXjCCAcegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYT\n' + 12076 'AkNOMQwwCgYDVQQIDANzaGExDTALBgNVBAcMBHhpYW4xDTALBgNVBAoMBHRlc3Qx\n' + 12077 'DTALBgNVBAMMBHRlc3QwHhcNMjQxMTIyMDkwNTIyWhcNMzQxMTIwMDkwNTIyWjBI\n' + 12078 'MQswCQYDVQQGEwJDTjEMMAoGA1UECAwDc2hhMQ0wCwYDVQQHDAR4aWFuMQ0wCwYD\n' + 12079 'VQQKDAR0ZXN0MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n' + 12080 'iQKBgQC6nCZTM16Rk2c4P/hwfVm++jqe6GCA/PXXGe4YL218q1dTKMHBGEw8kXi0\n' + 12081 'XLDcyyC2yUn8ywN2QSyly6ke9EE6PGfZywStLp4g2PTTWB04sS3aXT2y+fToiTXQ\n' + 12082 '3AxfFYRpB+EgSdSCkJs6jKXVwbzu54kEtQTfs8UdBQ9nVKaJLwIDAQABo1MwUTAd\n' + 12083 'BgNVHQ4EFgQU6QXnt1smb2HRSO/2zuRQnz/SDxowHwYDVR0jBBgwFoAU6QXnt1sm\n' + 12084 'b2HRSO/2zuRQnz/SDxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\n' + 12085 'gQBPR/+5xzFG1XlTdgwWVvqVxvhGUkbMTGW0IviJ+jbKsi57vnVsOtFzEA6y+bYx\n' + 12086 'xG/kEOcwLtzeVHOQA+ZU5SVcc+qc0dfFiWjL2PSAG4bpqSTjujpuUk+g8ugixbG1\n' + 12087 'a26pkDJhNeB/E3eBIbeydSY0A/dIGb6vbGo6BSq2KvnWAA==\n' + 12088 '-----END CERTIFICATE-----\n'; 12089 12090// string转Uint8Array。 12091function stringToUint8Array(str: string): Uint8Array { 12092 let arr: Array<number> = []; 12093 for (let i = 0, j = str.length; i < j; i++) { 12094 arr.push(str.charCodeAt(i)); 12095 } 12096 return new Uint8Array(arr); 12097} 12098 12099function testAddCert() { 12100 let certEncodingBlob: cert.EncodingBlob = { 12101 data: stringToUint8Array(certData), 12102 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 12103 encodingFormat: cert.EncodingFormat.FORMAT_PEM 12104 }; 12105 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 12106 if (error) { 12107 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 12108 } else { 12109 try { 12110 let cmsContentType = cert.CmsContentType.SIGNED_DATA; 12111 let cmsGenerator = cert.createCmsGenerator(cmsContentType); 12112 console.info('testAddCert createCmsGenerator success.'); 12113 // 第二次addCert增加相同的证书,会报错。 12114 cmsGenerator.addCert(x509Cert); 12115 console.info('testAddCert addCert success.'); 12116 } catch (err) { 12117 let e: BusinessError = err as BusinessError; 12118 console.error('testAddCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 12119 } 12120 } 12121 }); 12122} 12123``` 12124 12125### doFinal<sup>18+</sup> 12126 12127doFinal(data: Uint8Array, options?: CmsGeneratorOptions): Promise<Uint8Array | string> 12128 12129用于获取Cms最终数据,例如Cms签名数据。 12130 12131**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 12132 12133**系统能力:** SystemCapability.Security.Cert 12134 12135**参数:** 12136 12137| 参数名 | 类型 | 必填 | 说明 | 12138| ----------- | ------------------- | ---- | ------------------------------------------ | 12139| data | Uint8Array | 是 | Cms操作的内容。 | 12140| options | [CmsGeneratorOptions](#cmsgeneratoroptions18) | 否 | Cms操作的配置选项。 | 12141 12142**返回值:** 12143 12144| 类型 | 说明 | 12145| ------------------------------- | ---------------- | 12146| Promise<Uint8Array \| string> | 返回Cms最终数据的Promise。 | 12147 12148**错误码:** 12149 12150以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 12151 12152| 错误码ID | 错误信息 | 12153| -------- | ------------- | 12154| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 12155| 19020001 | memory malloc failed. | 12156| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 12157| 19030001 | crypto operation error. | 12158 12159**示例:** 12160 12161```ts 12162import { cert } from '@kit.DeviceCertificateKit'; 12163import { BusinessError } from '@kit.BasicServicesKit'; 12164 12165let certData = '-----BEGIN CERTIFICATE-----\n' + 12166 'MIICXjCCAcegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYT\n' + 12167 'AkNOMQwwCgYDVQQIDANzaGExDTALBgNVBAcMBHhpYW4xDTALBgNVBAoMBHRlc3Qx\n' + 12168 'DTALBgNVBAMMBHRlc3QwHhcNMjQxMTIyMDkwNTIyWhcNMzQxMTIwMDkwNTIyWjBI\n' + 12169 'MQswCQYDVQQGEwJDTjEMMAoGA1UECAwDc2hhMQ0wCwYDVQQHDAR4aWFuMQ0wCwYD\n' + 12170 'VQQKDAR0ZXN0MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n' + 12171 'iQKBgQC6nCZTM16Rk2c4P/hwfVm++jqe6GCA/PXXGe4YL218q1dTKMHBGEw8kXi0\n' + 12172 'XLDcyyC2yUn8ywN2QSyly6ke9EE6PGfZywStLp4g2PTTWB04sS3aXT2y+fToiTXQ\n' + 12173 '3AxfFYRpB+EgSdSCkJs6jKXVwbzu54kEtQTfs8UdBQ9nVKaJLwIDAQABo1MwUTAd\n' + 12174 'BgNVHQ4EFgQU6QXnt1smb2HRSO/2zuRQnz/SDxowHwYDVR0jBBgwFoAU6QXnt1sm\n' + 12175 'b2HRSO/2zuRQnz/SDxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\n' + 12176 'gQBPR/+5xzFG1XlTdgwWVvqVxvhGUkbMTGW0IviJ+jbKsi57vnVsOtFzEA6y+bYx\n' + 12177 'xG/kEOcwLtzeVHOQA+ZU5SVcc+qc0dfFiWjL2PSAG4bpqSTjujpuUk+g8ugixbG1\n' + 12178 'a26pkDJhNeB/E3eBIbeydSY0A/dIGb6vbGo6BSq2KvnWAA==\n' + 12179 '-----END CERTIFICATE-----\n'; 12180 12181let rsaStr1024: string = 12182 '-----BEGIN RSA PRIVATE KEY-----\n' + 12183 'Proc-Type: 4,ENCRYPTED\n' + 12184 'DEK-Info: DES-EDE3-CBC,DB0AC6E3BEE16420\n\n' + 12185 '1N5xykdckthZnswMV7blxXm2RCqe/OByBfMwFI7JoXR8STtMiStd4xA3W405k1Ma\n' + 12186 'ExpsHgWwZaS23x+sQ1sL1dsqIPMrw1Vr+KrL20vQcCVjXPpGKauafVbtcWQ1r2PZ\n' + 12187 'QJ4KWP6FhUp+sGt2ItODW3dK+1GdqL22ZtANrgFzS42Wh8FSn0UMCf6RG62DK62J\n' + 12188 'z2jtf4XaorrGSjdTeY+fyyGfSyKidIMMBe+IXwlhCgAe7aHSaqXtMsv+BibB7PJ3\n' + 12189 'XmEp1D/0ptL3r46txyYcuy8jSNCkW8er93KKnlRN6KbuYZPvPNncWkzZBzV17t5d\n' + 12190 'QgtvVh32AKgqk5jm8YVnspOFiPrbrK9UN3IW15juFkfnhriM3IrKap4/kW+tfawZ\n' + 12191 'DmHkSyl8xqFK413Rv0UvYBTjOcGbs2BSJYEvp8CIjtA17SvLmNw70K2nXWuQYutY\n' + 12192 '+HyucPtHfEqUPQRzWTAMMntTru77u7dxo2WMMMxOtMJO5h7MAnZH9bAFiuO3ewcY\n' + 12193 'eEePg10d8Owcfh9G6kc0HIGT9MMLMi0mTXhpoQTuWPYuSx6uUZL1fsp1x2fuM0qn\n' + 12194 'bdf3+UnATYUu4tgvBHrMV7405Y6Y3PnqOFxVMeAHeOTo6UThtJ10mfeCPXGcUaHo\n' + 12195 'P5enw7h4145cha3+S4hNrUwj3skrtavld7tY74p4DvgZSlCMF3JAm3DhpnEMVcYP\n' + 12196 'Y6TkSevvxOpBvEHE41Y4VBCBwd9clcixI6cSBJKPUU4A/sc/kkNdGFcbzLQCg/zR\n' + 12197 '1m7YmBROb2qy4w3lv/uwVnPGLg/YV465irRaN3hgz7/1lm8STKQhmQ==\n' + 12198 '-----END RSA PRIVATE KEY-----\n'; 12199 12200// string转Uint8Array。 12201function stringToUint8Array(str: string): Uint8Array { 12202 let arr: Array<number> = []; 12203 for (let i = 0, j = str.length; i < j; i++) { 12204 arr.push(str.charCodeAt(i)); 12205 } 12206 return new Uint8Array(arr); 12207} 12208 12209async function testDoFinalByPromise() { 12210 let certEncodingBlob: cert.EncodingBlob = { 12211 data: stringToUint8Array(certData), 12212 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 12213 encodingFormat: cert.EncodingFormat.FORMAT_PEM 12214 }; 12215 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 12216 if (error) { 12217 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 12218 } else { 12219 try { 12220 let cmsContentType = cert.CmsContentType.SIGNED_DATA; 12221 let cmsGenerator = cert.createCmsGenerator(cmsContentType); 12222 console.info('testDoFinalByPromise createCmsGenerator success.'); 12223 let privateKeyInfo: cert.PrivateKeyInfo = { 12224 key: rsaStr1024, 12225 password: '123456' 12226 }; 12227 // addCert设置为true时,第二次addSigner或者addCert增加相同的证书,会报错。 12228 let config: cert.CmsSignerConfig = { 12229 mdName:'SHA256', 12230 addCert:false, 12231 addAttr:true, 12232 addSmimeCapAttr:true 12233 } 12234 cmsGenerator.addSigner(x509Cert, privateKeyInfo, config); 12235 console.info('testDoFinalByPromise addSigner success.'); 12236 cmsGenerator.addCert(x509Cert); 12237 console.info('testDoFinalByPromise addCert success.'); 12238 let content = new Uint8Array([1,2,3,4]); 12239 let optionsFinal: cert.CmsGeneratorOptions = { 12240 contentDataFormat : cert.CmsContentDataFormat.BINARY, 12241 outFormat : cert.CmsFormat.PEM, 12242 isDetached : true 12243 }; 12244 cmsGenerator.doFinal(content, optionsFinal).then(result => { 12245 console.log('testDoFinalByPromise doFinal success, result = %s', result); 12246 }).catch((error: BusinessError) => { 12247 console.error('testDoFinalByPromise failed, errCode: ' + error.code + ', errMsg: ' + error.message); 12248 }); 12249 } catch (err) { 12250 let e: BusinessError = err as BusinessError; 12251 console.error('testDoFinalByPromise failed, errCode: ' + e.code + ', errMsg: ' + e.message); 12252 } 12253 } 12254 }); 12255} 12256``` 12257 12258### doFinalSync<sup>18+</sup> 12259 12260doFinalSync(data: Uint8Array, options?: CmsGeneratorOptions): Uint8Array | string 12261 12262用于获取Cms最终数据,例如Cms签名数据(同步方法)。 12263 12264**原子化服务API:** 从API version 18开始,该接口支持在原子化服务中使用。 12265 12266**系统能力:** SystemCapability.Security.Cert 12267 12268**参数:** 12269 12270| 参数名 | 类型 | 必填 | 说明 | 12271| ----------- | ------------------- | ---- | ------------------------------------------ | 12272| data | Uint8Array | 是 | Cms操作的内容。 | 12273| options | [CmsGeneratorOptions](#cmsgeneratoroptions18) | 否 | Cms操作的配置选项。 | 12274 12275**返回值:** 12276 12277| 类型 | 说明 | 12278| ------------------------------- | ---------------- | 12279| Uint8Array \| string | 返回Cms最终数据。 | 12280 12281**错误码:** 12282 12283以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 12284 12285| 错误码ID | 错误信息 | 12286| -------- | ------------- | 12287| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 12288| 19020001 | memory malloc failed. | 12289| 19020002 | runtime error. Possible causes: <br>1. Memory copy failed;<br>2. A null pointer occurs inside the system;<br>3. Failed to convert parameters between ArkTS and C. | 12290| 19030001 | crypto operation error. | 12291 12292**示例:** 12293 12294```ts 12295import { cert } from '@kit.DeviceCertificateKit'; 12296import { BusinessError } from '@kit.BasicServicesKit'; 12297 12298let certData = '-----BEGIN CERTIFICATE-----\n' + 12299 'MIICXjCCAcegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYT\n' + 12300 'AkNOMQwwCgYDVQQIDANzaGExDTALBgNVBAcMBHhpYW4xDTALBgNVBAoMBHRlc3Qx\n' + 12301 'DTALBgNVBAMMBHRlc3QwHhcNMjQxMTIyMDkwNTIyWhcNMzQxMTIwMDkwNTIyWjBI\n' + 12302 'MQswCQYDVQQGEwJDTjEMMAoGA1UECAwDc2hhMQ0wCwYDVQQHDAR4aWFuMQ0wCwYD\n' + 12303 'VQQKDAR0ZXN0MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n' + 12304 'iQKBgQC6nCZTM16Rk2c4P/hwfVm++jqe6GCA/PXXGe4YL218q1dTKMHBGEw8kXi0\n' + 12305 'XLDcyyC2yUn8ywN2QSyly6ke9EE6PGfZywStLp4g2PTTWB04sS3aXT2y+fToiTXQ\n' + 12306 '3AxfFYRpB+EgSdSCkJs6jKXVwbzu54kEtQTfs8UdBQ9nVKaJLwIDAQABo1MwUTAd\n' + 12307 'BgNVHQ4EFgQU6QXnt1smb2HRSO/2zuRQnz/SDxowHwYDVR0jBBgwFoAU6QXnt1sm\n' + 12308 'b2HRSO/2zuRQnz/SDxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\n' + 12309 'gQBPR/+5xzFG1XlTdgwWVvqVxvhGUkbMTGW0IviJ+jbKsi57vnVsOtFzEA6y+bYx\n' + 12310 'xG/kEOcwLtzeVHOQA+ZU5SVcc+qc0dfFiWjL2PSAG4bpqSTjujpuUk+g8ugixbG1\n' + 12311 'a26pkDJhNeB/E3eBIbeydSY0A/dIGb6vbGo6BSq2KvnWAA==\n' + 12312 '-----END CERTIFICATE-----\n'; 12313 12314let rsaStr1024: string = 12315 '-----BEGIN RSA PRIVATE KEY-----\n' + 12316 'Proc-Type: 4,ENCRYPTED\n' + 12317 'DEK-Info: DES-EDE3-CBC,DB0AC6E3BEE16420\n\n' + 12318 '1N5xykdckthZnswMV7blxXm2RCqe/OByBfMwFI7JoXR8STtMiStd4xA3W405k1Ma\n' + 12319 'ExpsHgWwZaS23x+sQ1sL1dsqIPMrw1Vr+KrL20vQcCVjXPpGKauafVbtcWQ1r2PZ\n' + 12320 'QJ4KWP6FhUp+sGt2ItODW3dK+1GdqL22ZtANrgFzS42Wh8FSn0UMCf6RG62DK62J\n' + 12321 'z2jtf4XaorrGSjdTeY+fyyGfSyKidIMMBe+IXwlhCgAe7aHSaqXtMsv+BibB7PJ3\n' + 12322 'XmEp1D/0ptL3r46txyYcuy8jSNCkW8er93KKnlRN6KbuYZPvPNncWkzZBzV17t5d\n' + 12323 'QgtvVh32AKgqk5jm8YVnspOFiPrbrK9UN3IW15juFkfnhriM3IrKap4/kW+tfawZ\n' + 12324 'DmHkSyl8xqFK413Rv0UvYBTjOcGbs2BSJYEvp8CIjtA17SvLmNw70K2nXWuQYutY\n' + 12325 '+HyucPtHfEqUPQRzWTAMMntTru77u7dxo2WMMMxOtMJO5h7MAnZH9bAFiuO3ewcY\n' + 12326 'eEePg10d8Owcfh9G6kc0HIGT9MMLMi0mTXhpoQTuWPYuSx6uUZL1fsp1x2fuM0qn\n' + 12327 'bdf3+UnATYUu4tgvBHrMV7405Y6Y3PnqOFxVMeAHeOTo6UThtJ10mfeCPXGcUaHo\n' + 12328 'P5enw7h4145cha3+S4hNrUwj3skrtavld7tY74p4DvgZSlCMF3JAm3DhpnEMVcYP\n' + 12329 'Y6TkSevvxOpBvEHE41Y4VBCBwd9clcixI6cSBJKPUU4A/sc/kkNdGFcbzLQCg/zR\n' + 12330 '1m7YmBROb2qy4w3lv/uwVnPGLg/YV465irRaN3hgz7/1lm8STKQhmQ==\n' + 12331 '-----END RSA PRIVATE KEY-----\n'; 12332 12333// string转Uint8Array。 12334function stringToUint8Array(str: string): Uint8Array { 12335 let arr: Array<number> = []; 12336 for (let i = 0, j = str.length; i < j; i++) { 12337 arr.push(str.charCodeAt(i)); 12338 } 12339 return new Uint8Array(arr); 12340} 12341 12342function testDoFinalSync() { 12343 let certEncodingBlob: cert.EncodingBlob = { 12344 data: stringToUint8Array(certData), 12345 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER。 12346 encodingFormat: cert.EncodingFormat.FORMAT_PEM 12347 }; 12348 cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 12349 if (error) { 12350 console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 12351 } else { 12352 try { 12353 let cmsContentType = cert.CmsContentType.SIGNED_DATA; 12354 let cmsGenerator = cert.createCmsGenerator(cmsContentType); 12355 console.info('testDoFinalSync createCmsGenerator success.'); 12356 let privateKeyInfo: cert.PrivateKeyInfo = { 12357 key: rsaStr1024, 12358 password: '123456' 12359 }; 12360 // addCert设置为true时,第二次addSigner或者addCert增加相同的证书,会报错。 12361 let config: cert.CmsSignerConfig = { 12362 mdName:'SHA256', 12363 addCert:false, 12364 addAttr:false, 12365 addSmimeCapAttr:false 12366 } 12367 cmsGenerator.addSigner(x509Cert, privateKeyInfo, config); 12368 console.info('testDoFinalSync addSigner success.'); 12369 cmsGenerator.addCert(x509Cert); 12370 console.info('testDoFinalSync addCert success.'); 12371 let content = new Uint8Array([1,2,3,4]); 12372 let optionsFinal: cert.CmsGeneratorOptions = { 12373 contentDataFormat : cert.CmsContentDataFormat.BINARY, 12374 outFormat : cert.CmsFormat.DER, 12375 isDetached : false 12376 }; 12377 let output = cmsGenerator.doFinalSync(content, optionsFinal); 12378 console.info('testDoFinalSync doFinalSync success, output = %s.',output); 12379 } catch (err) { 12380 let e: BusinessError = err as BusinessError; 12381 console.error('testDoFinalSync failed, errCode: ' + e.code + ', errMsg: ' + e.message); 12382 } 12383 } 12384 }); 12385} 12386```