1# HMAC(ArkTS) 2 3<!--Kit: Universal Keystore Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @wutiantian-gitee--> 6<!--Designer: @HighLowWorld--> 7<!--Tester: @wxy1234564846--> 8<!--Adviser: @zengyawen--> 9 10HMAC是密钥相关的哈希运算消息认证码(Hash-based Message Authentication Code)。具体的场景介绍及支持的算法规格,请参考[HMAC介绍及算法规格](huks-hmac-overview.md)。 11 12## 开发步骤 13 14**生成密钥** 15 161. 指定密钥别名,密钥别名命名规范参考[密钥生成介绍及算法规格](huks-key-generation-overview.md)。 17 182. 初始化密钥属性集。 19 203. 调用[generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9)生成密钥,HMAC支持的规格请参考[密钥生成支持的算法](huks-key-generation-overview.md#支持的算法)。 21 22除此之外,开发者也可以参考[密钥导入](huks-key-import-overview.md#支持的算法)的规格介绍,导入已有的密钥。 23 24**执行HMAC** 25 261. 获取密钥别名。 27 282. 获取待运算的数据。 29 303. 调用[initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9)初始化密钥会话,并获取会话的句柄handle。 31 324. 调用[finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9)结束密钥会话,获取哈希后的数据。 33 34```ts 35/* 36 * 以下以HMAC密钥的Promise操作使用为例 37 */ 38import { huks } from '@kit.UniversalKeystoreKit'; 39import { BusinessError } from "@kit.BasicServicesKit"; 40 41let keyAlias = 'test_HMAC'; 42let handle: number; 43let plainText = '123456'; 44let hashData: Uint8Array; 45 46function StringToUint8Array(str: string) { 47 let arr: number[] = new Array(); 48 for (let i = 0, j = str.length; i < j; ++i) { 49 arr.push(str.charCodeAt(i)); 50 } 51 return new Uint8Array(arr); 52} 53 54function Uint8ArrayToString(fileData: Uint8Array) { 55 let dataString = ''; 56 for (let i = 0; i < fileData.length; i++) { 57 dataString += String.fromCharCode(fileData[i]); 58 } 59 return dataString; 60} 61 62function GetHMACProperties() { 63 const properties: Array<huks.HuksParam> = [{ 64 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 65 value: huks.HuksKeyAlg.HUKS_ALG_HMAC 66 }, { 67 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 68 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 69 }, { 70 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 71 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_MAC 72 }, { 73 tag: huks.HuksTag.HUKS_TAG_DIGEST, 74 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA384, 75 }]; 76 return properties; 77} 78 79async function GenerateHMACKey() { 80 /* 81 * 模拟生成密钥场景 82 * 1. 确定密钥别名 83 */ 84 /* 85 * 2. 获取生成密钥算法参数配置 86 */ 87 let genProperties = GetHMACProperties(); 88 let options: huks.HuksOptions = { 89 properties: genProperties 90 } 91 /* 92 * 3. 调用generateKeyItem 93 */ 94 await huks.generateKeyItem(keyAlias, options) 95 .then(() => { 96 console.info(`promise: generate HMAC Key success`); 97 }).catch((error: BusinessError) => { 98 console.error(`promise: generate HMAC Key failed, errCode : ${error.code}, errMsg : ${error.message}`); 99 }) 100} 101 102async function HMACData() { 103 /* 104 * 模拟HMAC场景 105 * 1. 获取密钥别名 106 */ 107 /* 108 * 2. 获取待哈希的数据 109 */ 110 /* 111 * 3. 获取HMAC算法参数配置 112 */ 113 let hmacProperties = GetHMACProperties(); 114 let options: huks.HuksOptions = { 115 properties: hmacProperties, 116 inData: StringToUint8Array(plainText) 117 } 118 /* 119 * 4. 调用initSession获取handle 120 */ 121 await huks.initSession(keyAlias, options) 122 .then((data) => { 123 handle = data.handle; 124 }).catch((error: BusinessError) => { 125 console.error(`promise: init EncryptData failed, errCode : ${error.code}, errMsg : ${error.message}`); 126 }) 127 /* 128 * 5. 调用finishSession获取HMAC的结果 129 */ 130 await huks.finishSession(handle, options) 131 .then((data) => { 132 console.info(`promise: HMAC data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 133 hashData = data.outData as Uint8Array; 134 }).catch((error: BusinessError) => { 135 console.error(`promise: HMAC data failed, errCode : ${error.code}, errMsg : ${error.message}`); 136 }) 137} 138 139async function testHMAC() { 140 await GenerateHMACKey(); 141 await HMACData(); 142} 143```