1# 获取密钥属性(C/C++) 2 3<!--Kit: Universal Keystore Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @wutiantian-gitee--> 6<!--Designer: @HighLowWorld--> 7<!--Tester: @wxy1234564846--> 8<!--Adviser: @zengyawen--> 9 10HUKS提供了接口供业务获取指定密钥的相关属性。在获取指定密钥属性前,需要确保已在HUKS中生成或导入持久化存储的密钥。 11>**说明:** 12> 轻量级设备不支持获取密钥属性功能。 13 14## 在CMake脚本中链接相关动态库 15```txt 16target_link_libraries(entry PUBLIC libhuks_ndk.z.so) 17``` 18## 开发步骤 19 201. 构造对应参数。 21 - keyAlias:密钥别名,封装成[OH_Huks_Blob](../../reference/apis-universal-keystore-kit/capi-hukstypeapi-oh-huks-blob.md)结构,密钥别名最大长度为128字节。 22 - paramSetIn:预留参数,暂不需要处理,传空即可。 23 - paramSetOut:用于放置获取到的参数集结果,为[OH_Huks_ParamSet](../../reference/apis-universal-keystore-kit/capi-hukstypeapi-oh-huks-paramset.md)类型对象,需要业务提前申请好内存,需申请足够容纳获取到的密钥属性集的内存大小。 24 252. 调用接口[OH_Huks_GetKeyItemParamSet](../../reference/apis-universal-keystore-kit/capi-native-huks-api-h.md#oh_huks_getkeyitemparamset),传入上述参数。 26 273. 返回值为成功码/错误码,获取成功后,从参数集中读取需要的参数。 28 29```c++ 30#include "huks/native_huks_api.h" 31#include "huks/native_huks_param.h" 32#include "napi/native_api.h" 33#include <cstring> 34 35OH_Huks_Result InitParamSet(struct OH_Huks_ParamSet **paramSet, const struct OH_Huks_Param *params, 36 uint32_t paramCount) 37{ 38 OH_Huks_Result ret = OH_Huks_InitParamSet(paramSet); 39 if (ret.errorCode != OH_HUKS_SUCCESS) { 40 return ret; 41 } 42 ret = OH_Huks_AddParams(*paramSet, params, paramCount); 43 if (ret.errorCode != OH_HUKS_SUCCESS) { 44 OH_Huks_FreeParamSet(paramSet); 45 return ret; 46 } 47 ret = OH_Huks_BuildParamSet(paramSet); 48 if (ret.errorCode != OH_HUKS_SUCCESS) { 49 OH_Huks_FreeParamSet(paramSet); 50 return ret; 51 } 52 return ret; 53} 54 55struct OH_Huks_Param g_testGenerateKeyParam[] = {{.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_ECC}, 56 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE}, 57 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_ECC_KEY_SIZE_256}, 58 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_NONE}}; 59 60static OH_Huks_Result GenerateKeyHelper(const char *alias) 61{ 62 struct OH_Huks_Blob aliasBlob = {.size = (uint32_t)strlen(alias), .data = (uint8_t *)alias}; 63 struct OH_Huks_ParamSet *testGenerateKeyParamSet = nullptr; 64 struct OH_Huks_Result ohResult; 65 do { 66 /* 1.初始化密钥属性集 */ 67 ohResult = InitParamSet(&testGenerateKeyParamSet, g_testGenerateKeyParam, 68 sizeof(g_testGenerateKeyParam) / sizeof(OH_Huks_Param)); 69 if (ohResult.errorCode != OH_HUKS_SUCCESS) { 70 break; 71 } 72 /* 1.生成密钥 */ 73 ohResult = OH_Huks_GenerateKeyItem(&aliasBlob, testGenerateKeyParamSet, nullptr); 74 } while (0); 75 OH_Huks_FreeParamSet(&testGenerateKeyParamSet); 76 return ohResult; 77} 78 79static napi_value GetKeyParamSet(napi_env env, napi_callback_info info) 80{ 81 /* 1. 参数构造:确定密钥别名 */ 82 const char *alias = "test_key"; 83 struct OH_Huks_Blob aliasBlob = { .size = (uint32_t)strlen(alias), .data = (uint8_t *)alias }; 84 85 /* 生成密钥 */ 86 OH_Huks_Result genResult = GenerateKeyHelper(alias); 87 if (genResult.errorCode != OH_HUKS_SUCCESS) { 88 napi_value ret; 89 napi_create_int32(env, genResult.errorCode, &ret); 90 return ret; 91 } 92 93 const size_t paramSetSize = 512; 94 /* 构造参数:为参数集申请内存 95 * 请业务按实际情况评估大小进行申请 96 */ 97 struct OH_Huks_ParamSet *outParamSet = static_cast<struct OH_Huks_ParamSet *>(malloc(paramSetSize)); 98 if (outParamSet == nullptr) { 99 return nullptr; 100 } 101 outParamSet->paramSetSize = paramSetSize; 102 struct OH_Huks_Result ohResult; 103 do { 104 /* 2. 获取密钥属性集 */ 105 ohResult = OH_Huks_GetKeyItemParamSet(&aliasBlob, nullptr, outParamSet); 106 if (ohResult.errorCode != OH_HUKS_SUCCESS) { 107 break; 108 } 109 /* 3. 从参数集中读取参数,以OH_HUKS_TAG_PURPOSE为例 */ 110 OH_Huks_Param *purposeParam = nullptr; // 无需申请内存,获取后指针指向该参数在参数集中所处内存地址 111 ohResult = OH_Huks_GetParam(outParamSet, OH_HUKS_TAG_PURPOSE, &purposeParam); 112 if (ohResult.errorCode != OH_HUKS_SUCCESS) { 113 break; 114 } 115 } while (0); 116 OH_Huks_FreeParamSet(&outParamSet); 117 napi_value ret; 118 napi_create_int32(env, ohResult.errorCode, &ret); 119 return ret; 120} 121``` 122