1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit NetworkKit 19 */ 20 21import type { AsyncCallback } from './@ohos.base'; 22 23/** 24 * Provides networkSecurity related APIs. 25 * @namespace networkSecurity 26 * @syscap SystemCapability.Communication.NetStack 27 * @since 11 28 */ 29declare namespace networkSecurity { 30 /** 31 * Defines the certificate type. 32 * @enum {number} 33 * @syscap SystemCapability.Communication.NetStack 34 * @since 11 35 */ 36 export enum CertType { 37 /** 38 * PEM type certificate. 39 * @syscap SystemCapability.Communication.NetStack 40 * @since 11 41 */ 42 CERT_TYPE_PEM = 0, 43 44 /** 45 * DER type certificate. 46 * @syscap SystemCapability.Communication.NetStack 47 * @since 11 48 */ 49 CERT_TYPE_DER = 1 50 } 51 52 /** 53 * Define the certificate content. 54 * @interface CertBlob 55 * @syscap SystemCapability.Communication.NetStack 56 * @since 11 57 */ 58 export interface CertBlob { 59 /** 60 * Certificate type. 61 * @type { CertType } 62 * @syscap SystemCapability.Communication.NetStack 63 * @since 11 64 */ 65 type: CertType; 66 67 /** 68 * Certificate data. 69 * @type {string | ArrayBuffer} 70 * @syscap SystemCapability.Communication.NetStack 71 * @since 11 72 */ 73 data: string | ArrayBuffer; 74 } 75 76 /** 77 * Certificate verification to the server. 78 * @param { CertBlob } cert - Certificates to be verified. 79 * @param { CertBlob } [caCert] - Incoming custom CA cert. 80 * @returns { Promise<number> } The promise returned by the function. 81 * Number equals 0 if verify of certification from server succeed, else verify failed. 82 * @throws { BusinessError } 401 - Parameter error. 83 * @throws { BusinessError } 2305001 - Unspecified error. 84 * @throws { BusinessError } 2305002 - Unable to get issuer certificate. 85 * @throws { BusinessError } 2305003 - Unable to get certificate revocation list (CRL). 86 * @throws { BusinessError } 2305004 - Unable to decrypt certificate signature. 87 * @throws { BusinessError } 2305005 - Unable to decrypt CRL signature. 88 * @throws { BusinessError } 2305006 - Unable to decode issuer public key. 89 * @throws { BusinessError } 2305007 - Certificate signature failure. 90 * @throws { BusinessError } 2305008 - CRL signature failure. 91 * @throws { BusinessError } 2305009 - Certificate is not yet valid. 92 * @throws { BusinessError } 2305010 - Certificate has expired. 93 * @throws { BusinessError } 2305011 - CRL is not yet valid. 94 * @throws { BusinessError } 2305012 - CRL has expired. 95 * @throws { BusinessError } 2305023 - Certificate has been revoked. 96 * @throws { BusinessError } 2305024 - Invalid certificate authority (CA). 97 * @throws { BusinessError } 2305027 - Certificate is untrusted. 98 * @syscap SystemCapability.Communication.NetStack 99 * @since 11 100 */ 101 /** 102 * Certificate verification to the server. 103 * @param { CertBlob } cert - Certificates to be verified. 104 * @param { CertBlob } [caCert] - Incoming custom CA cert. 105 * @returns { Promise<number> } The promise returned by the function. 106 * Number equals 0 if verify of certification from server succeed, else verify failed. 107 * @throws { BusinessError } 401 - Parameter error. 108 * @throws { BusinessError } 2305001 - Unspecified error. 109 * @throws { BusinessError } 2305002 - Unable to get issuer certificate. 110 * @throws { BusinessError } 2305003 - Unable to get certificate revocation list (CRL). 111 * @throws { BusinessError } 2305004 - Unable to decrypt certificate signature. 112 * @throws { BusinessError } 2305005 - Unable to decrypt CRL signature. 113 * @throws { BusinessError } 2305006 - Unable to decode issuer public key. 114 * @throws { BusinessError } 2305007 - Certificate signature failure. 115 * @throws { BusinessError } 2305008 - CRL signature failure. 116 * @throws { BusinessError } 2305009 - Certificate is not yet valid. 117 * @throws { BusinessError } 2305010 - Certificate has expired. 118 * @throws { BusinessError } 2305011 - CRL is not yet valid. 119 * @throws { BusinessError } 2305012 - CRL has expired. 120 * @throws { BusinessError } 2305018 - Self-signed certificate. 121 * @throws { BusinessError } 2305023 - Certificate has been revoked. 122 * @throws { BusinessError } 2305024 - Invalid certificate authority (CA). 123 * @throws { BusinessError } 2305027 - Certificate is untrusted. 124 * @throws { BusinessError } 2305069 - Invalid certificate verification context. 125 * @syscap SystemCapability.Communication.NetStack 126 * @since 12 127 */ 128 export function certVerification(cert: CertBlob, caCert?: CertBlob): Promise<number>; 129 130 /** 131 * Certificate verification to the server. 132 * @param { CertBlob } cert - Certificates to be verified. 133 * @param { CertBlob } [caCert] - Incoming custom CA cert. 134 * @returns { number } Returns 0 if verify of certification from server succeed, else verify failed. 135 * @throws { BusinessError } 401 - Parameter error. 136 * @throws { BusinessError } 2305001 - Unspecified error. 137 * @throws { BusinessError } 2305002 - Unable to get issuer certificate. 138 * @throws { BusinessError } 2305003 - Unable to get certificate revocation list (CRL). 139 * @throws { BusinessError } 2305004 - Unable to decrypt certificate signature. 140 * @throws { BusinessError } 2305005 - Unable to decrypt CRL signature. 141 * @throws { BusinessError } 2305006 - Unable to decode issuer public key. 142 * @throws { BusinessError } 2305007 - Certificate signature failure. 143 * @throws { BusinessError } 2305008 - CRL signature failure. 144 * @throws { BusinessError } 2305009 - Certificate is not yet valid. 145 * @throws { BusinessError } 2305010 - Certificate has expired. 146 * @throws { BusinessError } 2305011 - CRL is not yet valid. 147 * @throws { BusinessError } 2305012 - CRL has expired. 148 * @throws { BusinessError } 2305023 - Certificate has been revoked. 149 * @throws { BusinessError } 2305024 - Invalid certificate authority (CA). 150 * @throws { BusinessError } 2305027 - Certificate is untrusted. 151 * @syscap SystemCapability.Communication.NetStack 152 * @since 11 153 */ 154 /** 155 * Certificate verification to the server. 156 * @param { CertBlob } cert - Certificates to be verified. 157 * @param { CertBlob } [caCert] - Incoming custom CA cert. 158 * @returns { number } Returns 0 if verify of certification from server succeed, else verify failed. 159 * @throws { BusinessError } 401 - Parameter error. 160 * @throws { BusinessError } 2305001 - Unspecified error. 161 * @throws { BusinessError } 2305002 - Unable to get issuer certificate. 162 * @throws { BusinessError } 2305003 - Unable to get certificate revocation list (CRL). 163 * @throws { BusinessError } 2305004 - Unable to decrypt certificate signature. 164 * @throws { BusinessError } 2305005 - Unable to decrypt CRL signature. 165 * @throws { BusinessError } 2305006 - Unable to decode issuer public key. 166 * @throws { BusinessError } 2305007 - Certificate signature failure. 167 * @throws { BusinessError } 2305008 - CRL signature failure. 168 * @throws { BusinessError } 2305009 - Certificate is not yet valid. 169 * @throws { BusinessError } 2305010 - Certificate has expired. 170 * @throws { BusinessError } 2305011 - CRL is not yet valid. 171 * @throws { BusinessError } 2305012 - CRL has expired. 172 * @throws { BusinessError } 2305018 - Self-signed certificate. 173 * @throws { BusinessError } 2305023 - Certificate has been revoked. 174 * @throws { BusinessError } 2305024 - Invalid certificate authority (CA). 175 * @throws { BusinessError } 2305027 - Certificate is untrusted. 176 * @throws { BusinessError } 2305069 - Invalid certificate verification context. 177 * @syscap SystemCapability.Communication.NetStack 178 * @since 12 179 */ 180 export function certVerificationSync(cert: CertBlob, caCert?: CertBlob): number; 181 182 /** 183 * Checks whether the Cleartext traffic is permitted. 184 * To invoke this method, you must have the {@code ohos.permission.INTERNET} permission. 185 * @permission ohos.permission.INTERNET 186 * @returns { boolean } Returns true if the Cleartext traffic is permitted, else returns false. 187 * @throws { BusinessError } 201 - Permission denied. 188 * @syscap SystemCapability.Communication.NetStack 189 * @since 18 190 */ 191 export function isCleartextPermitted(): boolean; 192 193 /** 194 * Checks whether the Cleartext traffic for a specified hostname is permitted. 195 * To invoke this method, you must have the {@code ohos.permission.INTERNET} permission. 196 * @permission ohos.permission.INTERNET 197 * @param { string } hostName - Indicates the host name. 198 * @returns { boolean } Returns true if the Cleartext traffic is permitted, else returns false. 199 * @throws { BusinessError } 201 - Permission denied. 200 * @syscap SystemCapability.Communication.NetStack 201 * @since 18 202 */ 203 export function isCleartextPermittedByHostName(hostName: string): boolean; 204} 205 206export default networkSecurity; 207