1/* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit DeviceCertificateKit 19 */ 20 21import type { AsyncCallback } from './@ohos.base'; 22 23/** 24 * OpenHarmony Universal CertificateManager 25 * 26 * @namespace certificateManager 27 * @syscap SystemCapability.Security.CertificateManager 28 * @since 11 29 */ 30declare namespace certificateManager { 31 /** 32 * Enum for result code 33 * 34 * @enum { number } 35 * @syscap SystemCapability.Security.CertificateManager 36 * @since 11 37 */ 38 export enum CMErrorCode { 39 /** 40 * Indicates that the application has no permission to call the API. 41 * 42 * @syscap SystemCapability.Security.CertificateManager 43 * @since 11 44 */ 45 CM_ERROR_NO_PERMISSION = 201, 46 47 /** 48 * Indicates that the application is not a system application. 49 * 50 * @syscap SystemCapability.Security.CertificateManager 51 * @systemapi 52 * @since 11 53 */ 54 CM_ERROR_NOT_SYSTEM_APP = 202, 55 56 /** 57 * Indicates that the input parameters are invalid. 58 * 59 * @syscap SystemCapability.Security.CertificateManager 60 * @since 11 61 */ 62 CM_ERROR_INVALID_PARAMS = 401, 63 64 /** 65 * Indicates that internal error. Possible causes: 1. IPC communication failed; 66 * <br>2. Memory operation error; 3. File operation error. 67 * 68 * @syscap SystemCapability.Security.CertificateManager 69 * @since 11 70 */ 71 CM_ERROR_GENERIC = 17500001, 72 73 /** 74 * Indicates that the certificate does not exist. 75 * 76 * @syscap SystemCapability.Security.CertificateManager 77 * @since 11 78 */ 79 CM_ERROR_NO_FOUND = 17500002, 80 81 /** 82 * Indicates that the keystore is in an invalid format or the keystore password is incorrect. 83 * 84 * @syscap SystemCapability.Security.CertificateManager 85 * @since 11 86 */ 87 CM_ERROR_INCORRECT_FORMAT = 17500003, 88 89 /** 90 * Indicates that the number of certificates or credentials reaches the maximum allowed. 91 * 92 * @syscap SystemCapability.Security.CertificateManager 93 * @since 12 94 */ 95 CM_ERROR_MAX_CERT_COUNT_REACHED = 17500004, 96 97 /** 98 * Indicates that the application is not authorized by the user. 99 * 100 * @syscap SystemCapability.Security.CertificateManager 101 * @since 12 102 */ 103 CM_ERROR_NO_AUTHORIZATION = 17500005, 104 105 /** 106 * Indicates that the device enters advanced security mode. 107 * 108 * @syscap SystemCapability.Security.CertificateManager 109 * @since 18 110 */ 111 CM_ERROR_DEVICE_ENTER_ADVSECMODE = 17500007, 112 113 /** 114 * Indicates that the device does not support the specified certificate store path. 115 * 116 * @syscap SystemCapability.Security.CertificateManager 117 * @since 20 118 */ 119 CM_ERROR_STORE_PATH_NOT_SUPPORTED = 17500009 120 } 121 122 /** 123 * Provides the CertInfo type. 124 * 125 * @typedef CertInfo 126 * @syscap SystemCapability.Security.CertificateManager 127 * @since 11 128 */ 129 export interface CertInfo { 130 /** 131 * Indicates the uri of certificate. 132 * 133 * @type { string } 134 * @syscap SystemCapability.Security.CertificateManager 135 * @since 11 136 */ 137 uri: string; 138 139 /** 140 * Indicates the alias of certificate. 141 * 142 * @type { string } 143 * @syscap SystemCapability.Security.CertificateManager 144 * @since 11 145 */ 146 certAlias: string; 147 148 /** 149 * Indicates the state of certificate. 150 * 151 * @type { boolean } 152 * @syscap SystemCapability.Security.CertificateManager 153 * @since 11 154 */ 155 state: boolean; 156 157 /** 158 * Indicates the issuer name of certificate. 159 * 160 * @type { string } 161 * @syscap SystemCapability.Security.CertificateManager 162 * @since 11 163 */ 164 issuerName: string; 165 166 /** 167 * Indicates the subject name of certificate. 168 * 169 * @type { string } 170 * @syscap SystemCapability.Security.CertificateManager 171 * @since 11 172 */ 173 subjectName: string; 174 175 /** 176 * Indicates the serial number of certificate. 177 * 178 * @type { string } 179 * @syscap SystemCapability.Security.CertificateManager 180 * @since 11 181 */ 182 serial: string; 183 184 /** 185 * Indicates the not before time of certificate. 186 * 187 * @type { string } 188 * @syscap SystemCapability.Security.CertificateManager 189 * @since 11 190 */ 191 notBefore: string; 192 193 /** 194 * Indicates the not after time of certificate. 195 * 196 * @type { string } 197 * @syscap SystemCapability.Security.CertificateManager 198 * @since 11 199 */ 200 notAfter: string; 201 202 /** 203 * Indicates the fingerprint of certificate. 204 * 205 * @type { string } 206 * @syscap SystemCapability.Security.CertificateManager 207 * @since 11 208 */ 209 fingerprintSha256: string; 210 211 /** 212 * Indicates the certificate binary data. 213 * 214 * @type { Uint8Array } 215 * @syscap SystemCapability.Security.CertificateManager 216 * @since 11 217 */ 218 cert: Uint8Array; 219 } 220 221 /** 222 * Provides the abstract Cert type. 223 * 224 * @typedef CertAbstract 225 * @syscap SystemCapability.Security.CertificateManager 226 * @since 11 227 */ 228 export interface CertAbstract { 229 /** 230 * Indicates the uri of certificate. 231 * 232 * @type { string } 233 * @syscap SystemCapability.Security.CertificateManager 234 * @since 11 235 */ 236 uri: string; 237 238 /** 239 * Indicates the alias of certificate. 240 * 241 * @type { string } 242 * @syscap SystemCapability.Security.CertificateManager 243 * @since 11 244 */ 245 certAlias: string; 246 247 /** 248 * Indicates the state of certificate. 249 * 250 * @type { boolean } 251 * @syscap SystemCapability.Security.CertificateManager 252 * @since 11 253 */ 254 state: boolean; 255 256 /** 257 * Indicates the subject name of certificate. 258 * 259 * @type { string } 260 * @syscap SystemCapability.Security.CertificateManager 261 * @since 11 262 */ 263 subjectName: string; 264 } 265 266 /** 267 * Provides the Credential type. 268 * 269 * @typedef Credential 270 * @syscap SystemCapability.Security.CertificateManager 271 * @since 11 272 */ 273 export interface Credential { 274 /** 275 * Indicates the type of Credential. 276 * 277 * @type { string } 278 * @syscap SystemCapability.Security.CertificateManager 279 * @since 11 280 */ 281 type: string; 282 283 /** 284 * Indicates the alias of Credential. 285 * 286 * @type { string } 287 * @syscap SystemCapability.Security.CertificateManager 288 * @since 11 289 */ 290 alias: string; 291 292 /** 293 * Indicates the uri of Credential. 294 * 295 * @type { string } 296 * @syscap SystemCapability.Security.CertificateManager 297 * @since 11 298 */ 299 keyUri: string; 300 301 /** 302 * Indicates the number of certificates included in the credential. 303 * 304 * @type { number } 305 * @syscap SystemCapability.Security.CertificateManager 306 * @since 11 307 */ 308 certNum: number; 309 310 /** 311 * Indicates the number of key included in the credential. 312 * 313 * @type { number } 314 * @syscap SystemCapability.Security.CertificateManager 315 * @since 11 316 */ 317 keyNum: number; 318 319 /** 320 * Indicates the credential binary data. 321 * 322 * @type { Uint8Array } 323 * @syscap SystemCapability.Security.CertificateManager 324 * @since 11 325 */ 326 credentialData: Uint8Array; 327 } 328 329 /** 330 * Provides the abstract Credential type. 331 * 332 * @typedef CredentialAbstract 333 * @syscap SystemCapability.Security.CertificateManager 334 * @since 11 335 */ 336 export interface CredentialAbstract { 337 /** 338 * Indicates the type of Credential. 339 * 340 * @type { string } 341 * @syscap SystemCapability.Security.CertificateManager 342 * @since 11 343 */ 344 type: string; 345 346 /** 347 * Indicates the alias of Credential. 348 * 349 * @type { string } 350 * @syscap SystemCapability.Security.CertificateManager 351 * @since 11 352 */ 353 alias: string; 354 355 /** 356 * Indicates the uri of Credential. 357 * 358 * @type { string } 359 * @syscap SystemCapability.Security.CertificateManager 360 * @since 11 361 */ 362 keyUri: string; 363 } 364 365 /** 366 * Provides the CMResult type. 367 * 368 * @typedef CMResult 369 * @syscap SystemCapability.Security.CertificateManager 370 * @since 11 371 */ 372 export interface CMResult { 373 /** 374 * Indicates the certificate list of CMResult. 375 * 376 * @type { ?Array<CertAbstract> } 377 * @syscap SystemCapability.Security.CertificateManager 378 * @since 11 379 */ 380 certList?: Array<CertAbstract>; 381 382 /** 383 * Indicates the certificate info of CMResult. 384 * 385 * @type { ?CertInfo } 386 * @syscap SystemCapability.Security.CertificateManager 387 * @since 11 388 */ 389 certInfo?: CertInfo; 390 391 /** 392 * Indicates the credential list of CMResult. 393 * 394 * @type { ?Array<CredentialAbstract> } 395 * @syscap SystemCapability.Security.CertificateManager 396 * @since 11 397 */ 398 credentialList?: Array<CredentialAbstract>; 399 400 /** 401 * Indicates the credential of CMResult. 402 * 403 * @type { ?Credential } 404 * @syscap SystemCapability.Security.CertificateManager 405 * @since 11 406 */ 407 credential?: Credential; 408 409 /** 410 * Indicates the app uid list of CMResult. 411 * 412 * @type { ?Array<string> } 413 * @syscap SystemCapability.Security.CertificateManager 414 * @since 11 415 */ 416 appUidList?: Array<string>; 417 418 /** 419 * Indicates the certificate uri of CMResult. 420 * 421 * @type { ?string } 422 * @syscap SystemCapability.Security.CertificateManager 423 * @since 11 424 */ 425 uri?: string; 426 427 /** 428 * Indicates the outData of CMResult. 429 * 430 * @type { ?Uint8Array } 431 * @syscap SystemCapability.Security.CertificateManager 432 * @since 11 433 */ 434 outData?: Uint8Array; 435 } 436 437 /** 438 * Enum for Key Purpose 439 * 440 * @enum { number } 441 * @syscap SystemCapability.Security.CertificateManager 442 * @since 11 443 */ 444 export enum CmKeyPurpose { 445 /** 446 * Indicates that key for signature. 447 * 448 * @syscap SystemCapability.Security.CertificateManager 449 * @since 11 450 */ 451 CM_KEY_PURPOSE_SIGN = 4, 452 453 /** 454 * Indicates that key for verify. 455 * 456 * @syscap SystemCapability.Security.CertificateManager 457 * @since 11 458 */ 459 CM_KEY_PURPOSE_VERIFY = 8 460 } 461 462 /** 463 * Enum for Key Digest 464 * 465 * @enum { number } 466 * @syscap SystemCapability.Security.CertificateManager 467 * @since 11 468 */ 469 export enum CmKeyDigest { 470 /** 471 * Indicates that key digest is none. 472 * 473 * @syscap SystemCapability.Security.CertificateManager 474 * @since 11 475 */ 476 CM_DIGEST_NONE = 0, 477 478 /** 479 * Indicates that key digest is md5. 480 * 481 * @syscap SystemCapability.Security.CertificateManager 482 * @since 11 483 */ 484 CM_DIGEST_MD5 = 1, 485 486 /** 487 * Indicates that key digest is sha1. 488 * 489 * @syscap SystemCapability.Security.CertificateManager 490 * @since 11 491 */ 492 CM_DIGEST_SHA1 = 2, 493 494 /** 495 * Indicates that key digest is sha224. 496 * 497 * @syscap SystemCapability.Security.CertificateManager 498 * @since 11 499 */ 500 CM_DIGEST_SHA224 = 3, 501 502 /** 503 * Indicates that key digest is sha256. 504 * 505 * @syscap SystemCapability.Security.CertificateManager 506 * @since 11 507 */ 508 CM_DIGEST_SHA256 = 4, 509 510 /** 511 * Indicates that key digest is sha384. 512 * 513 * @syscap SystemCapability.Security.CertificateManager 514 * @since 11 515 */ 516 CM_DIGEST_SHA384 = 5, 517 518 /** 519 * Indicates that key digest is sha512. 520 * 521 * @syscap SystemCapability.Security.CertificateManager 522 * @since 11 523 */ 524 CM_DIGEST_SHA512 = 6, 525 526 /** 527 * Indicates that key digest is SM3. 528 * 529 * @syscap SystemCapability.Security.CertificateManager 530 * @since 18 531 */ 532 CM_DIGEST_SM3 = 7 533 } 534 535 /** 536 * Enum for Key Padding 537 * 538 * @enum { number } 539 * @syscap SystemCapability.Security.CertificateManager 540 * @since 11 541 */ 542 export enum CmKeyPadding { 543 /** 544 * Indicates that key padding is none. 545 * 546 * @syscap SystemCapability.Security.CertificateManager 547 * @since 11 548 */ 549 CM_PADDING_NONE = 0, 550 551 /** 552 * Indicates that key padding is PSS. 553 * 554 * @syscap SystemCapability.Security.CertificateManager 555 * @since 11 556 */ 557 CM_PADDING_PSS = 1, 558 559 /** 560 * Indicates that key padding is PKCS1_V1_5. 561 * 562 * @syscap SystemCapability.Security.CertificateManager 563 * @since 11 564 */ 565 CM_PADDING_PKCS1_V1_5 = 2 566 } 567 568 /** 569 * Provides the CMSignatureSpec type. 570 * 571 * @typedef CMSignatureSpec 572 * @syscap SystemCapability.Security.CertificateManager 573 * @since 11 574 */ 575 export interface CMSignatureSpec { 576 /** 577 * Indicates the key purpose of CMSignatureSpec. 578 * 579 * @type { CmKeyPurpose } 580 * @syscap SystemCapability.Security.CertificateManager 581 * @since 11 582 */ 583 purpose: CmKeyPurpose; 584 585 /** 586 * Indicates the key padding of CMSignatureSpec. 587 * 588 * @type { ?CmKeyPadding } 589 * @syscap SystemCapability.Security.CertificateManager 590 * @since 11 591 */ 592 padding?: CmKeyPadding; 593 594 /** 595 * Indicates the key digest of CMSignatureSpec. 596 * 597 * @type { ?CmKeyDigest } 598 * @syscap SystemCapability.Security.CertificateManager 599 * @since 11 600 */ 601 digest?: CmKeyDigest; 602 } 603 604 /** 605 * Provides the CMHandle type. 606 * 607 * @typedef CMHandle 608 * @syscap SystemCapability.Security.CertificateManager 609 * @since 11 610 */ 611 export interface CMHandle { 612 /** 613 * Indicates the handle . 614 * 615 * @type { Uint8Array } 616 * @syscap SystemCapability.Security.CertificateManager 617 * @since 11 618 */ 619 handle: Uint8Array; 620 } 621 622 /** 623 * Install private application certificate. 624 * 625 * @permission ohos.permission.ACCESS_CERT_MANAGER 626 * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate. 627 * @param { string } keystorePwd - Indicates the password of keystore file. 628 * @param { string } certAlias - Indicates the certificate name inputted by the user. 629 * @param { AsyncCallback<CMResult> } callback - The callback of installPrivateCertificate. 630 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 631 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 632 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 633 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 634 * <br>2. Memory operation error; 3. File operation error. 635 * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect. 636 * @syscap SystemCapability.Security.CertificateManager 637 * @since 11 638 */ 639 /** 640 * Install private application certificate. 641 * 642 * @permission ohos.permission.ACCESS_CERT_MANAGER 643 * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate. 644 * @param { string } keystorePwd - Indicates the password of keystore file. 645 * @param { string } certAlias - Indicates the certificate name inputted by the user. 646 * @param { AsyncCallback<CMResult> } callback - The callback of installPrivateCertificate. 647 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 648 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 649 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 650 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 651 * <br>2. Memory operation error; 3. File operation error. 652 * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect. 653 * @throws { BusinessError } 17500004 - The number of certificates or credentials reaches the maximum allowed. 654 * @syscap SystemCapability.Security.CertificateManager 655 * @since 12 656 */ 657 function installPrivateCertificate( 658 keystore: Uint8Array, 659 keystorePwd: string, 660 certAlias: string, 661 callback: AsyncCallback<CMResult> 662 ): void; 663 664 /** 665 * Install private application certificate. 666 * 667 * @permission ohos.permission.ACCESS_CERT_MANAGER 668 * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate. 669 * @param { string } keystorePwd - Indicates the password of keystore file. 670 * @param { string } certAlias - Indicates the certificate name inputted by the user. 671 * @returns { Promise<CMResult> } The promise returned by the function. 672 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 673 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 674 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 675 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 676 * <br>2. Memory operation error; 3. File operation error. 677 * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect. 678 * @syscap SystemCapability.Security.CertificateManager 679 * @since 11 680 */ 681 /** 682 * Install private application certificate. 683 * 684 * @permission ohos.permission.ACCESS_CERT_MANAGER 685 * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate. 686 * @param { string } keystorePwd - Indicates the password of keystore file. 687 * @param { string } certAlias - Indicates the certificate name inputted by the user. 688 * @returns { Promise<CMResult> } The promise returned by the function. 689 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 690 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 691 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 692 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 693 * <br>2. Memory operation error; 3. File operation error. 694 * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect. 695 * @throws { BusinessError } 17500004 - The number of certificates or credentials reaches the maximum allowed. 696 * @syscap SystemCapability.Security.CertificateManager 697 * @since 12 698 */ 699 function installPrivateCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string): Promise<CMResult>; 700 701 /** 702 * Uninstall the specified normal application certificate. 703 * 704 * @permission ohos.permission.ACCESS_CERT_MANAGER 705 * @param { string } keyUri - Indicates key's name. 706 * @param { AsyncCallback<void> } callback - The callback of uninstallPrivateCertificate. 707 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 708 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 709 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 710 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 711 * <br>2. Memory operation error; 3. File operation error. 712 * @throws { BusinessError } 17500002 - The certificate does not exist. 713 * @syscap SystemCapability.Security.CertificateManager 714 * @since 11 715 */ 716 function uninstallPrivateCertificate(keyUri: string, callback: AsyncCallback<void>): void; 717 718 /** 719 * Uninstall the specified normal application certificate. 720 * 721 * @permission ohos.permission.ACCESS_CERT_MANAGER 722 * @param { string } keyUri - Indicates key's name. 723 * @returns { Promise<void> } The promise returned by the function. 724 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 725 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 726 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 727 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 728 * <br>2. Memory operation error; 3. File operation error. 729 * @throws { BusinessError } 17500002 - The certificate does not exist. 730 * @syscap SystemCapability.Security.CertificateManager 731 * @since 11 732 */ 733 function uninstallPrivateCertificate(keyUri: string): Promise<void>; 734 735 /** 736 * Get a list of all applications private certificates. 737 * 738 * @permission ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL 739 * @param { AsyncCallback<CMResult> } callback - The callback of getAllAppPrivateCertificates. 740 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 741 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 742 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 743 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 744 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 745 * <br>2. Memory operation error; 3. File operation error. 746 * @syscap SystemCapability.Security.CertificateManager 747 * @systemapi 748 * @since 11 749 */ 750 function getAllAppPrivateCertificates(callback: AsyncCallback<CMResult>): void; 751 752 /** 753 * Get a list of all applications private certificates. 754 * 755 * @permission ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL 756 * @returns { Promise<CMResult> } The promise returned by the function. 757 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 758 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 759 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 760 * <br>2. Memory operation error; 3. File operation error. 761 * @syscap SystemCapability.Security.CertificateManager 762 * @systemapi 763 * @since 11 764 */ 765 function getAllAppPrivateCertificates(): Promise<CMResult>; 766 767 /** 768 * Get the detail of private application certificate. 769 * 770 * @permission ohos.permission.ACCESS_CERT_MANAGER 771 * @param { string } keyUri - Indicates key's name. 772 * @param { AsyncCallback<CMResult> } callback - The callback of getPrivateCertificate. 773 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 774 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 775 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 776 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 777 * <br>2. Memory operation error; 3. File operation error. 778 * @throws { BusinessError } 17500002 - The certificate does not exist. 779 * @syscap SystemCapability.Security.CertificateManager 780 * @since 11 781 */ 782 function getPrivateCertificate(keyUri: string, callback: AsyncCallback<CMResult>): void; 783 784 /** 785 * Get the detail of private application certificate. 786 * 787 * @permission ohos.permission.ACCESS_CERT_MANAGER 788 * @param { string } keyUri - Indicates key's name. 789 * @returns { Promise<CMResult> } The promise returned by the function. 790 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 791 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 792 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 793 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 794 * <br>2. Memory operation error; 3. File operation error. 795 * @throws { BusinessError } 17500002 - The certificate does not exist. 796 * @syscap SystemCapability.Security.CertificateManager 797 * @since 11 798 */ 799 function getPrivateCertificate(keyUri: string): Promise<CMResult>; 800 801 /** 802 * Init operation for signing and verifying etc. 803 * 804 * @permission ohos.permission.ACCESS_CERT_MANAGER 805 * @param { string } authUri - Indicates the authorization relationship between application and application certificate. 806 * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification. 807 * @param { AsyncCallback<CMHandle> } callback - The callback of init. 808 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 809 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 810 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 811 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 812 * <br>2. Memory operation error; 3. File operation error. 813 * @throws { BusinessError } 17500002 - The certificate does not exist. 814 * @syscap SystemCapability.Security.CertificateManager 815 * @since 11 816 */ 817 /** 818 * Init operation for signing and verifying etc. 819 * 820 * @permission ohos.permission.ACCESS_CERT_MANAGER 821 * @param { string } authUri - Indicates the authorization relationship between application and application certificate. 822 * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification. 823 * @param { AsyncCallback<CMHandle> } callback - The callback of init. 824 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 825 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 826 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 827 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 828 * <br>2. Memory operation error; 3. File operation error. 829 * @throws { BusinessError } 17500002 - The certificate does not exist. 830 * @throws { BusinessError } 17500005 - The application is not authorized by the user. 831 * @syscap SystemCapability.Security.CertificateManager 832 * @since 12 833 */ 834 function init(authUri: string, spec: CMSignatureSpec, callback: AsyncCallback<CMHandle>): void; 835 836 /** 837 * Init operation for signing and verifying etc. 838 * 839 * @permission ohos.permission.ACCESS_CERT_MANAGER 840 * @param { string } authUri - Indicates the authorization relationship between application and application certificate. 841 * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification. 842 * @returns { Promise<CMHandle> } The promise returned by the function. 843 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 844 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 845 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 846 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 847 * <br>2. Memory operation error; 3. File operation error. 848 * @throws { BusinessError } 17500002 - The certificate does not exist. 849 * @syscap SystemCapability.Security.CertificateManager 850 * @since 11 851 */ 852 /** 853 * Init operation for signing and verifying etc. 854 * 855 * @permission ohos.permission.ACCESS_CERT_MANAGER 856 * @param { string } authUri - Indicates the authorization relationship between application and application certificate. 857 * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification. 858 * @returns { Promise<CMHandle> } The promise returned by the function. 859 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 860 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 861 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 862 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 863 * <br>2. Memory operation error; 3. File operation error. 864 * @throws { BusinessError } 17500002 - The certificate does not exist. 865 * @throws { BusinessError } 17500005 - The application is not authorized by the user. 866 * @syscap SystemCapability.Security.CertificateManager 867 * @since 12 868 */ 869 function init(authUri: string, spec: CMSignatureSpec): Promise<CMHandle>; 870 871 /** 872 * Update operation for signing and verifying etc. 873 * 874 * @permission ohos.permission.ACCESS_CERT_MANAGER 875 * @param { Uint8Array } handle - Indicates the handle of the init operation. 876 * @param { Uint8Array } data - Indicates the input value. 877 * @param { AsyncCallback<void> } callback - The callback of update. 878 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 879 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 880 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 881 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 882 * <br>2. Memory operation error; 3. File operation error. 883 * @syscap SystemCapability.Security.CertificateManager 884 * @since 11 885 */ 886 function update(handle: Uint8Array, data: Uint8Array, callback: AsyncCallback<void>): void; 887 888 /** 889 * Update operation for signing and verifying etc. 890 * 891 * @permission ohos.permission.ACCESS_CERT_MANAGER 892 * @param { Uint8Array } handle - Indicates the handle of the init operation. 893 * @param { Uint8Array } data - Indicates the input value. 894 * @returns { Promise<void> } The promise returned by the function. 895 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 896 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 897 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 898 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 899 * <br>2. Memory operation error; 3. File operation error. 900 * @syscap SystemCapability.Security.CertificateManager 901 * @since 11 902 */ 903 function update(handle: Uint8Array, data: Uint8Array): Promise<void>; 904 905 /** 906 * Finish operation for signing and verifying etc. 907 * 908 * @permission ohos.permission.ACCESS_CERT_MANAGER 909 * @param { Uint8Array } handle - Indicates the handle of the init operation. 910 * @param { AsyncCallback<CMResult> } callback - The callback of finish. 911 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 912 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 913 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 914 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 915 * <br>2. Memory operation error; 3. File operation error. 916 * @syscap SystemCapability.Security.CertificateManager 917 * @since 11 918 */ 919 function finish(handle: Uint8Array, callback: AsyncCallback<CMResult>): void; 920 921 /** 922 * Finish operation for signing and verifying etc. 923 * 924 * @permission ohos.permission.ACCESS_CERT_MANAGER 925 * @param { Uint8Array } handle - Indicates the handle of the init operation. 926 * @param { Uint8Array } signature - Indicates the sign data. 927 * @param { AsyncCallback<CMResult> } callback - The callback of finish. 928 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 929 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 930 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 931 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 932 * <br>2. Memory operation error; 3. File operation error. 933 * @syscap SystemCapability.Security.CertificateManager 934 * @since 11 935 */ 936 function finish(handle: Uint8Array, signature: Uint8Array, callback: AsyncCallback<CMResult>): void; 937 938 /** 939 * Finish operation for signing and verifying etc. 940 * 941 * @permission ohos.permission.ACCESS_CERT_MANAGER 942 * @param { Uint8Array } handle - Indicates the handle of the init operation. 943 * @param { Uint8Array } [options] signature - Indicates the sign data. 944 * @returns { Promise<CMResult> } The promise returned by the function. 945 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 946 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 947 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 948 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 949 * <br>2. Memory operation error; 3. File operation error. 950 * @syscap SystemCapability.Security.CertificateManager 951 * @since 11 952 */ 953 function finish(handle: Uint8Array, signature?: Uint8Array): Promise<CMResult>; 954 955 /** 956 * Abort operation for signing and verifying etc. 957 * 958 * @permission ohos.permission.ACCESS_CERT_MANAGER 959 * @param { Uint8Array } handle - Indicates the handle of the init operation. 960 * @param { AsyncCallback<void> } callback - The callback of abort. 961 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 962 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 963 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 964 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 965 * <br>2. Memory operation error; 3. File operation error. 966 * @syscap SystemCapability.Security.CertificateManager 967 * @since 11 968 */ 969 function abort(handle: Uint8Array, callback: AsyncCallback<void>): void; 970 971 /** 972 * Abort operation for signing and verifying etc. 973 * 974 * @permission ohos.permission.ACCESS_CERT_MANAGER 975 * @param { Uint8Array } handle - Indicates the handle of the init operation. 976 * @returns { Promise<void> } The promise returned by the function. 977 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 978 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 979 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 980 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 981 * <br>2. Memory operation error; 3. File operation error. 982 * @syscap SystemCapability.Security.CertificateManager 983 * @since 11 984 */ 985 function abort(handle: Uint8Array): Promise<void>; 986 987 /** 988 * Get the detail of public application certificate. 989 * 990 * @permission ohos.permission.ACCESS_CERT_MANAGER 991 * @param { string } keyUri - Indicates the key's name. 992 * @returns { Promise<CMResult> } The promise returned by the function. 993 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 994 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 995 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 996 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 997 * <br>2. Memory operation error; 3. File operation error. 998 * @throws { BusinessError } 17500002 - The certificate does not exist. 999 * @throws { BusinessError } 17500005 - The application is not authorized by the user. 1000 * @syscap SystemCapability.Security.CertificateManager 1001 * @since 12 1002 */ 1003 function getPublicCertificate(keyUri: string): Promise<CMResult>; 1004 1005 /**: 1006 * Whether the current application is authorized by the specified public application certificate. 1007 * 1008 * @permission ohos.permission.ACCESS_CERT_MANAGER 1009 * @param { string } keyUri - Indicates the key's name. 1010 * @returns { Promise<boolean> } The promise returned by the function. 1011 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1012 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1013 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1014 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1015 * <br>2. Memory operation error; 3. File operation error. 1016 * @syscap SystemCapability.Security.CertificateManager 1017 * @since 12 1018 */ 1019 function isAuthorizedApp(keyUri: string): Promise<boolean>; 1020 1021 /** 1022 * Get a list of all user trusted CA certificates. 1023 * 1024 * @permission ohos.permission.ACCESS_CERT_MANAGER 1025 * @returns { Promise<CMResult> } The promise returned by the function. 1026 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1027 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1028 * <br>2. Memory operation error; 3. File operation error. 1029 * @syscap SystemCapability.Security.CertificateManager 1030 * @since 12 1031 */ 1032 function getAllUserTrustedCertificates(): Promise<CMResult>; 1033 1034 /** 1035 * Get a list of all user trusted CA certificates. 1036 * 1037 * @permission ohos.permission.ACCESS_CERT_MANAGER 1038 * @param { CertScope } scope - Indicates the scope of user ca certificate. 1039 * @returns { Promise<CMResult> } The user ca certificates. 1040 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1041 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1042 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1043 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1044 * <br>2. Memory operation error; 3. File operation error. 1045 * @syscap SystemCapability.Security.CertificateManager 1046 * @since 18 1047 */ 1048 function getAllUserTrustedCertificates(scope: CertScope): Promise<CMResult>; 1049 1050 /** 1051 * Get the detail of user trusted CA certificate. 1052 * 1053 * @permission ohos.permission.ACCESS_CERT_MANAGER 1054 * @param { string } certUri - Indicates the certificate's name. 1055 * @returns { Promise<CMResult> } The promise returned by the function. 1056 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1057 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1058 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1059 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1060 * <br>2. Memory operation error; 3. File operation error. 1061 * @throws { BusinessError } 17500002 - The certificate does not exist. 1062 * @syscap SystemCapability.Security.CertificateManager 1063 * @since 12 1064 */ 1065 function getUserTrustedCertificate(certUri: string): Promise<CMResult>; 1066 1067 /** 1068 * Get a list of all system application certificates, such as WLAN, VPN certificate. 1069 * 1070 * @permission ohos.permission.ACCESS_CERT_MANAGER 1071 * @returns { Promise<CMResult> } The promise returned by the function. 1072 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1073 * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API. 1074 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1075 * <br>2. Memory operation error; 3. File operation error. 1076 * @syscap SystemCapability.Security.CertificateManager 1077 * @systemapi 1078 * @since 12 1079 */ 1080 function getAllSystemAppCertificates(): Promise<CMResult>; 1081 1082 /** 1083 * Get all private certificates installed by the application. 1084 * 1085 * @permission ohos.permission.ACCESS_CERT_MANAGER 1086 * @returns { Promise<CMResult> } The private certificates installed by the application. 1087 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1088 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1089 * <br>2. Memory operation error; 3. File operation error. 1090 * @syscap SystemCapability.Security.CertificateManager 1091 * @since 13 1092 */ 1093 function getPrivateCertificates(): Promise<CMResult>; 1094 1095 /** 1096 * Enum for certificate type managed by Certificate Manager. 1097 * 1098 * @enum { number } 1099 * @syscap SystemCapability.Security.CertificateManager 1100 * @since 18 1101 */ 1102 export enum CertType { 1103 /** 1104 * Indicates that ca certificate that installed by HarmonyOS system. 1105 * 1106 * @syscap SystemCapability.Security.CertificateManager 1107 * @since 18 1108 */ 1109 CA_CERT_SYSTEM = 0, 1110 1111 /** 1112 * Indicates that ca certificate that installed by user. 1113 * 1114 * @syscap SystemCapability.Security.CertificateManager 1115 * @since 18 1116 */ 1117 CA_CERT_USER = 1 1118 } 1119 1120 /** 1121 * Enum for the scope of user ca certificate. 1122 * 1123 * @enum { number } 1124 * @syscap SystemCapability.Security.CertificateManager 1125 * @since 18 1126 */ 1127 export enum CertScope { 1128 1129 /** 1130 * Indicates that the user ca certificate for a current user. 1131 * 1132 * @syscap SystemCapability.Security.CertificateManager 1133 * @since 18 1134 */ 1135 CURRENT_USER = 1, 1136 1137 /** 1138 * Indicates that the user ca certificate for all users. 1139 * 1140 * @syscap SystemCapability.Security.CertificateManager 1141 * @since 18 1142 */ 1143 GLOBAL_USER = 2 1144 } 1145 1146 /** 1147 * Enum for the certificate algorithm type. 1148 * 1149 * @enum { number } 1150 * @syscap SystemCapability.Security.CertificateManager 1151 * @since 20 1152 */ 1153 export enum CertAlgorithm { 1154 /** 1155 * Indicates that the international cryptography algorithms, such as RSA, ECC NIST. 1156 * 1157 * @syscap SystemCapability.Security.CertificateManager 1158 * @since 20 1159 */ 1160 INTERNATIONAL = 1, 1161 1162 /** 1163 * Indicates that the Commercial Password algorithms, such as SM2, SM4. 1164 * 1165 * @syscap SystemCapability.Security.CertificateManager 1166 * @since 20 1167 */ 1168 SM = 2, 1169 } 1170 1171 /** 1172 * Provides the certificate file store property type. 1173 * 1174 * @typedef CertStoreProperty 1175 * @syscap SystemCapability.Security.CertificateManager 1176 * @since 18 1177 */ 1178 export interface CertStoreProperty { 1179 /** 1180 * Indicates the certificate type managed by Certificate Manager. 1181 * 1182 * @type { CertType } 1183 * @syscap SystemCapability.Security.CertificateManager 1184 * @since 18 1185 */ 1186 certType: CertType; 1187 1188 /** 1189 * Indicates the scope of user ca certificate. This parameter is valid only when certType is set to CA_CERT_USER. 1190 * 1191 * @type { ?CertScope } 1192 * @syscap SystemCapability.Security.CertificateManager 1193 * @since 18 1194 */ 1195 certScope?: CertScope; 1196 1197 /** 1198 * Indicates the certificate algorithm type. This parameter is valid only when certType is set to CA_CERT_SYSTEM. default value is INTERNATIONAL. 1199 * 1200 * @type { ?CertAlgorithm } 1201 * @syscap SystemCapability.Security.CertificateManager 1202 * @since 20 1203 */ 1204 certAlg?: CertAlgorithm; 1205 } 1206 1207 /** 1208 * Get the certificate file store path. 1209 * 1210 * @param { CertStoreProperty } property - Indicates the certificate file store path property. 1211 * @returns { string } the certificate file store path. 1212 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1213 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1214 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1215 * <br>2. Memory operation error; 3. File operation error. 1216 * @syscap SystemCapability.Security.CertificateManager 1217 * @since 18 1218 */ 1219 /** 1220 * Get the certificate file store path. 1221 * 1222 * @param { CertStoreProperty } property - Indicates the certificate file store path property. 1223 * @returns { string } the certificate file store path. 1224 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1225 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1226 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1227 * <br>2. Memory operation error; 3. File operation error. 1228 * @throws { BusinessError } 17500009 - The device does not support the specified certificate store path, such as the overseas device does not support the certificate which algorithm is SM. 1229 * @syscap SystemCapability.Security.CertificateManager 1230 * @since 20 1231 */ 1232 function getCertificateStorePath(property: CertStoreProperty): string; 1233 1234 /** 1235 * Install the user trusted CA certificate. 1236 * 1237 * @permission ohos.permission.ACCESS_ENTERPRISE_USER_TRUSTED_CERT or ohos.permission.ACCESS_USER_TRUSTED_CERT 1238 * @param { Uint8Array } cert - Indicates the certificate file content to be installed. 1239 * @param { CertScope } certScope - Indicates the scope of user ca certificate. 1240 * @returns { CMResult } The certificate uri that identifies the installed certificate. 1241 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1242 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1243 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1244 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1245 * <br>2. Memory operation error; 3. File operation error. 1246 * @throws { BusinessError } 17500003 - Indicates that the certificate is in an invalid format. 1247 * @throws { BusinessError } 17500004 - Indicates that the number of certificates reaches the maximum allowed. 1248 * @throws { BusinessError } 17500007 - Indicates that the device enters advanced security mode. In this mode, the user CA certificate cannot be installed. 1249 * @syscap SystemCapability.Security.CertificateManager 1250 * @since 18 1251 */ 1252 function installUserTrustedCertificateSync(cert: Uint8Array, certScope: CertScope) : CMResult; 1253 1254 /** 1255 * Uninstall the user trusted CA certificate. 1256 * 1257 * @permission ohos.permission.ACCESS_ENTERPRISE_USER_TRUSTED_CERT or ohos.permission.ACCESS_USER_TRUSTED_CERT 1258 * @param { string } certUri - Indicates the certificate uri to be uninstalled. 1259 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1260 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1261 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1262 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1263 * <br>2. Memory operation error; 3. File operation error. 1264 * @throws { BusinessError } 17500002 - Indicates that the certificate does not exist. 1265 * @syscap SystemCapability.Security.CertificateManager 1266 * @since 18 1267 */ 1268 function uninstallUserTrustedCertificateSync(certUri: string) : void; 1269 1270 /** 1271 * Install private application certificate. 1272 * 1273 * @permission ohos.permission.ACCESS_CERT_MANAGER 1274 * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate. 1275 * @param { string } keystorePwd - Indicates the password of keystore file. 1276 * @param { string } certAlias - Indicates the certificate name inputted by the user. 1277 * @param { AuthStorageLevel } level - Indicates the storage authentication level of key file. 1278 * @returns { Promise<CMResult> } The promise returned by the function. 1279 * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API. 1280 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 1281 * <br>2. Incorrect parameter types; 3. Parameter verification failed. 1282 * @throws { BusinessError } 17500001 - Internal error. Possible causes: 1. IPC communication failed; 1283 * <br>2. Memory operation error; 3. File operation error. 1284 * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect. 1285 * @throws { BusinessError } 17500004 - The number of certificates or credentials reaches the maximum allowed. 1286 * @syscap SystemCapability.Security.CertificateManager 1287 * @since 18 1288 */ 1289 function installPrivateCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string, level: AuthStorageLevel): Promise<CMResult>; 1290 1291 /** 1292 * Enum for storage authentication level 1293 * 1294 * @enum { number } 1295 * @syscap SystemCapability.Security.CertificateManager 1296 * @since 18 1297 */ 1298 export enum AuthStorageLevel { 1299 /** 1300 * Indicates that the file can be accessed after the device is started. 1301 * 1302 * @syscap SystemCapability.Security.CertificateManager 1303 * @since 18 1304 */ 1305 EL1 = 1, 1306 1307 /** 1308 * Indicates that the file can be accessed after the device is unlocked for the first time. 1309 * 1310 * @syscap SystemCapability.Security.CertificateManager 1311 * @since 18 1312 */ 1313 EL2 = 2, 1314 1315 /** 1316 * Indicates that the file can be accessed when the device is unlocked. 1317 * 1318 * @syscap SystemCapability.Security.CertificateManager 1319 * @since 18 1320 */ 1321 EL4 = 4, 1322 } 1323} 1324 1325export default certificateManager; 1326