1/* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit UniversalKeystoreKit 19 */ 20 21import type { AsyncCallback } from './@ohos.base'; 22 23/** 24 * OpenHarmony Universal KeyStore 25 * 26 * @namespace huks 27 * @syscap SystemCapability.Security.Huks.Core 28 * @since 8 29 */ 30/** 31 * OpenHarmony Universal KeyStore 32 * 33 * @namespace huks 34 * @syscap SystemCapability.Security.Huks.Core 35 * @atomicservice 36 * @since 11 37 */ 38declare namespace huks { 39 /** 40 * Generate Key. 41 * 42 * @param { string } keyAlias - keyAlias indicates the key's name. 43 * @param { HuksOptions } options - options indicates the properties of the key. 44 * @param { AsyncCallback<HuksResult> } callback - the callback of generateKey. 45 * @syscap SystemCapability.Security.Huks.Extension 46 * @since 8 47 * @deprecated since 9 48 * @useinstead ohos.security.huks.generateKeyItem 49 */ 50 function generateKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 51 52 /** 53 * Generate Key. 54 * 55 * @param { string } keyAlias - keyAlias indicates the key's name. 56 * @param { HuksOptions } options - options indicates the properties of the key. 57 * @returns { Promise<HuksResult> } the promise returned by the function. 58 * @syscap SystemCapability.Security.Huks.Extension 59 * @since 8 60 * @deprecated since 9 61 * @useinstead ohos.security.huks.generateKeyItem 62 */ 63 function generateKey(keyAlias: string, options: HuksOptions): Promise<HuksResult>; 64 65 /** 66 * Generates a key. This API uses an asynchronous callback to return the result. 67 * 68 * @param { string } keyAlias - keyAlias indicates the key's name. 69 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 70 * and key length are mandatory. 71 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 72 * this API does not return the key content because the key is always protected in a TEE. If an exception occurs in 73 * the generation process, an error is captured. 74 * @throws { BusinessError } 401 - Parameter error. Possible causes: 75 * 1. Mandatory parameters are left unspecified. 76 * 2. Incorrect parameter types. 77 * 3. Parameter verification failed. 78 * @throws { BusinessError } 801 - api is not supported 79 * @throws { BusinessError } 12000001 - algorithm mode is not supported 80 * @throws { BusinessError } 12000002 - algorithm param is missing 81 * @throws { BusinessError } 12000003 - algorithm param is invalid 82 * @throws { BusinessError } 12000004 - operating file failed 83 * @throws { BusinessError } 12000005 - IPC communication failed 84 * @throws { BusinessError } 12000006 - error occurred in crypto engine 85 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 86 * @throws { BusinessError } 12000013 - queried credential does not exist 87 * @throws { BusinessError } 12000014 - memory is insufficient 88 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 89 * @syscap SystemCapability.Security.Huks.Core 90 * @since 9 91 */ 92 /** 93 * Generates a key. This API uses an asynchronous callback to return the result. 94 * 95 * @param { string } keyAlias - keyAlias indicates the key's name. 96 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 97 * and key length are mandatory. 98 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 99 * this API does not return the key content because the key is always protected in a TEE. If an exception occurs in 100 * the generation process, an error is captured. 101 * @throws { BusinessError } 401 - Parameter error. Possible causes: 102 * 1. Mandatory parameters are left unspecified. 103 * 2. Incorrect parameter types. 104 * 3. Parameter verification failed. 105 * @throws { BusinessError } 801 - api is not supported 106 * @throws { BusinessError } 12000001 - algorithm mode is not supported 107 * @throws { BusinessError } 12000002 - algorithm param is missing 108 * @throws { BusinessError } 12000003 - algorithm param is invalid 109 * @throws { BusinessError } 12000004 - operating file failed 110 * @throws { BusinessError } 12000005 - IPC communication failed 111 * @throws { BusinessError } 12000006 - error occurred in crypto engine 112 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 113 * @throws { BusinessError } 12000013 - queried credential does not exist 114 * @throws { BusinessError } 12000014 - memory is insufficient 115 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 116 * @syscap SystemCapability.Security.Huks.Core 117 * @atomicservice 118 * @since 11 119 */ 120 /** 121 * Generates a key. This API uses an asynchronous callback to return the result. 122 * 123 * @param { string } keyAlias - keyAlias indicates the key's name. 124 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 125 * and key length are mandatory. 126 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 127 * this API does not return the key content because the key is always protected in a TEE. If an exception occurs in 128 * the generation process, an error is captured. 129 * @throws { BusinessError } 401 - Parameter error. Possible causes: 130 * 1. Mandatory parameters are left unspecified. 131 * 2. Incorrect parameter types. 132 * 3. Parameter verification failed. 133 * @throws { BusinessError } 801 - api is not supported 134 * @throws { BusinessError } 12000001 - algorithm mode is not supported 135 * @throws { BusinessError } 12000002 - algorithm param is missing 136 * @throws { BusinessError } 12000003 - algorithm param is invalid 137 * @throws { BusinessError } 12000004 - operating file failed 138 * @throws { BusinessError } 12000005 - IPC communication failed 139 * @throws { BusinessError } 12000006 - error occurred in crypto engine 140 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 141 * @throws { BusinessError } 12000013 - queried credential does not exist 142 * @throws { BusinessError } 12000014 - memory is insufficient 143 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 144 * @throws { BusinessError } 12000017 - The key with same alias is already exist 145 * @syscap SystemCapability.Security.Huks.Core 146 * @atomicservice 147 * @since 20 148 */ 149 function generateKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<void>): void; 150 151 /** 152 * Generates a key. This API uses a promise to return the result. Because the key is always 153 * protected in a trusted environment (such as a TEE), the promise does not return the key content. 154 * It returns only the information indicating whether the API is successfully called. 155 * 156 * @param { string } keyAlias - keyAlias indicates the key's name. 157 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 158 * and key length are mandatory. 159 * @returns { Promise<void> } the promise returned by the function. 160 * @throws { BusinessError } 401 - Parameter error. Possible causes: 161 * 1. Mandatory parameters are left unspecified. 162 * 2. Incorrect parameter types. 163 * 3. Parameter verification failed. 164 * @throws { BusinessError } 801 - api is not supported 165 * @throws { BusinessError } 12000001 - algorithm mode is not supported 166 * @throws { BusinessError } 12000002 - algorithm param is missing 167 * @throws { BusinessError } 12000003 - algorithm param is invalid 168 * @throws { BusinessError } 12000004 - operating file failed 169 * @throws { BusinessError } 12000005 - IPC communication failed 170 * @throws { BusinessError } 12000006 - error occurred in crypto engine 171 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 172 * @throws { BusinessError } 12000013 - queried credential does not exist 173 * @throws { BusinessError } 12000014 - memory is insufficient 174 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 175 * @syscap SystemCapability.Security.Huks.Extension 176 * @since 9 177 */ 178 /** 179 * Generates a key. This API uses a promise to return the result. Because the key is always 180 * protected in a trusted environment (such as a TEE), the promise does not return the key content. 181 * It returns only the information indicating whether the API is successfully called. 182 * 183 * @param { string } keyAlias - keyAlias indicates the key's name. 184 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 185 * and key length are mandatory. 186 * @returns { Promise<void> } the promise returned by the function. 187 * @throws { BusinessError } 401 - Parameter error. Possible causes: 188 * 1. Mandatory parameters are left unspecified. 189 * 2. Incorrect parameter types. 190 * 3. Parameter verification failed. 191 * @throws { BusinessError } 801 - api is not supported 192 * @throws { BusinessError } 12000001 - algorithm mode is not supported 193 * @throws { BusinessError } 12000002 - algorithm param is missing 194 * @throws { BusinessError } 12000003 - algorithm param is invalid 195 * @throws { BusinessError } 12000004 - operating file failed 196 * @throws { BusinessError } 12000005 - IPC communication failed 197 * @throws { BusinessError } 12000006 - error occurred in crypto engine 198 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 199 * @throws { BusinessError } 12000013 - queried credential does not exist 200 * @throws { BusinessError } 12000014 - memory is insufficient 201 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 202 * @syscap SystemCapability.Security.Huks.Extension 203 * @atomicservice 204 * @since 11 205 */ 206 /** 207 * Generates a key. This API uses a promise to return the result. Because the key is always 208 * protected in a trusted environment (such as a TEE), the promise does not return the key content. 209 * It returns only the information indicating whether the API is successfully called. 210 * 211 * @param { string } keyAlias - keyAlias indicates the key's name. 212 * @param { HuksOptions } options - Tags required for generating the key. The algorithm, key purpose, 213 * and key length are mandatory. 214 * @returns { Promise<void> } the promise returned by the function. 215 * @throws { BusinessError } 401 - Parameter error. Possible causes: 216 * 1. Mandatory parameters are left unspecified. 217 * 2. Incorrect parameter types. 218 * 3. Parameter verification failed. 219 * @throws { BusinessError } 801 - api is not supported 220 * @throws { BusinessError } 12000001 - algorithm mode is not supported 221 * @throws { BusinessError } 12000002 - algorithm param is missing 222 * @throws { BusinessError } 12000003 - algorithm param is invalid 223 * @throws { BusinessError } 12000004 - operating file failed 224 * @throws { BusinessError } 12000005 - IPC communication failed 225 * @throws { BusinessError } 12000006 - error occurred in crypto engine 226 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 227 * @throws { BusinessError } 12000013 - queried credential does not exist 228 * @throws { BusinessError } 12000014 - memory is insufficient 229 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 230 * @throws { BusinessError } 12000017 - The key with same alias is already exist 231 * @syscap SystemCapability.Security.Huks.Extension 232 * @atomicservice 233 * @since 20 234 */ 235 function generateKeyItem(keyAlias: string, options: HuksOptions): Promise<void>; 236 237 /** 238 * Generate Key As User. 239 * 240 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 241 * @param { number } userId - userId indicates the userId of the owner of the key. 242 * @param { string } keyAlias - keyAlias indicates the key's name. 243 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 244 * @returns { Promise<void> } the promise returned by the function. 245 * @throws { BusinessError } 201 - Permission denied. An attempt was made to use key as user forbidden by permission: 246 * <br>ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS. 247 * @throws { BusinessError } 202 - not system app 248 * @throws { BusinessError } 401 - Parameter error. Possible causes: 249 * 1. Mandatory parameters are left unspecified. 250 * 2. Incorrect parameter types. 251 * 3. Parameter verification failed. 252 * @throws { BusinessError } 801 - api is not supported 253 * @throws { BusinessError } 12000001 - algorithm mode is not supported 254 * @throws { BusinessError } 12000002 - algorithm param is missing 255 * @throws { BusinessError } 12000003 - algorithm param is invalid 256 * @throws { BusinessError } 12000004 - operating file failed 257 * @throws { BusinessError } 12000005 - IPC communication failed 258 * @throws { BusinessError } 12000006 - error occurred in crypto engine 259 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 260 * @throws { BusinessError } 12000013 - queried credential does not exist 261 * @throws { BusinessError } 12000014 - memory is insufficient 262 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 263 * @syscap SystemCapability.Security.Huks.Extension 264 * @systemapi this method can be used only by system applications. 265 * @since 12 266 */ 267 /** 268 * Generate Key As User. 269 * 270 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 271 * @param { number } userId - userId indicates the userId of the owner of the key. 272 * @param { string } keyAlias - keyAlias indicates the key's name. 273 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 274 * @returns { Promise<void> } the promise returned by the function. 275 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 276 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 277 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 278 * @throws { BusinessError } 401 - Parameter error. Possible causes: 279 * 1. Mandatory parameters are left unspecified. 280 * 2. Incorrect parameter types. 281 * 3. Parameter verification failed. 282 * @throws { BusinessError } 801 - api is not supported 283 * @throws { BusinessError } 12000001 - algorithm mode is not supported 284 * @throws { BusinessError } 12000002 - algorithm param is missing 285 * @throws { BusinessError } 12000003 - algorithm param is invalid 286 * @throws { BusinessError } 12000004 - operating file failed 287 * @throws { BusinessError } 12000005 - IPC communication failed 288 * @throws { BusinessError } 12000006 - error occurred in crypto engine 289 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 290 * @throws { BusinessError } 12000013 - queried credential does not exist 291 * @throws { BusinessError } 12000014 - memory is insufficient 292 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 293 * @throws { BusinessError } 12000017 - The key with same alias is already exist 294 * @syscap SystemCapability.Security.Huks.Extension 295 * @systemapi this method can be used only by system applications. 296 * @since 20 297 */ 298 function generateKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<void>; 299 300 /** 301 * Delete Key. 302 * 303 * @param { string } keyAlias - keyAlias indicates the key's name. 304 * @param { HuksOptions } options - options indicates the properties of the key. 305 * @param { AsyncCallback<HuksResult> } callback - the callback of deleteKey. 306 * @syscap SystemCapability.Security.Huks.Extension 307 * @since 8 308 * @deprecated since 9 309 * @useinstead ohos.security.huks.deleteKeyItem 310 */ 311 function deleteKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 312 313 /** 314 * Delete Key. 315 * 316 * @param { string } keyAlias - keyAlias indicates the key's name. 317 * @param { HuksOptions } options - options indicates the properties of the key. 318 * @returns { Promise<HuksResult> } the promise returned by the function. 319 * @syscap SystemCapability.Security.Huks.Extension 320 * @since 8 321 * @deprecated since 9 322 * @useinstead ohos.security.huks.deleteKeyItem 323 */ 324 function deleteKey(keyAlias: string, options: HuksOptions): Promise<HuksResult>; 325 326 /** 327 * Deletes a key. This API uses an asynchronous callback to return the result. 328 * 329 * @param { string } keyAlias - Alias of the key to delete. It must be the key alias passed in when the key 330 * was generated. 331 * @param { HuksOptions } options - Properties of the key to delete. For example, you can pass in HuksAuthStorageLevel 332 * to specify the security level of the key to delete. HuksAuthStorageLevel can be left empty, which means the default 333 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 334 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 335 * no err value is returned; otherwise, an error code is returned. 336 * @throws { BusinessError } 401 - Parameter error. Possible causes: 337 * 1. Mandatory parameters are left unspecified. 338 * 2. Incorrect parameter types. 339 * 3. Parameter verification failed. 340 * @throws { BusinessError } 801 - api is not supported 341 * @throws { BusinessError } 12000004 - operating file failed 342 * @throws { BusinessError } 12000005 - IPC communication failed 343 * @throws { BusinessError } 12000011 - queried entity does not exist 344 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 345 * @throws { BusinessError } 12000014 - memory is insufficient 346 * @syscap SystemCapability.Security.Huks.Core 347 * @since 9 348 */ 349 /** 350 * Deletes a key. This API uses an asynchronous callback to return the result. 351 * 352 * @param { string } keyAlias - Alias of the key to delete. It must be the key alias passed in when the key 353 * was generated. 354 * @param { HuksOptions } options - Properties of the key to delete. For example, you can pass in HuksAuthStorageLevel 355 * to specify the security level of the key to delete. HuksAuthStorageLevel can be left empty, which means the default 356 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 357 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 358 * no err value is returned; otherwise, an error code is returned. 359 * @throws { BusinessError } 401 - Parameter error. Possible causes: 360 * 1. Mandatory parameters are left unspecified. 361 * 2. Incorrect parameter types. 362 * 3. Parameter verification failed. 363 * @throws { BusinessError } 801 - api is not supported 364 * @throws { BusinessError } 12000004 - operating file failed 365 * @throws { BusinessError } 12000005 - IPC communication failed 366 * @throws { BusinessError } 12000011 - queried entity does not exist 367 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 368 * @throws { BusinessError } 12000014 - memory is insufficient 369 * @syscap SystemCapability.Security.Huks.Core 370 * @atomicservice 371 * @since 11 372 */ 373 function deleteKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<void>): void; 374 375 /** 376 * Deletes a key. This API uses a promise to return the result. 377 * 378 * @param { string } keyAlias - Alias of the key to delete. It must be the key alias passed in when the key 379 * was generated. 380 * @param { HuksOptions } options - Options for deleting the key. For example, you can pass in HuksAuthStorageLevel to 381 * specify the security level of the key to delete. HuksAuthStorageLevel can be left empty, which means the default 382 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 383 * @returns { Promise<void> } the promise returned by the function. 384 * @throws { BusinessError } 401 - Parameter error. Possible causes: 385 * 1. Mandatory parameters are left unspecified. 386 * 2. Incorrect parameter types. 387 * 3. Parameter verification failed. 388 * @throws { BusinessError } 801 - api is not supported 389 * @throws { BusinessError } 12000004 - operating file failed 390 * @throws { BusinessError } 12000005 - IPC communication failed 391 * @throws { BusinessError } 12000011 - queried entity does not exist 392 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 393 * @throws { BusinessError } 12000014 - memory is insufficient 394 * @syscap SystemCapability.Security.Huks.Extension 395 * @since 9 396 */ 397 /** 398 * Deletes a key. This API uses a promise to return the result. 399 * 400 * @param { string } keyAlias - Alias of the key to delete. It must be the key alias passed in when the key 401 * was generated. 402 * @param { HuksOptions } options - Options for deleting the key. For example, you can pass in HuksAuthStorageLevel to 403 * specify the security level of the key to delete. HuksAuthStorageLevel can be left empty, which means the default 404 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 405 * @returns { Promise<void> } the promise returned by the function. 406 * @throws { BusinessError } 401 - Parameter error. Possible causes: 407 * 1. Mandatory parameters are left unspecified. 408 * 2. Incorrect parameter types. 409 * 3. Parameter verification failed. 410 * @throws { BusinessError } 801 - api is not supported 411 * @throws { BusinessError } 12000004 - operating file failed 412 * @throws { BusinessError } 12000005 - IPC communication failed 413 * @throws { BusinessError } 12000011 - queried entity does not exist 414 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 415 * @throws { BusinessError } 12000014 - memory is insufficient 416 * @syscap SystemCapability.Security.Huks.Extension 417 * @atomicservice 418 * @since 11 419 */ 420 function deleteKeyItem(keyAlias: string, options: HuksOptions): Promise<void>; 421 422 /** 423 * Delete Key As User. 424 * 425 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 426 * @param { number } userId - userId indicates the userId of the owner of the key. 427 * @param { string } keyAlias - keyAlias indicates the key's name. 428 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 429 * @returns { Promise<void> } the promise returned by the function. 430 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 431 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 432 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 433 * @throws { BusinessError } 401 - Parameter error. Possible causes: 434 * 1. Mandatory parameters are left unspecified. 435 * 2. Incorrect parameter types. 436 * 3. Parameter verification failed. 437 * @throws { BusinessError } 801 - api is not supported 438 * @throws { BusinessError } 12000004 - operating file failed 439 * @throws { BusinessError } 12000005 - IPC communication failed 440 * @throws { BusinessError } 12000011 - queried entity does not exist 441 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 442 * @throws { BusinessError } 12000014 - memory is insufficient 443 * @syscap SystemCapability.Security.Huks.Extension 444 * @systemapi this method can be used only by system applications. 445 * @since 12 446 */ 447 function deleteKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<void>; 448 449 /** 450 * Import Key. 451 * 452 * @param { string } keyAlias - keyAlias indicates the key's name. 453 * @param { HuksOptions } options - options indicates the properties of the key. 454 * @param { AsyncCallback<HuksResult> } callback - the callback of importKey. 455 * @syscap SystemCapability.Security.Huks.Extension 456 * @since 8 457 * @deprecated since 9 458 * @useinstead ohos.security.huks.importKeyItem 459 */ 460 function importKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 461 462 /** 463 * Import Key. 464 * 465 * @param { string } keyAlias - keyAlias indicates the key's name. 466 * @param { HuksOptions } options - options indicates the properties of the key. 467 * @returns { Promise<HuksResult> } the promise returned by the function. 468 * @syscap SystemCapability.Security.Huks.Extension 469 * @since 8 470 * @deprecated since 9 471 * @useinstead ohos.security.huks.importKeyItem 472 */ 473 function importKey(keyAlias: string, options: HuksOptions): Promise<HuksResult>; 474 475 /** 476 * Imports a key in plaintext. This API uses an asynchronous callback to return the result. 477 * 478 * @param { string } keyAlias - keyAlias indicates the key's name. 479 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 480 * key length are mandatory. 481 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, no 482 * error value is returned; otherwise, an error code is returned. 483 * @throws { BusinessError } 401 - Parameter error. Possible causes: 484 * 1. Mandatory parameters are left unspecified. 485 * 2. Incorrect parameter types. 486 * 3. Parameter verification failed. 487 * @throws { BusinessError } 801 - api is not supported 488 * @throws { BusinessError } 12000001 - algorithm mode is not supported 489 * @throws { BusinessError } 12000002 - algorithm param is missing 490 * @throws { BusinessError } 12000003 - algorithm param is invalid 491 * @throws { BusinessError } 12000004 - operating file failed 492 * @throws { BusinessError } 12000005 - IPC communication failed 493 * @throws { BusinessError } 12000006 - error occurred in crypto engine 494 * @throws { BusinessError } 12000011 - queried entity does not exist 495 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 496 * @throws { BusinessError } 12000013 - queried credential does not exist 497 * @throws { BusinessError } 12000014 - memory is insufficient 498 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 499 * @syscap SystemCapability.Security.Huks.Extension 500 * @since 9 501 */ 502 /** 503 * Imports a key in plaintext. This API uses an asynchronous callback to return the result. 504 * 505 * @param { string } keyAlias - keyAlias indicates the key's name. 506 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 507 * key length are mandatory. 508 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, no 509 * error value is returned; otherwise, an error code is returned. 510 * @throws { BusinessError } 401 - Parameter error. Possible causes: 511 * 1. Mandatory parameters are left unspecified. 512 * 2. Incorrect parameter types. 513 * 3. Parameter verification failed. 514 * @throws { BusinessError } 801 - api is not supported 515 * @throws { BusinessError } 12000001 - algorithm mode is not supported 516 * @throws { BusinessError } 12000002 - algorithm param is missing 517 * @throws { BusinessError } 12000003 - algorithm param is invalid 518 * @throws { BusinessError } 12000004 - operating file failed 519 * @throws { BusinessError } 12000005 - IPC communication failed 520 * @throws { BusinessError } 12000006 - error occurred in crypto engine 521 * @throws { BusinessError } 12000011 - queried entity does not exist 522 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 523 * @throws { BusinessError } 12000013 - queried credential does not exist 524 * @throws { BusinessError } 12000014 - memory is insufficient 525 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 526 * @syscap SystemCapability.Security.Huks.Extension 527 * @atomicservice 528 * @since 11 529 */ 530 /** 531 * Imports a key in plaintext. This API uses an asynchronous callback to return the result. 532 * 533 * @param { string } keyAlias - keyAlias indicates the key's name. 534 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 535 * key length are mandatory. 536 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, no 537 * error value is returned; otherwise, an error code is returned. 538 * @throws { BusinessError } 401 - Parameter error. Possible causes: 539 * 1. Mandatory parameters are left unspecified. 540 * 2. Incorrect parameter types. 541 * 3. Parameter verification failed. 542 * @throws { BusinessError } 801 - api is not supported 543 * @throws { BusinessError } 12000001 - algorithm mode is not supported 544 * @throws { BusinessError } 12000002 - algorithm param is missing 545 * @throws { BusinessError } 12000003 - algorithm param is invalid 546 * @throws { BusinessError } 12000004 - operating file failed 547 * @throws { BusinessError } 12000005 - IPC communication failed 548 * @throws { BusinessError } 12000006 - error occurred in crypto engine 549 * @throws { BusinessError } 12000011 - queried entity does not exist 550 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 551 * @throws { BusinessError } 12000013 - queried credential does not exist 552 * @throws { BusinessError } 12000014 - memory is insufficient 553 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 554 * @syscap SystemCapability.Security.Huks.Core 555 * @atomicservice 556 * @since 12 557 */ 558 /** 559 * Imports a key in plaintext. This API uses an asynchronous callback to return the result. 560 * 561 * @param { string } keyAlias - keyAlias indicates the key's name. 562 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 563 * key length are mandatory. 564 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, no 565 * error value is returned; otherwise, an error code is returned. 566 * @throws { BusinessError } 401 - Parameter error. Possible causes: 567 * 1. Mandatory parameters are left unspecified. 568 * 2. Incorrect parameter types. 569 * 3. Parameter verification failed. 570 * @throws { BusinessError } 801 - api is not supported 571 * @throws { BusinessError } 12000001 - algorithm mode is not supported 572 * @throws { BusinessError } 12000002 - algorithm param is missing 573 * @throws { BusinessError } 12000003 - algorithm param is invalid 574 * @throws { BusinessError } 12000004 - operating file failed 575 * @throws { BusinessError } 12000005 - IPC communication failed 576 * @throws { BusinessError } 12000006 - error occurred in crypto engine 577 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 578 * @throws { BusinessError } 12000013 - queried credential does not exist 579 * @throws { BusinessError } 12000014 - memory is insufficient 580 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 581 * @throws { BusinessError } 12000017 - The key with same alias is already exist 582 * @syscap SystemCapability.Security.Huks.Core 583 * @atomicservice 584 * @since 20 585 */ 586 function importKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<void>): void; 587 588 /** 589 * Imports a key in plaintext. This API uses a promise to return the result. 590 * 591 * @param { string } keyAlias - keyAlias indicates the key's name. 592 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 593 * key length are mandatory. 594 * @returns { Promise<void> } the promise returned by the function. 595 * @throws { BusinessError } 401 - Parameter error. Possible causes: 596 * 1. Mandatory parameters are left unspecified. 597 * 2. Incorrect parameter types. 598 * 3. Parameter verification failed. 599 * @throws { BusinessError } 801 - api is not supported 600 * @throws { BusinessError } 12000001 - algorithm mode is not supported 601 * @throws { BusinessError } 12000002 - algorithm param is missing 602 * @throws { BusinessError } 12000003 - algorithm param is invalid 603 * @throws { BusinessError } 12000004 - operating file failed 604 * @throws { BusinessError } 12000005 - IPC communication failed 605 * @throws { BusinessError } 12000006 - error occurred in crypto engine 606 * @throws { BusinessError } 12000011 - queried entity does not exist 607 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 608 * @throws { BusinessError } 12000013 - queried credential does not exist 609 * @throws { BusinessError } 12000014 - memory is insufficient 610 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 611 * @syscap SystemCapability.Security.Huks.Extension 612 * @since 9 613 */ 614 /** 615 * Imports a key in plaintext. This API uses a promise to return the result. 616 * 617 * @param { string } keyAlias - keyAlias indicates the key's name. 618 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 619 * key length are mandatory. 620 * @returns { Promise<void> } the promise returned by the function. 621 * @throws { BusinessError } 401 - Parameter error. Possible causes: 622 * 1. Mandatory parameters are left unspecified. 623 * 2. Incorrect parameter types. 624 * 3. Parameter verification failed. 625 * @throws { BusinessError } 801 - api is not supported 626 * @throws { BusinessError } 12000001 - algorithm mode is not supported 627 * @throws { BusinessError } 12000002 - algorithm param is missing 628 * @throws { BusinessError } 12000003 - algorithm param is invalid 629 * @throws { BusinessError } 12000004 - operating file failed 630 * @throws { BusinessError } 12000005 - IPC communication failed 631 * @throws { BusinessError } 12000006 - error occurred in crypto engine 632 * @throws { BusinessError } 12000011 - queried entity does not exist 633 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 634 * @throws { BusinessError } 12000013 - queried credential does not exist 635 * @throws { BusinessError } 12000014 - memory is insufficient 636 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 637 * @syscap SystemCapability.Security.Huks.Extension 638 * @atomicservice 639 * @since 11 640 */ 641 /** 642 * Imports a key in plaintext. This API uses a promise to return the result. 643 * 644 * @param { string } keyAlias - keyAlias indicates the key's name. 645 * @param { HuksOptions } options - Tags required for the import and key to import. The algorithm, key purpose, and 646 * key length are mandatory. 647 * @returns { Promise<void> } the promise returned by the function. 648 * @throws { BusinessError } 401 - Parameter error. Possible causes: 649 * 1. Mandatory parameters are left unspecified. 650 * 2. Incorrect parameter types. 651 * 3. Parameter verification failed. 652 * @throws { BusinessError } 801 - api is not supported 653 * @throws { BusinessError } 12000001 - algorithm mode is not supported 654 * @throws { BusinessError } 12000002 - algorithm param is missing 655 * @throws { BusinessError } 12000003 - algorithm param is invalid 656 * @throws { BusinessError } 12000004 - operating file failed 657 * @throws { BusinessError } 12000005 - IPC communication failed 658 * @throws { BusinessError } 12000006 - error occurred in crypto engine 659 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 660 * @throws { BusinessError } 12000013 - queried credential does not exist 661 * @throws { BusinessError } 12000014 - memory is insufficient 662 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 663 * @throws { BusinessError } 12000017 - The key with same alias is already exist 664 * @syscap SystemCapability.Security.Huks.Extension 665 * @atomicservice 666 * @since 20 667 */ 668 function importKeyItem(keyAlias: string, options: HuksOptions): Promise<void>; 669 670 /** 671 * Import Key As User. 672 * 673 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 674 * @param { number } userId - userId indicates the userId of the owner of the key. 675 * @param { string } keyAlias - keyAlias indicates the key's name. 676 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 677 * @returns { Promise<void> } the promise returned by the function. 678 * @throws { BusinessError } 201 - Permission denied. An attempt was made to use key as user forbidden by permission: 679 * <br>ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS. 680 * @throws { BusinessError } 202 - not system app 681 * @throws { BusinessError } 401 - Parameter error. Possible causes: 682 * 1. Mandatory parameters are left unspecified. 683 * 2. Incorrect parameter types. 684 * 3. Parameter verification failed. 685 * @throws { BusinessError } 801 - api is not supported 686 * @throws { BusinessError } 12000001 - algorithm mode is not supported 687 * @throws { BusinessError } 12000002 - algorithm param is missing 688 * @throws { BusinessError } 12000003 - algorithm param is invalid 689 * @throws { BusinessError } 12000004 - operating file failed 690 * @throws { BusinessError } 12000005 - IPC communication failed 691 * @throws { BusinessError } 12000006 - error occurred in crypto engine 692 * @throws { BusinessError } 12000011 - queried entity does not exist 693 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 694 * @throws { BusinessError } 12000013 - queried credential does not exist 695 * @throws { BusinessError } 12000014 - memory is insufficient 696 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 697 * @syscap SystemCapability.Security.Huks.Extension 698 * @systemapi this method can be used only by system applications. 699 * @since 12 700 */ 701 /** 702 * Import Key As User. 703 * 704 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 705 * @param { number } userId - userId indicates the userId of the owner of the key. 706 * @param { string } keyAlias - keyAlias indicates the key's name. 707 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 708 * @returns { Promise<void> } the promise returned by the function. 709 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 710 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 711 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 712 * @throws { BusinessError } 401 - Parameter error. Possible causes: 713 * 1. Mandatory parameters are left unspecified. 714 * 2. Incorrect parameter types. 715 * 3. Parameter verification failed. 716 * @throws { BusinessError } 801 - api is not supported 717 * @throws { BusinessError } 12000001 - algorithm mode is not supported 718 * @throws { BusinessError } 12000002 - algorithm param is missing 719 * @throws { BusinessError } 12000003 - algorithm param is invalid 720 * @throws { BusinessError } 12000004 - operating file failed 721 * @throws { BusinessError } 12000005 - IPC communication failed 722 * @throws { BusinessError } 12000006 - error occurred in crypto engine 723 * @throws { BusinessError } 12000011 - queried entity does not exist 724 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 725 * @throws { BusinessError } 12000013 - queried credential does not exist 726 * @throws { BusinessError } 12000014 - memory is insufficient 727 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 728 * @throws { BusinessError } 12000017 - The key with same alias is already exist 729 * @syscap SystemCapability.Security.Huks.Extension 730 * @systemapi this method can be used only by system applications. 731 * @since 20 732 */ 733 function importKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<void>; 734 735 /** 736 * Imports a wrapped key. This API uses an asynchronous callback to return the result. 737 * 738 * @param { string } keyAlias - Alias of the wrapped key to import. 739 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 740 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. 741 * The algorithm, key purpose, and key length are mandatory. 742 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 743 * no err value is returned; otherwise, an error code is returned. 744 * @throws { BusinessError } 401 - Parameter error. Possible causes: 745 * 1. Mandatory parameters are left unspecified. 746 * 2. Incorrect parameter types. 747 * 3. Parameter verification failed. 748 * @throws { BusinessError } 801 - api is not supported 749 * @throws { BusinessError } 12000001 - algorithm mode is not supported 750 * @throws { BusinessError } 12000002 - algorithm param is missing 751 * @throws { BusinessError } 12000003 - algorithm param is invalid 752 * @throws { BusinessError } 12000004 - operating file failed 753 * @throws { BusinessError } 12000005 - IPC communication failed 754 * @throws { BusinessError } 12000006 - error occurred in crypto engine 755 * @throws { BusinessError } 12000011 - queried entity does not exist 756 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 757 * @throws { BusinessError } 12000013 - queried credential does not exist 758 * @throws { BusinessError } 12000014 - memory is insufficient 759 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 760 * @syscap SystemCapability.Security.Huks.Extension 761 * @since 9 762 */ 763 /** 764 * Imports a wrapped key. This API uses an asynchronous callback to return the result. 765 * 766 * @param { string } keyAlias - Alias of the wrapped key to import. 767 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 768 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. 769 * The algorithm, key purpose, and key length are mandatory. 770 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 771 * no err value is returned; otherwise, an error code is returned. 772 * @throws { BusinessError } 401 - Parameter error. Possible causes: 773 * 1. Mandatory parameters are left unspecified. 774 * 2. Incorrect parameter types. 775 * 3. Parameter verification failed. 776 * @throws { BusinessError } 801 - api is not supported 777 * @throws { BusinessError } 12000001 - algorithm mode is not supported 778 * @throws { BusinessError } 12000002 - algorithm param is missing 779 * @throws { BusinessError } 12000003 - algorithm param is invalid 780 * @throws { BusinessError } 12000004 - operating file failed 781 * @throws { BusinessError } 12000005 - IPC communication failed 782 * @throws { BusinessError } 12000006 - error occurred in crypto engine 783 * @throws { BusinessError } 12000011 - queried entity does not exist 784 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 785 * @throws { BusinessError } 12000013 - queried credential does not exist 786 * @throws { BusinessError } 12000014 - memory is insufficient 787 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 788 * @syscap SystemCapability.Security.Huks.Core 789 * @atomicservice 790 * @since 12 791 */ 792 /** 793 * Imports a wrapped key. This API uses an asynchronous callback to return the result. 794 * 795 * @param { string } keyAlias - Alias of the wrapped key to import. 796 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 797 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. 798 * The algorithm, key purpose, and key length are mandatory. 799 * @param { AsyncCallback<void> } callback - Callback used to return the result. If the operation is successful, 800 * no err value is returned; otherwise, an error code is returned. 801 * @throws { BusinessError } 401 - Parameter error. Possible causes: 802 * 1. Mandatory parameters are left unspecified. 803 * 2. Incorrect parameter types. 804 * 3. Parameter verification failed. 805 * @throws { BusinessError } 801 - api is not supported 806 * @throws { BusinessError } 12000001 - algorithm mode is not supported 807 * @throws { BusinessError } 12000002 - algorithm param is missing 808 * @throws { BusinessError } 12000003 - algorithm param is invalid 809 * @throws { BusinessError } 12000004 - operating file failed 810 * @throws { BusinessError } 12000005 - IPC communication failed 811 * @throws { BusinessError } 12000006 - error occurred in crypto engine 812 * @throws { BusinessError } 12000011 - queried entity does not exist 813 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 814 * @throws { BusinessError } 12000013 - queried credential does not exist 815 * @throws { BusinessError } 12000014 - memory is insufficient 816 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 817 * @throws { BusinessError } 12000017 - The key with same alias is already exist 818 * @syscap SystemCapability.Security.Huks.Core 819 * @atomicservice 820 * @since 20 821 */ 822 function importWrappedKeyItem( 823 keyAlias: string, 824 wrappingKeyAlias: string, 825 options: HuksOptions, 826 callback: AsyncCallback<void> 827 ): void; 828 829 /** 830 * Import Wrapped Key As User. 831 * 832 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 833 * @param { number } userId - userId indicates the userId of the owner of the key. 834 * @param { string } keyAlias - keyAlias indicates the name of key to be imported. 835 * @param { string } wrappingKeyAlias - wrappingKeyAlias indicates the name of key for wrapping the key to be imported. 836 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 837 * @returns { Promise<void> } the promise returned by the function. 838 * @throws { BusinessError } 201 - Permission denied. An attempt was made to use key as user forbidden by permission: 839 * <br>ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS. 840 * @throws { BusinessError } 202 - not system app 841 * @throws { BusinessError } 401 - Parameter error. Possible causes: 842 * 1. Mandatory parameters are left unspecified. 843 * 2. Incorrect parameter types. 844 * 3. Parameter verification failed. 845 * @throws { BusinessError } 801 - api is not supported 846 * @throws { BusinessError } 12000001 - algorithm mode is not supported 847 * @throws { BusinessError } 12000002 - algorithm param is missing 848 * @throws { BusinessError } 12000003 - algorithm param is invalid 849 * @throws { BusinessError } 12000004 - operating file failed 850 * @throws { BusinessError } 12000005 - IPC communication failed 851 * @throws { BusinessError } 12000006 - error occurred in crypto engine 852 * @throws { BusinessError } 12000011 - queried entity does not exist 853 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 854 * @throws { BusinessError } 12000013 - queried credential does not exist 855 * @throws { BusinessError } 12000014 - memory is insufficient 856 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 857 * @syscap SystemCapability.Security.Huks.Extension 858 * @systemapi this method can be used only by system applications. 859 * @since 12 860 */ 861 /** 862 * Import Wrapped Key As User. 863 * 864 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 865 * @param { number } userId - userId indicates the userId of the owner of the key. 866 * @param { string } keyAlias - keyAlias indicates the name of key to be imported. 867 * @param { string } wrappingKeyAlias - wrappingKeyAlias indicates the name of key for wrapping the key to be imported. 868 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 869 * @returns { Promise<void> } the promise returned by the function. 870 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 871 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 872 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 873 * @throws { BusinessError } 401 - Parameter error. Possible causes: 874 * 1. Mandatory parameters are left unspecified. 875 * 2. Incorrect parameter types. 876 * 3. Parameter verification failed. 877 * @throws { BusinessError } 801 - api is not supported 878 * @throws { BusinessError } 12000001 - algorithm mode is not supported 879 * @throws { BusinessError } 12000002 - algorithm param is missing 880 * @throws { BusinessError } 12000003 - algorithm param is invalid 881 * @throws { BusinessError } 12000004 - operating file failed 882 * @throws { BusinessError } 12000005 - IPC communication failed 883 * @throws { BusinessError } 12000006 - error occurred in crypto engine 884 * @throws { BusinessError } 12000011 - queried entity does not exist 885 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 886 * @throws { BusinessError } 12000013 - queried credential does not exist 887 * @throws { BusinessError } 12000014 - memory is insufficient 888 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 889 * @throws { BusinessError } 12000017 - The key with same alias is already exist 890 * @syscap SystemCapability.Security.Huks.Extension 891 * @systemapi this method can be used only by system applications. 892 * @since 20 893 */ 894 function importWrappedKeyItemAsUser(userId: number, keyAlias: string, wrappingKeyAlias: string, huksOptions: HuksOptions): Promise<void>; 895 896 /** 897 * Imports a wrapped key. This API uses a promise to return the result. 898 * 899 * @param { string } keyAlias - Alias of the wrapped key to import. 900 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 901 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. The algorithm, key 902 * purpose, and key length are mandatory. 903 * @returns { Promise<void> } Promise that returns no value. 904 * @throws { BusinessError } 401 - Parameter error. Possible causes: 905 * 1. Mandatory parameters are left unspecified. 906 * 2. Incorrect parameter types. 907 * 3. Parameter verification failed. 908 * @throws { BusinessError } 801 - api is not supported 909 * @throws { BusinessError } 12000001 - algorithm mode is not supported 910 * @throws { BusinessError } 12000002 - algorithm param is missing 911 * @throws { BusinessError } 12000003 - algorithm param is invalid 912 * @throws { BusinessError } 12000004 - operating file failed 913 * @throws { BusinessError } 12000005 - IPC communication failed 914 * @throws { BusinessError } 12000006 - error occurred in crypto engine 915 * @throws { BusinessError } 12000011 - queried entity does not exist 916 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 917 * @throws { BusinessError } 12000013 - queried credential does not exist 918 * @throws { BusinessError } 12000014 - memory is insufficient 919 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 920 * @syscap SystemCapability.Security.Huks.Extension 921 * @since 9 922 */ 923 /** 924 * Imports a wrapped key. This API uses a promise to return the result. 925 * 926 * @param { string } keyAlias - Alias of the wrapped key to import. 927 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 928 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. The algorithm, key 929 * purpose, and key length are mandatory. 930 * @returns { Promise<void> } Promise that returns no value. 931 * @throws { BusinessError } 401 - Parameter error. Possible causes: 932 * 1. Mandatory parameters are left unspecified. 933 * 2. Incorrect parameter types. 934 * 3. Parameter verification failed. 935 * @throws { BusinessError } 801 - api is not supported 936 * @throws { BusinessError } 12000001 - algorithm mode is not supported 937 * @throws { BusinessError } 12000002 - algorithm param is missing 938 * @throws { BusinessError } 12000003 - algorithm param is invalid 939 * @throws { BusinessError } 12000004 - operating file failed 940 * @throws { BusinessError } 12000005 - IPC communication failed 941 * @throws { BusinessError } 12000006 - error occurred in crypto engine 942 * @throws { BusinessError } 12000011 - queried entity does not exist 943 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 944 * @throws { BusinessError } 12000013 - queried credential does not exist 945 * @throws { BusinessError } 12000014 - memory is insufficient 946 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 947 * @syscap SystemCapability.Security.Huks.Extension 948 * @atomicservice 949 * @since 12 950 */ 951 /** 952 * Imports a wrapped key. This API uses a promise to return the result. 953 * 954 * @param { string } keyAlias - Alias of the wrapped key to import. 955 * @param { string } wrappingKeyAlias - Alias of the data used to unwrap the key imported. 956 * @param { HuksOptions } options - Tags required for the import and the wrapped key to import. The algorithm, key 957 * purpose, and key length are mandatory. 958 * @returns { Promise<void> } Promise that returns no value. 959 * @throws { BusinessError } 401 - Parameter error. Possible causes: 960 * 1. Mandatory parameters are left unspecified. 961 * 2. Incorrect parameter types. 962 * 3. Parameter verification failed. 963 * @throws { BusinessError } 801 - api is not supported 964 * @throws { BusinessError } 12000001 - algorithm mode is not supported 965 * @throws { BusinessError } 12000002 - algorithm param is missing 966 * @throws { BusinessError } 12000003 - algorithm param is invalid 967 * @throws { BusinessError } 12000004 - operating file failed 968 * @throws { BusinessError } 12000005 - IPC communication failed 969 * @throws { BusinessError } 12000006 - error occurred in crypto engine 970 * @throws { BusinessError } 12000011 - queried entity does not exist 971 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 972 * @throws { BusinessError } 12000013 - queried credential does not exist 973 * @throws { BusinessError } 12000014 - memory is insufficient 974 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 975 * @throws { BusinessError } 12000017 - The key with same alias is already exist 976 * @syscap SystemCapability.Security.Huks.Extension 977 * @atomicservice 978 * @since 20 979 */ 980 function importWrappedKeyItem(keyAlias: string, wrappingKeyAlias: string, options: HuksOptions): Promise<void>; 981 982 /** 983 * Export Key. 984 * 985 * @param { string } keyAlias - keyAlias indicates the key's name. 986 * @param { HuksOptions } options - options indicates the properties of the key. 987 * @param { AsyncCallback<HuksResult> } callback - the callback of exportKey. 988 * @syscap SystemCapability.Security.Huks.Extension 989 * @since 8 990 * @deprecated since 9 991 * @useinstead ohos.security.huks.exportKeyItem 992 */ 993 function exportKey(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 994 995 /** 996 * Export Key. 997 * 998 * @param { string } keyAlias - keyAlias indicates the key's name. 999 * @param { HuksOptions } options - options indicates the properties of the key. 1000 * @returns { Promise<HuksResult> } the promise returned by the function. 1001 * @syscap SystemCapability.Security.Huks.Extension 1002 * @since 8 1003 * @deprecated since 9 1004 * @useinstead ohos.security.huks.exportKeyItem 1005 */ 1006 function exportKey(keyAlias: string, options: HuksOptions): Promise<HuksResult>; 1007 1008 /** 1009 * Exports a key. This API uses an asynchronous callback to return the result. 1010 * 1011 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1012 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1013 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 1014 * successful, no err value is returned and outData contains the public key exported. Otherwise, 1015 * an error code is returned. 1016 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1017 * 1. Mandatory parameters are left unspecified. 1018 * 2. Incorrect parameter types. 1019 * 3. Parameter verification failed. 1020 * @throws { BusinessError } 801 - api is not supported 1021 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1022 * @throws { BusinessError } 12000002 - algorithm param is missing 1023 * @throws { BusinessError } 12000003 - algorithm param is invalid 1024 * @throws { BusinessError } 12000004 - operating file failed 1025 * @throws { BusinessError } 12000005 - IPC communication failed 1026 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1027 * @throws { BusinessError } 12000011 - queried entity does not exist 1028 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1029 * @throws { BusinessError } 12000014 - memory is insufficient 1030 * @syscap SystemCapability.Security.Huks.Extension 1031 * @since 9 1032 */ 1033 /** 1034 * Exports a key. This API uses an asynchronous callback to return the result. 1035 * 1036 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1037 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1038 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 1039 * successful, no err value is returned and outData contains the public key exported. Otherwise, 1040 * an error code is returned. 1041 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1042 * 1. Mandatory parameters are left unspecified. 1043 * 2. Incorrect parameter types. 1044 * 3. Parameter verification failed. 1045 * @throws { BusinessError } 801 - api is not supported 1046 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1047 * @throws { BusinessError } 12000004 - operating file failed 1048 * @throws { BusinessError } 12000005 - IPC communication failed 1049 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1050 * @throws { BusinessError } 12000011 - queried entity does not exist 1051 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1052 * @throws { BusinessError } 12000014 - memory is insufficient 1053 * @syscap SystemCapability.Security.Huks.Core 1054 * @atomicservice 1055 * @since 12 1056 */ 1057 function exportKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksReturnResult>): void; 1058 1059 /** 1060 * Export Key As User. 1061 * 1062 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 1063 * @param { number } userId - userId indicates the userId of the owner of the key. 1064 * @param { string } keyAlias - keyAlias indicates the key's name. 1065 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 1066 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 1067 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 1068 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 1069 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 1070 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1071 * 1. Mandatory parameters are left unspecified. 1072 * 2. Incorrect parameter types. 1073 * 3. Parameter verification failed. 1074 * @throws { BusinessError } 801 - api is not supported 1075 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1076 * @throws { BusinessError } 12000002 - algorithm param is missing 1077 * @throws { BusinessError } 12000003 - algorithm param is invalid 1078 * @throws { BusinessError } 12000004 - operating file failed 1079 * @throws { BusinessError } 12000005 - IPC communication failed 1080 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1081 * @throws { BusinessError } 12000011 - queried entity does not exist 1082 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1083 * @throws { BusinessError } 12000014 - memory is insufficient 1084 * @syscap SystemCapability.Security.Huks.Extension 1085 * @systemapi this method can be used only by system applications. 1086 * @since 12 1087 */ 1088 function exportKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<HuksReturnResult>; 1089 1090 /** 1091 * Exports a key. This API uses a promise to return the result. 1092 * 1093 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1094 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1095 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, outData 1096 * in HuksReturnResult is the public key exported. 1097 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1098 * 1. Mandatory parameters are left unspecified. 1099 * 2. Incorrect parameter types. 1100 * 3. Parameter verification failed. 1101 * @throws { BusinessError } 801 - api is not supported 1102 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1103 * @throws { BusinessError } 12000002 - algorithm param is missing 1104 * @throws { BusinessError } 12000003 - algorithm param is invalid 1105 * @throws { BusinessError } 12000004 - operating file failed 1106 * @throws { BusinessError } 12000005 - IPC communication failed 1107 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1108 * @throws { BusinessError } 12000011 - queried entity does not exist 1109 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1110 * @throws { BusinessError } 12000014 - memory is insufficient 1111 * @syscap SystemCapability.Security.Huks.Extension 1112 * @since 9 1113 */ 1114 /** 1115 * Exports a key. This API uses a promise to return the result. 1116 * 1117 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1118 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1119 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, outData 1120 * in HuksReturnResult is the public key exported. 1121 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1122 * 1. Mandatory parameters are left unspecified. 1123 * 2. Incorrect parameter types. 1124 * 3. Parameter verification failed. 1125 * @throws { BusinessError } 801 - api is not supported 1126 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1127 * @throws { BusinessError } 12000004 - operating file failed 1128 * @throws { BusinessError } 12000005 - IPC communication failed 1129 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1130 * @throws { BusinessError } 12000011 - queried entity does not exist 1131 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1132 * @throws { BusinessError } 12000014 - memory is insufficient 1133 * @syscap SystemCapability.Security.Huks.Extension 1134 * @atomicservice 1135 * @since 12 1136 */ 1137 function exportKeyItem(keyAlias: string, options: HuksOptions): Promise<HuksReturnResult>; 1138 1139 /** 1140 * Get properties of the key. 1141 * 1142 * @param { string } keyAlias - keyAlias indicates the key's name. 1143 * @param { HuksOptions } options - options indicates the properties of the key. 1144 * @param { AsyncCallback<HuksResult> } callback - the callback of getKeyProperties. 1145 * @syscap SystemCapability.Security.Huks.Extension 1146 * @since 8 1147 * @deprecated since 9 1148 * @useinstead ohos.security.huks.getKeyItemProperties 1149 */ 1150 function getKeyProperties(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 1151 1152 /** 1153 * Get properties of the key. 1154 * 1155 * @param { string } keyAlias - keyAlias indicates the key's name. 1156 * @param { HuksOptions } options - options indicates the properties of the key. 1157 * @returns { Promise<HuksResult> } the promise returned by the function. 1158 * @syscap SystemCapability.Security.Huks.Extension 1159 * @since 8 1160 * @deprecated since 9 1161 * @useinstead ohos.security.huks.getKeyItemProperties 1162 */ 1163 function getKeyProperties(keyAlias: string, options: HuksOptions): Promise<HuksResult>; 1164 1165 /** 1166 * Obtains key properties. This API uses an asynchronous callback to return the result. 1167 * 1168 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1169 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1170 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 1171 * successful, no err value is returned and properties contains the parameters required for generating the key. If the 1172 * operation fails, an error code is returned. 1173 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1174 * 1. Mandatory parameters are left unspecified. 1175 * 2. Incorrect parameter types. 1176 * 3. Parameter verification failed. 1177 * @throws { BusinessError } 801 - api is not supported 1178 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1179 * @throws { BusinessError } 12000002 - algorithm param is missing 1180 * @throws { BusinessError } 12000003 - algorithm param is invalid 1181 * @throws { BusinessError } 12000004 - operating file failed 1182 * @throws { BusinessError } 12000005 - IPC communication failed 1183 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1184 * @throws { BusinessError } 12000011 - queried entity does not exist 1185 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1186 * @throws { BusinessError } 12000014 - memory is insufficient 1187 * @syscap SystemCapability.Security.Huks.Extension 1188 * @since 9 1189 */ 1190 /** 1191 * Obtains key properties. This API uses an asynchronous callback to return the result. 1192 * 1193 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1194 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1195 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 1196 * successful, no err value is returned and properties contains the parameters required for generating the key. If the 1197 * operation fails, an error code is returned. 1198 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1199 * 1. Mandatory parameters are left unspecified. 1200 * 2. Incorrect parameter types. 1201 * 3. Parameter verification failed. 1202 * @throws { BusinessError } 801 - api is not supported 1203 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1204 * @throws { BusinessError } 12000004 - operating file failed 1205 * @throws { BusinessError } 12000005 - IPC communication failed 1206 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1207 * @throws { BusinessError } 12000011 - queried entity does not exist 1208 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1209 * @throws { BusinessError } 12000014 - memory is insufficient 1210 * @syscap SystemCapability.Security.Huks.Core 1211 * @atomicservice 1212 * @since 12 1213 */ 1214 function getKeyItemProperties( 1215 keyAlias: string, 1216 options: HuksOptions, 1217 callback: AsyncCallback<HuksReturnResult> 1218 ): void; 1219 1220 /** 1221 * Get properties of the key as user. 1222 * 1223 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 1224 * @param { number } userId - userId indicates the userId of the owner of the key. 1225 * @param { string } keyAlias - keyAlias indicates the key's name. 1226 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 1227 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 1228 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 1229 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 1230 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 1231 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1232 * 1. Mandatory parameters are left unspecified. 1233 * 2. Incorrect parameter types. 1234 * 3. Parameter verification failed. 1235 * @throws { BusinessError } 801 - api is not supported 1236 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1237 * @throws { BusinessError } 12000002 - algorithm param is missing 1238 * @throws { BusinessError } 12000003 - algorithm param is invalid 1239 * @throws { BusinessError } 12000004 - operating file failed 1240 * @throws { BusinessError } 12000005 - IPC communication failed 1241 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1242 * @throws { BusinessError } 12000011 - queried entity does not exist 1243 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1244 * @throws { BusinessError } 12000014 - memory is insufficient 1245 * @syscap SystemCapability.Security.Huks.Extension 1246 * @systemapi this method can be used only by system applications. 1247 * @since 12 1248 */ 1249 function getKeyItemPropertiesAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<HuksReturnResult>; 1250 1251 /** 1252 * Obtains key properties. This API uses a promise to return the result. 1253 * 1254 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1255 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1256 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, 1257 * properties in HuksReturnResult holds the parameters required for generating the key. 1258 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1259 * 1. Mandatory parameters are left unspecified. 1260 * 2. Incorrect parameter types. 1261 * 3. Parameter verification failed. 1262 * @throws { BusinessError } 801 - api is not supported 1263 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1264 * @throws { BusinessError } 12000002 - algorithm param is missing 1265 * @throws { BusinessError } 12000003 - algorithm param is invalid 1266 * @throws { BusinessError } 12000004 - operating file failed 1267 * @throws { BusinessError } 12000005 - IPC communication failed 1268 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1269 * @throws { BusinessError } 12000011 - queried entity does not exist 1270 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1271 * @throws { BusinessError } 12000014 - memory is insufficient 1272 * @syscap SystemCapability.Security.Huks.Extension 1273 * @since 9 1274 */ 1275 /** 1276 * Obtains key properties. This API uses a promise to return the result. 1277 * 1278 * @param { string } keyAlias - Key alias, which must be the same as the alias used when the key was generated. 1279 * @param { HuksOptions } options - Empty object (leave this parameter empty). 1280 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, 1281 * properties in HuksReturnResult holds the parameters required for generating the key. 1282 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1283 * 1. Mandatory parameters are left unspecified. 1284 * 2. Incorrect parameter types. 1285 * 3. Parameter verification failed. 1286 * @throws { BusinessError } 801 - api is not supported 1287 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1288 * @throws { BusinessError } 12000004 - operating file failed 1289 * @throws { BusinessError } 12000005 - IPC communication failed 1290 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1291 * @throws { BusinessError } 12000011 - queried entity does not exist 1292 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1293 * @throws { BusinessError } 12000014 - memory is insufficient 1294 * @syscap SystemCapability.Security.Huks.Extension 1295 * @atomicservice 1296 * @since 12 1297 */ 1298 function getKeyItemProperties(keyAlias: string, options: HuksOptions): Promise<HuksReturnResult>; 1299 1300 /** 1301 * Check whether the key exists. 1302 * 1303 * @param { string } keyAlias - keyAlias indicates the key's name. 1304 * @param { HuksOptions } options - options indicates the properties of the key. 1305 * @param { AsyncCallback<boolean> } callback - the callback of isKeyExist. 1306 * @syscap SystemCapability.Security.Huks.Extension 1307 * @since 8 1308 * @deprecated since 9 1309 * @useinstead ohos.security.huks.isKeyItemExist 1310 */ 1311 function isKeyExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback<boolean>): void; 1312 1313 /** 1314 * Check whether the key exists. 1315 * 1316 * @param { string } keyAlias - keyAlias indicates the key's name. 1317 * @param { HuksOptions } options - options indicates the properties of the key. 1318 * @returns { Promise<boolean> } the promise returned by the function. 1319 * @syscap SystemCapability.Security.Huks.Extension 1320 * @since 8 1321 * @deprecated since 9 1322 * @useinstead ohos.security.huks.isKeyItemExist 1323 */ 1324 function isKeyExist(keyAlias: string, options: HuksOptions): Promise<boolean>; 1325 1326 /** 1327 * Checks whether a key exists. This API uses an asynchronous callback to return the result. 1328 * 1329 * @param { string } keyAlias - Alias of the key to check. 1330 * @param { HuksOptions } options - Options for checking the key. For example, you can pass in HuksAuthStorageLevel to 1331 * specify the security level of the key to check. HuksAuthStorageLevel can be left empty, which means the default 1332 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 1333 * @param { AsyncCallback<boolean> } callback - Callback used to return the result. If the key exists, data is true. 1334 * If the key does not exist, error is the error code. 1335 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1336 * 1. Mandatory parameters are left unspecified. 1337 * 2. Incorrect parameter types. 1338 * 3. Parameter verification failed. 1339 * @throws { BusinessError } 801 - api is not supported 1340 * @throws { BusinessError } 12000004 - operating file failed 1341 * @throws { BusinessError } 12000005 - IPC communication failed 1342 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1343 * @throws { BusinessError } 12000011 - queried entity does not exist 1344 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1345 * @throws { BusinessError } 12000014 - memory is insufficient 1346 * @syscap SystemCapability.Security.Huks.Core 1347 * @since 9 1348 */ 1349 function isKeyItemExist(keyAlias: string, options: HuksOptions, callback: AsyncCallback<boolean>): void; 1350 1351 /** 1352 * Checks whether a key exists. This API uses a promise to return the result. 1353 * 1354 * @param { string } keyAlias - Alias of the key to check. 1355 * @param { HuksOptions } options - Options for checking the key. For example, you can pass in HuksAuthStorageLevel to 1356 * specify the security level of the key to check. HuksAuthStorageLevel can be left empty, which means the default 1357 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 1358 * @returns { Promise<boolean> } Promise used to return the result. If the key exists, then() performs subsequent 1359 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1360 * 1. Mandatory parameters are left unspecified. 1361 * 2. Incorrect parameter types. 1362 * 3. Parameter verification failed. 1363 * @throws { BusinessError } 801 - api is not supported 1364 * @throws { BusinessError } 12000004 - operating file failed 1365 * @throws { BusinessError } 12000005 - IPC communication failed 1366 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1367 * @throws { BusinessError } 12000011 - queried entity does not exist 1368 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1369 * @throws { BusinessError } 12000014 - memory is insufficient 1370 * @syscap SystemCapability.Security.Huks.Extension 1371 * @since 9 1372 */ 1373 function isKeyItemExist(keyAlias: string, options: HuksOptions): Promise<boolean>; 1374 1375 /** 1376 * Checks whether a key exists. This API uses an asynchronous callback to return the result. 1377 * 1378 * @param { string } keyAlias - Alias of the key to check. 1379 * @param { HuksOptions } options - Options for checking the key. For example, you can pass in HuksAuthStorageLevel to 1380 * specify the security level of the key to check. HuksAuthStorageLevel can be left empty, which means the default 1381 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 1382 * @param { AsyncCallback<boolean> } callback - Callback used to return the result. If the key exists, data is true. 1383 * Otherwise, data is false. 1384 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1385 * 1. Mandatory parameters are left unspecified. 1386 * 2. Incorrect parameter types. 1387 * 3. Parameter verification failed. 1388 * @throws { BusinessError } 801 - api is not supported 1389 * @throws { BusinessError } 12000004 - operating file failed 1390 * @throws { BusinessError } 12000005 - IPC communication failed 1391 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1392 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1393 * @throws { BusinessError } 12000014 - memory is insufficient 1394 * @syscap SystemCapability.Security.Huks.Core 1395 * @atomicservice 1396 * @since 11 1397 */ 1398 function hasKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<boolean>): void; 1399 1400 /** 1401 * Check whether the key exists as user. 1402 * 1403 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 1404 * @param { number } userId - userId indicates the userId of the owner of the key. 1405 * @param { string } keyAlias - keyAlias indicates the key's name. 1406 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 1407 * @returns { Promise<boolean> } the promise returned by the function. 1408 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 1409 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 1410 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 1411 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1412 * 1. Mandatory parameters are left unspecified. 1413 * 2. Incorrect parameter types. 1414 * 3. Parameter verification failed. 1415 * @throws { BusinessError } 801 - api is not supported 1416 * @throws { BusinessError } 12000002 - algorithm param is missing 1417 * @throws { BusinessError } 12000003 - algorithm param is invalid 1418 * @throws { BusinessError } 12000004 - operating file failed 1419 * @throws { BusinessError } 12000005 - IPC communication failed 1420 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1421 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1422 * @throws { BusinessError } 12000014 - memory is insufficient 1423 * @syscap SystemCapability.Security.Huks.Extension 1424 * @systemapi this method can be used only by system applications. 1425 * @since 12 1426 */ 1427 function hasKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<boolean>; 1428 1429 /** 1430 * Checks whether a key exists. This API uses a promise to return the result. 1431 * 1432 * @param { string } keyAlias - Alias of the key to check. 1433 * @param { HuksOptions } options - Options for checking the key. For example, you can pass in HuksAuthStorageLevel to 1434 * specify the security level of the key to check. HuksAuthStorageLevel can be left empty, which means the default 1435 * value HUKS_AUTH_STORAGE_LEVEL_DE is used. 1436 * @returns { Promise<boolean> } Promise used to return the result. If the key exists, true is returned. If the key 1437 * does not exist, false is returned. 1438 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1439 * 1. Mandatory parameters are left unspecified. 1440 * 2. Incorrect parameter types. 1441 * 3. Parameter verification failed. 1442 * @throws { BusinessError } 801 - api is not supported 1443 * @throws { BusinessError } 12000004 - operating file failed 1444 * @throws { BusinessError } 12000005 - IPC communication failed 1445 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1446 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1447 * @throws { BusinessError } 12000014 - memory is insufficient 1448 * @syscap SystemCapability.Security.Huks.Extension 1449 * @atomicservice 1450 * @since 11 1451 */ 1452 function hasKeyItem(keyAlias: string, options: HuksOptions): Promise<boolean>; 1453 1454 /** 1455 * Init Operation. 1456 * 1457 * @param { string } keyAlias - keyAlias indicates the key's name. 1458 * @param { HuksOptions } options - options indicates the properties of the key. 1459 * @param { AsyncCallback<HuksHandle> } callback - the callback of init, include the handle. 1460 * @syscap SystemCapability.Security.Huks.Extension 1461 * @since 8 1462 * @deprecated since 9 1463 * @useinstead ohos.security.huks.initSession 1464 */ 1465 function init(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksHandle>): void; 1466 1467 /** 1468 * Init Operation. 1469 * 1470 * @param { string } keyAlias - keyAlias indicates the key's name. 1471 * @param { HuksOptions } options - options indicates the properties of the key. 1472 * @returns { Promise<HuksHandle> } the promise returned by the function, include the handle. 1473 * @syscap SystemCapability.Security.Huks.Extension 1474 * @since 8 1475 * @deprecated since 9 1476 * @useinstead ohos.security.huks.initSession 1477 */ 1478 function init(keyAlias: string, options: HuksOptions): Promise<HuksHandle>; 1479 1480 /** 1481 * Initializes a session for a key operation. This API uses an asynchronous callback to return the 1482 * result. huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1483 * 1484 * @param { string } keyAlias - Alias of the key involved in the initSession operation. 1485 * @param { HuksOptions } options - Parameter set used for the initSession operation. 1486 * @param { AsyncCallback<HuksSessionHandle> } callback - Callback used to return a session handle for subsequent 1487 * operations. 1488 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1489 * 1. Mandatory parameters are left unspecified. 1490 * 2. Incorrect parameter types. 1491 * 3. Parameter verification failed. 1492 * @throws { BusinessError } 801 - api is not supported 1493 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1494 * @throws { BusinessError } 12000002 - algorithm param is missing 1495 * @throws { BusinessError } 12000003 - algorithm param is invalid 1496 * @throws { BusinessError } 12000004 - operating file failed 1497 * @throws { BusinessError } 12000005 - IPC communication failed 1498 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1499 * @throws { BusinessError } 12000010 - the number of sessions has reached limit 1500 * @throws { BusinessError } 12000011 - queried entity does not exist 1501 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1502 * @throws { BusinessError } 12000014 - memory is insufficient 1503 * @syscap SystemCapability.Security.Huks.Core 1504 * @since 9 1505 */ 1506 /** 1507 * Initializes a session for a key operation. This API uses an asynchronous callback to return the 1508 * result. huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1509 * 1510 * @param { string } keyAlias - Alias of the key involved in the initSession operation. 1511 * @param { HuksOptions } options - Parameter set used for the initSession operation. 1512 * @param { AsyncCallback<HuksSessionHandle> } callback - Callback used to return a session handle for subsequent 1513 * operations. 1514 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1515 * 1. Mandatory parameters are left unspecified. 1516 * 2. Incorrect parameter types. 1517 * 3. Parameter verification failed. 1518 * @throws { BusinessError } 801 - api is not supported 1519 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1520 * @throws { BusinessError } 12000002 - algorithm param is missing 1521 * @throws { BusinessError } 12000003 - algorithm param is invalid 1522 * @throws { BusinessError } 12000004 - operating file failed 1523 * @throws { BusinessError } 12000005 - IPC communication failed 1524 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1525 * @throws { BusinessError } 12000010 - the number of sessions has reached limit 1526 * @throws { BusinessError } 12000011 - queried entity does not exist 1527 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1528 * @throws { BusinessError } 12000014 - memory is insufficient 1529 * @syscap SystemCapability.Security.Huks.Core 1530 * @atomicservice 1531 * @since 11 1532 */ 1533 function initSession(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksSessionHandle>): void; 1534 1535 /** 1536 * Initializes a session for a key operation. This API uses a promise to return the result. 1537 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1538 * 1539 * @param { string } keyAlias - Alias of the key involved in the initSession operation. 1540 * @param { HuksOptions } options - Parameter set used for the initSession operation. 1541 * @returns { Promise<HuksSessionHandle> } Promise used to return a session handle for subsequent operations. 1542 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1543 * 1. Mandatory parameters are left unspecified. 1544 * 2. Incorrect parameter types. 1545 * 3. Parameter verification failed. 1546 * @throws { BusinessError } 801 - api is not supported 1547 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1548 * @throws { BusinessError } 12000002 - algorithm param is missing 1549 * @throws { BusinessError } 12000003 - algorithm param is invalid 1550 * @throws { BusinessError } 12000004 - operating file failed 1551 * @throws { BusinessError } 12000005 - IPC communication failed 1552 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1553 * @throws { BusinessError } 12000010 - the number of sessions has reached limit 1554 * @throws { BusinessError } 12000011 - queried entity does not exist 1555 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1556 * @throws { BusinessError } 12000014 - memory is insufficient 1557 * @syscap SystemCapability.Security.Huks.Extension 1558 * @since 9 1559 */ 1560 /** 1561 * Initializes a session for a key operation. This API uses a promise to return the result. 1562 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1563 * 1564 * @param { string } keyAlias - Alias of the key involved in the initSession operation. 1565 * @param { HuksOptions } options - Parameter set used for the initSession operation. 1566 * @returns { Promise<HuksSessionHandle> } Promise used to return a session handle for subsequent operations. 1567 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1568 * 1. Mandatory parameters are left unspecified. 1569 * 2. Incorrect parameter types. 1570 * 3. Parameter verification failed. 1571 * @throws { BusinessError } 801 - api is not supported 1572 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1573 * @throws { BusinessError } 12000002 - algorithm param is missing 1574 * @throws { BusinessError } 12000003 - algorithm param is invalid 1575 * @throws { BusinessError } 12000004 - operating file failed 1576 * @throws { BusinessError } 12000005 - IPC communication failed 1577 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1578 * @throws { BusinessError } 12000010 - the number of sessions has reached limit 1579 * @throws { BusinessError } 12000011 - queried entity does not exist 1580 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1581 * @throws { BusinessError } 12000014 - memory is insufficient 1582 * @syscap SystemCapability.Security.Huks.Extension 1583 * @atomicservice 1584 * @since 11 1585 */ 1586 function initSession(keyAlias: string, options: HuksOptions): Promise<HuksSessionHandle>; 1587 1588 /** 1589 * Init Operation As User. 1590 * 1591 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 1592 * @param { number } userId - userId indicates the userId of the owner of the key. 1593 * @param { string } keyAlias - keyAlias indicates the key's name. 1594 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key. 1595 * @returns { Promise<HuksSessionHandle> } the promise returned by the function. 1596 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 1597 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 1598 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 1599 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1600 * 1. Mandatory parameters are left unspecified. 1601 * 2. Incorrect parameter types. 1602 * 3. Parameter verification failed. 1603 * @throws { BusinessError } 801 - api is not supported 1604 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1605 * @throws { BusinessError } 12000002 - algorithm param is missing 1606 * @throws { BusinessError } 12000003 - algorithm param is invalid 1607 * @throws { BusinessError } 12000004 - operating file failed 1608 * @throws { BusinessError } 12000005 - IPC communication failed 1609 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1610 * @throws { BusinessError } 12000010 - the number of sessions has reached limit 1611 * @throws { BusinessError } 12000011 - queried entity does not exist 1612 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1613 * @throws { BusinessError } 12000014 - memory is insufficient 1614 * @syscap SystemCapability.Security.Huks.Extension 1615 * @systemapi this method can be used only by system applications. 1616 * @since 12 1617 */ 1618 function initSessionAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<HuksSessionHandle>; 1619 1620 /** 1621 * Update Operation. 1622 * 1623 * @param { number } handle - indicates the handle of the init operation. 1624 * @param { Uint8Array } token - token indicates the value of token. 1625 * @param { HuksOptions } options - options indicates the properties of the update operation. 1626 * @param { AsyncCallback<HuksResult> } callback - the callback of update. 1627 * @syscap SystemCapability.Security.Huks.Extension 1628 * @since 8 1629 * @deprecated since 9 1630 * @useinstead ohos.security.huks.updateSession 1631 */ 1632 function update(handle: number, token?: Uint8Array, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 1633 1634 /** 1635 * Update Operation. 1636 * 1637 * @param { number } handle - indicates the handle of the init operation. 1638 * @param { Uint8Array } token - indicates the value of token. 1639 * @param { HuksOptions } options - options indicates the properties of the update operation. 1640 * @returns { Promise<HuksResult> } the promise returned by the function. 1641 * @syscap SystemCapability.Security.Huks.Extension 1642 * @since 8 1643 * @deprecated since 9 1644 * @useinstead ohos.security.huks.updateSession 1645 */ 1646 function update(handle: number, token?: Uint8Array, options: HuksOptions): Promise<HuksResult>; 1647 1648 /** 1649 * Updates the key operation by segment. This API uses an asynchronous callback to return the result. 1650 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1651 * 1652 * @param { long } handle - Handle for the updateSession operation. 1653 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1654 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the updateSession operation result. 1655 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1656 * 1. Mandatory parameters are left unspecified. 1657 * 2. Incorrect parameter types. 1658 * 3. Parameter verification failed. 1659 * @throws { BusinessError } 801 - api is not supported 1660 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1661 * @throws { BusinessError } 12000002 - algorithm param is missing 1662 * @throws { BusinessError } 12000003 - algorithm param is invalid 1663 * @throws { BusinessError } 12000004 - operating file failed 1664 * @throws { BusinessError } 12000005 - IPC communication failed 1665 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1666 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1667 * @throws { BusinessError } 12000008 - verify auth token failed 1668 * @throws { BusinessError } 12000009 - auth token is already timeout 1669 * @throws { BusinessError } 12000011 - queried entity does not exist 1670 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1671 * @throws { BusinessError } 12000014 - memory is insufficient 1672 * @syscap SystemCapability.Security.Huks.Core 1673 * @since 9 1674 */ 1675 /** 1676 * Updates the key operation by segment. This API uses an asynchronous callback to return the result. 1677 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1678 * 1679 * @param { long } handle - Handle for the updateSession operation. 1680 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1681 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the updateSession operation result. 1682 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1683 * 1. Mandatory parameters are left unspecified. 1684 * 2. Incorrect parameter types. 1685 * 3. Parameter verification failed. 1686 * @throws { BusinessError } 801 - api is not supported 1687 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1688 * @throws { BusinessError } 12000002 - algorithm param is missing 1689 * @throws { BusinessError } 12000003 - algorithm param is invalid 1690 * @throws { BusinessError } 12000004 - operating file failed 1691 * @throws { BusinessError } 12000005 - IPC communication failed 1692 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1693 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1694 * @throws { BusinessError } 12000008 - verify auth token failed 1695 * @throws { BusinessError } 12000009 - auth token is already timeout 1696 * @throws { BusinessError } 12000011 - queried entity does not exist 1697 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1698 * @throws { BusinessError } 12000014 - memory is insufficient 1699 * @syscap SystemCapability.Security.Huks.Core 1700 * @atomicservice 1701 * @since 11 1702 */ 1703 function updateSession(handle: long, options: HuksOptions, callback: AsyncCallback<HuksReturnResult>): void; 1704 1705 /** 1706 * Updates the key operation by segment. This API uses an asynchronous callback to return the result. 1707 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1708 * 1709 * @param { long } handle - Handle for the updateSession operation. 1710 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1711 * @param { Uint8Array } token - Authentication token for refined key access control. 1712 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the updateSession operation result. 1713 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1714 * 1. Mandatory parameters are left unspecified. 1715 * 2. Incorrect parameter types. 1716 * 3. Parameter verification failed. 1717 * @throws { BusinessError } 801 - api is not supported 1718 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1719 * @throws { BusinessError } 12000002 - algorithm param is missing 1720 * @throws { BusinessError } 12000003 - algorithm param is invalid 1721 * @throws { BusinessError } 12000004 - operating file failed 1722 * @throws { BusinessError } 12000005 - IPC communication failed 1723 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1724 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1725 * @throws { BusinessError } 12000008 - verify auth token failed 1726 * @throws { BusinessError } 12000009 - auth token is already timeout 1727 * @throws { BusinessError } 12000011 - queried entity does not exist 1728 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1729 * @throws { BusinessError } 12000014 - memory is insufficient 1730 * @syscap SystemCapability.Security.Huks.Extension 1731 * @since 9 1732 */ 1733 /** 1734 * Updates the key operation by segment. This API uses an asynchronous callback to return the result. 1735 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1736 * 1737 * @param { long } handle - Handle for the updateSession operation. 1738 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1739 * @param { Uint8Array } token - Authentication token for refined key access control. 1740 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the updateSession operation result. 1741 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1742 * 1. Mandatory parameters are left unspecified. 1743 * 2. Incorrect parameter types. 1744 * 3. Parameter verification failed. 1745 * @throws { BusinessError } 801 - api is not supported 1746 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1747 * @throws { BusinessError } 12000002 - algorithm param is missing 1748 * @throws { BusinessError } 12000003 - algorithm param is invalid 1749 * @throws { BusinessError } 12000004 - operating file failed 1750 * @throws { BusinessError } 12000005 - IPC communication failed 1751 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1752 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1753 * @throws { BusinessError } 12000008 - verify auth token failed 1754 * @throws { BusinessError } 12000009 - auth token is already timeout 1755 * @throws { BusinessError } 12000011 - queried entity does not exist 1756 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1757 * @throws { BusinessError } 12000014 - memory is insufficient 1758 * @syscap SystemCapability.Security.Huks.Extension 1759 * @atomicservice 1760 * @since 12 1761 */ 1762 function updateSession( 1763 handle: long, 1764 options: HuksOptions, 1765 token: Uint8Array, 1766 callback: AsyncCallback<HuksReturnResult> 1767 ): void; 1768 1769 /** 1770 * Updates the key operation by segment. This API uses a promise to return the result. huks.initSession, 1771 * huks.updateSession, and huks.finishSession must be used together. 1772 * 1773 * @param { long } handle - Handle for the updateSession operation. 1774 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1775 * @param { Uint8Array } token - Authentication token for refined key access control. If this parameter is left blank, 1776 * refined key access control is not performed. 1777 * @returns { Promise<HuksReturnResult> } Promise used to return the updateSession operation result. 1778 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1779 * 1. Mandatory parameters are left unspecified. 1780 * 2. Incorrect parameter types. 1781 * 3. Parameter verification failed. 1782 * @throws { BusinessError } 801 - api is not supported 1783 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1784 * @throws { BusinessError } 12000002 - algorithm param is missing 1785 * @throws { BusinessError } 12000003 - algorithm param is invalid 1786 * @throws { BusinessError } 12000004 - operating file failed 1787 * @throws { BusinessError } 12000005 - IPC communication failed 1788 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1789 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1790 * @throws { BusinessError } 12000008 - verify auth token failed 1791 * @throws { BusinessError } 12000009 - auth token is already timeout 1792 * @throws { BusinessError } 12000011 - queried entity does not exist 1793 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1794 * @throws { BusinessError } 12000014 - memory is insufficient 1795 * @syscap SystemCapability.Security.Huks.Extension 1796 * @since 9 1797 */ 1798 /** 1799 * Updates the key operation by segment. This API uses a promise to return the result. huks.initSession, 1800 * huks.updateSession, and huks.finishSession must be used together. 1801 * 1802 * @param { long } handle - Handle for the updateSession operation. 1803 * @param { HuksOptions } options - Parameter set used for the updateSession operation. 1804 * @param { Uint8Array } token - Authentication token for refined key access control. If this parameter is left blank, 1805 * refined key access control is not performed. 1806 * @returns { Promise<HuksReturnResult> } Promise used to return the updateSession operation result. 1807 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1808 * 1. Mandatory parameters are left unspecified. 1809 * 2. Incorrect parameter types. 1810 * 3. Parameter verification failed. 1811 * @throws { BusinessError } 801 - api is not supported 1812 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1813 * @throws { BusinessError } 12000002 - algorithm param is missing 1814 * @throws { BusinessError } 12000003 - algorithm param is invalid 1815 * @throws { BusinessError } 12000004 - operating file failed 1816 * @throws { BusinessError } 12000005 - IPC communication failed 1817 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1818 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1819 * @throws { BusinessError } 12000008 - verify auth token failed 1820 * @throws { BusinessError } 12000009 - auth token is already timeout 1821 * @throws { BusinessError } 12000011 - queried entity does not exist 1822 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1823 * @throws { BusinessError } 12000014 - memory is insufficient 1824 * @syscap SystemCapability.Security.Huks.Extension 1825 * @atomicservice 1826 * @since 11 1827 */ 1828 function updateSession(handle: long, options: HuksOptions, token?: Uint8Array): Promise<HuksReturnResult>; 1829 1830 /** 1831 * Finish Operation. 1832 * 1833 * @param { number } handle - indicates the handle of the init operation. 1834 * @param { HuksOptions } options - options indicates the properties of the finish operation. 1835 * @param { AsyncCallback<HuksResult> } callback - the callback of finish. 1836 * @syscap SystemCapability.Security.Huks.Extension 1837 * @since 8 1838 * @deprecated since 9 1839 * @useinstead ohos.security.huks.finishSession 1840 */ 1841 function finish(handle: number, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 1842 1843 /** 1844 * Finish Operation. 1845 * 1846 * @param { number } handle - indicates the handle of the init operation. 1847 * @param { HuksOptions } options - options indicates the properties of the finish operation. 1848 * @returns { Promise<HuksResult> } the promise returned by the function. 1849 * @syscap SystemCapability.Security.Huks.Extension 1850 * @since 8 1851 * @deprecated since 9 1852 * @useinstead ohos.security.huks.finishSession 1853 */ 1854 function finish(handle: number, options: HuksOptions): Promise<HuksResult>; 1855 1856 /** 1857 * Finishes the key operation. This API uses an asynchronous callback to return the result. 1858 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1859 * 1860 * @param { number } handle - Handle for the finishSession operation. 1861 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 1862 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 1863 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1864 * 1. Mandatory parameters are left unspecified. 1865 * 2. Incorrect parameter types. 1866 * 3. Parameter verification failed. 1867 * @throws { BusinessError } 801 - api is not supported 1868 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1869 * @throws { BusinessError } 12000002 - algorithm param is missing 1870 * @throws { BusinessError } 12000003 - algorithm param is invalid 1871 * @throws { BusinessError } 12000004 - operating file failed 1872 * @throws { BusinessError } 12000005 - IPC communication failed 1873 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1874 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1875 * @throws { BusinessError } 12000008 - verify auth token failed 1876 * @throws { BusinessError } 12000009 - auth token is already timeout 1877 * @throws { BusinessError } 12000011 - queried entity does not exist 1878 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1879 * @throws { BusinessError } 12000014 - memory is insufficient 1880 * @syscap SystemCapability.Security.Huks.Core 1881 * @since 9 1882 */ 1883 /** 1884 * Finishes the key operation. This API uses an asynchronous callback to return the result. 1885 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1886 * 1887 * @param { number } handle - Handle for the finishSession operation. 1888 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 1889 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 1890 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1891 * 1. Mandatory parameters are left unspecified. 1892 * 2. Incorrect parameter types. 1893 * 3. Parameter verification failed. 1894 * @throws { BusinessError } 801 - api is not supported 1895 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1896 * @throws { BusinessError } 12000002 - algorithm param is missing 1897 * @throws { BusinessError } 12000003 - algorithm param is invalid 1898 * @throws { BusinessError } 12000004 - operating file failed 1899 * @throws { BusinessError } 12000005 - IPC communication failed 1900 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1901 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1902 * @throws { BusinessError } 12000008 - verify auth token failed 1903 * @throws { BusinessError } 12000009 - auth token is already timeout 1904 * @throws { BusinessError } 12000011 - queried entity does not exist 1905 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1906 * @throws { BusinessError } 12000014 - memory is insufficient 1907 * @syscap SystemCapability.Security.Huks.Core 1908 * @atomicservice 1909 * @since 11 1910 */ 1911 /** 1912 * Finishes the key operation. This API uses an asynchronous callback to return the result. 1913 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1914 * 1915 * @param { number } handle - Handle for the finishSession operation. 1916 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 1917 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 1918 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1919 * 1. Mandatory parameters are left unspecified. 1920 * 2. Incorrect parameter types. 1921 * 3. Parameter verification failed. 1922 * @throws { BusinessError } 801 - api is not supported 1923 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1924 * @throws { BusinessError } 12000002 - algorithm param is missing 1925 * @throws { BusinessError } 12000003 - algorithm param is invalid 1926 * @throws { BusinessError } 12000004 - operating file failed 1927 * @throws { BusinessError } 12000005 - IPC communication failed 1928 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1929 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1930 * @throws { BusinessError } 12000008 - verify auth token failed 1931 * @throws { BusinessError } 12000009 - auth token is already timeout 1932 * @throws { BusinessError } 12000011 - queried entity does not exist 1933 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1934 * @throws { BusinessError } 12000014 - memory is insufficient 1935 * @throws { BusinessError } 12000017 - The key with same alias is already exist 1936 * @syscap SystemCapability.Security.Huks.Core 1937 * @atomicservice 1938 * @since 20 1939 */ 1940 function finishSession(handle: number, options: HuksOptions, callback: AsyncCallback<HuksReturnResult>): void; 1941 1942 /** 1943 * Finishes the key operation. This API uses an asynchronous callback to return the result. 1944 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1945 * 1946 * @param { number } handle - Handle for the finishSession operation. 1947 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 1948 * @param { Uint8Array } token - Authentication token for refined key access control. 1949 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 1950 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1951 * 1. Mandatory parameters are left unspecified. 1952 * 2. Incorrect parameter types. 1953 * 3. Parameter verification failed. 1954 * @throws { BusinessError } 801 - api is not supported 1955 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1956 * @throws { BusinessError } 12000002 - algorithm param is missing 1957 * @throws { BusinessError } 12000003 - algorithm param is invalid 1958 * @throws { BusinessError } 12000004 - operating file failed 1959 * @throws { BusinessError } 12000005 - IPC communication failed 1960 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1961 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1962 * @throws { BusinessError } 12000008 - verify auth token failed 1963 * @throws { BusinessError } 12000009 - auth token is already timeout 1964 * @throws { BusinessError } 12000011 - queried entity does not exist 1965 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1966 * @throws { BusinessError } 12000014 - memory is insufficient 1967 * @syscap SystemCapability.Security.Huks.Extension 1968 * @since 9 1969 */ 1970 /** 1971 * Finishes the key operation. This API uses an asynchronous callback to return the result. 1972 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 1973 * 1974 * @param { number } handle - Handle for the finishSession operation. 1975 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 1976 * @param { Uint8Array } token - Authentication token for refined key access control. 1977 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 1978 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1979 * 1. Mandatory parameters are left unspecified. 1980 * 2. Incorrect parameter types. 1981 * 3. Parameter verification failed. 1982 * @throws { BusinessError } 801 - api is not supported 1983 * @throws { BusinessError } 12000001 - algorithm mode is not supported 1984 * @throws { BusinessError } 12000002 - algorithm param is missing 1985 * @throws { BusinessError } 12000003 - algorithm param is invalid 1986 * @throws { BusinessError } 12000004 - operating file failed 1987 * @throws { BusinessError } 12000005 - IPC communication failed 1988 * @throws { BusinessError } 12000006 - error occurred in crypto engine 1989 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 1990 * @throws { BusinessError } 12000008 - verify auth token failed 1991 * @throws { BusinessError } 12000009 - auth token is already timeout 1992 * @throws { BusinessError } 12000011 - queried entity does not exist 1993 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 1994 * @throws { BusinessError } 12000014 - memory is insufficient 1995 * @syscap SystemCapability.Security.Huks.Extension 1996 * @atomicservice 1997 * @since 12 1998 */ 1999 /** 2000 * Finishes the key operation. This API uses an asynchronous callback to return the result. 2001 * huks.initSession, huks.updateSession, and huks.finishSession must be used together. 2002 * 2003 * @param { number } handle - Handle for the finishSession operation. 2004 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 2005 * @param { Uint8Array } token - Authentication token for refined key access control. 2006 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the finishSession operation result. 2007 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2008 * 1. Mandatory parameters are left unspecified. 2009 * 2. Incorrect parameter types. 2010 * 3. Parameter verification failed. 2011 * @throws { BusinessError } 801 - api is not supported 2012 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2013 * @throws { BusinessError } 12000002 - algorithm param is missing 2014 * @throws { BusinessError } 12000003 - algorithm param is invalid 2015 * @throws { BusinessError } 12000004 - operating file failed 2016 * @throws { BusinessError } 12000005 - IPC communication failed 2017 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2018 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 2019 * @throws { BusinessError } 12000008 - verify auth token failed 2020 * @throws { BusinessError } 12000009 - auth token is already timeout 2021 * @throws { BusinessError } 12000011 - queried entity does not exist 2022 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2023 * @throws { BusinessError } 12000014 - memory is insufficient 2024 * @throws { BusinessError } 12000017 - The key with same alias is already exist 2025 * @syscap SystemCapability.Security.Huks.Extension 2026 * @atomicservice 2027 * @since 20 2028 */ 2029 function finishSession( 2030 handle: number, 2031 options: HuksOptions, 2032 token: Uint8Array, 2033 callback: AsyncCallback<HuksReturnResult> 2034 ): void; 2035 2036 /** 2037 * Finishes the key operation. This API uses a promise to return the result. huks.initSession, 2038 * huks.updateSession, and huks.finishSession must be used together. 2039 * 2040 * @param { number } handle - Handle for the finishSession operation. 2041 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 2042 * @param { Uint8Array } token - Authentication token for refined key access control. If this parameter is left blank, 2043 * refined key access control is not performed. 2044 * @returns { Promise<HuksReturnResult> } Promise used to return the result. 2045 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2046 * 1. Mandatory parameters are left unspecified. 2047 * 2. Incorrect parameter types. 2048 * 3. Parameter verification failed. 2049 * @throws { BusinessError } 801 - api is not supported 2050 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2051 * @throws { BusinessError } 12000002 - algorithm param is missing 2052 * @throws { BusinessError } 12000003 - algorithm param is invalid 2053 * @throws { BusinessError } 12000004 - operating file failed 2054 * @throws { BusinessError } 12000005 - IPC communication failed 2055 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2056 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 2057 * @throws { BusinessError } 12000008 - verify auth token failed 2058 * @throws { BusinessError } 12000009 - auth token is already timeout 2059 * @throws { BusinessError } 12000011 - queried entity does not exist 2060 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2061 * @throws { BusinessError } 12000014 - memory is insufficient 2062 * @syscap SystemCapability.Security.Huks.Extension 2063 * @since 9 2064 */ 2065 /** 2066 * Finishes the key operation. This API uses a promise to return the result. huks.initSession, 2067 * huks.updateSession, and huks.finishSession must be used together. 2068 * 2069 * @param { number } handle - Handle for the finishSession operation. 2070 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 2071 * @param { Uint8Array } token - Authentication token for refined key access control. If this parameter is left blank, 2072 * refined key access control is not performed. 2073 * @returns { Promise<HuksReturnResult> } Promise used to return the result. 2074 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2075 * 1. Mandatory parameters are left unspecified. 2076 * 2. Incorrect parameter types. 2077 * 3. Parameter verification failed. 2078 * @throws { BusinessError } 801 - api is not supported 2079 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2080 * @throws { BusinessError } 12000002 - algorithm param is missing 2081 * @throws { BusinessError } 12000003 - algorithm param is invalid 2082 * @throws { BusinessError } 12000004 - operating file failed 2083 * @throws { BusinessError } 12000005 - IPC communication failed 2084 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2085 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 2086 * @throws { BusinessError } 12000008 - verify auth token failed 2087 * @throws { BusinessError } 12000009 - auth token is already timeout 2088 * @throws { BusinessError } 12000011 - queried entity does not exist 2089 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2090 * @throws { BusinessError } 12000014 - memory is insufficient 2091 * @syscap SystemCapability.Security.Huks.Extension 2092 * @atomicservice 2093 * @since 11 2094 */ 2095 /** 2096 * Finishes the key operation. This API uses a promise to return the result. huks.initSession, 2097 * huks.updateSession, and huks.finishSession must be used together. 2098 * 2099 * @param { number } handle - Handle for the finishSession operation. 2100 * @param { HuksOptions } options - Parameter set used for the finishSession operation. 2101 * @param { Uint8Array } token - Authentication token for refined key access control. If this parameter is left blank, 2102 * refined key access control is not performed. 2103 * @returns { Promise<HuksReturnResult> } Promise used to return the result. 2104 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2105 * 1. Mandatory parameters are left unspecified. 2106 * 2. Incorrect parameter types. 2107 * 3. Parameter verification failed. 2108 * @throws { BusinessError } 801 - api is not supported 2109 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2110 * @throws { BusinessError } 12000002 - algorithm param is missing 2111 * @throws { BusinessError } 12000003 - algorithm param is invalid 2112 * @throws { BusinessError } 12000004 - operating file failed 2113 * @throws { BusinessError } 12000005 - IPC communication failed 2114 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2115 * @throws { BusinessError } 12000007 - this credential is already invalidated permanently 2116 * @throws { BusinessError } 12000008 - verify auth token failed 2117 * @throws { BusinessError } 12000009 - auth token is already timeout 2118 * @throws { BusinessError } 12000011 - queried entity does not exist 2119 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2120 * @throws { BusinessError } 12000014 - memory is insufficient 2121 * @throws { BusinessError } 12000017 - The key with same alias is already exist 2122 * @syscap SystemCapability.Security.Huks.Extension 2123 * @atomicservice 2124 * @since 20 2125 */ 2126 function finishSession(handle: number, options: HuksOptions, token?: Uint8Array): Promise<HuksReturnResult>; 2127 2128 /** 2129 * Abort Operation. 2130 * 2131 * @param { number } handle - indicates the handle of the init operation. 2132 * @param { HuksOptions } options - options indicates the properties of the abort operation. 2133 * @param { AsyncCallback<HuksResult> } callback - the callback of finishSession. 2134 * @syscap SystemCapability.Security.Huks.Extension 2135 * @since 8 2136 * @deprecated since 9 2137 * @useinstead ohos.security.huks.abortSession 2138 */ 2139 function abort(handle: number, options: HuksOptions, callback: AsyncCallback<HuksResult>): void; 2140 2141 /** 2142 * Abort Operation. 2143 * 2144 * @param { number } handle - indicates the handle of the init operation. 2145 * @param { HuksOptions } options - options indicates the properties of the abort operation. 2146 * @returns { Promise<HuksResult> } the promise returned by the function. 2147 * @syscap SystemCapability.Security.Huks.Extension 2148 * @since 8 2149 * @deprecated since 9 2150 * @useinstead ohos.security.huks.abortSession 2151 */ 2152 function abort(handle: number, options: HuksOptions): Promise<HuksResult>; 2153 2154 /** 2155 * Aborts a key operation. This API uses an asynchronous callback to return the result. 2156 * 2157 * @param { number } handle - Handle for the abortSession operation. 2158 * @param { HuksOptions } options - Parameter set used for the abortSession operation. 2159 * @param { AsyncCallback<void> } callback - Callback used to return the abortSession operation result. 2160 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2161 * 1. Mandatory parameters are left unspecified. 2162 * 2. Incorrect parameter types. 2163 * 3. Parameter verification failed. 2164 * @throws { BusinessError } 801 - api is not supported 2165 * @throws { BusinessError } 12000004 - operating file failed 2166 * @throws { BusinessError } 12000005 - IPC communication failed 2167 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2168 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2169 * @throws { BusinessError } 12000014 - memory is insufficient 2170 * @syscap SystemCapability.Security.Huks.Core 2171 * @since 9 2172 */ 2173 /** 2174 * Aborts a key operation. This API uses an asynchronous callback to return the result. 2175 * 2176 * @param { number } handle - Handle for the abortSession operation. 2177 * @param { HuksOptions } options - Parameter set used for the abortSession operation. 2178 * @param { AsyncCallback<void> } callback - Callback used to return the abortSession operation result. 2179 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2180 * 1. Mandatory parameters are left unspecified. 2181 * 2. Incorrect parameter types. 2182 * 3. Parameter verification failed. 2183 * @throws { BusinessError } 801 - api is not supported 2184 * @throws { BusinessError } 12000004 - operating file failed 2185 * @throws { BusinessError } 12000005 - IPC communication failed 2186 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2187 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2188 * @throws { BusinessError } 12000014 - memory is insufficient 2189 * @syscap SystemCapability.Security.Huks.Core 2190 * @atomicservice 2191 * @since 11 2192 */ 2193 function abortSession(handle: number, options: HuksOptions, callback: AsyncCallback<void>): void; 2194 2195 /** 2196 * Aborts a key operation. This API uses a promise to return the result. 2197 * 2198 * @param { number } handle - Handle for the abortSession operation. 2199 * @param { HuksOptions } options - Parameter set used for the abortSession operation. 2200 * @returns { Promise<void> } Promise used to return the abortSession operation result. 2201 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2202 * 1. Mandatory parameters are left unspecified. 2203 * 2. Incorrect parameter types. 2204 * 3. Parameter verification failed. 2205 * @throws { BusinessError } 801 - api is not supported 2206 * @throws { BusinessError } 12000004 - operating file failed 2207 * @throws { BusinessError } 12000005 - IPC communication failed 2208 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2209 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2210 * @throws { BusinessError } 12000014 - memory is insufficient 2211 * @syscap SystemCapability.Security.Huks.Extension 2212 * @since 9 2213 */ 2214 /** 2215 * Aborts a key operation. This API uses a promise to return the result. 2216 * 2217 * @param { number } handle - Handle for the abortSession operation. 2218 * @param { HuksOptions } options - Parameter set used for the abortSession operation. 2219 * @returns { Promise<void> } Promise used to return the abortSession operation result. 2220 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2221 * 1. Mandatory parameters are left unspecified. 2222 * 2. Incorrect parameter types. 2223 * 3. Parameter verification failed. 2224 * @throws { BusinessError } 801 - api is not supported 2225 * @throws { BusinessError } 12000004 - operating file failed 2226 * @throws { BusinessError } 12000005 - IPC communication failed 2227 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2228 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2229 * @throws { BusinessError } 12000014 - memory is insufficient 2230 * @syscap SystemCapability.Security.Huks.Extension 2231 * @atomicservice 2232 * @since 11 2233 */ 2234 function abortSession(handle: number, options: HuksOptions): Promise<void>; 2235 2236 /** 2237 * Obtains the certificate used to attest a key. This API uses an asynchronous callback to return the result. 2238 * 2239 * @permission ohos.permission.ATTEST_KEY 2240 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2241 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2242 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 2243 * successful, no err value is returned; otherwise, an error code is returned. 2244 * @throws { BusinessError } 201 - check permission failed 2245 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2246 * 1. Mandatory parameters are left unspecified. 2247 * 2. Incorrect parameter types. 2248 * 3. Parameter verification failed. 2249 * @throws { BusinessError } 801 - api is not supported 2250 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2251 * @throws { BusinessError } 12000004 - operating file failed 2252 * @throws { BusinessError } 12000005 - IPC communication failed 2253 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2254 * @throws { BusinessError } 12000011 - queried entity does not exist 2255 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2256 * @throws { BusinessError } 12000014 - memory is insufficient 2257 * @syscap SystemCapability.Security.Huks.Extension 2258 * @since 9 2259 */ 2260 function attestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksReturnResult>): void; 2261 2262 /** 2263 * Key Attestation As User. 2264 * 2265 * @permission ohos.permission.ATTEST_KEY and ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 2266 * @param { number } userId - userId indicates the userId of the owner of the key. 2267 * @param { string } keyAlias - keyAlias indicates the key's name. 2268 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key attestation operation. 2269 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 2270 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 2271 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 2272 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 2273 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2274 * 1. Mandatory parameters are left unspecified. 2275 * 2. Incorrect parameter types. 2276 * 3. Parameter verification failed. 2277 * @throws { BusinessError } 801 - api is not supported 2278 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2279 * @throws { BusinessError } 12000002 - algorithm param is missing 2280 * @throws { BusinessError } 12000003 - algorithm param is invalid 2281 * @throws { BusinessError } 12000004 - operating file failed 2282 * @throws { BusinessError } 12000005 - IPC communication failed 2283 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2284 * @throws { BusinessError } 12000011 - queried entity does not exist 2285 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2286 * @throws { BusinessError } 12000014 - memory is insufficient 2287 * @syscap SystemCapability.Security.Huks.Extension 2288 * @systemapi this method can be used only by system applications. 2289 * @since 12 2290 */ 2291 function attestKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<HuksReturnResult>; 2292 2293 /** 2294 * Obtains the certificate used to attest a key. This API uses a promise to return the result. 2295 * 2296 * @permission ohos.permission.ATTEST_KEY 2297 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2298 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2299 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, 2300 * certChains in HuksReturnResult is the certificate chain obtained. 2301 * @throws { BusinessError } 201 - check permission failed 2302 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2303 * 1. Mandatory parameters are left unspecified. 2304 * 2. Incorrect parameter types. 2305 * 3. Parameter verification failed. 2306 * @throws { BusinessError } 801 - api is not supported 2307 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2308 * @throws { BusinessError } 12000004 - operating file failed 2309 * @throws { BusinessError } 12000005 - IPC communication failed 2310 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2311 * @throws { BusinessError } 12000011 - queried entity does not exist 2312 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2313 * @throws { BusinessError } 12000014 - memory is insufficient 2314 * @syscap SystemCapability.Security.Huks.Extension 2315 * @since 9 2316 */ 2317 function attestKeyItem(keyAlias: string, options: HuksOptions): Promise<HuksReturnResult>; 2318 2319 /** 2320 * Obtains the certificate for anonymous attestation. This API uses an asynchronous callback to return 2321 * the result. This operation requires Internet access and takes time. If error code 12000012 is returned, the network 2322 * is abnormal. If the device is not connected to the network, display a message, indicating that the network is not 2323 * connected. If the network is connected, the failure may be caused by network jitter. Try again later. 2324 * 2325 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2326 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2327 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 2328 * successful, no err value is returned; otherwise, an error code is returned. 2329 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2330 * 1. Mandatory parameters are left unspecified. 2331 * 2. Incorrect parameter types. 2332 * 3. Parameter verification failed. 2333 * @throws { BusinessError } 801 - api is not supported 2334 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2335 * @throws { BusinessError } 12000004 - operating file failed 2336 * @throws { BusinessError } 12000005 - IPC communication failed 2337 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2338 * @throws { BusinessError } 12000011 - queried entity does not exist 2339 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2340 * @throws { BusinessError } 12000014 - memory is insufficient 2341 * @syscap SystemCapability.Security.Huks.Extension 2342 * @since 11 2343 */ 2344 /** 2345 * Obtains the certificate for anonymous attestation. This API uses an asynchronous callback to return 2346 * the result. This operation requires Internet access and takes time. If error code 12000012 is returned, the network 2347 * is abnormal. If the device is not connected to the network, display a message, indicating that the network is not 2348 * connected. If the network is connected, the failure may be caused by network jitter. Try again later. 2349 * 2350 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2351 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2352 * @param { AsyncCallback<HuksReturnResult> } callback - Callback used to return the result. If the operation is 2353 * successful, no err value is returned; otherwise, an error code is returned. 2354 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2355 * 1. Mandatory parameters are left unspecified. 2356 * 2. Incorrect parameter types. 2357 * 3. Parameter verification failed. 2358 * @throws { BusinessError } 801 - api is not supported 2359 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2360 * @throws { BusinessError } 12000004 - operating file failed 2361 * @throws { BusinessError } 12000005 - IPC communication failed 2362 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2363 * @throws { BusinessError } 12000011 - queried entity does not exist 2364 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2365 * @throws { BusinessError } 12000014 - memory is insufficient 2366 * @syscap SystemCapability.Security.Huks.Extension 2367 * @atomicservice 2368 * @since 12 2369 */ 2370 function anonAttestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback<HuksReturnResult>): void; 2371 2372 /** 2373 * Key Attestation with anonymous certificate as user. 2374 * 2375 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 2376 * @param { number } userId - userId indicates the userId of the owner of the key. 2377 * @param { string } keyAlias - keyAlias indicates the key's name. 2378 * @param { HuksOptions } huksOptions - huksOptions indicates the properties of the key attestation operation. 2379 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 2380 * @throws { BusinessError } 201 - the application permission is not sufficient, which may be caused by lack of 2381 * <br>cross-account permission, or the system has not been unlocked by user, or the user does not exist. 2382 * @throws { BusinessError } 202 - non-system applications are not allowed to use system APIs. 2383 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2384 * 1. Mandatory parameters are left unspecified. 2385 * 2. Incorrect parameter types. 2386 * 3. Parameter verification failed. 2387 * @throws { BusinessError } 801 - api is not supported 2388 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2389 * @throws { BusinessError } 12000002 - algorithm param is missing 2390 * @throws { BusinessError } 12000003 - algorithm param is invalid 2391 * @throws { BusinessError } 12000004 - operating file failed 2392 * @throws { BusinessError } 12000005 - IPC communication failed 2393 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2394 * @throws { BusinessError } 12000011 - queried entity does not exist 2395 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2396 * @throws { BusinessError } 12000014 - memory is insufficient 2397 * @syscap SystemCapability.Security.Huks.Extension 2398 * @systemapi this method can be used only by system applications. 2399 * @since 12 2400 */ 2401 function anonAttestKeyItemAsUser(userId: number, keyAlias: string, huksOptions: HuksOptions): Promise<HuksReturnResult>; 2402 2403 /** 2404 * Obtains the certificate for anonymous attestation. This API uses a promise to return the result. This 2405 * operation requires Internet access and takes time. If error code 12000012 is returned, the network is abnormal. If 2406 * the device is not connected to the network, display a message, indicating that the network is not connected. If the 2407 * network is connected, the failure may be caused by network jitter. Try again later. 2408 * 2409 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2410 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2411 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, 2412 * certChains in HuksReturnResult is the certificate chain obtained. 2413 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2414 * 1. Mandatory parameters are left unspecified. 2415 * 2. Incorrect parameter types. 2416 * 3. Parameter verification failed. 2417 * @throws { BusinessError } 801 - api is not supported 2418 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2419 * @throws { BusinessError } 12000002 - algorithm param is missing 2420 * @throws { BusinessError } 12000003 - algorithm param is invalid 2421 * @throws { BusinessError } 12000004 - operating file failed 2422 * @throws { BusinessError } 12000005 - IPC communication failed 2423 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2424 * @throws { BusinessError } 12000011 - queried entity does not exist 2425 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2426 * @throws { BusinessError } 12000014 - memory is insufficient 2427 * @syscap SystemCapability.Security.Huks.Extension 2428 * @since 11 2429 */ 2430 /** 2431 * Obtains the certificate for anonymous attestation. This API uses a promise to return the result. This 2432 * operation requires Internet access and takes time. If error code 12000012 is returned, the network is abnormal. If 2433 * the device is not connected to the network, display a message, indicating that the network is not connected. If the 2434 * network is connected, the failure may be caused by network jitter. Try again later. 2435 * 2436 * @param { string } keyAlias - Alias of the key. The certificate to be obtained stores the key. 2437 * @param { HuksOptions } options - Parameters and data required for obtaining the certificate. 2438 * @returns { Promise<HuksReturnResult> } Promise used to return the result. If the operation is successful, 2439 * certChains in HuksReturnResult is the certificate chain obtained. 2440 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2441 * 1. Mandatory parameters are left unspecified. 2442 * 2. Incorrect parameter types. 2443 * 3. Parameter verification failed. 2444 * @throws { BusinessError } 801 - api is not supported 2445 * @throws { BusinessError } 12000001 - algorithm mode is not supported 2446 * @throws { BusinessError } 12000004 - operating file failed 2447 * @throws { BusinessError } 12000005 - IPC communication failed 2448 * @throws { BusinessError } 12000006 - error occurred in crypto engine 2449 * @throws { BusinessError } 12000011 - queried entity does not exist 2450 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2451 * @throws { BusinessError } 12000014 - memory is insufficient 2452 * @syscap SystemCapability.Security.Huks.Extension 2453 * @atomicservice 2454 * @since 12 2455 */ 2456 function anonAttestKeyItem(keyAlias: string, options: HuksOptions): Promise<HuksReturnResult>; 2457 2458 /** 2459 * Obtains the SDK version of the current system. 2460 * 2461 * @param { HuksOptions } options - Empty object, which is used to hold the SDK version. 2462 * @returns { string } SDK version obtained. 2463 * @syscap SystemCapability.Security.Huks.Extension 2464 * @since 8 2465 * @deprecated since 11 2466 */ 2467 function getSdkVersion(options: HuksOptions): string; 2468 2469 /** 2470 * Lists key aliases. This API uses a promise to return the result. 2471 * 2472 * @param { HuksOptions } options - Parameters for listing key aliases. 2473 * @returns { Promise<HuksListAliasesReturnResult> } Promise used to return the key aliases obtained. 2474 * @throws { BusinessError } 401 - Parameter error. Possible causes: 2475 * 1. Mandatory parameters are left unspecified. 2476 * 2. Incorrect parameter types. 2477 * 3. Parameter verification failed. 2478 * @throws { BusinessError } 12000004 - operating file failed 2479 * @throws { BusinessError } 12000005 - IPC communication failed 2480 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2481 * @throws { BusinessError } 12000014 - memory is insufficient 2482 * @syscap SystemCapability.Security.Huks.Extension 2483 * @atomicservice 2484 * @since 12 2485 */ 2486 function listAliases(options: HuksOptions): Promise<HuksListAliasesReturnResult>; 2487 2488 /** 2489 * Export the wrapped key protected by a specific key. 2490 * 2491 * @param { string } keyAlias - keyAlias indicates the key's name. 2492 * @param { HuksOptions } params - params indicates the export properties. 2493 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 2494 * @throws { BusinessError } 801 - api is not supported 2495 * @throws { BusinessError } 12000004 - operating file failed 2496 * @throws { BusinessError } 12000005 - IPC communication failed 2497 * @throws { BusinessError } 12000011 - queried entity does not exist 2498 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2499 * @throws { BusinessError } 12000014 - memory is insufficient 2500 * @throws { BusinessError } 12000018 - the input parameter is invalid 2501 * @syscap SystemCapability.Security.Huks.Core 2502 * @since 20 2503 */ 2504 function wrapKeyItem(keyAlias: string, params: HuksOptions): Promise<HuksReturnResult>; 2505 2506 /** 2507 * Import the wrapped key protected by a specific key 2508 * 2509 * @param { string } keyAlias - keyAlias indicates the key's name. 2510 * @param { HuksOptions } params - params indicates the import properties. 2511 * @param { Uint8Array } wrappedKey -indicates the wrapped key. 2512 * @returns { Promise<HuksReturnResult> } the promise returned by the function. 2513 * @throws { BusinessError } 801 - api is not supported 2514 * @throws { BusinessError } 12000004 - operating file failed 2515 * @throws { BusinessError } 12000005 - IPC communication failed 2516 * @throws { BusinessError } 12000012 - Device environment or input parameter abnormal 2517 * @throws { BusinessError } 12000014 - memory is insufficient 2518 * @throws { BusinessError } 12000015 - Failed to obtain the security information via UserIAM 2519 * @throws { BusinessError } 12000018 - the input parameter is invalid 2520 * @syscap SystemCapability.Security.Huks.Core 2521 * @since 20 2522 */ 2523 function unwrapKeyItem(keyAlias: string, params: HuksOptions, wrappedKey: Uint8Array): Promise<HuksReturnResult>; 2524 2525 /** 2526 * Defines the param field in the properties array of options used in the APIs. 2527 * 2528 * @typedef HuksParam 2529 * @syscap SystemCapability.Security.Huks.Core 2530 * @since 8 2531 */ 2532 /** 2533 * Defines the param field in the properties array of options used in the APIs. 2534 * 2535 * @typedef HuksParam 2536 * @syscap SystemCapability.Security.Huks.Core 2537 * @atomicservice 2538 * @since 11 2539 */ 2540 export interface HuksParam { 2541 /** 2542 * @syscap SystemCapability.Security.Huks.Core 2543 * @since 8 2544 */ 2545 /** 2546 * @type { HuksTag } 2547 * @syscap SystemCapability.Security.Huks.Core 2548 * @atomicservice 2549 * @since 11 2550 */ 2551 tag: HuksTag; 2552 /** 2553 * @syscap SystemCapability.Security.Huks.Core 2554 * @since 8 2555 */ 2556 /** 2557 * @type { boolean | number | bigint | Uint8Array } 2558 * @syscap SystemCapability.Security.Huks.Core 2559 * @atomicservice 2560 * @since 11 2561 */ 2562 value: boolean | number | bigint | Uint8Array; 2563 } 2564 2565 /** 2566 * Interface of huks handle. 2567 * 2568 * @typedef HuksHandle 2569 * @syscap SystemCapability.Security.Huks.Extension 2570 * @since 8 2571 * @deprecated since 9 2572 * @useinstead ohos.security.huks.HuksSessionHandle 2573 */ 2574 export interface HuksHandle { 2575 /** 2576 * @type { number } 2577 * @syscap SystemCapability.Security.Huks.Extension 2578 * @since 8 2579 * @deprecated since 9 2580 */ 2581 errorCode: number; 2582 /** 2583 * @type { number } 2584 * @syscap SystemCapability.Security.Huks.Extension 2585 * @since 8 2586 * @deprecated since 9 2587 */ 2588 handle: number; 2589 /** 2590 * @type { ?Uint8Array } 2591 * @syscap SystemCapability.Security.Huks.Extension 2592 * @since 8 2593 * @deprecated since 9 2594 */ 2595 token?: Uint8Array; 2596 } 2597 2598 /** 2599 * Defines the struct for a HUKS handle. 2600 * 2601 * @typedef HuksSessionHandle 2602 * @syscap SystemCapability.Security.Huks.Core 2603 * @since 9 2604 */ 2605 /** 2606 * Defines the struct for a HUKS handle. 2607 * 2608 * @typedef HuksSessionHandle 2609 * @syscap SystemCapability.Security.Huks.Core 2610 * @atomicservice 2611 * @since 11 2612 */ 2613 export interface HuksSessionHandle { 2614 /** 2615 * @syscap SystemCapability.Security.Huks.Core 2616 * @since 9 2617 */ 2618 /** 2619 * @type { number } 2620 * @syscap SystemCapability.Security.Huks.Core 2621 * @atomicservice 2622 * @since 11 2623 */ 2624 handle: number; 2625 /** 2626 * @syscap SystemCapability.Security.Huks.Core 2627 * @since 9 2628 */ 2629 /** 2630 * @type { ?Uint8Array } 2631 * @syscap SystemCapability.Security.Huks.Core 2632 * @atomicservice 2633 * @since 11 2634 */ 2635 challenge?: Uint8Array; 2636 } 2637 2638 /** 2639 * Defines options used in the APIs. 2640 * 2641 * @typedef HuksOptions 2642 * @syscap SystemCapability.Security.Huks.Core 2643 * @since 8 2644 */ 2645 /** 2646 * Defines options used in the APIs. 2647 * 2648 * @typedef HuksOptions 2649 * @syscap SystemCapability.Security.Huks.Core 2650 * @atomicservice 2651 * @since 11 2652 */ 2653 export interface HuksOptions { 2654 /** 2655 * @syscap SystemCapability.Security.Huks.Core 2656 * @since 8 2657 */ 2658 /** 2659 * @type { ?Array<HuksParam> } 2660 * @syscap SystemCapability.Security.Huks.Core 2661 * @atomicservice 2662 * @since 11 2663 */ 2664 properties?: Array<HuksParam>; 2665 /** 2666 * @syscap SystemCapability.Security.Huks.Core 2667 * @since 8 2668 */ 2669 /** 2670 * @type { ?Uint8Array } 2671 * @syscap SystemCapability.Security.Huks.Core 2672 * @atomicservice 2673 * @since 11 2674 */ 2675 inData?: Uint8Array; 2676 } 2677 2678 /** 2679 * Interface of huks result. 2680 * 2681 * @typedef HuksResult 2682 * @syscap SystemCapability.Security.Huks.Extension 2683 * @since 8 2684 * @deprecated since 9 2685 * @useinstead ohos.security.huks.HuksReturnResult 2686 */ 2687 export interface HuksResult { 2688 /** 2689 * @type { number } 2690 * @syscap SystemCapability.Security.Huks.Extension 2691 * @since 8 2692 * @deprecated since 9 2693 */ 2694 errorCode: number; 2695 /** 2696 * @type { ?Uint8Array } 2697 * @syscap SystemCapability.Security.Huks.Extension 2698 * @since 8 2699 * @deprecated since 9 2700 */ 2701 outData?: Uint8Array; 2702 /** 2703 * @type { ?Array<HuksParam> } 2704 * @syscap SystemCapability.Security.Huks.Extension 2705 * @since 8 2706 * @deprecated since 9 2707 */ 2708 properties?: Array<HuksParam>; 2709 /** 2710 * @type { ?Array<string> } 2711 * @syscap SystemCapability.Security.Huks.Extension 2712 * @since 8 2713 * @deprecated since 9 2714 */ 2715 certChains?: Array<string>; 2716 } 2717 2718 /** 2719 * Represents the result returned. 2720 * 2721 * @typedef HuksReturnResult 2722 * @syscap SystemCapability.Security.Huks.Core 2723 * @since 9 2724 */ 2725 /** 2726 * Represents the result returned. 2727 * 2728 * @typedef HuksReturnResult 2729 * @syscap SystemCapability.Security.Huks.Core 2730 * @atomicservice 2731 * @since 11 2732 */ 2733 export interface HuksReturnResult { 2734 /** 2735 * @syscap SystemCapability.Security.Huks.Core 2736 * @since 9 2737 */ 2738 /** 2739 * @type { ?Uint8Array } 2740 * @syscap SystemCapability.Security.Huks.Core 2741 * @atomicservice 2742 * @since 11 2743 */ 2744 outData?: Uint8Array; 2745 /** 2746 * @syscap SystemCapability.Security.Huks.Core 2747 * @since 9 2748 */ 2749 /** 2750 * @type { ?Array<HuksParam> } 2751 * @syscap SystemCapability.Security.Huks.Core 2752 * @atomicservice 2753 * @since 11 2754 */ 2755 properties?: Array<HuksParam>; 2756 /** 2757 * @syscap SystemCapability.Security.Huks.Core 2758 * @since 9 2759 */ 2760 /** 2761 * @type { ?Array<string> } 2762 * @syscap SystemCapability.Security.Huks.Core 2763 * @atomicservice 2764 * @since 12 2765 */ 2766 certChains?: Array<string>; 2767 } 2768 2769 /** 2770 * Represents an array of key aliases. 2771 * 2772 * @typedef HuksListAliasesReturnResult 2773 * @syscap SystemCapability.Security.Huks.Extension 2774 * @atomicservice 2775 * @since 12 2776 */ 2777 export interface HuksListAliasesReturnResult { 2778 2779 /** 2780 * the returned list of key aliases 2781 * 2782 * @type { Array<string> } 2783 * @syscap SystemCapability.Security.Huks.Extension 2784 * @atomicservice 2785 * @since 12 2786 */ 2787 keyAliases: Array<string>; 2788 } 2789 2790 /** 2791 * Enum for huks error code. 2792 * 2793 * @enum { number } 2794 * @syscap SystemCapability.Security.Huks.Extension 2795 * @since 8 2796 * @deprecated since 9 2797 * @useinstead ohos.security.huks.HuksExceptionErrCode 2798 */ 2799 export enum HuksErrorCode { 2800 /** 2801 * @syscap SystemCapability.Security.Huks.Extension 2802 * @since 8 2803 * @deprecated since 9 2804 */ 2805 HUKS_SUCCESS = 0, 2806 /** 2807 * @syscap SystemCapability.Security.Huks.Extension 2808 * @since 8 2809 * @deprecated since 9 2810 */ 2811 HUKS_FAILURE = -1, 2812 /** 2813 * @syscap SystemCapability.Security.Huks.Extension 2814 * @since 8 2815 * @deprecated since 9 2816 */ 2817 HUKS_ERROR_BAD_STATE = -2, 2818 /** 2819 * @syscap SystemCapability.Security.Huks.Extension 2820 * @since 8 2821 * @deprecated since 9 2822 */ 2823 HUKS_ERROR_INVALID_ARGUMENT = -3, 2824 /** 2825 * @syscap SystemCapability.Security.Huks.Extension 2826 * @since 8 2827 * @deprecated since 9 2828 */ 2829 HUKS_ERROR_NOT_SUPPORTED = -4, 2830 /** 2831 * @syscap SystemCapability.Security.Huks.Extension 2832 * @since 8 2833 * @deprecated since 9 2834 */ 2835 HUKS_ERROR_NO_PERMISSION = -5, 2836 /** 2837 * @syscap SystemCapability.Security.Huks.Extension 2838 * @since 8 2839 * @deprecated since 9 2840 */ 2841 HUKS_ERROR_INSUFFICIENT_DATA = -6, 2842 /** 2843 * @syscap SystemCapability.Security.Huks.Extension 2844 * @since 8 2845 * @deprecated since 9 2846 */ 2847 HUKS_ERROR_BUFFER_TOO_SMALL = -7, 2848 /** 2849 * @syscap SystemCapability.Security.Huks.Extension 2850 * @since 8 2851 * @deprecated since 9 2852 */ 2853 HUKS_ERROR_INSUFFICIENT_MEMORY = -8, 2854 /** 2855 * @syscap SystemCapability.Security.Huks.Extension 2856 * @since 8 2857 * @deprecated since 9 2858 */ 2859 HUKS_ERROR_COMMUNICATION_FAILURE = -9, 2860 /** 2861 * @syscap SystemCapability.Security.Huks.Extension 2862 * @since 8 2863 * @deprecated since 9 2864 */ 2865 HUKS_ERROR_STORAGE_FAILURE = -10, 2866 /** 2867 * @syscap SystemCapability.Security.Huks.Extension 2868 * @since 8 2869 * @deprecated since 9 2870 */ 2871 HUKS_ERROR_HARDWARE_FAILURE = -11, 2872 /** 2873 * @syscap SystemCapability.Security.Huks.Extension 2874 * @since 8 2875 * @deprecated since 9 2876 */ 2877 HUKS_ERROR_ALREADY_EXISTS = -12, 2878 /** 2879 * @syscap SystemCapability.Security.Huks.Extension 2880 * @since 8 2881 * @deprecated since 9 2882 */ 2883 HUKS_ERROR_NOT_EXIST = -13, 2884 /** 2885 * @syscap SystemCapability.Security.Huks.Extension 2886 * @since 8 2887 * @deprecated since 9 2888 */ 2889 HUKS_ERROR_NULL_POINTER = -14, 2890 /** 2891 * @syscap SystemCapability.Security.Huks.Extension 2892 * @since 8 2893 * @deprecated since 9 2894 */ 2895 HUKS_ERROR_FILE_SIZE_FAIL = -15, 2896 /** 2897 * @syscap SystemCapability.Security.Huks.Extension 2898 * @since 8 2899 * @deprecated since 9 2900 */ 2901 HUKS_ERROR_READ_FILE_FAIL = -16, 2902 /** 2903 * @syscap SystemCapability.Security.Huks.Extension 2904 * @since 8 2905 * @deprecated since 9 2906 */ 2907 HUKS_ERROR_INVALID_PUBLIC_KEY = -17, 2908 /** 2909 * @syscap SystemCapability.Security.Huks.Extension 2910 * @since 8 2911 * @deprecated since 9 2912 */ 2913 HUKS_ERROR_INVALID_PRIVATE_KEY = -18, 2914 /** 2915 * @syscap SystemCapability.Security.Huks.Extension 2916 * @since 8 2917 * @deprecated since 9 2918 */ 2919 HUKS_ERROR_INVALID_KEY_INFO = -19, 2920 /** 2921 * @syscap SystemCapability.Security.Huks.Extension 2922 * @since 8 2923 * @deprecated since 9 2924 */ 2925 HUKS_ERROR_HASH_NOT_EQUAL = -20, 2926 /** 2927 * @syscap SystemCapability.Security.Huks.Extension 2928 * @since 8 2929 * @deprecated since 9 2930 */ 2931 HUKS_ERROR_MALLOC_FAIL = -21, 2932 /** 2933 * @syscap SystemCapability.Security.Huks.Extension 2934 * @since 8 2935 * @deprecated since 9 2936 */ 2937 HUKS_ERROR_WRITE_FILE_FAIL = -22, 2938 /** 2939 * @syscap SystemCapability.Security.Huks.Extension 2940 * @since 8 2941 * @deprecated since 9 2942 */ 2943 HUKS_ERROR_REMOVE_FILE_FAIL = -23, 2944 /** 2945 * @syscap SystemCapability.Security.Huks.Extension 2946 * @since 8 2947 * @deprecated since 9 2948 */ 2949 HUKS_ERROR_OPEN_FILE_FAIL = -24, 2950 /** 2951 * @syscap SystemCapability.Security.Huks.Extension 2952 * @since 8 2953 * @deprecated since 9 2954 */ 2955 HUKS_ERROR_CLOSE_FILE_FAIL = -25, 2956 /** 2957 * @syscap SystemCapability.Security.Huks.Extension 2958 * @since 8 2959 * @deprecated since 9 2960 */ 2961 HUKS_ERROR_MAKE_DIR_FAIL = -26, 2962 /** 2963 * @syscap SystemCapability.Security.Huks.Extension 2964 * @since 8 2965 * @deprecated since 9 2966 */ 2967 HUKS_ERROR_INVALID_KEY_FILE = -27, 2968 /** 2969 * @syscap SystemCapability.Security.Huks.Extension 2970 * @since 8 2971 * @deprecated since 9 2972 */ 2973 HUKS_ERROR_IPC_MSG_FAIL = -28, 2974 /** 2975 * @syscap SystemCapability.Security.Huks.Extension 2976 * @since 8 2977 * @deprecated since 9 2978 */ 2979 HUKS_ERROR_REQUEST_OVERFLOWS = -29, 2980 /** 2981 * @syscap SystemCapability.Security.Huks.Extension 2982 * @since 8 2983 * @deprecated since 9 2984 */ 2985 HUKS_ERROR_PARAM_NOT_EXIST = -30, 2986 /** 2987 * @syscap SystemCapability.Security.Huks.Extension 2988 * @since 8 2989 * @deprecated since 9 2990 */ 2991 HUKS_ERROR_CRYPTO_ENGINE_ERROR = -31, 2992 /** 2993 * @syscap SystemCapability.Security.Huks.Extension 2994 * @since 8 2995 * @deprecated since 9 2996 */ 2997 HUKS_ERROR_COMMUNICATION_TIMEOUT = -32, 2998 /** 2999 * @syscap SystemCapability.Security.Huks.Extension 3000 * @since 8 3001 * @deprecated since 9 3002 */ 3003 HUKS_ERROR_IPC_INIT_FAIL = -33, 3004 /** 3005 * @syscap SystemCapability.Security.Huks.Extension 3006 * @since 8 3007 * @deprecated since 9 3008 */ 3009 HUKS_ERROR_IPC_DLOPEN_FAIL = -34, 3010 /** 3011 * @syscap SystemCapability.Security.Huks.Extension 3012 * @since 8 3013 * @deprecated since 9 3014 */ 3015 HUKS_ERROR_EFUSE_READ_FAIL = -35, 3016 /** 3017 * @syscap SystemCapability.Security.Huks.Extension 3018 * @since 8 3019 * @deprecated since 9 3020 */ 3021 HUKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST = -36, 3022 /** 3023 * @syscap SystemCapability.Security.Huks.Extension 3024 * @since 8 3025 * @deprecated since 9 3026 */ 3027 HUKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL = -37, 3028 /** 3029 * @syscap SystemCapability.Security.Huks.Extension 3030 * @since 8 3031 * @deprecated since 9 3032 */ 3033 HUKS_ERROR_VERIFICATION_FAILED = -38, 3034 /** 3035 * @syscap SystemCapability.Security.Huks.Extension 3036 * @since 8 3037 * @deprecated since 9 3038 */ 3039 HUKS_ERROR_CHECK_GET_ALG_FAIL = -100, 3040 /** 3041 * @syscap SystemCapability.Security.Huks.Extension 3042 * @since 8 3043 * @deprecated since 9 3044 */ 3045 HUKS_ERROR_CHECK_GET_KEY_SIZE_FAIL = -101, 3046 /** 3047 * @syscap SystemCapability.Security.Huks.Extension 3048 * @since 8 3049 * @deprecated since 9 3050 */ 3051 HUKS_ERROR_CHECK_GET_PADDING_FAIL = -102, 3052 /** 3053 * @syscap SystemCapability.Security.Huks.Extension 3054 * @since 8 3055 * @deprecated since 9 3056 */ 3057 HUKS_ERROR_CHECK_GET_PURPOSE_FAIL = -103, 3058 /** 3059 * @syscap SystemCapability.Security.Huks.Extension 3060 * @since 8 3061 * @deprecated since 9 3062 */ 3063 HUKS_ERROR_CHECK_GET_DIGEST_FAIL = -104, 3064 /** 3065 * @syscap SystemCapability.Security.Huks.Extension 3066 * @since 8 3067 * @deprecated since 9 3068 */ 3069 HUKS_ERROR_CHECK_GET_MODE_FAIL = -105, 3070 /** 3071 * @syscap SystemCapability.Security.Huks.Extension 3072 * @since 8 3073 * @deprecated since 9 3074 */ 3075 HUKS_ERROR_CHECK_GET_NONCE_FAIL = -106, 3076 /** 3077 * @syscap SystemCapability.Security.Huks.Extension 3078 * @since 8 3079 * @deprecated since 9 3080 */ 3081 HUKS_ERROR_CHECK_GET_AAD_FAIL = -107, 3082 /** 3083 * @syscap SystemCapability.Security.Huks.Extension 3084 * @since 8 3085 * @deprecated since 9 3086 */ 3087 HUKS_ERROR_CHECK_GET_IV_FAIL = -108, 3088 /** 3089 * @syscap SystemCapability.Security.Huks.Extension 3090 * @since 8 3091 * @deprecated since 9 3092 */ 3093 HUKS_ERROR_CHECK_GET_AE_TAG_FAIL = -109, 3094 /** 3095 * @syscap SystemCapability.Security.Huks.Extension 3096 * @since 8 3097 * @deprecated since 9 3098 */ 3099 HUKS_ERROR_CHECK_GET_SALT_FAIL = -110, 3100 /** 3101 * @syscap SystemCapability.Security.Huks.Extension 3102 * @since 8 3103 * @deprecated since 9 3104 */ 3105 HUKS_ERROR_CHECK_GET_ITERATION_FAIL = -111, 3106 /** 3107 * @syscap SystemCapability.Security.Huks.Extension 3108 * @since 8 3109 * @deprecated since 9 3110 */ 3111 HUKS_ERROR_INVALID_ALGORITHM = -112, 3112 /** 3113 * @syscap SystemCapability.Security.Huks.Extension 3114 * @since 8 3115 * @deprecated since 9 3116 */ 3117 HUKS_ERROR_INVALID_KEY_SIZE = -113, 3118 /** 3119 * @syscap SystemCapability.Security.Huks.Extension 3120 * @since 8 3121 * @deprecated since 9 3122 */ 3123 HUKS_ERROR_INVALID_PADDING = -114, 3124 /** 3125 * @syscap SystemCapability.Security.Huks.Extension 3126 * @since 8 3127 * @deprecated since 9 3128 */ 3129 HUKS_ERROR_INVALID_PURPOSE = -115, 3130 /** 3131 * @syscap SystemCapability.Security.Huks.Extension 3132 * @since 8 3133 * @deprecated since 9 3134 */ 3135 HUKS_ERROR_INVALID_MODE = -116, 3136 /** 3137 * @syscap SystemCapability.Security.Huks.Extension 3138 * @since 8 3139 * @deprecated since 9 3140 */ 3141 HUKS_ERROR_INVALID_DIGEST = -117, 3142 /** 3143 * @syscap SystemCapability.Security.Huks.Extension 3144 * @since 8 3145 * @deprecated since 9 3146 */ 3147 HUKS_ERROR_INVALID_SIGNATURE_SIZE = -118, 3148 /** 3149 * @syscap SystemCapability.Security.Huks.Extension 3150 * @since 8 3151 * @deprecated since 9 3152 */ 3153 HUKS_ERROR_INVALID_IV = -119, 3154 /** 3155 * @syscap SystemCapability.Security.Huks.Extension 3156 * @since 8 3157 * @deprecated since 9 3158 */ 3159 HUKS_ERROR_INVALID_AAD = -120, 3160 /** 3161 * @syscap SystemCapability.Security.Huks.Extension 3162 * @since 8 3163 * @deprecated since 9 3164 */ 3165 HUKS_ERROR_INVALID_NONCE = -121, 3166 /** 3167 * @syscap SystemCapability.Security.Huks.Extension 3168 * @since 8 3169 * @deprecated since 9 3170 */ 3171 HUKS_ERROR_INVALID_AE_TAG = -122, 3172 /** 3173 * @syscap SystemCapability.Security.Huks.Extension 3174 * @since 8 3175 * @deprecated since 9 3176 */ 3177 HUKS_ERROR_INVALID_SALT = -123, 3178 /** 3179 * @syscap SystemCapability.Security.Huks.Extension 3180 * @since 8 3181 * @deprecated since 9 3182 */ 3183 HUKS_ERROR_INVALID_ITERATION = -124, 3184 /** 3185 * @syscap SystemCapability.Security.Huks.Extension 3186 * @since 8 3187 * @deprecated since 9 3188 */ 3189 HUKS_ERROR_INVALID_OPERATION = -125, 3190 /** 3191 * @syscap SystemCapability.Security.Huks.Extension 3192 * @since 8 3193 * @deprecated since 9 3194 */ 3195 HUKS_ERROR_INTERNAL_ERROR = -999, 3196 /** 3197 * @syscap SystemCapability.Security.Huks.Extension 3198 * @since 8 3199 * @deprecated since 9 3200 */ 3201 HUKS_ERROR_UNKNOWN_ERROR = -1000 3202 } 3203 3204 /** 3205 * Enumerates the error codes. 3206 * 3207 * @enum { number } 3208 * @syscap SystemCapability.Security.Huks.Core 3209 * @since 9 3210 */ 3211 /** 3212 * Enumerates the error codes. 3213 * 3214 * @enum { number } 3215 * @syscap SystemCapability.Security.Huks.Core 3216 * @atomicservice 3217 * @since 11 3218 */ 3219 export enum HuksExceptionErrCode { 3220 /** 3221 * Permission verification failed. 3222 * 3223 * @syscap SystemCapability.Security.Huks.Core 3224 * @since 9 3225 */ 3226 /** 3227 * Permission verification failed. 3228 * 3229 * @syscap SystemCapability.Security.Huks.Core 3230 * @atomicservice 3231 * @since 11 3232 */ 3233 HUKS_ERR_CODE_PERMISSION_FAIL = 201, 3234 /** 3235 * The caller is not a system application and cannot call the system API. 3236 * 3237 * @syscap SystemCapability.Security.Huks.Core 3238 * @since 12 3239 */ 3240 HUKS_ERR_CODE_NOT_SYSTEM_APP = 202, 3241 /** 3242 * Invalid parameters are detected. Possible causes: 3243 * 1. Mandatory parameters are left unspecified. 3244 * 2. Incorrect parameter types. 3245 * 3. Parameter verification failed. 3246 * 3247 * @syscap SystemCapability.Security.Huks.Core 3248 * @since 9 3249 */ 3250 /** 3251 * Invalid parameters are detected. Possible causes: 3252 * 1. Mandatory parameters are left unspecified. 3253 * 2. Incorrect parameter types. 3254 * 3. Parameter verification failed. 3255 * 3256 * @syscap SystemCapability.Security.Huks.Core 3257 * @atomicservice 3258 * @since 11 3259 */ 3260 HUKS_ERR_CODE_ILLEGAL_ARGUMENT = 401, 3261 /** 3262 * The API is not supported. 3263 * 3264 * @syscap SystemCapability.Security.Huks.Core 3265 * @since 9 3266 */ 3267 /** 3268 * The API is not supported. 3269 * 3270 * @syscap SystemCapability.Security.Huks.Core 3271 * @atomicservice 3272 * @since 11 3273 */ 3274 HUKS_ERR_CODE_NOT_SUPPORTED_API = 801, 3275 /** 3276 * The feature is not supported. 3277 * 3278 * @syscap SystemCapability.Security.Huks.Core 3279 * @since 9 3280 */ 3281 /** 3282 * The feature is not supported. 3283 * 3284 * @syscap SystemCapability.Security.Huks.Core 3285 * @atomicservice 3286 * @since 11 3287 */ 3288 HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED = 12000001, 3289 /** 3290 * Key algorithm parameters are missing. 3291 * 3292 * @syscap SystemCapability.Security.Huks.Core 3293 * @since 9 3294 */ 3295 /** 3296 * Key algorithm parameters are missing. 3297 * 3298 * @syscap SystemCapability.Security.Huks.Core 3299 * @atomicservice 3300 * @since 11 3301 */ 3302 HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT = 12000002, 3303 /** 3304 * Invalid key algorithm parameters are detected. 3305 * 3306 * @syscap SystemCapability.Security.Huks.Core 3307 * @since 9 3308 */ 3309 /** 3310 * Invalid key algorithm parameters are detected. 3311 * 3312 * @syscap SystemCapability.Security.Huks.Core 3313 * @atomicservice 3314 * @since 11 3315 */ 3316 HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT = 12000003, 3317 /** 3318 * The file operation failed. 3319 * 3320 * @syscap SystemCapability.Security.Huks.Core 3321 * @since 9 3322 */ 3323 /** 3324 * The file operation failed. 3325 * 3326 * @syscap SystemCapability.Security.Huks.Core 3327 * @atomicservice 3328 * @since 11 3329 */ 3330 HUKS_ERR_CODE_FILE_OPERATION_FAIL = 12000004, 3331 /** 3332 * The communication failed. 3333 * 3334 * @syscap SystemCapability.Security.Huks.Core 3335 * @since 9 3336 */ 3337 /** 3338 * The communication failed. 3339 * 3340 * @syscap SystemCapability.Security.Huks.Core 3341 * @atomicservice 3342 * @since 11 3343 */ 3344 HUKS_ERR_CODE_COMMUNICATION_FAIL = 12000005, 3345 /** 3346 * Failed to operate the algorithm library. 3347 * 3348 * @syscap SystemCapability.Security.Huks.Core 3349 * @since 9 3350 */ 3351 /** 3352 * Failed to operate the algorithm library. 3353 * 3354 * @syscap SystemCapability.Security.Huks.Core 3355 * @atomicservice 3356 * @since 11 3357 */ 3358 HUKS_ERR_CODE_CRYPTO_FAIL = 12000006, 3359 /** 3360 * Failed to access the key because the key has expired. 3361 * 3362 * @syscap SystemCapability.Security.Huks.Core 3363 * @since 9 3364 */ 3365 /** 3366 * Failed to access the key because the key has expired. 3367 * 3368 * @syscap SystemCapability.Security.Huks.Core 3369 * @atomicservice 3370 * @since 11 3371 */ 3372 HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED = 12000007, 3373 /** 3374 * Failed to access the key because the authentication has failed. 3375 * 3376 * @syscap SystemCapability.Security.Huks.Core 3377 * @since 9 3378 */ 3379 /** 3380 * Failed to access the key because the authentication has failed. 3381 * 3382 * @syscap SystemCapability.Security.Huks.Core 3383 * @atomicservice 3384 * @since 11 3385 */ 3386 HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED = 12000008, 3387 /** 3388 * Key access timed out. 3389 * 3390 * @syscap SystemCapability.Security.Huks.Core 3391 * @since 9 3392 */ 3393 /** 3394 * Key access timed out. 3395 * 3396 * @syscap SystemCapability.Security.Huks.Core 3397 * @atomicservice 3398 * @since 11 3399 */ 3400 HUKS_ERR_CODE_KEY_AUTH_TIME_OUT = 12000009, 3401 /** 3402 * The number of key operation sessions has reached the limit. 3403 * 3404 * @syscap SystemCapability.Security.Huks.Core 3405 * @since 9 3406 */ 3407 /** 3408 * The number of key operation sessions has reached the limit. 3409 * 3410 * @syscap SystemCapability.Security.Huks.Core 3411 * @atomicservice 3412 * @since 11 3413 */ 3414 HUKS_ERR_CODE_SESSION_LIMIT = 12000010, 3415 /** 3416 * The target object does not exist. 3417 * 3418 * @syscap SystemCapability.Security.Huks.Core 3419 * @since 9 3420 */ 3421 /** 3422 * The target object does not exist. 3423 * 3424 * @syscap SystemCapability.Security.Huks.Core 3425 * @atomicservice 3426 * @since 11 3427 */ 3428 HUKS_ERR_CODE_ITEM_NOT_EXIST = 12000011, 3429 /** 3430 * An external error occurs. 3431 * 3432 * @syscap SystemCapability.Security.Huks.Core 3433 * @since 9 3434 */ 3435 /** 3436 * An external error occurs. 3437 * 3438 * @syscap SystemCapability.Security.Huks.Core 3439 * @atomicservice 3440 * @since 11 3441 */ 3442 HUKS_ERR_CODE_EXTERNAL_ERROR = 12000012, 3443 /** 3444 * The credential does not exist. 3445 * 3446 * @syscap SystemCapability.Security.Huks.Core 3447 * @since 9 3448 */ 3449 /** 3450 * The credential does not exist. 3451 * 3452 * @syscap SystemCapability.Security.Huks.Core 3453 * @atomicservice 3454 * @since 11 3455 */ 3456 HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST = 12000013, 3457 /** 3458 * The memory is insufficient. 3459 * 3460 * @syscap SystemCapability.Security.Huks.Core 3461 * @since 9 3462 */ 3463 /** 3464 * The memory is insufficient. 3465 * 3466 * @syscap SystemCapability.Security.Huks.Core 3467 * @atomicservice 3468 * @since 11 3469 */ 3470 HUKS_ERR_CODE_INSUFFICIENT_MEMORY = 12000014, 3471 /** 3472 * Failed to call other system services. 3473 * 3474 * @syscap SystemCapability.Security.Huks.Core 3475 * @since 9 3476 */ 3477 /** 3478 * Failed to call other system services. 3479 * 3480 * @syscap SystemCapability.Security.Huks.Core 3481 * @atomicservice 3482 * @since 11 3483 */ 3484 HUKS_ERR_CODE_CALL_SERVICE_FAILED = 12000015, 3485 /** 3486 * The required lock screen password is not set. 3487 * 3488 * @syscap SystemCapability.Security.Huks.Extension 3489 * @since 11 3490 */ 3491 /** 3492 * The required lock screen password is not set. 3493 * 3494 * @syscap SystemCapability.Security.Huks.Extension 3495 * @atomicservice 3496 * @since 12 3497 */ 3498 HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET = 12000016, 3499 /** 3500 * The key with same alias is already exist. 3501 * 3502 * @syscap SystemCapability.Security.Huks.Core 3503 * @atomicservice 3504 * @since 20 3505 */ 3506 HUKS_ERR_CODE_KEY_ALREADY_EXIST = 12000017, 3507 /** 3508 * The input parameter is invalid. 3509 * 3510 * @syscap SystemCapability.Security.Huks.Core 3511 * @atomicservice 3512 * @since 20 3513 */ 3514 HUKS_ERR_CODE_INVALID_ARGUMENT = 12000018, 3515 } 3516 3517 /** 3518 * Enumerates the key purposes. 3519 * 3520 * @enum { number } 3521 * @syscap SystemCapability.Security.Huks.Core 3522 * @since 8 3523 */ 3524 /** 3525 * Enumerates the key purposes. 3526 * 3527 * @enum { number } 3528 * @syscap SystemCapability.Security.Huks.Core 3529 * @atomicservice 3530 * @since 11 3531 */ 3532 export enum HuksKeyPurpose { 3533 /** 3534 * Used to encrypt the plaintext. 3535 * 3536 * @syscap SystemCapability.Security.Huks.Core 3537 * @since 8 3538 */ 3539 /** 3540 * Used to encrypt the plaintext. 3541 * 3542 * @syscap SystemCapability.Security.Huks.Core 3543 * @atomicservice 3544 * @since 11 3545 */ 3546 HUKS_KEY_PURPOSE_ENCRYPT = 1, 3547 /** 3548 * Used to decrypt the cipher text. 3549 * 3550 * @syscap SystemCapability.Security.Huks.Core 3551 * @since 8 3552 */ 3553 /** 3554 * Used to decrypt the cipher text. 3555 * 3556 * @syscap SystemCapability.Security.Huks.Core 3557 * @atomicservice 3558 * @since 11 3559 */ 3560 HUKS_KEY_PURPOSE_DECRYPT = 2, 3561 /** 3562 * Used for signing. 3563 * 3564 * @syscap SystemCapability.Security.Huks.Extension 3565 * @since 8 3566 */ 3567 /** 3568 * Used for signing. 3569 * 3570 * @syscap SystemCapability.Security.Huks.Core 3571 * @atomicservice 3572 * @since 12 3573 */ 3574 HUKS_KEY_PURPOSE_SIGN = 4, 3575 /** 3576 * Used to verify the signature. 3577 * 3578 * @syscap SystemCapability.Security.Huks.Extension 3579 * @since 8 3580 */ 3581 /** 3582 * Used to verify the signature. 3583 * 3584 * @syscap SystemCapability.Security.Huks.Core 3585 * @atomicservice 3586 * @since 12 3587 */ 3588 HUKS_KEY_PURPOSE_VERIFY = 8, 3589 /** 3590 * Used to derive a key. 3591 * 3592 * @syscap SystemCapability.Security.Huks.Extension 3593 * @since 8 3594 */ 3595 /** 3596 * Used to derive a key. 3597 * 3598 * @syscap SystemCapability.Security.Huks.Core 3599 * @atomicservice 3600 * @since 12 3601 */ 3602 HUKS_KEY_PURPOSE_DERIVE = 16, 3603 /** 3604 * Used for an encrypted export. 3605 * 3606 * @syscap SystemCapability.Security.Huks.Extension 3607 * @since 8 3608 */ 3609 /** 3610 * Used for an encrypted export. 3611 * 3612 * @syscap SystemCapability.Security.Huks.Core 3613 * @atomicservice 3614 * @since 12 3615 */ 3616 HUKS_KEY_PURPOSE_WRAP = 32, 3617 /** 3618 * Used for an encrypted import. 3619 * 3620 * @syscap SystemCapability.Security.Huks.Extension 3621 * @since 8 3622 */ 3623 /** 3624 * Used for an encrypted import. 3625 * 3626 * @syscap SystemCapability.Security.Huks.Core 3627 * @atomicservice 3628 * @since 12 3629 */ 3630 HUKS_KEY_PURPOSE_UNWRAP = 64, 3631 /** 3632 * Used to generate a message authentication code (MAC). 3633 * 3634 * @syscap SystemCapability.Security.Huks.Extension 3635 * @since 8 3636 */ 3637 /** 3638 * Used to generate a message authentication code (MAC). 3639 * 3640 * @syscap SystemCapability.Security.Huks.Core 3641 * @atomicservice 3642 * @since 12 3643 */ 3644 HUKS_KEY_PURPOSE_MAC = 128, 3645 /** 3646 * Used for key agreement. 3647 * 3648 * @syscap SystemCapability.Security.Huks.Extension 3649 * @since 8 3650 */ 3651 /** 3652 * Used for key agreement. 3653 * 3654 * @syscap SystemCapability.Security.Huks.Core 3655 * @atomicservice 3656 * @since 12 3657 */ 3658 HUKS_KEY_PURPOSE_AGREE = 256 3659 } 3660 3661 /** 3662 * Enumerates the digest algorithms. 3663 * 3664 * @enum { number } 3665 * 3666 * @syscap SystemCapability.Security.Huks.Extension 3667 * @since 8 3668 */ 3669 /** 3670 * Enumerates the digest algorithms. 3671 * 3672 * @enum { number } 3673 * 3674 * @syscap SystemCapability.Security.Huks.Core 3675 * @atomicservice 3676 * @since 12 3677 */ 3678 export enum HuksKeyDigest { 3679 /** 3680 * No digest algorithm. 3681 * 3682 * @syscap SystemCapability.Security.Huks.Extension 3683 * @since 8 3684 */ 3685 /** 3686 * No digest algorithm. 3687 * 3688 * @syscap SystemCapability.Security.Huks.Core 3689 * @atomicservice 3690 * @since 12 3691 */ 3692 HUKS_DIGEST_NONE = 0, 3693 /** 3694 * MD5. 3695 * 3696 * @syscap SystemCapability.Security.Huks.Extension 3697 * @since 8 3698 */ 3699 /** 3700 * MD5. 3701 * 3702 * @syscap SystemCapability.Security.Huks.Core 3703 * @atomicservice 3704 * @since 12 3705 */ 3706 HUKS_DIGEST_MD5 = 1, 3707 /** 3708 * SM3. 3709 * 3710 * @syscap SystemCapability.Security.Huks.Extension 3711 * @since 9 3712 */ 3713 /** 3714 * SM3. 3715 * 3716 * @syscap SystemCapability.Security.Huks.Core 3717 * @atomicservice 3718 * @since 12 3719 */ 3720 HUKS_DIGEST_SM3 = 2, 3721 /** 3722 * SHA-1. 3723 * 3724 * @syscap SystemCapability.Security.Huks.Extension 3725 * @since 8 3726 */ 3727 /** 3728 * SHA-1. 3729 * 3730 * @syscap SystemCapability.Security.Huks.Core 3731 * @atomicservice 3732 * @since 12 3733 */ 3734 HUKS_DIGEST_SHA1 = 10, 3735 /** 3736 * SHA-224. 3737 * 3738 * @syscap SystemCapability.Security.Huks.Extension 3739 * @since 8 3740 */ 3741 /** 3742 * SHA-224. 3743 * 3744 * @syscap SystemCapability.Security.Huks.Core 3745 * @atomicservice 3746 * @since 12 3747 */ 3748 HUKS_DIGEST_SHA224 = 11, 3749 /** 3750 * SHA-256. 3751 * 3752 * @syscap SystemCapability.Security.Huks.Extension 3753 * @since 8 3754 */ 3755 /** 3756 * SHA-256. 3757 * 3758 * @syscap SystemCapability.Security.Huks.Core 3759 * @atomicservice 3760 * @since 12 3761 */ 3762 HUKS_DIGEST_SHA256 = 12, 3763 /** 3764 * SHA-384. 3765 * 3766 * @syscap SystemCapability.Security.Huks.Extension 3767 * @since 8 3768 */ 3769 /** 3770 * SHA-384. 3771 * 3772 * @syscap SystemCapability.Security.Huks.Core 3773 * @atomicservice 3774 * @since 12 3775 */ 3776 HUKS_DIGEST_SHA384 = 13, 3777 /** 3778 * SHA-512. 3779 * 3780 * @syscap SystemCapability.Security.Huks.Extension 3781 * @since 8 3782 */ 3783 /** 3784 * SHA-512. 3785 * 3786 * @syscap SystemCapability.Security.Huks.Core 3787 * @atomicservice 3788 * @since 12 3789 */ 3790 HUKS_DIGEST_SHA512 = 14 3791 } 3792 3793 /** 3794 * Enumerates the padding algorithms. 3795 * 3796 * @enum { number } 3797 * @syscap SystemCapability.Security.Huks.Core 3798 * @since 8 3799 */ 3800 /** 3801 * Enumerates the padding algorithms. 3802 * 3803 * @enum { number } 3804 * @syscap SystemCapability.Security.Huks.Core 3805 * @atomicservice 3806 * @since 11 3807 */ 3808 export enum HuksKeyPadding { 3809 /** 3810 * No padding algorithm is used. 3811 * 3812 * @syscap SystemCapability.Security.Huks.Core 3813 * @since 8 3814 */ 3815 /** 3816 * No padding algorithm is used. 3817 * 3818 * @syscap SystemCapability.Security.Huks.Core 3819 * @atomicservice 3820 * @since 11 3821 */ 3822 HUKS_PADDING_NONE = 0, 3823 /** 3824 * Optimal Asymmetric Encryption Padding (OAEP). 3825 * 3826 * @syscap SystemCapability.Security.Huks.Extension 3827 * @since 8 3828 */ 3829 /** 3830 * Optimal Asymmetric Encryption Padding (OAEP). 3831 * 3832 * @syscap SystemCapability.Security.Huks.Core 3833 * @atomicservice 3834 * @since 12 3835 */ 3836 HUKS_PADDING_OAEP = 1, 3837 /** 3838 * Probabilistic Signature Scheme (PSS). 3839 * 3840 * @syscap SystemCapability.Security.Huks.Extension 3841 * @since 8 3842 */ 3843 /** 3844 * Probabilistic Signature Scheme (PSS). 3845 * 3846 * @syscap SystemCapability.Security.Huks.Core 3847 * @atomicservice 3848 * @since 12 3849 */ 3850 HUKS_PADDING_PSS = 2, 3851 /** 3852 * Public Key Cryptography Standards (PKCS) #1 v1.5. 3853 * 3854 * @syscap SystemCapability.Security.Huks.Extension 3855 * @since 8 3856 */ 3857 /** 3858 * Public Key Cryptography Standards (PKCS) #1 v1.5. 3859 * 3860 * @syscap SystemCapability.Security.Huks.Core 3861 * @atomicservice 3862 * @since 12 3863 */ 3864 HUKS_PADDING_PKCS1_V1_5 = 3, 3865 /** 3866 * PKCS #5. 3867 * 3868 * @syscap SystemCapability.Security.Huks.Extension 3869 * @since 8 3870 */ 3871 /** 3872 * PKCS #5. 3873 * 3874 * @syscap SystemCapability.Security.Huks.Core 3875 * @atomicservice 3876 * @since 12 3877 */ 3878 HUKS_PADDING_PKCS5 = 4, 3879 /** 3880 * PKCS #7. 3881 * 3882 * @syscap SystemCapability.Security.Huks.Core 3883 * @since 8 3884 */ 3885 /** 3886 * PKCS #7. 3887 * 3888 * @syscap SystemCapability.Security.Huks.Core 3889 * @atomicservice 3890 * @since 12 3891 */ 3892 HUKS_PADDING_PKCS7 = 5, 3893 /** 3894 * ISO_IEC_9796_2. 3895 * 3896 * @syscap SystemCapability.Security.Huks.Core 3897 * @atomicservice 3898 * @since 12 3899 */ 3900 HUKS_PADDING_ISO_IEC_9796_2 = 6, 3901 /** 3902 * ISO_IEC_9797_1. 3903 * 3904 * @syscap SystemCapability.Security.Huks.Core 3905 * @atomicservice 3906 * @since 12 3907 */ 3908 HUKS_PADDING_ISO_IEC_9797_1 = 7, 3909 } 3910 3911 /** 3912 * Enumerates the cipher modes. 3913 * 3914 * @enum { number } 3915 * @syscap SystemCapability.Security.Huks.Core 3916 * @since 8 3917 */ 3918 /** 3919 * Enumerates the cipher modes. 3920 * 3921 * @enum { number } 3922 * @syscap SystemCapability.Security.Huks.Core 3923 * @atomicservice 3924 * @since 11 3925 */ 3926 export enum HuksCipherMode { 3927 /** 3928 * Electronic Code Block (ECB) mode. 3929 * 3930 * @syscap SystemCapability.Security.Huks.Core 3931 * @since 8 3932 */ 3933 /** 3934 * Electronic Code Block (ECB) mode. 3935 * 3936 * @syscap SystemCapability.Security.Huks.Core 3937 * @atomicservice 3938 * @since 12 3939 */ 3940 HUKS_MODE_ECB = 1, 3941 /** 3942 * Cipher Block Chaining (CBC) mode. 3943 * 3944 * @syscap SystemCapability.Security.Huks.Core 3945 * @since 8 3946 */ 3947 /** 3948 * Cipher Block Chaining (CBC) mode. 3949 * 3950 * @syscap SystemCapability.Security.Huks.Core 3951 * @atomicservice 3952 * @since 12 3953 */ 3954 HUKS_MODE_CBC = 2, 3955 /** 3956 * Counter (CTR) mode. 3957 * 3958 * @syscap SystemCapability.Security.Huks.Core 3959 * @since 8 3960 */ 3961 /** 3962 * Counter (CTR) mode. 3963 * 3964 * @syscap SystemCapability.Security.Huks.Core 3965 * @atomicservice 3966 * @since 12 3967 */ 3968 HUKS_MODE_CTR = 3, 3969 /** 3970 * Output Feedback (OFB) mode. 3971 * 3972 * @syscap SystemCapability.Security.Huks.Extension 3973 * @since 8 3974 */ 3975 /** 3976 * Output Feedback (OFB) mode. 3977 * 3978 * @syscap SystemCapability.Security.Huks.Core 3979 * @atomicservice 3980 * @since 12 3981 */ 3982 HUKS_MODE_OFB = 4, 3983 /** 3984 * Ciphertext Feedback (CFB) mode. 3985 * 3986 * @syscap SystemCapability.Security.Huks.Core 3987 * @atomicservice 3988 * @since 12 3989 */ 3990 HUKS_MODE_CFB = 5, 3991 /** 3992 * Counter with CBC-MAC (CCM) mode. 3993 * 3994 * @syscap SystemCapability.Security.Huks.Extension 3995 * @since 8 3996 */ 3997 /** 3998 * Counter with CBC-MAC (CCM) mode. 3999 * 4000 * @syscap SystemCapability.Security.Huks.Core 4001 * @atomicservice 4002 * @since 12 4003 */ 4004 HUKS_MODE_CCM = 31, 4005 4006 /** 4007 * Galois/Counter (GCM) mode. 4008 * 4009 * @syscap SystemCapability.Security.Huks.Core 4010 * @since 8 4011 */ 4012 /** 4013 * Galois/Counter (GCM) mode. 4014 * 4015 * @syscap SystemCapability.Security.Huks.Core 4016 * @atomicservice 4017 * @since 11 4018 */ 4019 HUKS_MODE_GCM = 32 4020 } 4021 4022 /** 4023 * Enumerates the key sizes. 4024 * 4025 * @enum { number } 4026 * @syscap SystemCapability.Security.Huks.Core 4027 * @since 8 4028 */ 4029 /** 4030 * Enumerates the key sizes. 4031 * 4032 * @enum { number } 4033 * @syscap SystemCapability.Security.Huks.Core 4034 * @atomicservice 4035 * @since 11 4036 */ 4037 export enum HuksKeySize { 4038 /** 4039 * Rivest-Shamir-Adleman (RSA) key of 512 bits. 4040 * 4041 * @syscap SystemCapability.Security.Huks.Extension 4042 * @since 8 4043 */ 4044 /** 4045 * Rivest-Shamir-Adleman (RSA) key of 512 bits. 4046 * 4047 * @syscap SystemCapability.Security.Huks.Core 4048 * @atomicservice 4049 * @since 12 4050 */ 4051 HUKS_RSA_KEY_SIZE_512 = 512, 4052 /** 4053 * RSA key of 768 bits. 4054 * 4055 * @syscap SystemCapability.Security.Huks.Extension 4056 * @since 8 4057 */ 4058 /** 4059 * RSA key of 768 bits. 4060 * 4061 * @syscap SystemCapability.Security.Huks.Core 4062 * @atomicservice 4063 * @since 12 4064 */ 4065 HUKS_RSA_KEY_SIZE_768 = 768, 4066 /** 4067 * RSA key of 1024 bits. 4068 * 4069 * @syscap SystemCapability.Security.Huks.Extension 4070 * @since 8 4071 */ 4072 /** 4073 * RSA key of 1024 bits. 4074 * @syscap SystemCapability.Security.Huks.Core 4075 * @atomicservice 4076 * @since 12 4077 */ 4078 HUKS_RSA_KEY_SIZE_1024 = 1024, 4079 /** 4080 * RSA key of 2048 bits. 4081 * 4082 * @syscap SystemCapability.Security.Huks.Extension 4083 * @since 8 4084 */ 4085 /** 4086 * RSA key of 2048 bits. 4087 * 4088 * @syscap SystemCapability.Security.Huks.Core 4089 * @atomicservice 4090 * @since 12 4091 */ 4092 HUKS_RSA_KEY_SIZE_2048 = 2048, 4093 /** 4094 * RSA key of 3072 bits. 4095 * 4096 * @syscap SystemCapability.Security.Huks.Extension 4097 * @since 8 4098 */ 4099 /** 4100 * RSA key of 3072 bits. 4101 * 4102 * @syscap SystemCapability.Security.Huks.Core 4103 * @atomicservice 4104 * @since 12 4105 */ 4106 HUKS_RSA_KEY_SIZE_3072 = 3072, 4107 /** 4108 * RSA key of 4096 bits. 4109 * 4110 * @syscap SystemCapability.Security.Huks.Extension 4111 * @since 8 4112 */ 4113 /** 4114 * RSA key of 4096 bits. 4115 * 4116 * @syscap SystemCapability.Security.Huks.Core 4117 * @atomicservice 4118 * @since 12 4119 */ 4120 HUKS_RSA_KEY_SIZE_4096 = 4096, 4121 4122 /** 4123 * Elliptic Curve Cryptography (ECC) key of 224 bits. 4124 * 4125 * @syscap SystemCapability.Security.Huks.Extension 4126 * @since 8 4127 */ 4128 /** 4129 * Elliptic Curve Cryptography (ECC) key of 224 bits. 4130 * 4131 * @syscap SystemCapability.Security.Huks.Core 4132 * @atomicservice 4133 * @since 12 4134 */ 4135 HUKS_ECC_KEY_SIZE_224 = 224, 4136 /** 4137 * ECC key of 256 bits. 4138 * 4139 * @syscap SystemCapability.Security.Huks.Extension 4140 * @since 8 4141 */ 4142 /** 4143 * ECC key of 256 bits. 4144 * 4145 * @syscap SystemCapability.Security.Huks.Core 4146 * @atomicservice 4147 * @since 12 4148 */ 4149 HUKS_ECC_KEY_SIZE_256 = 256, 4150 /** 4151 * ECC key of 384 bits. 4152 * 4153 * @syscap SystemCapability.Security.Huks.Extension 4154 * @since 8 4155 */ 4156 /** 4157 * ECC key of 384 bits. 4158 * 4159 * @syscap SystemCapability.Security.Huks.Core 4160 * @atomicservice 4161 * @since 12 4162 */ 4163 HUKS_ECC_KEY_SIZE_384 = 384, 4164 /** 4165 * ECC key of 521 bits. 4166 * 4167 * @syscap SystemCapability.Security.Huks.Extension 4168 * @since 8 4169 */ 4170 /** 4171 * ECC key of 521 bits. 4172 * 4173 * @syscap SystemCapability.Security.Huks.Core 4174 * @atomicservice 4175 * @since 12 4176 */ 4177 HUKS_ECC_KEY_SIZE_521 = 521, 4178 4179 /** 4180 * Advanced Encryption Standard (AES) key of 128 bits. 4181 * 4182 * @syscap SystemCapability.Security.Huks.Core 4183 * @since 8 4184 */ 4185 /** 4186 * Advanced Encryption Standard (AES) key of 128 bits. 4187 * 4188 * @syscap SystemCapability.Security.Huks.Core 4189 * @atomicservice 4190 * @since 11 4191 */ 4192 HUKS_AES_KEY_SIZE_128 = 128, 4193 /** 4194 * AES key of 192 bits. 4195 * 4196 * @syscap SystemCapability.Security.Huks.Core 4197 * @since 8 4198 */ 4199 /** 4200 * AES key of 192 bits. 4201 * 4202 * @syscap SystemCapability.Security.Huks.Core 4203 * @atomicservice 4204 * @since 11 4205 */ 4206 HUKS_AES_KEY_SIZE_192 = 192, 4207 /** 4208 * AES key of 256 bits. 4209 * 4210 * @syscap SystemCapability.Security.Huks.Core 4211 * @since 8 4212 */ 4213 /** 4214 * AES key of 256 bits. 4215 * 4216 * @syscap SystemCapability.Security.Huks.Core 4217 * @atomicservice 4218 * @since 11 4219 */ 4220 HUKS_AES_KEY_SIZE_256 = 256, 4221 4222 /** 4223 * AES key of 512 bits. 4224 * 4225 * @syscap SystemCapability.Security.Huks.Core 4226 * @since 8 4227 * @deprecated since 11 4228 */ 4229 HUKS_AES_KEY_SIZE_512 = 512, 4230 4231 /** 4232 * Curve25519 key of 256 bits. 4233 * 4234 * @syscap SystemCapability.Security.Huks.Extension 4235 * @since 8 4236 */ 4237 /** 4238 * Curve25519 key of 256 bits. 4239 * 4240 * @syscap SystemCapability.Security.Huks.Core 4241 * @atomicservice 4242 * @since 12 4243 */ 4244 HUKS_CURVE25519_KEY_SIZE_256 = 256, 4245 4246 /** 4247 * Diffie-Hellman (DH) key of 2048 bits. 4248 * 4249 * @syscap SystemCapability.Security.Huks.Extension 4250 * @since 8 4251 */ 4252 /** 4253 * Diffie-Hellman (DH) key of 2048 bits. 4254 * 4255 * @syscap SystemCapability.Security.Huks.Core 4256 * @atomicservice 4257 * @since 12 4258 */ 4259 HUKS_DH_KEY_SIZE_2048 = 2048, 4260 /** 4261 * DH key of 3072 bits. 4262 * 4263 * @syscap SystemCapability.Security.Huks.Extension 4264 * @since 8 4265 */ 4266 /** 4267 * DH key of 3072 bits. 4268 * 4269 * @syscap SystemCapability.Security.Huks.Core 4270 * @atomicservice 4271 * @since 12 4272 */ 4273 HUKS_DH_KEY_SIZE_3072 = 3072, 4274 /** 4275 * DH key of 4096 bits. 4276 * 4277 * @syscap SystemCapability.Security.Huks.Extension 4278 * @since 8 4279 */ 4280 /** 4281 * DH key of 4096 bits. 4282 * 4283 * @syscap SystemCapability.Security.Huks.Core 4284 * @atomicservice 4285 * @since 12 4286 */ 4287 HUKS_DH_KEY_SIZE_4096 = 4096, 4288 4289 /** 4290 * ShangMi2 (SM2) key of 256 bits. 4291 * 4292 * @syscap SystemCapability.Security.Huks.Extension 4293 * @since 9 4294 */ 4295 /** 4296 * ShangMi2 (SM2) key of 256 bits. 4297 * 4298 * @syscap SystemCapability.Security.Huks.Core 4299 * @atomicservice 4300 * @since 12 4301 */ 4302 HUKS_SM2_KEY_SIZE_256 = 256, 4303 /** 4304 * ShangMi4 (SM4) key of 128 bits. 4305 * 4306 * @syscap SystemCapability.Security.Huks.Extension 4307 * @since 9 4308 */ 4309 /** 4310 * ShangMi4 (SM4) key of 128 bits. 4311 * 4312 * @syscap SystemCapability.Security.Huks.Core 4313 * @atomicservice 4314 * @since 12 4315 */ 4316 HUKS_SM4_KEY_SIZE_128 = 128, 4317 /** 4318 * DES key of 64 bits. 4319 * 4320 * @syscap SystemCapability.Security.Huks.Core 4321 * @atomicservice 4322 * @since 12 4323 */ 4324 HUKS_DES_KEY_SIZE_64 = 64, 4325 /** 4326 * 3DES key of 128 bits. 4327 * 4328 * @syscap SystemCapability.Security.Huks.Core 4329 * @atomicservice 4330 * @since 12 4331 */ 4332 HUKS_3DES_KEY_SIZE_128 = 128, 4333 /** 4334 * 3DES key of 192 bits. 4335 * 4336 * @syscap SystemCapability.Security.Huks.Core 4337 * @atomicservice 4338 * @since 12 4339 */ 4340 HUKS_3DES_KEY_SIZE_192 = 192, 4341 } 4342 4343 /** 4344 * Enumerates the key algorithms. 4345 * 4346 * @enum { number } 4347 * @syscap SystemCapability.Security.Huks.Core 4348 * @since 8 4349 */ 4350 /** 4351 * Enumerates the key algorithms. 4352 * 4353 * @enum { number } 4354 * @syscap SystemCapability.Security.Huks.Core 4355 * @atomicservice 4356 * @since 11 4357 */ 4358 export enum HuksKeyAlg { 4359 /** 4360 * RSA. 4361 * 4362 * @syscap SystemCapability.Security.Huks.Extension 4363 * @since 8 4364 */ 4365 /** 4366 * RSA. 4367 * 4368 * @syscap SystemCapability.Security.Huks.Core 4369 * @atomicservice 4370 * @since 12 4371 */ 4372 HUKS_ALG_RSA = 1, 4373 /** 4374 * ECC. 4375 * 4376 * @syscap SystemCapability.Security.Huks.Extension 4377 * @since 8 4378 */ 4379 /** 4380 * ECC. 4381 * 4382 * @syscap SystemCapability.Security.Huks.Core 4383 * @atomicservice 4384 * @since 12 4385 */ 4386 HUKS_ALG_ECC = 2, 4387 /** 4388 * DSA. 4389 * 4390 * @syscap SystemCapability.Security.Huks.Extension 4391 * @since 8 4392 */ 4393 /** 4394 * DSA. 4395 * 4396 * @syscap SystemCapability.Security.Huks.Core 4397 * @atomicservice 4398 * @since 12 4399 */ 4400 HUKS_ALG_DSA = 3, 4401 4402 /** 4403 * AES. 4404 * 4405 * @syscap SystemCapability.Security.Huks.Core 4406 * @since 8 4407 */ 4408 /** 4409 * AES. 4410 * 4411 * @syscap SystemCapability.Security.Huks.Core 4412 * @atomicservice 4413 * @since 11 4414 */ 4415 HUKS_ALG_AES = 20, 4416 /** 4417 * HMAC. 4418 * 4419 * @syscap SystemCapability.Security.Huks.Extension 4420 * @since 8 4421 */ 4422 /** 4423 * HMAC. 4424 * 4425 * @syscap SystemCapability.Security.Huks.Core 4426 * @atomicservice 4427 * @since 12 4428 */ 4429 HUKS_ALG_HMAC = 50, 4430 /** 4431 * HKDF. 4432 * 4433 * @syscap SystemCapability.Security.Huks.Extension 4434 * @since 8 4435 */ 4436 /** 4437 * HKDF. 4438 * 4439 * @syscap SystemCapability.Security.Huks.Core 4440 * @atomicservice 4441 * @since 12 4442 */ 4443 HUKS_ALG_HKDF = 51, 4444 /** 4445 * PBKDF2. 4446 * 4447 * @syscap SystemCapability.Security.Huks.Extension 4448 * @since 8 4449 */ 4450 /** 4451 * PBKDF2. 4452 * 4453 * @syscap SystemCapability.Security.Huks.Core 4454 * @atomicservice 4455 * @since 12 4456 */ 4457 HUKS_ALG_PBKDF2 = 52, 4458 4459 /** 4460 * ECDH. 4461 * 4462 * @syscap SystemCapability.Security.Huks.Extension 4463 * @since 8 4464 */ 4465 /** 4466 * ECDH. 4467 * 4468 * @syscap SystemCapability.Security.Huks.Core 4469 * @atomicservice 4470 * @since 12 4471 */ 4472 HUKS_ALG_ECDH = 100, 4473 /** 4474 * X25519. 4475 * 4476 * @syscap SystemCapability.Security.Huks.Extension 4477 * @since 8 4478 */ 4479 /** 4480 * X25519. 4481 * 4482 * @syscap SystemCapability.Security.Huks.Core 4483 * @atomicservice 4484 * @since 12 4485 */ 4486 HUKS_ALG_X25519 = 101, 4487 /** 4488 * Ed25519. 4489 * 4490 * @syscap SystemCapability.Security.Huks.Extension 4491 * @since 8 4492 */ 4493 /** 4494 * Ed25519. 4495 * 4496 * @syscap SystemCapability.Security.Huks.Core 4497 * @atomicservice 4498 * @since 12 4499 */ 4500 HUKS_ALG_ED25519 = 102, 4501 /** 4502 * DH. 4503 * 4504 * @syscap SystemCapability.Security.Huks.Extension 4505 * @since 8 4506 */ 4507 /** 4508 * DH. 4509 * 4510 * @syscap SystemCapability.Security.Huks.Core 4511 * @atomicservice 4512 * @since 12 4513 */ 4514 HUKS_ALG_DH = 103, 4515 4516 /** 4517 * SM2. 4518 * 4519 * @syscap SystemCapability.Security.Huks.Extension 4520 * @since 9 4521 */ 4522 /** 4523 * SM2. 4524 * 4525 * @syscap SystemCapability.Security.Huks.Core 4526 * @atomicservice 4527 * @since 12 4528 */ 4529 HUKS_ALG_SM2 = 150, 4530 /** 4531 * SM3. 4532 * 4533 * @syscap SystemCapability.Security.Huks.Extension 4534 * @since 9 4535 */ 4536 /** 4537 * SM3. 4538 * 4539 * @syscap SystemCapability.Security.Huks.Core 4540 * @atomicservice 4541 * @since 12 4542 */ 4543 HUKS_ALG_SM3 = 151, 4544 /** 4545 * SM4. 4546 * 4547 * @syscap SystemCapability.Security.Huks.Extension 4548 * @since 9 4549 */ 4550 /** 4551 * SM4. 4552 * 4553 * @syscap SystemCapability.Security.Huks.Core 4554 * @atomicservice 4555 * @since 12 4556 */ 4557 HUKS_ALG_SM4 = 152, 4558 /** 4559 * DES. 4560 * 4561 * @syscap SystemCapability.Security.Huks.Core 4562 * @atomicservice 4563 * @since 12 4564 */ 4565 HUKS_ALG_DES = 160, 4566 /** 4567 * 3DES. 4568 * 4569 * @syscap SystemCapability.Security.Huks.Core 4570 * @atomicservice 4571 * @since 12 4572 */ 4573 HUKS_ALG_3DES = 161, 4574 /** 4575 * CMAC. 4576 * 4577 * @syscap SystemCapability.Security.Huks.Core 4578 * @atomicservice 4579 * @since 12 4580 */ 4581 HUKS_ALG_CMAC = 162 4582 } 4583 4584 /** 4585 * Enumerates the algorithm suites that can be used for importing a key in ciphertext. 4586 * 4587 * @enum { number } 4588 * @syscap SystemCapability.Security.Huks.Extension 4589 * @since 9 4590 */ 4591 /** 4592 * Enumerates the algorithm suites that can be used for importing a key in ciphertext. 4593 * 4594 * @enum { number } 4595 * @syscap SystemCapability.Security.Huks.Core 4596 * @atomicservice 4597 * @since 12 4598 */ 4599 export enum HuksUnwrapSuite { 4600 /** 4601 * Use X25519 for key agreement and then use AES-256 GCM to encrypt the key. 4602 * 4603 * @syscap SystemCapability.Security.Huks.Extension 4604 * @since 9 4605 */ 4606 /** 4607 * Use X25519 for key agreement and then use AES-256 GCM to encrypt the key. 4608 * 4609 * @syscap SystemCapability.Security.Huks.Core 4610 * @atomicservice 4611 * @since 12 4612 */ 4613 HUKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING = 1, 4614 /** 4615 * Use ECDH for key agreement and then use AES-256 GCM to encrypt the key. 4616 * 4617 * @syscap SystemCapability.Security.Huks.Extension 4618 * @since 9 4619 */ 4620 /** 4621 * Use ECDH for key agreement and then use AES-256 GCM to encrypt the key. 4622 * 4623 * @syscap SystemCapability.Security.Huks.Core 4624 * @atomicservice 4625 * @since 12 4626 */ 4627 HUKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING = 2 4628 } 4629 4630 /** 4631 * Enumerates the key generation types. 4632 * 4633 * @enum { number } 4634 * @syscap SystemCapability.Security.Huks.Extension 4635 * @since 8 4636 */ 4637 /** 4638 * Enumerates the key generation types. 4639 * 4640 * @enum { number } 4641 * @syscap SystemCapability.Security.Huks.Core 4642 * @atomicservice 4643 * @since 12 4644 */ 4645 export enum HuksKeyGenerateType { 4646 /** 4647 * Key generated by default. 4648 * 4649 * @syscap SystemCapability.Security.Huks.Extension 4650 * @since 8 4651 */ 4652 /** 4653 * Key generated by default. 4654 * 4655 * @syscap SystemCapability.Security.Huks.Core 4656 * @atomicservice 4657 * @since 12 4658 */ 4659 HUKS_KEY_GENERATE_TYPE_DEFAULT = 0, 4660 /** 4661 * Derived key. 4662 * 4663 * @syscap SystemCapability.Security.Huks.Extension 4664 * @since 8 4665 */ 4666 /** 4667 * Derived key. 4668 * 4669 * @syscap SystemCapability.Security.Huks.Core 4670 * @atomicservice 4671 * @since 12 4672 */ 4673 HUKS_KEY_GENERATE_TYPE_DERIVE = 1, 4674 /** 4675 * Key generated by agreement. 4676 * 4677 * @syscap SystemCapability.Security.Huks.Extension 4678 * @since 8 4679 */ 4680 /** 4681 * Key generated by agreement. 4682 * 4683 * @syscap SystemCapability.Security.Huks.Core 4684 * @atomicservice 4685 * @since 12 4686 */ 4687 HUKS_KEY_GENERATE_TYPE_AGREE = 2 4688 } 4689 4690 /** 4691 * Enumerates the key generation modes. 4692 * 4693 * @enum { number } 4694 * @syscap SystemCapability.Security.Huks.Core 4695 * @since 8 4696 */ 4697 /** 4698 * Enumerates the key generation modes. 4699 * 4700 * @enum { number } 4701 * @syscap SystemCapability.Security.Huks.Core 4702 * @atomicservice 4703 * @since 12 4704 */ 4705 export enum HuksKeyFlag { 4706 /** 4707 * Import a key using an API. 4708 * 4709 * @syscap SystemCapability.Security.Huks.Core 4710 * @since 8 4711 */ 4712 /** 4713 * Import a key using an API. 4714 * 4715 * @syscap SystemCapability.Security.Huks.Core 4716 * @atomicservice 4717 * @since 12 4718 */ 4719 HUKS_KEY_FLAG_IMPORT_KEY = 1, 4720 /** 4721 * Generate a key by using an API. 4722 * 4723 * @syscap SystemCapability.Security.Huks.Core 4724 * @since 8 4725 */ 4726 /** 4727 * Generate a key by using an API. 4728 * 4729 * @syscap SystemCapability.Security.Huks.Core 4730 * @atomicservice 4731 * @since 12 4732 */ 4733 HUKS_KEY_FLAG_GENERATE_KEY = 2, 4734 /** 4735 * Generate a key by using a key agreement API. 4736 * 4737 * @syscap SystemCapability.Security.Huks.Core 4738 * @since 8 4739 */ 4740 /** 4741 * Generate a key by using a key agreement API. 4742 * 4743 * @syscap SystemCapability.Security.Huks.Core 4744 * @atomicservice 4745 * @since 12 4746 */ 4747 HUKS_KEY_FLAG_AGREE_KEY = 3, 4748 /** 4749 * Derive a key by using an API. 4750 * 4751 * @syscap SystemCapability.Security.Huks.Core 4752 * @since 8 4753 */ 4754 /** 4755 * Derive a key by using an API. 4756 * 4757 * @syscap SystemCapability.Security.Huks.Core 4758 * @atomicservice 4759 * @since 12 4760 */ 4761 HUKS_KEY_FLAG_DERIVE_KEY = 4 4762 } 4763 4764 /** 4765 * Enumerates the key storage modes. 4766 * 4767 * @enum { number } 4768 * @syscap SystemCapability.Security.Huks.Core 4769 * @since 8 4770 */ 4771 /** 4772 * Enumerates the key storage modes. 4773 * 4774 * @enum { number } 4775 * @syscap SystemCapability.Security.Huks.Core 4776 * @atomicservice 4777 * @since 12 4778 */ 4779 export enum HuksKeyStorageType { 4780 /** 4781 * The key is managed locally. NOTE: This tag is deprecated since API version 10. No substitute is 4782 * provided because this tag is not used in key management. In key derivation scenarios, use 4783 * HUKS_STORAGE_ONLY_USED_IN_HUKS or HUKS_STORAGE_KEY_EXPORT_ALLOWED. 4784 * 4785 * @syscap SystemCapability.Security.Huks.Core 4786 * @since 8 4787 * @deprecated since 10 4788 */ 4789 HUKS_STORAGE_TEMP = 0, 4790 /** 4791 * The key is managed by the HUKS service. NOTE: This tag is deprecated since API version 10. No 4792 * substitute is provided because this tag is not used in key management. In key derivation scenarios, use 4793 * HUKS_STORAGE_ONLY_USED_IN_HUKS or HUKS_STORAGE_KEY_EXPORT_ALLOWED. 4794 * 4795 * @syscap SystemCapability.Security.Huks.Core 4796 * @since 8 4797 * @deprecated since 10 4798 */ 4799 HUKS_STORAGE_PERSISTENT = 1, 4800 /** 4801 * The key derived from the master key is stored in the HUKS and managed by the HUKS. 4802 * 4803 * @syscap SystemCapability.Security.Huks.Extension 4804 * @since 10 4805 */ 4806 /** 4807 * The key derived from the master key is stored in the HUKS and managed by the HUKS. 4808 * 4809 * @syscap SystemCapability.Security.Huks.Core 4810 * @atomicservice 4811 * @since 12 4812 */ 4813 HUKS_STORAGE_ONLY_USED_IN_HUKS = 2, 4814 /** 4815 * The key derived from the master key is exported to the service, and not managed by the HUKS. 4816 * 4817 * @syscap SystemCapability.Security.Huks.Extension 4818 * @since 10 4819 */ 4820 /** 4821 * The key derived from the master key is exported to the service, and not managed by the HUKS. 4822 * 4823 * @syscap SystemCapability.Security.Huks.Core 4824 * @atomicservice 4825 * @since 12 4826 */ 4827 HUKS_STORAGE_KEY_EXPORT_ALLOWED = 3 4828 } 4829 4830 /** 4831 * Enumerates the types of keys to import. By default, a public key is imported. This field is not 4832 * required when a symmetric key is imported. 4833 * 4834 * @enum { number } 4835 * @syscap SystemCapability.Security.Huks.Extension 4836 * @since 9 4837 */ 4838 /** 4839 * Enumerates the types of keys to import. By default, a public key is imported. This field is not 4840 * required when a symmetric key is imported. 4841 * 4842 * @enum { number } 4843 * @syscap SystemCapability.Security.Huks.Core 4844 * @atomicservice 4845 * @since 12 4846 */ 4847 export enum HuksImportKeyType { 4848 /** 4849 * Public key. 4850 * 4851 * @syscap SystemCapability.Security.Huks.Extension 4852 * @since 9 4853 */ 4854 /** 4855 * Public key. 4856 * 4857 * @syscap SystemCapability.Security.Huks.Core 4858 * @atomicservice 4859 * @since 12 4860 */ 4861 HUKS_KEY_TYPE_PUBLIC_KEY = 0, 4862 /** 4863 * Private key. 4864 * 4865 * @syscap SystemCapability.Security.Huks.Extension 4866 * @since 9 4867 */ 4868 /** 4869 * Private key. 4870 * 4871 * @syscap SystemCapability.Security.Huks.Core 4872 * @atomicservice 4873 * @since 12 4874 */ 4875 HUKS_KEY_TYPE_PRIVATE_KEY = 1, 4876 /** 4877 * Public and private key pair. 4878 * 4879 * @syscap SystemCapability.Security.Huks.Extension 4880 * @since 9 4881 */ 4882 /** 4883 * Public and private key pair. 4884 * 4885 * @syscap SystemCapability.Security.Huks.Core 4886 * @atomicservice 4887 * @since 12 4888 */ 4889 HUKS_KEY_TYPE_KEY_PAIR = 2 4890 } 4891 4892 /** 4893 * Enumerates the salt_len types to set when PSS padding is used in RSA signing or signature 4894 * verification. 4895 * 4896 * @enum { number } 4897 * @syscap SystemCapability.Security.Huks.Extension 4898 * @since 10 4899 */ 4900 /** 4901 * Enumerates the salt_len types to set when PSS padding is used in RSA signing or signature 4902 * verification. 4903 * 4904 * @enum { number } 4905 * @syscap SystemCapability.Security.Huks.Core 4906 * @atomicservice 4907 * @since 12 4908 */ 4909 export enum HuksRsaPssSaltLenType { 4910 /** 4911 * salt_len is set to the digest length. 4912 * 4913 * @syscap SystemCapability.Security.Huks.Extension 4914 * @since 10 4915 */ 4916 /** 4917 * salt_len is set to the digest length. 4918 * 4919 * @syscap SystemCapability.Security.Huks.Core 4920 * @atomicservice 4921 * @since 12 4922 */ 4923 HUKS_RSA_PSS_SALT_LEN_DIGEST = 0, 4924 4925 /** 4926 * salt_len is set to the maximum length. 4927 * 4928 * @syscap SystemCapability.Security.Huks.Extension 4929 * @since 10 4930 */ 4931 /** 4932 * salt_len is set to the maximum length. 4933 * 4934 * @syscap SystemCapability.Security.Huks.Core 4935 * @atomicservice 4936 * @since 12 4937 */ 4938 HUKS_RSA_PSS_SALT_LEN_MAX = 1 4939 } 4940 4941 /** 4942 * Enumerates the user authentication types. 4943 * 4944 * @enum { number } 4945 * @syscap SystemCapability.Security.Huks.Extension 4946 * @since 9 4947 */ 4948 /** 4949 * Enumerates the user authentication types. 4950 * 4951 * @enum { number } 4952 * @syscap SystemCapability.Security.Huks.Extension 4953 * @atomicservice 4954 * @since 12 4955 */ 4956 export enum HuksUserAuthType { 4957 /** 4958 * Fingerprint authentication. 4959 * 4960 * @syscap SystemCapability.Security.Huks.Extension 4961 * @since 9 4962 */ 4963 /** 4964 * Fingerprint authentication. 4965 * 4966 * @syscap SystemCapability.Security.Huks.Extension 4967 * @atomicservice 4968 * @since 12 4969 */ 4970 HUKS_USER_AUTH_TYPE_FINGERPRINT = 1 << 0, 4971 /** 4972 * Facial authentication. 4973 * 4974 * @syscap SystemCapability.Security.Huks.Extension 4975 * @since 9 4976 */ 4977 /** 4978 * Facial authentication. 4979 * 4980 * @syscap SystemCapability.Security.Huks.Extension 4981 * @atomicservice 4982 * @since 12 4983 */ 4984 HUKS_USER_AUTH_TYPE_FACE = 1 << 1, 4985 /** 4986 * PIN authentication. 4987 * 4988 * @syscap SystemCapability.Security.Huks.Extension 4989 * @since 9 4990 */ 4991 /** 4992 * PIN authentication. 4993 * 4994 * @syscap SystemCapability.Security.Huks.Extension 4995 * @atomicservice 4996 * @since 12 4997 */ 4998 HUKS_USER_AUTH_TYPE_PIN = 1 << 2, 4999 /** 5000 * Tui pin auth type. 5001 * 5002 * @syscap SystemCapability.Security.Huks.Extension 5003 * @since 20 5004 */ 5005 HUKS_USER_AUTH_TYPE_TUI_PIN = 1 << 5 5006 } 5007 5008 /** 5009 * Enumerates the access control types. 5010 * 5011 * @enum { number } 5012 * @syscap SystemCapability.Security.Huks.Extension 5013 * @since 9 5014 */ 5015 /** 5016 * Enumerates the access control types. 5017 * 5018 * @enum { number } 5019 * @syscap SystemCapability.Security.Huks.Extension 5020 * @atomicservice 5021 * @since 12 5022 */ 5023 export enum HuksAuthAccessType { 5024 /** 5025 * The key becomes invalid after the password is cleared. 5026 * 5027 * @syscap SystemCapability.Security.Huks.Extension 5028 * @since 9 5029 */ 5030 /** 5031 * The key becomes invalid after the password is cleared. 5032 * 5033 * @syscap SystemCapability.Security.Huks.Extension 5034 * @atomicservice 5035 * @since 12 5036 */ 5037 HUKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD = 1 << 0, 5038 /** 5039 * The key becomes invalid after a new biometric feature is added. 5040 * 5041 * @syscap SystemCapability.Security.Huks.Extension 5042 * @since 9 5043 */ 5044 /** 5045 * The key becomes invalid after a new biometric feature is added. 5046 * 5047 * @syscap SystemCapability.Security.Huks.Extension 5048 * @atomicservice 5049 * @since 12 5050 */ 5051 HUKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL = 1 << 1, 5052 /** 5053 * The key is always valid. 5054 * 5055 * @syscap SystemCapability.Security.Huks.Extension 5056 * @since 11 5057 */ 5058 /** 5059 * The key is always valid. 5060 * 5061 * @syscap SystemCapability.Security.Huks.Extension 5062 * @atomicservice 5063 * @since 12 5064 */ 5065 HUKS_AUTH_ACCESS_ALWAYS_VALID = 1 << 2 5066 } 5067 5068 /** 5069 * Enumerates the user authentication modes. 5070 * 5071 * @enum { number } 5072 * @syscap SystemCapability.Security.Huks.Extension 5073 * @atomicservice 5074 * @since 12 5075 */ 5076 export enum HuksUserAuthMode { 5077 /** 5078 * Local authentication. 5079 * 5080 * @syscap SystemCapability.Security.Huks.Extension 5081 * @atomicservice 5082 * @since 12 5083 */ 5084 HUKS_USER_AUTH_MODE_LOCAL = 0, 5085 /** 5086 * Cross-device collaborative authentication. 5087 * 5088 * @syscap SystemCapability.Security.Huks.Extension 5089 * @atomicservice 5090 * @since 12 5091 */ 5092 HUKS_USER_AUTH_MODE_COAUTH = 1, 5093 } 5094 /** 5095 * Enumerates the storage security levels of a key. 5096 * 5097 * @enum { number } 5098 * @syscap SystemCapability.Security.Huks.Extension 5099 * @since 11 5100 */ 5101 /** 5102 * Enumerates the storage security levels of a key. 5103 * 5104 * @enum { number } 5105 * @syscap SystemCapability.Security.Huks.Core 5106 * @atomicservice 5107 * @since 12 5108 */ 5109 export enum HuksAuthStorageLevel { 5110 /** 5111 * The key can be accessed only after the device is started. 5112 * 5113 * @syscap SystemCapability.Security.Huks.Extension 5114 * @since 11 5115 */ 5116 /** 5117 * The key can be accessed only after the device is started. 5118 * 5119 * @syscap SystemCapability.Security.Huks.Core 5120 * @atomicservice 5121 * @since 12 5122 */ 5123 HUKS_AUTH_STORAGE_LEVEL_DE = 0, 5124 /** 5125 * The key can be accessed only after the first unlock of the device. 5126 * 5127 * @syscap SystemCapability.Security.Huks.Extension 5128 * @since 11 5129 */ 5130 /** 5131 * The key can be accessed only after the first unlock of the device. 5132 * 5133 * @syscap SystemCapability.Security.Huks.Core 5134 * @atomicservice 5135 * @since 12 5136 */ 5137 HUKS_AUTH_STORAGE_LEVEL_CE = 1, 5138 /** 5139 * The key can be accessed only when the device is unlocked. 5140 * 5141 * @syscap SystemCapability.Security.Huks.Extension 5142 * @since 11 5143 */ 5144 /** 5145 * The key can be accessed only when the device is unlocked. 5146 * 5147 * @syscap SystemCapability.Security.Huks.Core 5148 * @atomicservice 5149 * @since 12 5150 */ 5151 HUKS_AUTH_STORAGE_LEVEL_ECE = 2, 5152 } 5153 5154 /** 5155 * Enumerates the types of the challenges generated when a key is used. 5156 * 5157 * @enum { number } 5158 * @syscap SystemCapability.Security.Huks.Extension 5159 * @since 9 5160 */ 5161 /** 5162 * Enumerates the types of the challenges generated when a key is used. 5163 * 5164 * @enum { number } 5165 * @syscap SystemCapability.Security.Huks.Extension 5166 * @atomicservice 5167 * @since 12 5168 */ 5169 export enum HuksChallengeType { 5170 /** 5171 * Normal challenge, which is of 32 bytes by default. 5172 * 5173 * @syscap SystemCapability.Security.Huks.Extension 5174 * @since 9 5175 */ 5176 /** 5177 * Normal challenge, which is of 32 bytes by default. 5178 * 5179 * @syscap SystemCapability.Security.Huks.Extension 5180 * @atomicservice 5181 * @since 12 5182 */ 5183 HUKS_CHALLENGE_TYPE_NORMAL = 0, 5184 /** 5185 * Custom challenge, which supports only one authentication for multiple keys. 5186 * 5187 * @syscap SystemCapability.Security.Huks.Extension 5188 * @since 9 5189 */ 5190 /** 5191 * Custom challenge, which supports only one authentication for multiple keys. 5192 * 5193 * @syscap SystemCapability.Security.Huks.Extension 5194 * @atomicservice 5195 * @since 12 5196 */ 5197 HUKS_CHALLENGE_TYPE_CUSTOM = 1, 5198 /** 5199 * Challenge is not required. 5200 * 5201 * @syscap SystemCapability.Security.Huks.Extension 5202 * @since 9 5203 */ 5204 /** 5205 * Challenge is not required. 5206 * 5207 * @syscap SystemCapability.Security.Huks.Extension 5208 * @atomicservice 5209 * @since 12 5210 */ 5211 HUKS_CHALLENGE_TYPE_NONE = 2 5212 } 5213 5214 /** 5215 * Enumerates the positions of the 8-byte valid value in a custom challenge generated. 5216 * 5217 * @enum { number } 5218 * @syscap SystemCapability.Security.Huks.Extension 5219 * @since 9 5220 */ 5221 /** 5222 * Enumerates the positions of the 8-byte valid value in a custom challenge generated. 5223 * 5224 * @enum { number } 5225 * @syscap SystemCapability.Security.Huks.Extension 5226 * @atomicservice 5227 * @since 12 5228 */ 5229 export enum HuksChallengePosition { 5230 /** 5231 * Bytes 0 to 7. 5232 * 5233 * @syscap SystemCapability.Security.Huks.Extension 5234 * @since 9 5235 */ 5236 /** 5237 * Bytes 0 to 7. 5238 * 5239 * @syscap SystemCapability.Security.Huks.Extension 5240 * @atomicservice 5241 * @since 12 5242 */ 5243 HUKS_CHALLENGE_POS_0 = 0, 5244 /** 5245 * Bytes 8 to 15. 5246 * 5247 * @syscap SystemCapability.Security.Huks.Extension 5248 * @since 9 5249 */ 5250 /** 5251 * Bytes 8 to 15. 5252 * 5253 * @syscap SystemCapability.Security.Huks.Extension 5254 * @atomicservice 5255 * @since 12 5256 */ 5257 HUKS_CHALLENGE_POS_1, 5258 /** 5259 * Bytes 16 to 23. 5260 * 5261 * @syscap SystemCapability.Security.Huks.Extension 5262 * @since 9 5263 */ 5264 /** 5265 * Bytes 16 to 23. 5266 * 5267 * @syscap SystemCapability.Security.Huks.Extension 5268 * @atomicservice 5269 * @since 12 5270 */ 5271 HUKS_CHALLENGE_POS_2, 5272 /** 5273 * Bytes 24 to 31. 5274 * 5275 * @syscap SystemCapability.Security.Huks.Extension 5276 * @since 9 5277 */ 5278 /** 5279 * Bytes 24 to 31. 5280 * 5281 * @syscap SystemCapability.Security.Huks.Extension 5282 * @atomicservice 5283 * @since 12 5284 */ 5285 HUKS_CHALLENGE_POS_3 5286 } 5287 5288 /** 5289 * Enumerates the signature types of the key generated or imported. 5290 * 5291 * @enum { number } 5292 * @syscap SystemCapability.Security.Huks.Extension 5293 * @since 9 5294 */ 5295 /** 5296 * Enumerates the signature types of the key generated or imported. 5297 * 5298 * @enum { number } 5299 * @syscap SystemCapability.Security.Huks.Extension 5300 * @atomicservice 5301 * @since 12 5302 */ 5303 export enum HuksSecureSignType { 5304 /** 5305 * The signature carries authentication information. This field is specified when a key is generated or 5306 * imported. When the key is used for signing, the data will be added with the authentication information and then 5307 * be signed. 5308 * 5309 * @syscap SystemCapability.Security.Huks.Extension 5310 * @since 9 5311 */ 5312 /** 5313 * The signature carries authentication information. This field is specified when a key is generated or 5314 * imported. When the key is used for signing, the data will be added with the authentication information and then 5315 * be signed. 5316 * NOTICE: 5317 * The carried authentication information contains personal identification details. Developers are required 5318 * to clearly state the purpose of use, retention policy, and destruction method of such personal information in 5319 * their privacy statement. 5320 * 5321 * @syscap SystemCapability.Security.Huks.Extension 5322 * @atomicservice 5323 * @since 12 5324 */ 5325 HUKS_SECURE_SIGN_WITH_AUTHINFO = 1 5326 } 5327 5328 /** 5329 * Enumerates the tag transfer modes. 5330 * 5331 * @enum { number } 5332 * @syscap SystemCapability.Security.Huks.Extension 5333 * @since 8 5334 */ 5335 /** 5336 * Enumerates the tag transfer modes. 5337 * 5338 * @enum { number } 5339 * @syscap SystemCapability.Security.Huks.Core 5340 * @atomicservice 5341 * @since 12 5342 */ 5343 export enum HuksSendType { 5344 /** 5345 * The tag is sent asynchronously. 5346 * 5347 * @syscap SystemCapability.Security.Huks.Extension 5348 * @since 8 5349 */ 5350 /** 5351 * The tag is sent asynchronously. 5352 * 5353 * @syscap SystemCapability.Security.Huks.Core 5354 * @atomicservice 5355 * @since 12 5356 */ 5357 HUKS_SEND_TYPE_ASYNC = 0, 5358 /** 5359 * The tag is sent synchronously. 5360 * 5361 * @syscap SystemCapability.Security.Huks.Extension 5362 * @since 8 5363 */ 5364 /** 5365 * The tag is sent synchronously. 5366 * 5367 * @syscap SystemCapability.Security.Huks.Core 5368 * @atomicservice 5369 * @since 12 5370 */ 5371 HUKS_SEND_TYPE_SYNC = 1 5372 } 5373 5374 /** 5375 * Enum for key wrap type 5376 * 5377 * @enum { number } 5378 * @syscap SystemCapability.Security.Huks.Core 5379 * @atomicservice 5380 * @since 20 5381 */ 5382 export enum HuksKeyWrapType { 5383 /** 5384 * The hardware unique key wrap type 5385 * 5386 * @syscap SystemCapability.Security.Huks.Core 5387 * @atomicservice 5388 * @since 20 5389 */ 5390 HUKS_KEY_WRAP_TYPE_HUK_BASED = 2, 5391 } 5392 5393 /** 5394 * Enumerates the tag data types. 5395 * 5396 * @enum { number } 5397 * @syscap SystemCapability.Security.Huks.Core 5398 * @since 8 5399 */ 5400 /** 5401 * Enumerates the tag data types. 5402 * 5403 * @enum { number } 5404 * @syscap SystemCapability.Security.Huks.Core 5405 * @atomicservice 5406 * @since 11 5407 */ 5408 export enum HuksTagType { 5409 /** 5410 * Invalid tag type. 5411 * 5412 * @syscap SystemCapability.Security.Huks.Core 5413 * @since 8 5414 */ 5415 /** 5416 * Invalid tag type. 5417 * 5418 * @syscap SystemCapability.Security.Huks.Core 5419 * @atomicservice 5420 * @since 11 5421 */ 5422 HUKS_TAG_TYPE_INVALID = 0 << 28, 5423 /** 5424 * Number of the int type. 5425 * 5426 * @syscap SystemCapability.Security.Huks.Core 5427 * @since 8 5428 */ 5429 /** 5430 * Number of the int type. 5431 * 5432 * @syscap SystemCapability.Security.Huks.Core 5433 * @atomicservice 5434 * @since 11 5435 */ 5436 HUKS_TAG_TYPE_INT = 1 << 28, 5437 /** 5438 * Number of the uint type. 5439 * 5440 * @syscap SystemCapability.Security.Huks.Core 5441 * @since 8 5442 */ 5443 /** 5444 * Number of the uint type. 5445 * 5446 * @syscap SystemCapability.Security.Huks.Core 5447 * @atomicservice 5448 * @since 11 5449 */ 5450 HUKS_TAG_TYPE_UINT = 2 << 28, 5451 /** 5452 * BigInt. 5453 * 5454 * @syscap SystemCapability.Security.Huks.Core 5455 * @since 8 5456 */ 5457 /** 5458 * BigInt. 5459 * 5460 * @syscap SystemCapability.Security.Huks.Core 5461 * @atomicservice 5462 * @since 11 5463 */ 5464 HUKS_TAG_TYPE_ULONG = 3 << 28, 5465 /** 5466 * Boolean. 5467 * 5468 * @syscap SystemCapability.Security.Huks.Core 5469 * @since 8 5470 */ 5471 /** 5472 * Boolean. 5473 * 5474 * @syscap SystemCapability.Security.Huks.Core 5475 * @atomicservice 5476 * @since 11 5477 */ 5478 HUKS_TAG_TYPE_BOOL = 4 << 28, 5479 /** 5480 * Uint8Array. 5481 * 5482 * @syscap SystemCapability.Security.Huks.Core 5483 * @since 8 5484 */ 5485 /** 5486 * Uint8Array. 5487 * 5488 * @syscap SystemCapability.Security.Huks.Core 5489 * @atomicservice 5490 * @since 11 5491 */ 5492 HUKS_TAG_TYPE_BYTES = 5 << 28 5493 } 5494 5495 /** 5496 * Enumerates the tags used to invoke parameters. 5497 * 5498 * @enum { number } 5499 * @syscap SystemCapability.Security.Huks.Core 5500 * @since 8 5501 */ 5502 /** 5503 * Enumerates the tags used to invoke parameters. 5504 * 5505 * @enum { number } 5506 * @syscap SystemCapability.Security.Huks.Core 5507 * @atomicservice 5508 * @since 11 5509 */ 5510 export enum HuksTag { 5511 /** 5512 * Invalid TAG 5513 * 5514 * @syscap SystemCapability.Security.Huks.Core 5515 * @since 8 5516 * @deprecated since 9 5517 */ 5518 HUKS_TAG_INVALID = HuksTagType.HUKS_TAG_TYPE_INVALID | 0, 5519 5520 /* Base algorithm TAG: 1 - 200 */ 5521 /** 5522 * Algorithm. 5523 * 5524 * @syscap SystemCapability.Security.Huks.Core 5525 * @since 8 5526 */ 5527 /** 5528 * Algorithm. 5529 * 5530 * @syscap SystemCapability.Security.Huks.Core 5531 * @atomicservice 5532 * @since 11 5533 */ 5534 HUKS_TAG_ALGORITHM = HuksTagType.HUKS_TAG_TYPE_UINT | 1, 5535 /** 5536 * Purpose of the key. 5537 * 5538 * @syscap SystemCapability.Security.Huks.Core 5539 * @since 8 5540 */ 5541 /** 5542 * Purpose of the key. 5543 * 5544 * @syscap SystemCapability.Security.Huks.Core 5545 * @atomicservice 5546 * @since 11 5547 */ 5548 HUKS_TAG_PURPOSE = HuksTagType.HUKS_TAG_TYPE_UINT | 2, 5549 /** 5550 * Key size. 5551 * 5552 * @syscap SystemCapability.Security.Huks.Core 5553 * @since 8 5554 */ 5555 /** 5556 * Key size. 5557 * 5558 * @syscap SystemCapability.Security.Huks.Core 5559 * @atomicservice 5560 * @since 11 5561 */ 5562 HUKS_TAG_KEY_SIZE = HuksTagType.HUKS_TAG_TYPE_UINT | 3, 5563 5564 /** 5565 * Digest algorithm. 5566 * 5567 * @syscap SystemCapability.Security.Huks.Extension 5568 * @since 8 5569 */ 5570 /** 5571 * Digest algorithm. 5572 * 5573 * @syscap SystemCapability.Security.Huks.Core 5574 * @atomicservice 5575 * @since 12 5576 */ 5577 HUKS_TAG_DIGEST = HuksTagType.HUKS_TAG_TYPE_UINT | 4, 5578 /** 5579 * Padding mode. 5580 * 5581 * @syscap SystemCapability.Security.Huks.Core 5582 * @since 8 5583 */ 5584 /** 5585 * Padding mode. 5586 * 5587 * @syscap SystemCapability.Security.Huks.Core 5588 * @atomicservice 5589 * @since 11 5590 */ 5591 HUKS_TAG_PADDING = HuksTagType.HUKS_TAG_TYPE_UINT | 5, 5592 /** 5593 * Cipher mode. 5594 * 5595 * @syscap SystemCapability.Security.Huks.Core 5596 * @since 8 5597 */ 5598 /** 5599 * Cipher mode. 5600 * 5601 * @syscap SystemCapability.Security.Huks.Core 5602 * @atomicservice 5603 * @since 11 5604 */ 5605 HUKS_TAG_BLOCK_MODE = HuksTagType.HUKS_TAG_TYPE_UINT | 6, 5606 /** 5607 * Key type. 5608 * 5609 * @syscap SystemCapability.Security.Huks.Core 5610 * @since 8 5611 */ 5612 /** 5613 * Key type. 5614 * 5615 * @syscap SystemCapability.Security.Huks.Core 5616 * @atomicservice 5617 * @since 12 5618 */ 5619 HUKS_TAG_KEY_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 7, 5620 /** 5621 * Associated authentication data. 5622 * 5623 * @syscap SystemCapability.Security.Huks.Core 5624 * @since 8 5625 */ 5626 /** 5627 * Associated authentication data. 5628 * 5629 * @syscap SystemCapability.Security.Huks.Core 5630 * @atomicservice 5631 * @since 11 5632 */ 5633 HUKS_TAG_ASSOCIATED_DATA = HuksTagType.HUKS_TAG_TYPE_BYTES | 8, 5634 5635 /** 5636 * Nonce for key encryption and decryption. 5637 * 5638 * @syscap SystemCapability.Security.Huks.Core 5639 * @since 8 5640 */ 5641 /** 5642 * Nonce for key encryption and decryption. 5643 * 5644 * @syscap SystemCapability.Security.Huks.Core 5645 * @atomicservice 5646 * @since 11 5647 */ 5648 HUKS_TAG_NONCE = HuksTagType.HUKS_TAG_TYPE_BYTES | 9, 5649 /** 5650 * IV. 5651 * 5652 * @syscap SystemCapability.Security.Huks.Core 5653 * @since 8 5654 */ 5655 /** 5656 * IV. 5657 * 5658 * @syscap SystemCapability.Security.Huks.Core 5659 * @atomicservice 5660 * @since 12 5661 */ 5662 HUKS_TAG_IV = HuksTagType.HUKS_TAG_TYPE_BYTES | 10, 5663 5664 /** 5665 * Information generated during key derivation. 5666 * 5667 * @syscap SystemCapability.Security.Huks.Core 5668 * @since 8 5669 */ 5670 /** 5671 * Information generated during key derivation. 5672 * 5673 * @syscap SystemCapability.Security.Huks.Core 5674 * @atomicservice 5675 * @since 12 5676 */ 5677 HUKS_TAG_INFO = HuksTagType.HUKS_TAG_TYPE_BYTES | 11, 5678 /** 5679 * Salt value used for key derivation. 5680 * 5681 * @syscap SystemCapability.Security.Huks.Extension 5682 * @since 8 5683 */ 5684 /** 5685 * Salt value used for key derivation. 5686 * 5687 * @syscap SystemCapability.Security.Huks.Core 5688 * @atomicservice 5689 * @since 12 5690 */ 5691 HUKS_TAG_SALT = HuksTagType.HUKS_TAG_TYPE_BYTES | 12, 5692 /** 5693 * @syscap SystemCapability.Security.Huks.Core 5694 * @since 8 5695 * @deprecated since 9 5696 */ 5697 HUKS_TAG_PWD = HuksTagType.HUKS_TAG_TYPE_BYTES | 13, 5698 /** 5699 * Number of iterations for key derivation. 5700 * 5701 * @syscap SystemCapability.Security.Huks.Extension 5702 * @since 8 5703 */ 5704 /** 5705 * Number of iterations for key derivation. 5706 * 5707 * @syscap SystemCapability.Security.Huks.Core 5708 * @atomicservice 5709 * @since 12 5710 */ 5711 HUKS_TAG_ITERATION = HuksTagType.HUKS_TAG_TYPE_UINT | 14, 5712 5713 /** 5714 * Key generation type. 5715 * 5716 * @syscap SystemCapability.Security.Huks.Core 5717 * @since 8 5718 */ 5719 /** 5720 * Key generation type. 5721 * 5722 * @syscap SystemCapability.Security.Huks.Core 5723 * @atomicservice 5724 * @since 12 5725 */ 5726 HUKS_TAG_KEY_GENERATE_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 15, 5727 5728 /** 5729 * @syscap SystemCapability.Security.Huks.Extension 5730 * @since 8 5731 * @deprecated since 9 5732 */ 5733 HUKS_TAG_DERIVE_MAIN_KEY = HuksTagType.HUKS_TAG_TYPE_BYTES | 16, 5734 /** 5735 * @syscap SystemCapability.Security.Huks.Extension 5736 * @since 8 5737 * @deprecated since 9 5738 */ 5739 HUKS_TAG_DERIVE_FACTOR = HuksTagType.HUKS_TAG_TYPE_BYTES | 17, 5740 /** 5741 * @syscap SystemCapability.Security.Huks.Extension 5742 * @since 8 5743 * @deprecated since 9 5744 */ 5745 HUKS_TAG_DERIVE_ALG = HuksTagType.HUKS_TAG_TYPE_UINT | 18, 5746 /** 5747 * Type of the algorithm used for key agreement. 5748 * 5749 * @syscap SystemCapability.Security.Huks.Extension 5750 * @since 8 5751 */ 5752 /** 5753 * Type of the algorithm used for key agreement. 5754 * 5755 * @syscap SystemCapability.Security.Huks.Core 5756 * @atomicservice 5757 * @since 12 5758 */ 5759 HUKS_TAG_AGREE_ALG = HuksTagType.HUKS_TAG_TYPE_UINT | 19, 5760 /** 5761 * Public key alias used in key agreement. 5762 * 5763 * @syscap SystemCapability.Security.Huks.Extension 5764 * @since 8 5765 */ 5766 /** 5767 * Public key alias used in key agreement. 5768 * 5769 * @syscap SystemCapability.Security.Huks.Core 5770 * @atomicservice 5771 * @since 12 5772 */ 5773 HUKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS = HuksTagType.HUKS_TAG_TYPE_BOOL | 20, 5774 /** 5775 * Private key alias used in key agreement. 5776 * 5777 * @syscap SystemCapability.Security.Huks.Extension 5778 * @since 8 5779 */ 5780 /** 5781 * Private key alias used in key agreement. 5782 * 5783 * @syscap SystemCapability.Security.Huks.Core 5784 * @atomicservice 5785 * @since 12 5786 */ 5787 HUKS_TAG_AGREE_PRIVATE_KEY_ALIAS = HuksTagType.HUKS_TAG_TYPE_BYTES | 21, 5788 /** 5789 * Public key used in key agreement. 5790 * 5791 * @syscap SystemCapability.Security.Huks.Extension 5792 * @since 8 5793 */ 5794 /** 5795 * Public key used in key agreement. 5796 * 5797 * @syscap SystemCapability.Security.Huks.Core 5798 * @atomicservice 5799 * @since 12 5800 */ 5801 HUKS_TAG_AGREE_PUBLIC_KEY = HuksTagType.HUKS_TAG_TYPE_BYTES | 22, 5802 /** 5803 * Key alias. 5804 * 5805 * @syscap SystemCapability.Security.Huks.Core 5806 * @since 8 5807 */ 5808 /** 5809 * Key alias. 5810 * 5811 * @syscap SystemCapability.Security.Huks.Core 5812 * @atomicservice 5813 * @since 11 5814 */ 5815 HUKS_TAG_KEY_ALIAS = HuksTagType.HUKS_TAG_TYPE_BYTES | 23, 5816 /** 5817 * Size of the derived key. 5818 * 5819 * @syscap SystemCapability.Security.Huks.Extension 5820 * @since 8 5821 */ 5822 /** 5823 * Size of the derived key. 5824 * 5825 * @syscap SystemCapability.Security.Huks.Core 5826 * @atomicservice 5827 * @since 12 5828 */ 5829 HUKS_TAG_DERIVE_KEY_SIZE = HuksTagType.HUKS_TAG_TYPE_UINT | 24, 5830 5831 /** 5832 * Type of the imported key. 5833 * 5834 * @syscap SystemCapability.Security.Huks.Extension 5835 * @since 9 5836 */ 5837 /** 5838 * Type of the imported key. 5839 * 5840 * @syscap SystemCapability.Security.Huks.Core 5841 * @atomicservice 5842 * @since 12 5843 */ 5844 HUKS_TAG_IMPORT_KEY_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 25, 5845 5846 /** 5847 * Algorithm suite required for encrypted imports. 5848 * 5849 * @syscap SystemCapability.Security.Huks.Extension 5850 * @since 9 5851 */ 5852 /** 5853 * Algorithm suite required for encrypted imports. 5854 * 5855 * @syscap SystemCapability.Security.Huks.Core 5856 * @atomicservice 5857 * @since 12 5858 */ 5859 HUKS_TAG_UNWRAP_ALGORITHM_SUITE = HuksTagType.HUKS_TAG_TYPE_UINT | 26, 5860 5861 /** 5862 * Storage type of the derived key or agreed key. 5863 * 5864 * @syscap SystemCapability.Security.Huks.Extension 5865 * @since 10 5866 */ 5867 /** 5868 * Storage type of the derived key or agreed key. 5869 * 5870 * @syscap SystemCapability.Security.Huks.Core 5871 * @atomicservice 5872 * @since 12 5873 */ 5874 HUKS_TAG_DERIVED_AGREED_KEY_STORAGE_FLAG = HuksTagType.HUKS_TAG_TYPE_UINT | 29, 5875 5876 /** 5877 * Type of the rsa_pss_salt_length. 5878 * 5879 * @syscap SystemCapability.Security.Huks.Extension 5880 * @since 10 5881 */ 5882 /** 5883 * Type of the rsa_pss_salt_length. 5884 * 5885 * @syscap SystemCapability.Security.Huks.Core 5886 * @atomicservice 5887 * @since 12 5888 */ 5889 HUKS_TAG_RSA_PSS_SALT_LEN_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 30, 5890 5891 /* 5892 * Key authentication related TAG: 201 - 300 5893 * 5894 * Start of validity 5895 */ 5896 /** 5897 * @syscap SystemCapability.Security.Huks.Extension 5898 * @since 8 5899 * @deprecated since 9 5900 */ 5901 HUKS_TAG_ACTIVE_DATETIME = HuksTagType.HUKS_TAG_TYPE_ULONG | 201, 5902 /** 5903 * Date when new "messages" should not be created. 5904 * 5905 * @syscap SystemCapability.Security.Huks.Core 5906 * @since 8 5907 * @deprecated since 9 5908 */ 5909 HUKS_TAG_ORIGINATION_EXPIRE_DATETIME = HuksTagType.HUKS_TAG_TYPE_ULONG | 202, 5910 /** 5911 * Date when existing "messages" should not be used. 5912 * 5913 * @syscap SystemCapability.Security.Huks.Core 5914 * @since 8 5915 * @deprecated since 9 5916 */ 5917 HUKS_TAG_USAGE_EXPIRE_DATETIME = HuksTagType.HUKS_TAG_TYPE_ULONG | 203, 5918 /** 5919 * Key creation time. 5920 * 5921 * @syscap SystemCapability.Security.Huks.Core 5922 * @since 8 5923 * @deprecated since 9 5924 */ 5925 HUKS_TAG_CREATION_DATETIME = HuksTagType.HUKS_TAG_TYPE_ULONG | 204, 5926 5927 /* Other authentication related TAG: 301 - 500 */ 5928 /** 5929 * Reserved. 5930 * 5931 * @syscap SystemCapability.Security.Huks.Extension 5932 * @since 8 5933 */ 5934 /** 5935 * Reserved. 5936 * 5937 * @syscap SystemCapability.Security.Huks.Core 5938 * @atomicservice 5939 * @since 12 5940 */ 5941 HUKS_TAG_ALL_USERS = HuksTagType.HUKS_TAG_TYPE_BOOL | 301, 5942 /** 5943 * ID of the user to which the key belongs. 5944 * 5945 * @syscap SystemCapability.Security.Huks.Extension 5946 * @since 8 5947 */ 5948 /** 5949 * ID of the user to which the key belongs. 5950 * 5951 * @syscap SystemCapability.Security.Huks.Core 5952 * @atomicservice 5953 * @since 12 5954 */ 5955 HUKS_TAG_USER_ID = HuksTagType.HUKS_TAG_TYPE_UINT | 302, 5956 /** 5957 * Reserved. 5958 * 5959 * @syscap SystemCapability.Security.Huks.Extension 5960 * @since 8 5961 */ 5962 /** 5963 * Reserved. 5964 * 5965 * @syscap SystemCapability.Security.Huks.Core 5966 * @atomicservice 5967 * @since 12 5968 */ 5969 HUKS_TAG_NO_AUTH_REQUIRED = HuksTagType.HUKS_TAG_TYPE_BOOL | 303, 5970 /** 5971 * User authentication type. For details, see HuksUserAuthType. This parameter must be set together with 5972 * HuksAuthAccessType. You can set a maximum of two user authentication types at a time. For example, if 5973 * HuksAuthAccessType is HUKS_SECURE_ACCESS_INVALID_NEW_BIO_ENROLL, you can set the user authentication type to 5974 * HUKS_USER_AUTH_TYPE_FACE, HUKS_USER_AUTH_TYPE_FINGERPRINT or 5975 * HUKS_USER_AUTH_TYPE_FACE | HUKS_USER_AUTH_TYPE_FINGERPRINT. 5976 * 5977 * @syscap SystemCapability.Security.Huks.Extension 5978 * @since 8 5979 */ 5980 /** 5981 * User authentication type. For details, see HuksUserAuthType. This parameter must be set together with 5982 * HuksAuthAccessType. You can set a maximum of two user authentication types at a time. For example, if 5983 * HuksAuthAccessType is HUKS_SECURE_ACCESS_INVALID_NEW_BIO_ENROLL, you can set the user authentication type to 5984 * HUKS_USER_AUTH_TYPE_FACE, HUKS_USER_AUTH_TYPE_FINGERPRINT or 5985 * HUKS_USER_AUTH_TYPE_FACE | HUKS_USER_AUTH_TYPE_FINGERPRINT. 5986 * 5987 * @syscap SystemCapability.Security.Huks.Extension 5988 * @atomicservice 5989 * @since 12 5990 */ 5991 HUKS_TAG_USER_AUTH_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 304, 5992 /** 5993 * One-time validity period of the authentication token. 5994 * 5995 * @syscap SystemCapability.Security.Huks.Extension 5996 * @since 8 5997 */ 5998 /** 5999 * One-time validity period of the authentication token. 6000 * 6001 * @syscap SystemCapability.Security.Huks.Extension 6002 * @atomicservice 6003 * @since 12 6004 */ 6005 HUKS_TAG_AUTH_TIMEOUT = HuksTagType.HUKS_TAG_TYPE_UINT | 305, 6006 /** 6007 * Authentication token. 6008 * 6009 * @syscap SystemCapability.Security.Huks.Extension 6010 * @since 8 6011 */ 6012 /** 6013 * Authentication token. 6014 * 6015 * @syscap SystemCapability.Security.Huks.Extension 6016 * @atomicservice 6017 * @since 12 6018 */ 6019 HUKS_TAG_AUTH_TOKEN = HuksTagType.HUKS_TAG_TYPE_BYTES | 306, 6020 6021 /* Key secure access control and user auth TAG */ 6022 /** 6023 * Access control type. For details, see HuksAuthAccessType. This parameter must be set together with 6024 * HuksUserAuthType. 6025 * 6026 * @syscap SystemCapability.Security.Huks.Extension 6027 * @since 9 6028 */ 6029 /** 6030 * Access control type. For details, see HuksAuthAccessType. This parameter must be set together with 6031 * HuksUserAuthType. 6032 * 6033 * @syscap SystemCapability.Security.Huks.Extension 6034 * @atomicservice 6035 * @since 12 6036 */ 6037 HUKS_TAG_KEY_AUTH_ACCESS_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 307, 6038 6039 /** 6040 * Signature type of the key generated or imported. 6041 * 6042 * @syscap SystemCapability.Security.Huks.Extension 6043 * @since 9 6044 */ 6045 /** 6046 * Signature type of the key generated or imported. 6047 * 6048 * @syscap SystemCapability.Security.Huks.Extension 6049 * @atomicservice 6050 * @since 12 6051 */ 6052 HUKS_TAG_KEY_SECURE_SIGN_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 308, 6053 6054 /** 6055 * Type of the challenge generated for a key. For details, see HuksChallengeType. 6056 * 6057 * @syscap SystemCapability.Security.Huks.Extension 6058 * @since 9 6059 */ 6060 /** 6061 * Type of the challenge generated for a key. For details, see HuksChallengeType. 6062 * 6063 * @syscap SystemCapability.Security.Huks.Extension 6064 * @atomicservice 6065 * @since 12 6066 */ 6067 HUKS_TAG_CHALLENGE_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 309, 6068 6069 /** 6070 * Position of the 8-byte valid value in a custom challenge. For details, see HuksChallengePosition. 6071 * 6072 * @syscap SystemCapability.Security.Huks.Extension 6073 * @since 9 6074 */ 6075 /** 6076 * Position of the 8-byte valid value in a custom challenge. For details, see HuksChallengePosition. 6077 * 6078 * @syscap SystemCapability.Security.Huks.Extension 6079 * @atomicservice 6080 * @since 12 6081 */ 6082 HUKS_TAG_CHALLENGE_POS = HuksTagType.HUKS_TAG_TYPE_UINT | 310, 6083 6084 /** 6085 * Key authentication purpose. 6086 * 6087 * @syscap SystemCapability.Security.Huks.Extension 6088 * @since 10 6089 */ 6090 /** 6091 * Key authentication purpose. 6092 * 6093 * @syscap SystemCapability.Security.Huks.Extension 6094 * @atomicservice 6095 * @since 12 6096 */ 6097 HUKS_TAG_KEY_AUTH_PURPOSE = HuksTagType.HUKS_TAG_TYPE_UINT | 311, 6098 6099 /** 6100 * Key storage security level, which is a value of HuksAuthStorageLevel. 6101 * 6102 * @syscap SystemCapability.Security.Huks.Extension 6103 * @since 11 6104 */ 6105 /** 6106 * Key storage security level, which is a value of HuksAuthStorageLevel. 6107 * 6108 * @syscap SystemCapability.Security.Huks.Extension 6109 * @atomicservice 6110 * @since 12 6111 */ 6112 HUKS_TAG_AUTH_STORAGE_LEVEL = HuksTagType.HUKS_TAG_TYPE_UINT | 316, 6113 6114 /** 6115 * User authentication mode, which is a value of HuksUserAuthMode. 6116 * 6117 * @syscap SystemCapability.Security.Huks.Extension 6118 * @atomicservice 6119 * @since 12 6120 */ 6121 HUKS_TAG_USER_AUTH_MODE = HuksTagType.HUKS_TAG_TYPE_UINT | 319, 6122 6123 /* Attestation related TAG: 501 - 600 */ 6124 /** 6125 * Challenge value used in the attestation. 6126 * 6127 * @syscap SystemCapability.Security.Huks.Extension 6128 * @since 8 6129 */ 6130 /** 6131 * Challenge value used in the attestation. 6132 * 6133 * @syscap SystemCapability.Security.Huks.Extension 6134 * @atomicservice 6135 * @since 12 6136 */ 6137 HUKS_TAG_ATTESTATION_CHALLENGE = HuksTagType.HUKS_TAG_TYPE_BYTES | 501, 6138 /** 6139 * Application ID used in the attestation. 6140 * 6141 * @syscap SystemCapability.Security.Huks.Extension 6142 * @since 8 6143 */ 6144 /** 6145 * Application ID used in the attestation. 6146 * 6147 * @syscap SystemCapability.Security.Huks.Extension 6148 * @atomicservice 6149 * @since 12 6150 */ 6151 HUKS_TAG_ATTESTATION_APPLICATION_ID = HuksTagType.HUKS_TAG_TYPE_BYTES | 502, 6152 /** 6153 * @syscap SystemCapability.Security.Huks.Extension 6154 * @since 8 6155 * @deprecated since 9 6156 */ 6157 HUKS_TAG_ATTESTATION_ID_BRAND = HuksTagType.HUKS_TAG_TYPE_BYTES | 503, 6158 /** 6159 * @syscap SystemCapability.Security.Huks.Extension 6160 * @since 8 6161 * @deprecated since 9 6162 */ 6163 HUKS_TAG_ATTESTATION_ID_DEVICE = HuksTagType.HUKS_TAG_TYPE_BYTES | 504, 6164 /** 6165 * @syscap SystemCapability.Security.Huks.Extension 6166 * @since 8 6167 * @deprecated since 9 6168 */ 6169 HUKS_TAG_ATTESTATION_ID_PRODUCT = HuksTagType.HUKS_TAG_TYPE_BYTES | 505, 6170 /** 6171 * @syscap SystemCapability.Security.Huks.Extension 6172 * @since 8 6173 * @deprecated since 9 6174 */ 6175 HUKS_TAG_ATTESTATION_ID_SERIAL = HuksTagType.HUKS_TAG_TYPE_BYTES | 506, 6176 /** 6177 * @syscap SystemCapability.Security.Huks.Extension 6178 * @since 8 6179 * @deprecated since 9 6180 */ 6181 HUKS_TAG_ATTESTATION_ID_IMEI = HuksTagType.HUKS_TAG_TYPE_BYTES | 507, 6182 /** 6183 * @syscap SystemCapability.Security.Huks.Extension 6184 * @since 8 6185 * @deprecated since 9 6186 */ 6187 HUKS_TAG_ATTESTATION_ID_MEID = HuksTagType.HUKS_TAG_TYPE_BYTES | 508, 6188 /** 6189 * @syscap SystemCapability.Security.Huks.Extension 6190 * @since 8 6191 * @deprecated since 9 6192 */ 6193 HUKS_TAG_ATTESTATION_ID_MANUFACTURER = HuksTagType.HUKS_TAG_TYPE_BYTES | 509, 6194 /** 6195 * @syscap SystemCapability.Security.Huks.Extension 6196 * @since 8 6197 * @deprecated since 9 6198 */ 6199 HUKS_TAG_ATTESTATION_ID_MODEL = HuksTagType.HUKS_TAG_TYPE_BYTES | 510, 6200 /** 6201 * Key alias used in the attestation. 6202 * 6203 * @syscap SystemCapability.Security.Huks.Extension 6204 * @since 8 6205 */ 6206 /** 6207 * Key alias used in the attestation. 6208 * 6209 * @syscap SystemCapability.Security.Huks.Extension 6210 * @atomicservice 6211 * @since 12 6212 */ 6213 HUKS_TAG_ATTESTATION_ID_ALIAS = HuksTagType.HUKS_TAG_TYPE_BYTES | 511, 6214 /** 6215 * @syscap SystemCapability.Security.Huks.Extension 6216 * @since 8 6217 * @deprecated since 9 6218 */ 6219 HUKS_TAG_ATTESTATION_ID_SOCID = HuksTagType.HUKS_TAG_TYPE_BYTES | 512, 6220 /** 6221 * @syscap SystemCapability.Security.Huks.Extension 6222 * @since 8 6223 * @deprecated since 9 6224 */ 6225 HUKS_TAG_ATTESTATION_ID_UDID = HuksTagType.HUKS_TAG_TYPE_BYTES | 513, 6226 /** 6227 * Security level used in the attestation. 6228 * 6229 * @syscap SystemCapability.Security.Huks.Extension 6230 * @since 8 6231 */ 6232 /** 6233 * Security level used in the attestation. 6234 * 6235 * @syscap SystemCapability.Security.Huks.Extension 6236 * @atomicservice 6237 * @since 12 6238 */ 6239 HUKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO = HuksTagType.HUKS_TAG_TYPE_BYTES | 514, 6240 /** 6241 * Version information used in the attestation. 6242 * 6243 * @syscap SystemCapability.Security.Huks.Extension 6244 * @since 8 6245 */ 6246 /** 6247 * Version information used in the attestation. 6248 * 6249 * @syscap SystemCapability.Security.Huks.Extension 6250 * @atomicservice 6251 * @since 12 6252 */ 6253 HUKS_TAG_ATTESTATION_ID_VERSION_INFO = HuksTagType.HUKS_TAG_TYPE_BYTES | 515, 6254 /** 6255 * The tag indicates wheather to override the key with same alias. 6256 * 6257 * @syscap SystemCapability.Security.Huks.Core 6258 * @atomicservice 6259 * @since 20 6260 */ 6261 HUKS_TAG_KEY_OVERRIDE = HuksTagType.HUKS_TAG_TYPE_BOOL | 520, 6262 6263 /* 6264 * Other reserved TAG: 601 - 1000 6265 * 6266 * Extension TAG: 1001 - 9999 6267 */ 6268 6269 /** 6270 * Whether to use the alias passed in during key generation. 6271 * 6272 * @syscap SystemCapability.Security.Huks.Core 6273 * @since 8 6274 */ 6275 /** 6276 * Whether to use the alias passed in during key generation. 6277 * 6278 * @syscap SystemCapability.Security.Huks.Core 6279 * @atomicservice 6280 * @since 12 6281 */ 6282 HUKS_TAG_IS_KEY_ALIAS = HuksTagType.HUKS_TAG_TYPE_BOOL | 1001, 6283 /** 6284 * Key storage mode. 6285 * 6286 * @syscap SystemCapability.Security.Huks.Core 6287 * @since 8 6288 */ 6289 /** 6290 * Key storage mode. 6291 * 6292 * @syscap SystemCapability.Security.Huks.Core 6293 * @atomicservice 6294 * @since 12 6295 */ 6296 HUKS_TAG_KEY_STORAGE_FLAG = HuksTagType.HUKS_TAG_TYPE_UINT | 1002, 6297 /** 6298 * Reserved. 6299 * 6300 * @syscap SystemCapability.Security.Huks.Extension 6301 * @since 8 6302 */ 6303 /** 6304 * Reserved. 6305 * 6306 * @syscap SystemCapability.Security.Huks.Core 6307 * @atomicservice 6308 * @since 12 6309 */ 6310 HUKS_TAG_IS_ALLOWED_WRAP = HuksTagType.HUKS_TAG_TYPE_BOOL | 1003, 6311 /** 6312 * Reserved. 6313 * 6314 * @syscap SystemCapability.Security.Huks.Extension 6315 * @since 8 6316 */ 6317 /** 6318 * Reserved. 6319 * 6320 * @syscap SystemCapability.Security.Huks.Core 6321 * @atomicservice 6322 * @since 12 6323 */ 6324 HUKS_TAG_KEY_WRAP_TYPE = HuksTagType.HUKS_TAG_TYPE_UINT | 1004, 6325 /** 6326 * Reserved. 6327 * 6328 * @syscap SystemCapability.Security.Huks.Extension 6329 * @since 8 6330 */ 6331 /** 6332 * Reserved. 6333 * 6334 * @syscap SystemCapability.Security.Huks.Extension 6335 * @atomicservice 6336 * @since 12 6337 */ 6338 HUKS_TAG_KEY_AUTH_ID = HuksTagType.HUKS_TAG_TYPE_BYTES | 1005, 6339 /** 6340 * Reserved. 6341 * 6342 * @syscap SystemCapability.Security.Huks.Extension 6343 * @since 8 6344 */ 6345 /** 6346 * Reserved. 6347 * 6348 * @syscap SystemCapability.Security.Huks.Core 6349 * @atomicservice 6350 * @since 12 6351 */ 6352 HUKS_TAG_KEY_ROLE = HuksTagType.HUKS_TAG_TYPE_UINT | 1006, 6353 /** 6354 * Flag of the key. 6355 * 6356 * @syscap SystemCapability.Security.Huks.Core 6357 * @since 8 6358 */ 6359 /** 6360 * Flag of the key. 6361 * 6362 * @syscap SystemCapability.Security.Huks.Core 6363 * @atomicservice 6364 * @since 12 6365 */ 6366 HUKS_TAG_KEY_FLAG = HuksTagType.HUKS_TAG_TYPE_UINT | 1007, 6367 /** 6368 * Reserved. 6369 * 6370 * @syscap SystemCapability.Security.Huks.Extension 6371 * @since 8 6372 */ 6373 /** 6374 * Reserved. 6375 * 6376 * @syscap SystemCapability.Security.Huks.Core 6377 * @atomicservice 6378 * @since 12 6379 */ 6380 HUKS_TAG_IS_ASYNCHRONIZED = HuksTagType.HUKS_TAG_TYPE_UINT | 1008, 6381 /** 6382 * @syscap SystemCapability.Security.Huks.Core 6383 * @since 8 6384 * @deprecated since 9 6385 */ 6386 HUKS_TAG_SECURE_KEY_ALIAS = HuksTagType.HUKS_TAG_TYPE_BOOL | 1009, 6387 /** 6388 * @syscap SystemCapability.Security.Huks.Extension 6389 * @since 8 6390 * @deprecated since 9 6391 */ 6392 HUKS_TAG_SECURE_KEY_UUID = HuksTagType.HUKS_TAG_TYPE_BYTES | 1010, 6393 /** 6394 * Reserved. 6395 * 6396 * @syscap SystemCapability.Security.Huks.Core 6397 * @since 8 6398 */ 6399 /** 6400 * Reserved. 6401 * 6402 * @syscap SystemCapability.Security.Huks.Core 6403 * @atomicservice 6404 * @since 12 6405 */ 6406 HUKS_TAG_KEY_DOMAIN = HuksTagType.HUKS_TAG_TYPE_UINT | 1011, 6407 6408 /** 6409 * Whether the key is accessible only when the user sets a lock screen password. 6410 * 6411 * @syscap SystemCapability.Security.Huks.Extension 6412 * @since 11 6413 */ 6414 /** 6415 * Whether the key is accessible only when the user sets a lock screen password. 6416 * 6417 * @syscap SystemCapability.Security.Huks.Extension 6418 * @atomicservice 6419 * @since 12 6420 */ 6421 HUKS_TAG_IS_DEVICE_PASSWORD_SET = HuksTagType.HUKS_TAG_TYPE_BOOL | 1012, 6422 6423 /* Inner-use TAG: 10001 - 10999 */ 6424 6425 /** 6426 * @syscap SystemCapability.Security.Huks.Core 6427 * @since 8 6428 * @deprecated since 9 6429 */ 6430 HUKS_TAG_PROCESS_NAME = HuksTagType.HUKS_TAG_TYPE_BYTES | 10001, 6431 /** 6432 * @syscap SystemCapability.Security.Huks.Extension 6433 * @since 8 6434 * @deprecated since 9 6435 */ 6436 HUKS_TAG_PACKAGE_NAME = HuksTagType.HUKS_TAG_TYPE_BYTES | 10002, 6437 /** 6438 * @syscap SystemCapability.Security.Huks.Extension 6439 * @since 8 6440 * @deprecated since 9 6441 */ 6442 HUKS_TAG_ACCESS_TIME = HuksTagType.HUKS_TAG_TYPE_UINT | 10003, 6443 /** 6444 * @syscap SystemCapability.Security.Huks.Extension 6445 * @since 8 6446 * @deprecated since 9 6447 */ 6448 HUKS_TAG_USES_TIME = HuksTagType.HUKS_TAG_TYPE_UINT | 10004, 6449 /** 6450 * @syscap SystemCapability.Security.Huks.Extension 6451 * @since 8 6452 * @deprecated since 9 6453 */ 6454 HUKS_TAG_CRYPTO_CTX = HuksTagType.HUKS_TAG_TYPE_ULONG | 10005, 6455 /** 6456 * Reserved. 6457 * 6458 * @syscap SystemCapability.Security.Huks.Core 6459 * @since 8 6460 */ 6461 /** 6462 * Reserved. 6463 * 6464 * @syscap SystemCapability.Security.Huks.Core 6465 * @atomicservice 6466 * @since 12 6467 */ 6468 HUKS_TAG_KEY = HuksTagType.HUKS_TAG_TYPE_BYTES | 10006, 6469 /** 6470 * @syscap SystemCapability.Security.Huks.Extension 6471 * @since 8 6472 * @deprecated since 9 6473 */ 6474 HUKS_TAG_KEY_VERSION = HuksTagType.HUKS_TAG_TYPE_UINT | 10007, 6475 /** 6476 * @syscap SystemCapability.Security.Huks.Extension 6477 * @since 8 6478 * @deprecated since 9 6479 */ 6480 HUKS_TAG_PAYLOAD_LEN = HuksTagType.HUKS_TAG_TYPE_UINT | 10008, 6481 6482 /** 6483 * Used to pass in the AEAD in GCM mode. 6484 * 6485 * @syscap SystemCapability.Security.Huks.Core 6486 * @since 8 6487 */ 6488 /** 6489 * Used to pass in the AEAD in GCM mode. 6490 * 6491 * @syscap SystemCapability.Security.Huks.Core 6492 * @atomicservice 6493 * @since 11 6494 */ 6495 HUKS_TAG_AE_TAG = HuksTagType.HUKS_TAG_TYPE_BYTES | 10009, 6496 6497 /** 6498 * @syscap SystemCapability.Security.Huks.Core 6499 * @since 8 6500 * @deprecated since 9 6501 */ 6502 HUKS_TAG_IS_KEY_HANDLE = HuksTagType.HUKS_TAG_TYPE_ULONG | 10010, 6503 6504 /** 6505 * Os version related TAG. 6506 * 6507 * @syscap SystemCapability.Security.Huks.Core 6508 * @since 8 6509 * @deprecated since 9 6510 */ 6511 HUKS_TAG_OS_VERSION = HuksTagType.HUKS_TAG_TYPE_UINT | 10101, 6512 /** 6513 * @syscap SystemCapability.Security.Huks.Core 6514 * @since 8 6515 * @deprecated since 9 6516 */ 6517 HUKS_TAG_OS_PATCHLEVEL = HuksTagType.HUKS_TAG_TYPE_UINT | 10102, 6518 6519 /* 6520 * Reserved TAGs: 11000 - 12000 6521 * 6522 * Other TAGs: 20001 - N 6523 * TAGs used for paramSetOut 6524 */ 6525 6526 /** 6527 * Reserved. 6528 * 6529 * @syscap SystemCapability.Security.Huks.Core 6530 * @since 8 6531 */ 6532 /** 6533 * Reserved. 6534 * 6535 * @syscap SystemCapability.Security.Huks.Core 6536 * @atomicservice 6537 * @since 12 6538 */ 6539 HUKS_TAG_SYMMETRIC_KEY_DATA = HuksTagType.HUKS_TAG_TYPE_BYTES | 20001, 6540 /** 6541 * Reserved. 6542 * 6543 * @syscap SystemCapability.Security.Huks.Extension 6544 * @since 8 6545 */ 6546 /** 6547 * Reserved. 6548 * 6549 * @syscap SystemCapability.Security.Huks.Core 6550 * @atomicservice 6551 * @since 12 6552 */ 6553 HUKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA = HuksTagType.HUKS_TAG_TYPE_BYTES | 20002, 6554 /** 6555 * Reserved. 6556 * 6557 * @syscap SystemCapability.Security.Huks.Extension 6558 * @since 8 6559 */ 6560 /** 6561 * Reserved. 6562 * 6563 * @syscap SystemCapability.Security.Huks.Core 6564 * @atomicservice 6565 * @since 12 6566 */ 6567 HUKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA = HuksTagType.HUKS_TAG_TYPE_BYTES | 20003 6568 } 6569} 6570 6571export default huks; 6572