• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16import util from '@ohos.util';
17import huks from '@ohos.security.huks';
18import userAuth from '@ohos.userIAM.userAuth';
19import promptAction from '@ohos.promptAction';
20import Logger from './Logger';
21
22const TAG: string = '[HUKS]';
23const CHALLENG_LEN = 6;
24const ALWAYSVAILD = 4;
25const IV: string = '001122334455';
26let cipherData: Uint8Array;
27let challengeNew = new Uint8Array(CHALLENG_LEN);
28
29// 密钥明文
30let PLAIN_TEXT_SIZE_16 = new Uint8Array([
31  0xfb, 0x8b, 0x9f, 0x12, 0xa0, 0x83, 0x19, 0xbe,
32  0x64, 0x0b, 0x88, 0x96, 0xe2, 0xfa, 0x77, 0xbc
33]);
34
35function stringToUint8Array(str: string): Uint8Array {
36  let arr = [];
37  for (let i = 0, j = str.length; i < j; ++i) {
38    arr.push(str.charCodeAt(i));
39  }
40  return new Uint8Array(arr);
41}
42
43// 生成Sm2密钥属性信息
44function getSm2GenerateProperties(properties): void {
45  let index = 0;
46  properties[index++] = {
47    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
48    value: huks.HuksKeyAlg.HUKS_ALG_SM2
49  };
50  properties[index++] = {
51    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
52    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256
53  };
54  properties[index++] = {
55    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
56    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT |
57    huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
58  };
59  properties[index++] = {
60    tag: huks.HuksTag.HUKS_TAG_CHALLENGE_TYPE,
61    value: huks.HuksChallengeType.HUKS_CHALLENGE_TYPE_NORMAL
62  };
63  properties[index++] = {
64    tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_PURPOSE,
65    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
66  };
67  properties[index++] = {
68    tag: huks.HuksTag.HUKS_TAG_USER_AUTH_TYPE,
69    value: huks.HuksUserAuthType.HUKS_USER_AUTH_TYPE_PIN
70  };
71  properties[index++] = {
72    tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_ACCESS_TYPE,
73    value: ALWAYSVAILD
74  };
75  return;
76}
77
78// Sm2加密密钥属性信息
79function getSm2EncryptProperties(properties): void {
80  let index = 0;
81  properties[index++] = {
82    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
83    value: huks.HuksKeyAlg.HUKS_ALG_SM2
84  };
85  properties[index++] = {
86    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
87    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256
88  };
89  properties[index++] = {
90    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
91    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT
92  };
93  properties[index++] = {
94    tag: huks.HuksTag.HUKS_TAG_DIGEST,
95    value: huks.HuksKeyDigest.HUKS_DIGEST_SM3
96  };
97  return;
98}
99
100// Sm2解密密钥属性信息
101function getSm2DecryptProperties(properties): void {
102  let index = 0;
103  properties[index++] = {
104    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
105    value: huks.HuksKeyAlg.HUKS_ALG_SM2
106  };
107  properties[index++] = {
108    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
109    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256
110  };
111  properties[index++] = {
112    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
113    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
114  };
115  properties[index++] = {
116    tag: huks.HuksTag.HUKS_TAG_DIGEST,
117    value: huks.HuksKeyDigest.HUKS_DIGEST_SM3
118  };
119  return;
120}
121
122function uint8ArrayToString(fileData): string {
123  let dataString = '';
124  for (let i = 0; i < fileData.length; i++) {
125    dataString += String.fromCharCode(fileData[i]);
126  }
127  return dataString;
128}
129
130// AES加密密钥属性信息
131function getAesEncryptProperties(properties): void {
132  let index = 0;
133  properties[index++] = {
134    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
135    value: huks.HuksKeyAlg.HUKS_ALG_AES
136  };
137  properties[index++] = {
138    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
139    value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128
140  };
141  properties[index++] = {
142    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
143    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT
144  };
145  properties[index++] = {
146    tag: huks.HuksTag.HUKS_TAG_PADDING,
147    value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7
148  };
149  properties[index++] = {
150    tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
151    value: huks.HuksCipherMode.HUKS_MODE_CBC
152  };
153  properties[index++] = {
154    tag: huks.HuksTag.HUKS_TAG_IV,
155    value: stringToUint8Array(IV)
156  };
157  return;
158}
159
160// AES解密密钥属性信息
161function getAesDecryptProperties(properties): void {
162  let index = 0;
163  properties[index++] = {
164    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
165    value: huks.HuksKeyAlg.HUKS_ALG_AES
166  };
167  properties[index++] = {
168    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
169    value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256
170  };
171  properties[index++] = {
172    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
173    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
174  };
175  properties[index++] = {
176    tag: huks.HuksTag.HUKS_TAG_PADDING,
177    value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7
178  };
179  properties[index++] = {
180    tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
181    value: huks.HuksCipherMode.HUKS_MODE_CBC
182  };
183  properties[index++] = {
184    tag: huks.HuksTag.HUKS_TAG_IV,
185    value: stringToUint8Array(IV)
186  };
187  return;
188}
189
190// 生成AES密钥属性信息
191function getAesGenerateProperties(properties): void {
192  let index = 0;
193  properties[index++] = {
194    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
195    value: huks.HuksKeyAlg.HUKS_ALG_AES
196  };
197  properties[index++] = {
198    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
199    value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128
200  };
201  properties[index++] = {
202    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
203    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT |
204    huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
205  };
206  return;
207}
208
209// 导入SM4密钥属性信息
210function getImportKeyProperties(properties): void {
211  let index = 0;
212  properties[index++] = {
213    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
214    value: huks.HuksKeyAlg.HUKS_ALG_SM4
215  };
216  properties[index++] = {
217    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
218    value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128
219  };
220  properties[index++] = {
221    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
222    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT |
223    huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
224  };
225  return;
226}
227
228// SM4 加密密钥属性
229function getSm4EnryptProperties(properties): void {
230  let index = 0;
231  properties[index++] = {
232    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
233    value: huks.HuksKeyAlg.HUKS_ALG_SM4
234  };
235  properties[index++] = {
236    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
237    value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128,
238  };
239  properties[index++] = {
240    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
241    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT
242  };
243  properties[index++] = {
244    tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
245    value: huks.HuksCipherMode.HUKS_MODE_CBC
246  };
247  properties[index++] = {
248    tag: huks.HuksTag.HUKS_TAG_PADDING,
249    value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7
250  };
251  properties[index++] = {
252    tag: huks.HuksTag.HUKS_TAG_IV,
253    value: stringToUint8Array(IV)
254  };
255  return;
256}
257
258// SM4 解密密钥属性
259function getSm4DeryptProperties(properties): void {
260  let index = 0;
261  properties[index++] = {
262    tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
263    value: huks.HuksKeyAlg.HUKS_ALG_SM4
264  };
265  properties[index++] = {
266    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
267    value: huks.HuksKeySize.HUKS_SM4_KEY_SIZE_128,
268  };
269  properties[index++] = {
270    tag: huks.HuksTag.HUKS_TAG_PURPOSE,
271    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT
272  };
273  properties[index++] = {
274    tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
275    value: huks.HuksCipherMode.HUKS_MODE_CBC
276  };
277  properties[index++] = {
278    tag: huks.HuksTag.HUKS_TAG_PADDING,
279    value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7
280  };
281  properties[index++] = {
282    tag: huks.HuksTag.HUKS_TAG_IV,
283    value: stringToUint8Array(IV)
284  };
285  return;
286}
287
288/**
289 * 功能模型
290 */
291export class HuksModel {
292  // 模拟使用HUKS生成的新密钥进行加密
293  async encryptData(plainText: string, resultCallback): Promise<void> {
294    let aesKeyAlias = 'test_aesKeyAlias';
295    let handle;
296    let generateKeyProperties = new Array();
297    getAesGenerateProperties(generateKeyProperties);
298    let generateKeyOptions = {
299      properties: generateKeyProperties
300    };
301    await huks.generateKeyItem(aesKeyAlias, generateKeyOptions).then((data) => {
302      Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`);
303    }).catch((err)=>{
304      Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
305    });
306
307    let encryptProperties = new Array();
308    getAesEncryptProperties(encryptProperties);
309    let encryptOptions = {
310      properties:encryptProperties,
311      inData: stringToUint8Array(plainText)
312    };
313    await huks.initSession(aesKeyAlias, encryptOptions).then((data) => {
314      Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`);
315      handle = data.handle;
316    }).catch((err)=>{
317      Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
318    });
319    await huks.finishSession(handle, encryptOptions).then((data) => {
320      Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`);
321      cipherData = data.outData;
322      let that = new util.Base64Helper();
323      resultCallback(that.encodeToStringSync(cipherData));
324    }).catch((err)=>{
325      Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
326      promptAction.showToast({
327        message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
328        duration: 6500,
329      });
330    });
331  }
332
333  // 模拟使用HUKS生成的新密钥进行解密
334  async decryptData(resultCallback): Promise<void> {
335    let decryptOptions = new Array();
336    getAesDecryptProperties(decryptOptions);
337    let aesKeyAlias = 'test_aesKeyAlias';
338    let handle;
339    let options = {
340      properties: decryptOptions,
341      inData: cipherData
342    };
343    let emptyOptions = {
344      properties: []
345    };
346
347    await huks.initSession(aesKeyAlias, options).then((data) => {
348      Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`);
349      handle = data.handle;
350    }).catch((err) => {
351      Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
352    });
353    await huks.finishSession(handle, options).then((data) => {
354      Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`);
355      resultCallback(uint8ArrayToString(data.outData));
356    }).catch((err) => {
357      Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
358      promptAction.showToast({
359        message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
360        duration: 6500,
361      });
362    });
363    await huks.deleteKeyItem(aesKeyAlias, emptyOptions).then((data) => {
364      Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`);
365    }).catch((err)=>{
366      Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
367    });
368  }
369
370  // 模拟使用Sm2 生成密钥并进行加密
371  async encryptDataUseSm2(plainText: string, resultCallback): Promise<void> {
372    let sm2KeyAlias = 'test_sm2KeyAlias';
373    let handle;
374    let generateKeyProperties = new Array();
375    getSm2GenerateProperties(generateKeyProperties);
376    let generateKeyOptions = {
377      properties: generateKeyProperties
378    };
379    await huks.generateKeyItem(sm2KeyAlias, generateKeyOptions).then((data) => {
380      Logger.info(TAG, `generate key success, data: ${JSON.stringify(data)}`);
381    }).catch((err)=>{
382      Logger.error(TAG, `generate key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
383    });
384
385    let encryptProperties = new Array();
386    getSm2EncryptProperties(encryptProperties);
387    let encryptOptions = {
388      properties:encryptProperties,
389      inData: stringToUint8Array(plainText)
390    };
391    await huks.initSession(sm2KeyAlias, encryptOptions).then((data) => {
392      Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`);
393      handle = data.handle;
394    }).catch((err)=>{
395      Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
396    });
397    await huks.finishSession(handle, encryptOptions).then((data) => {
398      Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`);
399      cipherData = data.outData;
400      let that = new util.Base64Helper();
401      resultCallback(that.encodeToStringSync(cipherData));
402    }).catch((err)=>{
403      Logger.error(TAG, `encrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
404      promptAction.showToast({
405        message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
406        duration: 6500,
407      });
408    });
409  }
410
411  async finishSession(handle, options, resultCallback, authToken: Uint8Array): Promise<void> {
412    await huks.finishSession(handle, options, authToken).then((data) => {
413      Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`);
414      resultCallback(uint8ArrayToString(data.outData));
415    }).catch((err) => {
416      Logger.error(TAG, `decrypt finishSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
417      promptAction.showToast({
418        message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
419        duration: 6500,
420      });
421    });
422  }
423
424  async userIAMAuthFinger(finishSessionFunction, param) : Promise<void> {
425    Logger.info(TAG, '[HUKS->userIAM]start userAuth...');
426    const authParam : userAuth.AuthParam = {
427      challenge: challengeNew,
428      authType: [userAuth.UserAuthType.PIN],
429      authTrustLevel: userAuth.AuthTrustLevel.ATL1
430    };
431    const widgetParam :userAuth.WidgetParam = {
432      title: 'PIN'
433    };
434    try {
435      let userAuthInstance = await userAuth.getUserAuthInstance(authParam, widgetParam);
436      Logger.info(TAG, 'get userAuth instance success');
437      await userAuthInstance.on('result', {
438        onResult(result) {
439          Logger.info(TAG, 'userAuthInstance callback result = ' + JSON.stringify(result));
440          finishSessionFunction(param.handleParam, param.optionsParam, param.resultCallbackParam, result.token);
441        }
442      });
443      Logger.info(TAG, 'auth on success');
444      await userAuthInstance.start();
445      Logger.info(TAG, 'auth on success');
446    } catch (error) {
447      Logger.error(TAG, 'auth catch error: ' + JSON.stringify(error));
448    }
449  }
450
451  // 模拟使用HUKS生成的新密钥进行低安访问控制与解密
452  async decryptDataUseSm2(resultCallback): Promise<void> {
453    let decryptOptions = new Array();
454    getSm2DecryptProperties(decryptOptions);
455    let sm2KeyAlias = 'test_sm2KeyAlias';
456    let handle;
457    let options = {
458      properties: decryptOptions,
459      inData: cipherData
460    };
461    let emptyOptions = {
462      properties: []
463    };
464    await huks.initSession(sm2KeyAlias, options).then((data) => {
465      Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`);
466      handle = data.handle;
467      challengeNew = data.challenge;
468    }).catch((err) => {
469      Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
470    });
471    let finishSessionFunction = this.finishSession;
472    let param = {
473      handleParam : handle,
474      optionsParam : options,
475      resultCallbackParam : resultCallback,
476    };
477    await this.userIAMAuthFinger(finishSessionFunction, param);
478  }
479
480
481  // 模拟设备1使用旧密钥在本地进行加密
482  async encryptDataUserOldKey(plainText: string, resultCallback): Promise<void> {
483    let device1KeyAlias = 'device_1_key_alias';
484    let importKeyProperties = new Array();
485    getImportKeyProperties(importKeyProperties);
486    let importKeyOptions = {
487      properties: importKeyProperties,
488      inData: PLAIN_TEXT_SIZE_16
489    };
490    Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`);
491    await huks.importKeyItem(device1KeyAlias, importKeyOptions).then((data) => {
492      Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`);
493    }).catch((err)=>{
494      Logger.error(TAG, `import key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
495    });
496
497    // 加密
498    let sm4EncryptProperties = new Array();
499    getSm4EnryptProperties(sm4EncryptProperties);
500    let sm4EncryptOptions = {
501      properties:sm4EncryptProperties,
502      inData: stringToUint8Array(plainText)
503    };
504    let handle;
505    await huks.initSession(device1KeyAlias, sm4EncryptOptions).then((data) => {
506      Logger.info(TAG, `encrypt initSession success, data: ${JSON.stringify(data)}`);
507      handle = data.handle;
508    }).catch((err)=>{
509      Logger.error(TAG, `encrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
510    });
511    await huks.finishSession(handle, sm4EncryptOptions).then((data) => {
512      Logger.info(TAG, `encrypt finishSession success, data: ${JSON.stringify(data)}`);
513      cipherData = data.outData;
514      let that = new util.Base64Helper();
515      resultCallback(that.encodeToStringSync(cipherData));
516    }).catch((err)=>{
517      Logger.error(TAG, `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
518      promptAction.showToast({
519        message: `send message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
520        duration: 6500,
521      });
522    });
523
524    // 加密完成删除本地密钥
525    let emptyOptions = {
526      properties: []
527    };
528    await huks.deleteKeyItem(device1KeyAlias, emptyOptions).then((data) => {
529      Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`);
530    }).catch((err)=>{
531      Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
532    });
533  }
534
535  // 模拟设备2导入设备1中的旧密钥
536  async importKey(): Promise<void> {
537    let keyAlias = 'import_device_1_key_alias';
538    let importOptions = new Array();
539    getImportKeyProperties(importOptions);
540    let huksoptions = {
541      properties: importOptions,
542      inData: PLAIN_TEXT_SIZE_16
543    };
544    Logger.info(TAG, `key plain text: ${JSON.stringify(PLAIN_TEXT_SIZE_16)}`);
545    await huks.importKeyItem(keyAlias, huksoptions).then((data) => {
546      Logger.info(TAG, `import key success, data: ${JSON.stringify(data)}`);
547      promptAction.showToast({
548        message: 'import old key success',
549        duration: 1000,
550      });
551    }).catch((err)=>{
552      Logger.error(TAG, `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
553      promptAction.showToast({
554        message: `import old key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
555        duration: 1000,
556      });
557    });
558  }
559
560  // 模拟设备2使用导入的设备1中的旧密钥进行解密
561  async decryptDataUserOldKey(resultCallback): Promise<void> {
562    let handle;
563    let keyAlias = 'import_device_1_key_alias';
564    let decryptProperties = new Array();
565    getSm4DeryptProperties(decryptProperties);
566    let decryptOptions = {
567      properties: decryptProperties,
568      inData: cipherData
569    };
570
571    // 解密
572    await huks.initSession(keyAlias, decryptOptions).then((data) => {
573      Logger.info(TAG, `decrypt initSession success, data: ${JSON.stringify(data)}`);
574      handle = data.handle;
575    }).catch((err) => {
576      Logger.error(TAG, `decrypt initSession failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
577    });
578    await huks.finishSession(handle, decryptOptions).then((data) => {
579      Logger.info(TAG, `decrypt finishSession success, data: ${JSON.stringify(data)}`);
580      resultCallback(uint8ArrayToString(data.outData));
581    }).catch((err) => {
582      Logger.error(TAG, `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
583      promptAction.showToast({
584        message: `receive message failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`,
585        duration: 6500,
586      });
587    });
588
589    // 解密完成删除本地密钥
590    let emptyOptions = {
591      properties: []
592    };
593    await huks.deleteKeyItem(keyAlias, emptyOptions).then((data) => {
594      Logger.info(TAG, `delete key success, data: ${JSON.stringify(data)}`);
595    }).catch((err)=>{
596      Logger.error(TAG, `delete key failed, ${JSON.stringify(err.code)}: ${JSON.stringify(err.message)}`);
597    });
598  }
599}