1# @ohos.security.asset (Asset Store Service) 2 3The asset store service (ASSET) provides secure storage and management of sensitive data less than 1024 bytes in size, including passwords, app tokens, and other critical data (such as bank card numbers). 4 5> **NOTE** 6> 7> The initial APIs of this module are supported since API version 11. Newly added APIs will be marked with a superscript to indicate their earliest API version. 8 9## Modules to Import 10 11```typescript 12import { asset } from '@kit.AssetStoreKit'; 13``` 14 15## asset.add 16 17add(attributes: AssetMap): Promise\<void> 18 19Add an asset. This API uses a promise to return the result. 20 21To set [IS_PERSISTENT](#tag), the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. 22 23**System capability**: SystemCapability.Security.Asset 24 25| Name | Type | Mandatory| Description | 26| ---------- | -------- | ---- | ------------------------------------------------------------ | 27| attributes | [AssetMap](#assetmap) | Yes | Attributes of the asset to add, including the asset plaintext, access control attributes, and custom data.| 28 29**Return value** 30 31| Type | Description | 32| ------------- | ----------------------- | 33| Promise\<void> | Promise that returns no value.| 34 35**Error codes** 36 37For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 38 39| ID| Error Message | 40| -------- | ---------------------------------------------------------- | 41| 201 | The caller doesn't have the permission. | 42| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 43| 24000001 | The ASSET service is unavailable. | 44| 24000003 | The asset already exists. | 45| 24000005 | The screen lock status does not match. | 46| 24000006 | Insufficient memory. | 47| 24000007 | The asset is corrupted. | 48| 24000008 | The database operation failed. | 49| 24000009 | The cryptography operation failed. | 50| 24000010 | IPC failed. | 51| 24000011 | Calling the Bundle Manager service failed. | 52| 24000012 | Calling the OS Account service failed. | 53| 24000013 | Calling the Access Token service failed. | 54| 24000014 | The file operation failed. | 55| 24000015 | Getting the system time failed. | 56 57**Example** 58 59```typescript 60import { asset } from '@kit.AssetStoreKit'; 61import { util } from '@kit.ArkTS'; 62import { BusinessError } from '@kit.BasicServicesKit'; 63 64function stringToArray(str: string): Uint8Array { 65 let textEncoder = new util.TextEncoder(); 66 return textEncoder.encodeInto(str); 67} 68 69let attr: asset.AssetMap = new Map(); 70attr.set(asset.Tag.SECRET, stringToArray('demo_pwd')); 71attr.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 72attr.set(asset.Tag.ACCESSIBILITY, asset.Accessibility.DEVICE_FIRST_UNLOCKED); 73attr.set(asset.Tag.DATA_LABEL_NORMAL_1, stringToArray('demo_label')); 74try { 75 asset.add(attr).then(() => { 76 console.info(`Asset added successfully.`); 77 }).catch((err: BusinessError) => { 78 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 79 }) 80} catch (error) { 81 let err = error as BusinessError; 82 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 83} 84``` 85 86## asset.addSync<sup>12+</sup> 87 88addSync(attributes: AssetMap): void 89 90Add an asset. This API returns the result synchronously. 91 92To set [IS_PERSISTENT](#tag), the application must have the ohos.permission.STORE_PERSISTENT_DATA permission. 93 94**System capability**: SystemCapability.Security.Asset 95 96| Name | Type | Mandatory| Description | 97| ---------- | -------- | ---- | ------------------------------------------------------------ | 98| attributes | [AssetMap](#assetmap) | Yes | Attributes of the asset to add, including the asset plaintext, access control attributes, and custom data.| 99 100**Error codes** 101 102For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 103 104| ID| Error Message | 105| -------- | ---------------------------------------------------------- | 106| 201 | The caller doesn't have the permission. | 107| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 108| 24000001 | The ASSET service is unavailable. | 109| 24000003 | The asset already exists. | 110| 24000005 | The screen lock status does not match. | 111| 24000006 | Insufficient memory. | 112| 24000007 | The asset is corrupted. | 113| 24000008 | The database operation failed. | 114| 24000009 | The cryptography operation failed. | 115| 24000010 | IPC failed. | 116| 24000011 | Calling the Bundle Manager service failed. | 117| 24000012 | Calling the OS Account service failed. | 118| 24000013 | Calling the Access Token service failed. | 119| 24000014 | The file operation failed. | 120| 24000015 | Getting the system time failed. | 121 122**Example** 123 124```typescript 125import { asset } from '@kit.AssetStoreKit'; 126import { util } from '@kit.ArkTS'; 127import { BusinessError } from '@kit.BasicServicesKit'; 128 129function stringToArray(str: string): Uint8Array { 130 let textEncoder = new util.TextEncoder(); 131 return textEncoder.encodeInto(str); 132} 133 134let attr: asset.AssetMap = new Map(); 135attr.set(asset.Tag.SECRET, stringToArray('demo_pwd')); 136attr.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 137attr.set(asset.Tag.ACCESSIBILITY, asset.Accessibility.DEVICE_FIRST_UNLOCKED); 138attr.set(asset.Tag.DATA_LABEL_NORMAL_1, stringToArray('demo_label')); 139try { 140 asset.addSync(attr); 141} catch (error) { 142 let err = error as BusinessError; 143 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 144} 145``` 146 147## asset.remove 148 149remove(query: AssetMap): Promise\<void> 150 151Removes one or more assets. This API uses a promise to return the result. 152 153**System capability**: SystemCapability.Security.Asset 154 155| Name| Type | Mandatory| Description | 156| ------ | -------- | ---- | ------------------------------------------------------ | 157| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to remove, such as the asset alias, access control attributes, and custom data.| 158 159**Return value** 160 161| Type | Description | 162| ------------- | ----------------------- | 163| Promise\<void> | Promise that returns no value.| 164 165**Error codes** 166 167For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 168 169| ID| Error Message | 170| -------- | ---------------------------------------------------------- | 171| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 172| 24000001 | The ASSET service is unavailable. | 173| 24000002 | The asset is not found. | 174| 24000006 | Insufficient memory. | 175| 24000007 | The asset is corrupted. | 176| 24000008 | The database operation failed. | 177| 24000010 | IPC failed. | 178| 24000011 | Calling the Bundle Manager service failed. | 179| 24000012 | Calling the OS Account service failed. | 180| 24000013 | Calling the Access Token service failed. | 181| 24000015 | Getting the system time failed. | 182 183**Example** 184 185```typescript 186import { asset } from '@kit.AssetStoreKit'; 187import { util } from '@kit.ArkTS'; 188import { BusinessError } from '@kit.BasicServicesKit'; 189 190function stringToArray(str: string): Uint8Array { 191 let textEncoder = new util.TextEncoder(); 192 return textEncoder.encodeInto(str); 193} 194 195let query: asset.AssetMap = new Map(); 196query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 197try { 198 asset.remove(query).then(() => { 199 console.info(`Asset removed successfully.`); 200 }).catch((err: BusinessError) => { 201 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 202 }); 203} catch (error) { 204 let err = error as BusinessError; 205 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 206} 207``` 208 209## asset.removeSync<sup>12+</sup> 210 211removeSync(query: AssetMap): void 212 213Removes one or more assets. This API returns the result synchronously. 214 215**System capability**: SystemCapability.Security.Asset 216 217| Name| Type | Mandatory| Description | 218| ------ | -------- | ---- | ------------------------------------------------------ | 219| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to remove, such as the asset alias, access control attributes, and custom data.| 220 221**Error codes** 222 223For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 224 225| ID| Error Message | 226| -------- | ---------------------------------------------------------- | 227| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 228| 24000001 | The ASSET service is unavailable. | 229| 24000002 | The asset is not found. | 230| 24000006 | Insufficient memory. | 231| 24000007 | The asset is corrupted. | 232| 24000008 | The database operation failed. | 233| 24000010 | IPC failed. | 234| 24000011 | Calling the Bundle Manager service failed. | 235| 24000012 | Calling the OS Account service failed. | 236| 24000013 | Calling the Access Token service failed. | 237| 24000015 | Getting the system time failed. | 238 239**Example** 240 241```typescript 242import { asset } from '@kit.AssetStoreKit'; 243import { util } from '@kit.ArkTS'; 244import { BusinessError } from '@kit.BasicServicesKit'; 245 246function stringToArray(str: string): Uint8Array { 247 let textEncoder = new util.TextEncoder(); 248 return textEncoder.encodeInto(str); 249} 250 251let query: asset.AssetMap = new Map(); 252query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 253try { 254 asset.removeSync(query); 255} catch (error) { 256 let err = error as BusinessError; 257 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 258} 259``` 260 261## asset.update 262 263update(query: AssetMap, attributesToUpdate: AssetMap): Promise\<void> 264 265Updates an asset. This API uses a promise to return the result. 266 267**System capability**: SystemCapability.Security.Asset 268 269| Name | Type | Mandatory| Description | 270| ------------------ | -------- | ---- | ------------------------------------------------------------ | 271| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to update, such as the asset alias, access control attributes, and custom data.| 272| attributesToUpdate | [AssetMap](#assetmap) | Yes | New attributes of the asset, such as the asset plaintext and custom data. | 273 274**Return value** 275 276| Type | Description | 277| ------------- | ----------------------- | 278| Promise\<void> | Promise that returns no value.| 279 280**Error codes** 281 282For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 283 284| ID| Error Message | 285| -------- | ---------------------------------------------------------- | 286| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 287| 24000001 | The ASSET service is unavailable. | 288| 24000002 | The asset is not found. | 289| 24000005 | The screen lock status does not match. | 290| 24000006 | Insufficient memory. | 291| 24000007 | The asset is corrupted. | 292| 24000008 | The database operation failed. | 293| 24000009 | The cryptography operation failed. | 294| 24000010 | IPC failed. | 295| 24000011 | Calling the Bundle Manager service failed. | 296| 24000012 | Calling the OS Account service failed. | 297| 24000013 | Calling the Access Token service failed. | 298| 24000015 | Getting the system time failed. | 299 300**Example** 301 302```typescript 303import { asset } from '@kit.AssetStoreKit'; 304import { util } from '@kit.ArkTS'; 305import { BusinessError } from '@kit.BasicServicesKit'; 306 307function stringToArray(str: string): Uint8Array { 308 let textEncoder = new util.TextEncoder(); 309 return textEncoder.encodeInto(str); 310} 311 312let query: asset.AssetMap = new Map(); 313query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 314let attrsToUpdate: asset.AssetMap = new Map(); 315attrsToUpdate.set(asset.Tag.SECRET, stringToArray('demo_pwd_new')); 316try { 317 asset.update(query, attrsToUpdate).then(() => { 318 console.info(`Asset updated successfully.`); 319 }).catch((err: BusinessError) => { 320 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 321 }); 322} catch (error) { 323 let err = error as BusinessError; 324 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 325} 326``` 327 328## asset.updateSync<sup>12+</sup> 329 330updateSync(query: AssetMap, attributesToUpdate: AssetMap): void 331 332Updates an asset. This API returns the result synchronously. 333 334**System capability**: SystemCapability.Security.Asset 335 336| Name | Type | Mandatory| Description | 337| ------------------ | -------- | ---- | ------------------------------------------------------------ | 338| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to update, such as the asset alias, access control attributes, and custom data.| 339| attributesToUpdate | [AssetMap](#assetmap) | Yes | New attributes of the asset, such as the asset plaintext and custom data. | 340 341**Error codes** 342 343For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 344 345| ID| Error Message | 346| -------- | ---------------------------------------------------------- | 347| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 348| 24000001 | The ASSET service is unavailable. | 349| 24000002 | The asset is not found. | 350| 24000005 | The screen lock status does not match. | 351| 24000006 | Insufficient memory. | 352| 24000007 | The asset is corrupted. | 353| 24000008 | The database operation failed. | 354| 24000009 | The cryptography operation failed. | 355| 24000010 | IPC failed. | 356| 24000011 | Calling the Bundle Manager service failed. | 357| 24000012 | Calling the OS Account service failed. | 358| 24000013 | Calling the Access Token service failed. | 359| 24000015 | Getting the system time failed. | 360 361**Example** 362 363```typescript 364import { asset } from '@kit.AssetStoreKit'; 365import { util } from '@kit.ArkTS'; 366import { BusinessError } from '@kit.BasicServicesKit'; 367 368function stringToArray(str: string): Uint8Array { 369 let textEncoder = new util.TextEncoder(); 370 return textEncoder.encodeInto(str); 371} 372 373let query: asset.AssetMap = new Map(); 374query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 375let attrsToUpdate: asset.AssetMap = new Map(); 376attrsToUpdate.set(asset.Tag.SECRET, stringToArray('demo_pwd_new')); 377try { 378 asset.updateSync(query, attrsToUpdate); 379} catch (error) { 380 let err = error as BusinessError; 381 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 382} 383``` 384 385## asset.preQuery 386 387preQuery(query: AssetMap): Promise\<Uint8Array> 388 389Performs preprocessing for the asset query. This API is used when user authentication is required for the access to the asset. After the user authentication is successful, call [asset.query](#assetquery) and [asset.postQuery](#assetpostquery). This API uses a promise to return the result. 390 391**System capability**: SystemCapability.Security.Asset 392 393| Name| Type | Mandatory| Description | 394| ------ | -------- | ---- | ------------------------------------------------------ | 395| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data.| 396 397**Return value** 398 399| Type | Description | 400| ------------------- | ----------------------------------------------------- | 401| Promise\<Uint8Array> | Promise used to return a challenge value.<br>**NOTE**: The challenge value is used for subsequent user authentication.| 402 403**Error codes** 404 405For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 406 407| ID| Error Message | 408| -------- | ------------------------------------------------------------ | 409| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 410| 24000001 | The ASSET service is unavailable. | 411| 24000002 | The asset is not found. | 412| 24000005 | The screen lock status does not match. | 413| 24000006 | Insufficient memory. | 414| 24000007 | The asset is corrupted. | 415| 24000008 | The database operation failed. | 416| 24000009 | The cryptography operation failed. | 417| 24000010 | IPC failed. | 418| 24000011 | Calling the Bundle Manager service failed. | 419| 24000012 | Calling the OS Account service failed. | 420| 24000013 | Calling the Access Token service failed. | 421| 24000016 | The cache exceeds the limit. | 422| 24000017 | The capability is not supported. | 423 424**Example** 425 426```typescript 427import { asset } from '@kit.AssetStoreKit'; 428import { util } from '@kit.ArkTS'; 429import { BusinessError } from '@kit.BasicServicesKit'; 430 431function stringToArray(str: string): Uint8Array { 432 let textEncoder = new util.TextEncoder(); 433 return textEncoder.encodeInto(str); 434} 435 436let query: asset.AssetMap = new Map(); 437query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 438try { 439 asset.preQuery(query).then((challenge: Uint8Array) => { 440 console.info(`Succeeded in pre-querying Asset.`); 441 }).catch ((err: BusinessError) => { 442 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 443 }); 444} catch (error) { 445 let err = error as BusinessError; 446 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 447} 448``` 449 450## asset.preQuerySync<sup>12+</sup> 451 452preQuerySync(query: AssetMap): Uint8Array 453 454Performs preprocessing for the asset query. This API is used when user authentication is required for the access to the asset. After the user authentication is successful, call [asset.querySync](#assetquerysync12) and [asset.postQuerySync](#assetpostquerysync12). This API returns the result synchronously. 455 456**System capability**: SystemCapability.Security.Asset 457 458| Name| Type | Mandatory| Description | 459| ------ | -------- | ---- | ------------------------------------------------------ | 460| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data.| 461 462**Return value** 463 464| Type | Description | 465| ------------------- | ----------------------------------------------------- | 466| Uint8Array | Challenge value.<br>**NOTE**: The challenge value is used for subsequent user authentication.| 467 468**Error codes** 469 470For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 471 472| ID| Error Message | 473| -------- | ------------------------------------------------------------ | 474| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 475| 24000001 | The ASSET service is unavailable. | 476| 24000002 | The asset is not found. | 477| 24000005 | The screen lock status does not match. | 478| 24000006 | Insufficient memory. | 479| 24000007 | The asset is corrupted. | 480| 24000008 | The database operation failed. | 481| 24000009 | The cryptography operation failed. | 482| 24000010 | IPC failed. | 483| 24000011 | Calling the Bundle Manager service failed. | 484| 24000012 | Calling the OS Account service failed. | 485| 24000013 | Calling the Access Token service failed. | 486| 24000016 | The cache exceeds the limit. | 487| 24000017 | The capability is not supported. | 488 489**Example** 490 491```typescript 492import { asset } from '@kit.AssetStoreKit'; 493import { util } from '@kit.ArkTS'; 494import { BusinessError } from '@kit.BasicServicesKit'; 495 496function stringToArray(str: string): Uint8Array { 497 let textEncoder = new util.TextEncoder(); 498 return textEncoder.encodeInto(str); 499} 500 501let query: asset.AssetMap = new Map(); 502query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 503try { 504 let challenge: Uint8Array = asset.preQuerySync(query); 505} catch (error) { 506 let err = error as BusinessError; 507 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 508} 509``` 510 511## asset.query 512 513query(query: AssetMap): Promise\<Array\<AssetMap>> 514 515Queries one or more assets. If user authentication is required for the access to the asset, call [asset.preQuery](#assetprequery) before this API and call [asset.postQuery](#assetpostquery) after this API. For details about the development procedure, see [Querying an Asset with User Authentication](../../security/AssetStoreKit/asset-js-query-auth.md). This API uses a promise to return the result. 516 517**System capability**: SystemCapability.Security.Asset 518 519| Name | Type | Mandatory| Description | 520| -------- | ------------------------------- | ---- | ------------------------------------------------------------ | 521| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 522 523**Return value** 524 525| Type | Description | 526| ------------------------ | ------------------------------------- | 527| Promise\<Array\<AssetMap>> | Promise used to return the result obtained.| 528 529**Error codes** 530 531For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 532 533| ID| Error Message | 534| -------- | ---------------------------------------------------------- | 535| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 536| 24000001 | The ASSET service is unavailable. | 537| 24000002 | The asset is not found. | 538| 24000004 | Access denied. | 539| 24000005 | The screen lock status does not match. | 540| 24000006 | Insufficient memory. | 541| 24000007 | The asset is corrupted. | 542| 24000008 | The database operation failed. | 543| 24000009 | The cryptography operation failed. | 544| 24000010 | IPC failed. | 545| 24000011 | Calling the Bundle Manager service failed. | 546| 24000012 | Calling the OS Account service failed. | 547| 24000013 | Calling the Access Token service failed. | 548| 24000017 | The capability is not supported. | 549 550**Example** 551 552```typescript 553import { asset } from '@kit.AssetStoreKit'; 554import { util } from '@kit.ArkTS'; 555import { BusinessError } from '@kit.BasicServicesKit'; 556 557function stringToArray(str: string): Uint8Array { 558 let textEncoder = new util.TextEncoder(); 559 return textEncoder.encodeInto(str); 560} 561 562let query: asset.AssetMap = new Map(); 563query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 564try { 565 asset.query(query).then((res: Array<asset.AssetMap>) => { 566 for (let i = 0; i < res.length; i++) { 567 // parse the attribute. 568 let accessibility: number = res[i].get(asset.Tag.ACCESSIBILITY) as number; 569 } 570 console.info(`Asset query succeeded.`); 571 }).catch ((err: BusinessError) => { 572 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 573 }); 574} catch (error) { 575 let err = error as BusinessError; 576 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 577} 578``` 579 580## asset.querySync<sup>12+</sup> 581 582querySync(query: AssetMap): Array\<AssetMap> 583 584Queries one or more assets. If user authentication is required for the access to the asset, call [asset.preQuerySync](#assetprequerysync12) before this API and call [asset.postQuerySync](#assetpostquerysync12) after this API. For details about the development procedure, see [Querying an Asset with User Authentication](../../security/AssetStoreKit/asset-js-query-auth.md). This API returns the result synchronously. 585 586**System capability**: SystemCapability.Security.Asset 587 588| Name | Type | Mandatory| Description | 589| -------- | ------------------------------- | ---- | ------------------------------------------------------------ | 590| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 591 592**Return value** 593 594| Type | Description | 595| ------------------------ | ------------------------------------- | 596| Array\<AssetMap> | Array of query results.| 597 598**Error codes** 599 600For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 601 602| ID| Error Message | 603| -------- | ---------------------------------------------------------- | 604| 401 | Parameter error. Possible causes: <br> 1. Incorrect parameter types. <br> 2. Parameter verification failed. | 605| 24000001 | The ASSET service is unavailable. | 606| 24000002 | The asset is not found. | 607| 24000004 | Access denied. | 608| 24000005 | The screen lock status does not match. | 609| 24000006 | Insufficient memory. | 610| 24000007 | The asset is corrupted. | 611| 24000008 | The database operation failed. | 612| 24000009 | The cryptography operation failed. | 613| 24000010 | IPC failed. | 614| 24000011 | Calling the Bundle Manager service failed. | 615| 24000012 | Calling the OS Account service failed. | 616| 24000013 | Calling the Access Token service failed. | 617| 24000017 | The capability is not supported. | 618 619**Example** 620 621```typescript 622import { asset } from '@kit.AssetStoreKit'; 623import { util } from '@kit.ArkTS'; 624import { BusinessError } from '@kit.BasicServicesKit'; 625 626function stringToArray(str: string): Uint8Array { 627 let textEncoder = new util.TextEncoder(); 628 return textEncoder.encodeInto(str); 629} 630 631let query: asset.AssetMap = new Map(); 632query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 633try { 634 let res: Array<asset.AssetMap> = asset.querySync(query); 635 let accessibility: number; 636 for (let i = 0; i < res.length; i++) { 637 // parse the attribute. 638 if (res[i] != null) { 639 accessibility = res[i].get(asset.Tag.ACCESSIBILITY) as number; 640 } 641 } 642} catch (error) { 643 let err = error as BusinessError; 644 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 645} 646``` 647 648## asset.postQuery 649 650postQuery(handle: AssetMap): Promise\<void> 651 652Performs postprocessing for the asset query. This API is used when user authentication is required for the access to the asset. This API must be used with [asset.preQuery](#assetprequery) together. This API uses a promise to return the result. 653 654**System capability**: SystemCapability.Security.Asset 655 656| Name| Type | Mandatory| Description | 657| ------ | -------- | ---- | ------------------------------------------------------------ | 658| handle | [AssetMap](#assetmap) | Yes | Handle of the query operation, including the challenge value returned by [asset.preQuery](#assetprequery).| 659 660**Return value** 661 662| Type | Description | 663| ------------- | ----------------------- | 664| Promise\<void> | Promise that returns no value.| 665 666**Error codes** 667 668For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 669 670| ID| Error Message | 671| -------- | ---------------------------------------------------------- | 672| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 673| 24000001 | The ASSET service is unavailable. | 674| 24000006 | Insufficient memory. | 675| 24000010 | IPC failed. | 676| 24000011 | Calling the Bundle Manager service failed. | 677| 24000012 | Calling the OS Account service failed. | 678| 24000013 | Calling the Access Token service failed. | 679 680**Example** 681 682```typescript 683import { asset } from '@kit.AssetStoreKit'; 684import { BusinessError } from '@kit.BasicServicesKit'; 685 686let handle: asset.AssetMap = new Map(); 687// The new Uint8Array(32) is only an example. Pass in the challenge value returned by asset.preQuery. 688handle.set(asset.Tag.AUTH_CHALLENGE, new Uint8Array(32)); 689try { 690 asset.postQuery(handle).then(() => { 691 console.info(`Succeeded in post-querying Asset.`); 692 }).catch ((err: BusinessError) => { 693 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 694 }); 695} catch (error) { 696 let err = error as BusinessError; 697 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 698} 699``` 700 701## asset.postQuerySync<sup>12+</sup> 702 703postQuerySync(handle: AssetMap): void 704 705Performs postprocessing for the asset query. This API is used when user authentication is required for the access to the asset. This API must be used with [asset.preQuerySync](#assetprequerysync12) together. This API returns the result synchronously. 706 707**System capability**: SystemCapability.Security.Asset 708 709| Name| Type | Mandatory| Description | 710| ------ | -------- | ---- | ------------------------------------------------------------ | 711| handle | [AssetMap](#assetmap) | Yes | Handle of the query operation, including the challenge value returned by [asset.preQuerySync](#assetprequerysync12).| 712 713**Error codes** 714 715For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 716 717| ID| Error Message | 718| -------- | ---------------------------------------------------------- | 719| 401 | Parameter error. Possible causes: <br> 1. Mandatory parameters are left unspecified. <br> 2. Incorrect parameter types. <br> 3. Parameter verification failed. | 720| 24000001 | The ASSET service is unavailable. | 721| 24000006 | Insufficient memory. | 722| 24000010 | IPC failed. | 723| 24000011 | Calling the Bundle Manager service failed. | 724| 24000012 | Calling the OS Account service failed. | 725| 24000013 | Calling the Access Token service failed. | 726 727**Example** 728 729```typescript 730import { asset } from '@kit.AssetStoreKit'; 731import { BusinessError } from '@kit.BasicServicesKit'; 732 733let handle: asset.AssetMap = new Map(); 734// The new Uint8Array(32) is only an example. Pass in the challenge value returned by asset.preQuerySync. 735handle.set(asset.Tag.AUTH_CHALLENGE, new Uint8Array(32)); 736try { 737 asset.postQuerySync(handle) 738} catch (error) { 739 let err = error as BusinessError; 740 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 741} 742``` 743 744## TagType 745 746Enumerates the asset attribute types. 747 748**System capability**: SystemCapability.Security.Asset 749 750| Name | Value | Description | 751| ------ | ---------- | ---------------------------------------- | 752| BOOL | 0x01 << 28 | Boolean. | 753| NUMBER | 0x02 << 28 | Number. | 754| BYTES | 0x03 << 28 | Byte array.| 755 756## Tag 757 758Enumerate the keys of asset attributes ([AssetMap](#assetmap)), which are in key-value (KV) pairs. 759 760**System capability**: SystemCapability.Security.Asset 761 762> **NOTE** 763> 764> The following table lists all enums of **Tag**. The specific tags and the value range of tag values vary with the API you use. For details, see [Introduction to Asset Store Kit](../../security/AssetStoreKit/asset-store-kit-overview.md). 765 766| Name| Value | Description | 767| ------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | 768| SECRET | TagType.BYTES | 0x01 | Asset plaintext. | 769| ALIAS | TagType.BYTES | 0x02 | Asset alias, which uniquely identifies an asset. | 770| ACCESSIBILITY | TagType.NUMBER | 0x03 | Access control based on the lock screen status. | 771| REQUIRE_PASSWORD_SET | TagType.BOOL | 0x04 | Whether the asset is accessible only when a lock screen password is set. | 772| AUTH_TYPE | TagType.NUMBER | 0x05 | Type of user authentication required for accessing the asset. | 773| AUTH_VALIDITY_PERIOD | TagType.NUMBER | 0x06 | Validity period of the user authentication. | 774| AUTH_CHALLENGE | TagType.BYTES | 0x07 | Challenge for the user authentication. | 775| AUTH_TOKEN | TagType.BYTES | 0x08 | Authorization token obtained after the user authentication is successful. | 776| SYNC_TYPE | TagType.NUMBER | 0x10 | Type of sync supported by the asset. | 777| IS_PERSISTENT | TagType.BOOL | 0x11 | Whether to retain the asset when the application is uninstalled.| 778| DATA_LABEL_CRITICAL_1 | TagType.BYTES | 0x20 | Additional asset data customized by the service with integrity protection. | 779| DATA_LABEL_CRITICAL_2 | TagType.BYTES | 0x21 | Additional asset data customized by the service with integrity protection.| 780| DATA_LABEL_CRITICAL_3 | TagType.BYTES | 0x22 | Additional asset data customized by the service with integrity protection.| 781| DATA_LABEL_CRITICAL_4 | TagType.BYTES | 0x23 | Additional asset data customized by the service with integrity protection.| 782| DATA_LABEL_NORMAL_1 | TagType.BYTES | 0x30 | Additional data of the asset customized by the service without integrity protection. | 783| DATA_LABEL_NORMAL_2 | TagType.BYTES | 0x31 | Additional data of the asset customized by the service without integrity protection.| 784| DATA_LABEL_NORMAL_3 | TagType.BYTES | 0x32 | Additional data of the asset customized by the service without integrity protection.| 785| DATA_LABEL_NORMAL_4 | TagType.BYTES | 0x33 | Additional data of the asset customized by the service without integrity protection.| 786| DATA_LABEL_NORMAL_LOCAL_1<sup>12+</sup> | TagType.BYTES | 0x34 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced.| 787| DATA_LABEL_NORMAL_LOCAL_2<sup>12+</sup> | TagType.BYTES | 0x35 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced.| 788| DATA_LABEL_NORMAL_LOCAL_3<sup>12+</sup> | TagType.BYTES | 0x36 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced.| 789| DATA_LABEL_NORMAL_LOCAL_4<sup>12+</sup> | TagType.BYTES | 0x37 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced.| 790| RETURN_TYPE | TagType.NUMBER | 0x40 | Type of the asset query result to return. | 791| RETURN_LIMIT | TagType.NUMBER | 0x41 | Maximum number of asset records to return. | 792| RETURN_OFFSET | TagType.NUMBER | 0x42 | Offset of the asset query result.<br>**NOTE**: This parameter specifies the starting asset record to return in batch asset query. | 793| RETURN_ORDERED_BY | TagType.NUMBER | 0x43 | How the query results are sorted. Currently, the results can be sorted only by **DATA_LABEL**.<br>**NOTE**: By default, assets are returned in the order in which they are added.| 794| CONFLICT_RESOLUTION | TagType.NUMBER | 0x44 | Policy for resolving the conflict (for example, a duplicate alias). | 795| UPDATE_TIME<sup>12+</sup> | TagType.BYTES | 0x45 | Data update time, in timestamp.| 796| OPERATION_TYPE<sup>12+</sup> | TagType.NUMBER | 0x46 | Additional operation type.| 797 798## Value 799 800type Value = boolean | number | Uint8Array; 801 802Represents the value of each attribute in [AssetMap](#assetmap). 803 804**System capability**: SystemCapability.Security.Asset 805 806## AssetMap 807 808type AssetMap = Map\<Tag, Value> 809 810Represents a set of asset attributes in KV pairs. 811 812**System capability**: SystemCapability.Security.Asset 813 814## Accessibility 815 816Enumerates the types of access control based on the lock screen status. 817 818**System capability**: SystemCapability.Security.Asset 819 820| Name | Value | Description | 821| --------------------- | ---- | ------------------------------------------------------------ | 822| DEVICE_POWERED_ON | 0 | The asset can be accessed after the device is powered on. | 823| DEVICE_FIRST_UNLOCKED | 1 | The asset can be accessed only after the device is unlocked for the first time.<br>**NOTE**: If no lock screen password is set, this option is equivalent to **DEVICE_POWERED_ON**.| 824| DEVICE_UNLOCKED | 2 | The asset can be accessed only when the device is unlocked.<br>**NOTE**: If no lock screen password is set, this option is equivalent to **DEVICE_POWERED_ON**.| 825 826## AuthType 827 828Enumerates the types of user authentication supported by an asset. 829 830**System capability**: SystemCapability.Security.Asset 831 832| Name| Value | Description | 833| ---- | ---- | ------------------------------------------------------------ | 834| NONE | 0 | No user authentication is required before the asset is accessed. | 835| ANY | 255 | The asset can be accessed if any user authentication (such as PIN, facial, or fingerprint authentication) is successful.| 836 837## SyncType 838 839Enumerates the sync types supported by an asset. 840 841> **NOTE** 842> 843> This field is an embedded parameter. Currently, asset sync is not supported. 844 845**System capability**: SystemCapability.Security.Asset 846 847| Name | Value | Description | 848| ----------------------------- | ------ | ------------------------------------------------ | 849| NEVER | 0 | Asset sync is not allowed. | 850| THIS_DEVICE | 1 << 0 | Asset sync is allowed only on the local device, for example, in data restore on the local device.| 851| TRUSTED_DEVICE | 1 << 1 | Asset sync is allowed only between trusted devices, for example, in the case of cloning. | 852| TRUSTED_ACCOUNT<sup>12+</sup> | 1 << 2 | Asset sync is allowed only between the devices that are logged in with trusted accounts, for example, in cloud sync scenarios.| 853 854## ReturnType 855 856Enumerates the type of information returned by an asset query operation. 857 858**System capability**: SystemCapability.Security.Asset 859 860| Name | Value | Description | 861| ---------- | ---- | ------------------------------------------------------------ | 862| ALL | 0 | The query result contains the asset plaintext and its attributes.<br>**NOTE**: Use this option when you need to query the plaintext of a single asset.| 863| ATTRIBUTES | 1 | The query result contains only the asset attributes.<br>**NOTE**: Use this option when you need to query attributes of multiple assets.| 864 865## ConflictResolution 866 867Enumerates the policies for resolving conflicts (for example, a duplicate alias) when an asset is added. 868 869**System capability**: SystemCapability.Security.Asset 870 871| Name | Value | Description | 872| ----------- | ---- | ---------------------------- | 873| OVERWRITE | 0 | Overwrite the original asset. | 874| THROW_ERROR | 1 | Throw an exception for the service to perform subsequent processing.| 875 876## OperationType<sup>12+</sup> 877 878Enumerates the types of additional operation to perform. 879 880**System capability**: SystemCapability.Security.Asset 881 882| Name | Value | Description | 883| ----------- | ---- | ------------------ | 884| NEED_SYNC | 0 | Sync.| 885| NEED_LOGOUT | 1 | Logout.| 886 887## ErrorCode 888 889Enumerates the error codes. 890 891**System capability**: SystemCapability.Security.Asset 892 893| Name | Value | Description| 894| -------------------------- | ----- | ---- | 895| PERMISSION_DENIED | 201 |The caller does not have the permission.| 896| NOT_SYSTEM_APPLICATION<sup>12+</sup> | 202 |The caller is not a system application.| 897| INVALID_ARGUMENT | 401 |Incorrect parameters are detected.| 898| SERVICE_UNAVAILABLE | 24000001 |The asset store service is unavailable.| 899| NOT_FOUND | 24000002 |Failed to find the asset.| 900| DUPLICATED | 24000003 |The specified asset already exists.| 901| ACCESS_DENIED | 24000004 |The access to the asset is denied.| 902| STATUS_MISMATCH | 24000005 |The screen lock status does not match.| 903| OUT_OF_MEMORY | 24000006 |The system memory is insufficient.| 904| DATA_CORRUPTED | 24000007 |The asset is corrupted.| 905| DATABASE_ERROR | 24000008 |The database operation failed.| 906| CRYPTO_ERROR | 24000009 |The crypto operation failed.| 907| IPC_ERROR | 24000010 |IPC failed.| 908| BMS_ERROR | 24000011 |The Bundle Manager service is abnormal.| 909| ACCOUNT_ERROR | 24000012 |The account service is abnormal.| 910| ACCESS_TOKEN_ERROR | 24000013 |The Access Token service is abnormal.| 911| FILE_OPERATION_ERROR | 24000014 |The file operation failed.| 912| GET_SYSTEM_TIME_ERROR | 24000015 |Failed to obtain the system time.| 913| LIMIT_EXCEEDED | 24000016 |The number of cached records exceeds the upper limit.| 914| UNSUPPORTED | 24000017 |The feature is not supported.| 915