1# @ohos.security.asset (Asset Store Service) 2 3The asset store service (ASSET) provides secure storage and management of sensitive data less than 1024 bytes in size, including passwords, app tokens, and other critical data (such as bank card numbers). 4 5> **NOTE** 6> 7> The initial APIs of this module are supported since API version 11. Newly added APIs will be marked with a superscript to indicate their earliest API version. 8 9## Modules to Import 10 11```typescript 12import { asset } from '@kit.AssetStoreKit'; 13``` 14 15## asset.add 16 17add(attributes: AssetMap): Promise\<void> 18 19Add an asset. This API uses a promise to return the result. 20 21**System capability**: SystemCapability.Security.Asset 22 23| Name | Type | Mandatory | Description | 24| ---------- | -------- | ---- | ------------------------------------------------------------ | 25| attributes | [AssetMap](#assetmap) | Yes | Attributes of the asset to add, including the asset plaintext, access control attributes, and custom data. | 26 27**Return value** 28 29| Type | Description | 30| ------------- | ----------------------- | 31| Promise\<void> | Promise that returns no value. | 32 33**Error codes** 34 35For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 36 37| ID | Error Message | 38| -------- | ---------------------------------------------------------- | 39| 201 | The caller doesn't have the permission. | 40| 401 | The argument is invalid. | 41| 24000001 | The ASSET service is unavailable. | 42| 24000003 | The asset already exists. | 43| 24000005 | The screen lock status does not match. | 44| 24000006 | Insufficient memory. | 45| 24000007 | The asset is corrupted. | 46| 24000008 | The database operation failed. | 47| 24000009 | The cryptography operation failed. | 48| 24000010 | IPC failed. | 49| 24000011 | Calling the Bundle Manager service failed. | 50| 24000012 | Calling the OS Account service failed. | 51| 24000013 | Calling the Access Token service failed. | 52| 24000014 | The file operation failed. | 53| 24000015 | Getting the system time failed. | 54 55**Example** 56 57```typescript 58import { asset } from '@kit.AssetStoreKit'; 59import { util } from '@kit.ArkTS'; 60import { BusinessError } from '@kit.BasicServicesKit'; 61 62function stringToArray(str: string): Uint8Array { 63 let textEncoder = new util.TextEncoder(); 64 return textEncoder.encodeInto(str); 65} 66 67let attr: asset.AssetMap = new Map(); 68attr.set(asset.Tag.SECRET, stringToArray('demo_pwd')); 69attr.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 70attr.set(asset.Tag.ACCESSIBILITY, asset.Accessibility.DEVICE_FIRST_UNLOCKED); 71attr.set(asset.Tag.DATA_LABEL_NORMAL_1, stringToArray('demo_label')); 72try { 73 asset.add(attr).then(() => { 74 console.info(`Asset added successfully.`); 75 }).catch((err: BusinessError) => { 76 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 77 }) 78} catch (error) { 79 let err = error as BusinessError; 80 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 81} 82``` 83 84## asset.addSync<sup>12+</sup> 85 86addSync(attributes: AssetMap): void 87 88Add an asset. This API returns the result synchronously. 89 90**System capability**: SystemCapability.Security.Asset 91 92| Name | Type | Mandatory | Description | 93| ---------- | -------- | ---- | ------------------------------------------------------------ | 94| attributes | [AssetMap](#assetmap) | Yes | Attributes of the asset to add, including the asset plaintext, access control attributes, and custom data. | 95 96**Error codes** 97 98For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 99 100| ID | Error Message | 101| -------- | ---------------------------------------------------------- | 102| 201 | The caller doesn't have the permission. | 103| 401 | The argument is invalid. | 104| 24000001 | The ASSET service is unavailable. | 105| 24000003 | The asset already exists. | 106| 24000005 | The screen lock status does not match. | 107| 24000006 | Insufficient memory. | 108| 24000007 | The asset is corrupted. | 109| 24000008 | The database operation failed. | 110| 24000009 | The cryptography operation failed. | 111| 24000010 | IPC failed. | 112| 24000011 | Calling the Bundle Manager service failed. | 113| 24000012 | Calling the OS Account service failed. | 114| 24000013 | Calling the Access Token service failed. | 115| 24000014 | The file operation failed. | 116| 24000015 | Getting the system time failed. | 117 118**Example** 119 120```typescript 121import { asset } from '@kit.AssetStoreKit'; 122import { util } from '@kit.ArkTS'; 123import { BusinessError } from '@kit.BasicServicesKit'; 124 125function stringToArray(str: string): Uint8Array { 126 let textEncoder = new util.TextEncoder(); 127 return textEncoder.encodeInto(str); 128} 129 130let attr: asset.AssetMap = new Map(); 131attr.set(asset.Tag.SECRET, stringToArray('demo_pwd')); 132attr.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 133attr.set(asset.Tag.ACCESSIBILITY, asset.Accessibility.DEVICE_FIRST_UNLOCKED); 134attr.set(asset.Tag.DATA_LABEL_NORMAL_1, stringToArray('demo_label')); 135try { 136 asset.addSync(attr); 137} catch (error) { 138 let err = error as BusinessError; 139 console.error(`Failed to add Asset. Code is ${err.code}, message is ${err.message}`); 140} 141``` 142 143## asset.remove 144 145remove(query: AssetMap): Promise\<void> 146 147Removes one or more assets. This API uses a promise to return the result. 148 149**System capability**: SystemCapability.Security.Asset 150 151| Name | Type | Mandatory | Description | 152| ------ | -------- | ---- | ------------------------------------------------------ | 153| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to remove, such as the asset alias, access control attributes, and custom data. | 154 155**Return value** 156 157| Type | Description | 158| ------------- | ----------------------- | 159| Promise\<void> | Promise that returns no value. | 160 161**Error codes** 162 163For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 164 165| ID | Error Message | 166| -------- | ---------------------------------------------------------- | 167| 401 | The argument is invalid. | 168| 24000001 | The ASSET service is unavailable. | 169| 24000002 | The asset is not found. | 170| 24000006 | Insufficient memory. | 171| 24000007 | The asset is corrupted. | 172| 24000008 | The database operation failed. | 173| 24000010 | IPC failed. | 174| 24000011 | Calling the Bundle Manager service failed. | 175| 24000012 | Calling the OS Account service failed. | 176| 24000013 | Calling the Access Token service failed. | 177| 24000015 | Getting the system time failed. | 178 179**Example** 180 181```typescript 182import { asset } from '@kit.AssetStoreKit'; 183import { util } from '@kit.ArkTS'; 184import { BusinessError } from '@kit.BasicServicesKit'; 185 186function stringToArray(str: string): Uint8Array { 187 let textEncoder = new util.TextEncoder(); 188 return textEncoder.encodeInto(str); 189} 190 191let query: asset.AssetMap = new Map(); 192query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 193try { 194 asset.remove(query).then(() => { 195 console.info(`Asset removed successfully.`); 196 }).catch((err: BusinessError) => { 197 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 198 }); 199} catch (error) { 200 let err = error as BusinessError; 201 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 202} 203``` 204 205## asset.removeSync<sup>12+</sup> 206 207removeSync(query: AssetMap): void 208 209Removes one or more assets. This API returns the result synchronously. 210 211**System capability**: SystemCapability.Security.Asset 212 213| Name | Type | Mandatory | Description | 214| ------ | -------- | ---- | ------------------------------------------------------ | 215| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to remove, such as the asset alias, access control attributes, and custom data. | 216 217**Error codes** 218 219For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 220 221| ID | Error Message | 222| -------- | ---------------------------------------------------------- | 223| 401 | The argument is invalid. | 224| 24000001 | The ASSET service is unavailable. | 225| 24000002 | The asset is not found. | 226| 24000006 | Insufficient memory. | 227| 24000007 | The asset is corrupted. | 228| 24000008 | The database operation failed. | 229| 24000010 | IPC failed. | 230| 24000011 | Calling the Bundle Manager service failed. | 231| 24000012 | Calling the OS Account service failed. | 232| 24000013 | Calling the Access Token service failed. | 233| 24000015 | Getting the system time failed. | 234 235**Example** 236 237```typescript 238import { asset } from '@kit.AssetStoreKit'; 239import { util } from '@kit.ArkTS'; 240import { BusinessError } from '@kit.BasicServicesKit'; 241 242function stringToArray(str: string): Uint8Array { 243 let textEncoder = new util.TextEncoder(); 244 return textEncoder.encodeInto(str); 245} 246 247let query: asset.AssetMap = new Map(); 248query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 249try { 250 asset.removeSync(query); 251} catch (error) { 252 let err = error as BusinessError; 253 console.error(`Failed to remove Asset. Code is ${err.code}, message is ${err.message}`); 254} 255``` 256 257## asset.update 258 259update(query: AssetMap, attributesToUpdate: AssetMap): Promise\<void> 260 261Updates an asset. This API uses a promise to return the result. 262 263**System capability**: SystemCapability.Security.Asset 264 265| Name | Type | Mandatory | Description | 266| ------------------ | -------- | ---- | ------------------------------------------------------------ | 267| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to update, such as the asset alias, access control attributes, and custom data. | 268| attributesToUpdate | [AssetMap](#assetmap) | Yes | New attributes of the asset, such as the asset plaintext and custom data. | 269 270**Return value** 271 272| Type | Description | 273| ------------- | ----------------------- | 274| Promise\<void> | Promise that returns no value. | 275 276**Error codes** 277 278For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 279 280| ID | Error Message | 281| -------- | ---------------------------------------------------------- | 282| 401 | The argument is invalid. | 283| 24000001 | The ASSET service is unavailable. | 284| 24000002 | The asset is not found. | 285| 24000005 | The screen lock status does not match. | 286| 24000006 | Insufficient memory. | 287| 24000007 | The asset is corrupted. | 288| 24000008 | The database operation failed. | 289| 24000009 | The cryptography operation failed. | 290| 24000010 | IPC failed. | 291| 24000011 | Calling the Bundle Manager service failed. | 292| 24000012 | Calling the OS Account service failed. | 293| 24000013 | Calling the Access Token service failed. | 294| 24000015 | Getting the system time failed. | 295 296**Example** 297 298```typescript 299import { asset } from '@kit.AssetStoreKit'; 300import { util } from '@kit.ArkTS'; 301import { BusinessError } from '@kit.BasicServicesKit'; 302 303function stringToArray(str: string): Uint8Array { 304 let textEncoder = new util.TextEncoder(); 305 return textEncoder.encodeInto(str); 306} 307 308let query: asset.AssetMap = new Map(); 309query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 310let attrsToUpdate: asset.AssetMap = new Map(); 311attrsToUpdate.set(asset.Tag.SECRET, stringToArray('demo_pwd_new')); 312try { 313 asset.update(query, attrsToUpdate).then(() => { 314 console.info(`Asset updated successfully.`); 315 }).catch((err: BusinessError) => { 316 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 317 }); 318} catch (error) { 319 let err = error as BusinessError; 320 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 321} 322``` 323 324## asset.updateSync<sup>12+</sup> 325 326updateSync(query: AssetMap, attributesToUpdate: AssetMap): void 327 328Updates an asset. This API returns the result synchronously. 329 330**System capability**: SystemCapability.Security.Asset 331 332| Name | Type | Mandatory | Description | 333| ------------------ | -------- | ---- | ------------------------------------------------------------ | 334| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to update, such as the asset alias, access control attributes, and custom data. | 335| attributesToUpdate | [AssetMap](#assetmap) | Yes | New attributes of the asset, such as the asset plaintext and custom data. | 336 337**Error codes** 338 339For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 340 341| ID | Error Message | 342| -------- | ---------------------------------------------------------- | 343| 401 | The argument is invalid. | 344| 24000001 | The ASSET service is unavailable. | 345| 24000002 | The asset is not found. | 346| 24000005 | The screen lock status does not match. | 347| 24000006 | Insufficient memory. | 348| 24000007 | The asset is corrupted. | 349| 24000008 | The database operation failed. | 350| 24000009 | The cryptography operation failed. | 351| 24000010 | IPC failed. | 352| 24000011 | Calling the Bundle Manager service failed. | 353| 24000012 | Calling the OS Account service failed. | 354| 24000013 | Calling the Access Token service failed. | 355| 24000015 | Getting the system time failed. | 356 357**Example** 358 359```typescript 360import { asset } from '@kit.AssetStoreKit'; 361import { util } from '@kit.ArkTS'; 362import { BusinessError } from '@kit.BasicServicesKit'; 363 364function stringToArray(str: string): Uint8Array { 365 let textEncoder = new util.TextEncoder(); 366 return textEncoder.encodeInto(str); 367} 368 369let query: asset.AssetMap = new Map(); 370query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 371let attrsToUpdate: asset.AssetMap = new Map(); 372attrsToUpdate.set(asset.Tag.SECRET, stringToArray('demo_pwd_new')); 373try { 374 asset.updateSync(query, attrsToUpdate); 375} catch (error) { 376 let err = error as BusinessError; 377 console.error(`Failed to update Asset. Code is ${err.code}, message is ${err.message}`); 378} 379``` 380 381## asset.preQuery 382 383preQuery(query: AssetMap): Promise\<Uint8Array> 384 385Performs preprocessing for the asset query. This API is used when user authentication is required for the access to the asset. After the user authentication is successful, call [asset.query](#assetquery) and [asset.postQuery](#assetpostquery). This API uses a promise to return the result. 386 387**System capability**: SystemCapability.Security.Asset 388 389| Name | Type | Mandatory | Description | 390| ------ | -------- | ---- | ------------------------------------------------------ | 391| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 392 393**Return value** 394 395| Type | Description | 396| ------------------- | ----------------------------------------------------- | 397| Promise\<Uint8Array> | Promise used to return a challenge value.<br>**NOTE**: The challenge value is used for subsequent user authentication. | 398 399**Error codes** 400 401For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 402 403| ID | Error Message | 404| -------- | ------------------------------------------------------------ | 405| 401 | The argument is invalid. | 406| 24000001 | The ASSET service is unavailable. | 407| 24000002 | The asset is not found. | 408| 24000005 | The screen lock status does not match. | 409| 24000006 | Insufficient memory. | 410| 24000007 | The asset is corrupted. | 411| 24000008 | The database operation failed. | 412| 24000009 | The cryptography operation failed. | 413| 24000010 | IPC failed. | 414| 24000011 | Calling the Bundle Manager service failed. | 415| 24000012 | Calling the OS Account service failed. | 416| 24000013 | Calling the Access Token service failed. | 417| 24000016 | The cache exceeds the limit. | 418| 24000017 | The capability is not supported. | 419 420**Example** 421 422```typescript 423import { asset } from '@kit.AssetStoreKit'; 424import { util } from '@kit.ArkTS'; 425import { BusinessError } from '@kit.BasicServicesKit'; 426 427function stringToArray(str: string): Uint8Array { 428 let textEncoder = new util.TextEncoder(); 429 return textEncoder.encodeInto(str); 430} 431 432let query: asset.AssetMap = new Map(); 433query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 434try { 435 asset.preQuery(query).then((challenge: Uint8Array) => { 436 console.info(`Succeeded in pre-querying Asset.`); 437 }).catch ((err: BusinessError) => { 438 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 439 }); 440} catch (error) { 441 let err = error as BusinessError; 442 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 443} 444``` 445 446## asset.preQuerySync<sup>12+</sup> 447 448preQuerySync(query: AssetMap): Uint8Array 449 450Performs preprocessing for the asset query. This API is used when user authentication is required for the access to the asset. After the user authentication is successful, call [asset.querySync](#assetquerysync12) and [asset.postQuerySync](#assetpostquerysync12). This API returns the result synchronously. 451 452**System capability**: SystemCapability.Security.Asset 453 454| Name | Type | Mandatory | Description | 455| ------ | -------- | ---- | ------------------------------------------------------ | 456| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 457 458**Return value** 459 460| Type | Description | 461| ------------------- | ----------------------------------------------------- | 462| Uint8Array | Challenge value.<br>**NOTE**: The challenge value is used for subsequent user authentication. | 463 464**Error codes** 465 466For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 467 468| ID | Error Message | 469| -------- | ------------------------------------------------------------ | 470| 401 | The argument is invalid. | 471| 24000001 | The ASSET service is unavailable. | 472| 24000002 | The asset is not found. | 473| 24000005 | The screen lock status does not match. | 474| 24000006 | Insufficient memory. | 475| 24000007 | The asset is corrupted. | 476| 24000008 | The database operation failed. | 477| 24000009 | The cryptography operation failed. | 478| 24000010 | IPC failed. | 479| 24000011 | Calling the Bundle Manager service failed. | 480| 24000012 | Calling the OS Account service failed. | 481| 24000013 | Calling the Access Token service failed. | 482| 24000016 | The cache exceeds the limit. | 483| 24000017 | The capability is not supported. | 484 485**Example** 486 487```typescript 488import { asset } from '@kit.AssetStoreKit'; 489import { util } from '@kit.ArkTS'; 490import { BusinessError } from '@kit.BasicServicesKit'; 491 492function stringToArray(str: string): Uint8Array { 493 let textEncoder = new util.TextEncoder(); 494 return textEncoder.encodeInto(str); 495} 496 497let query: asset.AssetMap = new Map(); 498query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 499try { 500 let challenge: Uint8Array = asset.preQuerySync(query); 501} catch (error) { 502 let err = error as BusinessError; 503 console.error(`Failed to pre-query Asset. Code is ${err.code}, message is ${err.message}`); 504} 505``` 506 507## asset.query 508 509query(query: AssetMap): Promise\<Array\<AssetMap>> 510 511Queries one or more assets. If user authentication is required for the access to the asset, call [asset.preQuery](#assetprequery) before this API and call [asset.postQuery](#assetpostquery) after this API. For details about the development procedure, see [Querying an Asset with User Authentication](../../security/AssetStoreKit/asset-js-query-auth.md). This API uses a promise to return the result. 512 513**System capability**: SystemCapability.Security.Asset 514 515| Name | Type | Mandatory | Description | 516| -------- | ------------------------------- | ---- | ------------------------------------------------------------ | 517| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 518 519**Return value** 520 521| Type | Description | 522| ------------------------ | ------------------------------------- | 523| Promise\<Array\<AssetMap>> | Promise used to return the result obtained. | 524 525**Error codes** 526 527For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 528 529| ID | Error Message | 530| -------- | ---------------------------------------------------------- | 531| 401 | The argument is invalid. | 532| 24000001 | The ASSET service is unavailable. | 533| 24000002 | The asset is not found. | 534| 24000004 | Access to the asset is denied. | 535| 24000005 | The screen lock status does not match. | 536| 24000006 | Insufficient memory. | 537| 24000007 | The asset is corrupted. | 538| 24000008 | The database operation failed. | 539| 24000009 | The cryptography operation failed. | 540| 24000010 | IPC failed. | 541| 24000011 | Calling the Bundle Manager service failed. | 542| 24000012 | Calling the OS Account service failed. | 543| 24000013 | Calling the Access Token service failed. | 544| 24000017 | The capability is not supported. | 545 546**Example** 547 548```typescript 549import { asset } from '@kit.AssetStoreKit'; 550import { util } from '@kit.ArkTS'; 551import { BusinessError } from '@kit.BasicServicesKit'; 552 553function stringToArray(str: string): Uint8Array { 554 let textEncoder = new util.TextEncoder(); 555 return textEncoder.encodeInto(str); 556} 557 558let query: asset.AssetMap = new Map(); 559query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 560try { 561 asset.query(query).then((res: Array<asset.AssetMap>) => { 562 for (let i = 0; i < res.length; i++) { 563 // parse the attribute. 564 let accessibility: number = res[i].get(asset.Tag.ACCESSIBILITY) as number; 565 } 566 console.info(`Asset query succeeded.`); 567 }).catch ((err: BusinessError) => { 568 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 569 }); 570} catch (error) { 571 let err = error as BusinessError; 572 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 573} 574``` 575 576## asset.querySync<sup>12+</sup> 577 578querySync(query: AssetMap): Array\<AssetMap> 579 580Queries one or more assets. If user authentication is required for the access to the asset, call [asset.preQuerySync](#assetprequerysync12) before this API and call [asset.postQuerySync](#assetpostquerysync12) after this API. For details about the development procedure, see [Querying an Asset with User Authentication](../../security/AssetStoreKit/asset-js-query-auth.md). This API returns the result synchronously. 581 582**System capability**: SystemCapability.Security.Asset 583 584| Name | Type | Mandatory | Description | 585| -------- | ------------------------------- | ---- | ------------------------------------------------------------ | 586| query | [AssetMap](#assetmap) | Yes | Attributes of the asset to query, such as the asset alias, access control attributes, and custom data. | 587 588**Return value** 589 590| Type | Description | 591| ------------------------ | ------------------------------------- | 592| Array\<AssetMap> | Array of query results. | 593 594**Error codes** 595 596For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 597 598| ID | Error Message | 599| -------- | ---------------------------------------------------------- | 600| 401 | The argument is invalid. | 601| 24000001 | The ASSET service is unavailable. | 602| 24000002 | The asset is not found. | 603| 24000004 | Access to the asset is denied. | 604| 24000005 | The screen lock status does not match. | 605| 24000006 | Insufficient memory. | 606| 24000007 | The asset is corrupted. | 607| 24000008 | The database operation failed. | 608| 24000009 | The cryptography operation failed. | 609| 24000010 | IPC failed. | 610| 24000011 | Calling the Bundle Manager service failed. | 611| 24000012 | Calling the OS Account service failed. | 612| 24000013 | Calling the Access Token service failed. | 613| 24000017 | The capability is not supported. | 614 615**Example** 616 617```typescript 618import { asset } from '@kit.AssetStoreKit'; 619import { util } from '@kit.ArkTS'; 620import { BusinessError } from '@kit.BasicServicesKit'; 621 622function stringToArray(str: string): Uint8Array { 623 let textEncoder = new util.TextEncoder(); 624 return textEncoder.encodeInto(str); 625} 626 627let query: asset.AssetMap = new Map(); 628query.set(asset.Tag.ALIAS, stringToArray('demo_alias')); 629try { 630 let res: Array<asset.AssetMap> = asset.querySync(query); 631 let accessibility: number; 632 for (let i = 0; i < res.length; i++) { 633 // parse the attribute. 634 if (res[i] != null) { 635 accessibility = res[i].get(asset.Tag.ACCESSIBILITY) as number; 636 } 637 } 638} catch (error) { 639 let err = error as BusinessError; 640 console.error(`Failed to query Asset. Code is ${err.code}, message is ${err.message}`); 641} 642``` 643 644## asset.postQuery 645 646postQuery(handle: AssetMap): Promise\<void> 647 648Performs postprocessing for the asset query. This API is used when user authentication is required for the access to the asset. This API must be used with [asset.preQuery](#assetprequery) together. This API uses a promise to return the result. 649 650**System capability**: SystemCapability.Security.Asset 651 652| Name | Type | Mandatory | Description | 653| ------ | -------- | ---- | ------------------------------------------------------------ | 654| handle | [AssetMap](#assetmap) | Yes | Handle of the query operation, including the challenge value returned by [asset.preQuery](#assetprequery). | 655 656**Return value** 657 658| Type | Description | 659| ------------- | ----------------------- | 660| Promise\<void> | Promise that returns no value. | 661 662**Error codes** 663 664For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 665 666| ID | Error Message | 667| -------- | ---------------------------------------------------------- | 668| 401 | The argument is invalid. | 669| 24000001 | The ASSET service is unavailable. | 670| 24000006 | Insufficient memory. | 671| 24000010 | IPC failed. | 672| 24000011 | Calling the Bundle Manager service failed. | 673| 24000012 | Calling the OS Account service failed. | 674| 24000013 | Calling the Access Token service failed. | 675 676**Example** 677 678```typescript 679import { asset } from '@kit.AssetStoreKit'; 680import { BusinessError } from '@kit.BasicServicesKit'; 681 682let handle: asset.AssetMap = new Map(); 683// The new Uint8Array(32) is only an example. Pass in the challenge value returned by asset.preQuery. 684handle.set(asset.Tag.AUTH_CHALLENGE, new Uint8Array(32)); 685try { 686 asset.postQuery(handle).then(() => { 687 console.info(`Succeeded in post-querying Asset.`); 688 }).catch ((err: BusinessError) => { 689 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 690 }); 691} catch (error) { 692 let err = error as BusinessError; 693 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 694} 695``` 696 697## asset.postQuerySync<sup>12+</sup> 698 699postQuerySync(handle: AssetMap): void 700 701Performs postprocessing for the asset query. This API is used when user authentication is required for the access to the asset. This API must be used with [asset.preQuerySync](#assetprequerysync12) together. This API returns the result synchronously. 702 703**System capability**: SystemCapability.Security.Asset 704 705| Name | Type | Mandatory | Description | 706| ------ | -------- | ---- | ------------------------------------------------------------ | 707| handle | [AssetMap](#assetmap) | Yes | Handle of the query operation, including the challenge value returned by [asset.preQuerySync](#assetprequerysync12). | 708 709**Error codes** 710 711For details about the error codes, see [Asset Store Service Error Codes](errorcode-asset.md). 712 713| ID | Error Message | 714| -------- | ---------------------------------------------------------- | 715| 401 | The argument is invalid. | 716| 24000001 | The ASSET service is unavailable. | 717| 24000006 | Insufficient memory. | 718| 24000010 | IPC failed. | 719| 24000011 | Calling the Bundle Manager service failed. | 720| 24000012 | Calling the OS Account service failed. | 721| 24000013 | Calling the Access Token service failed. | 722 723**Example** 724 725```typescript 726import { asset } from '@kit.AssetStoreKit'; 727import { BusinessError } from '@kit.BasicServicesKit'; 728 729let handle: asset.AssetMap = new Map(); 730// The new Uint8Array(32) is only an example. Pass in the challenge value returned by asset.preQuerySync. 731handle.set(asset.Tag.AUTH_CHALLENGE, new Uint8Array(32)); 732try { 733 asset.postQuerySync(handle) 734} catch (error) { 735 let err = error as BusinessError; 736 console.error(`Failed to post-query Asset. Code is ${err.code}, message is ${err.message}`); 737} 738``` 739 740## TagType 741 742Enumerates the asset attribute types. 743 744**System capability**: SystemCapability.Security.Asset 745 746| Name | Value | Description | 747| ------ | ---------- | ---------------------------------------- | 748| BOOL | 0x01 << 28 | Boolean. | 749| NUMBER | 0x02 << 28 | Number. | 750| BYTES | 0x03 << 28 | Byte array. | 751 752## Tag 753 754Enumerate the keys of asset attributes ([AssetMap](#assetmap)), which are in key-value (KV) pairs. 755 756**System capability**: SystemCapability.Security.Asset 757 758> **NOTE** 759> 760> The following table lists all enums of **Tag**. The specific tags and the value range of tag values vary with the API you use. For details, see [Introduction to Asset Store Kit](../../security/AssetStoreKit/asset-store-kit-overview.md). 761 762| Name | Value | Description | 763| ------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | 764| SECRET | TagType.BYTES | 0x01 | Asset plaintext. | 765| ALIAS | TagType.BYTES | 0x02 | Asset alias, which uniquely identifies an asset. | 766| ACCESSIBILITY | TagType.NUMBER | 0x03 | Access control based on the lock screen status. | 767| REQUIRE_PASSWORD_SET | TagType.BOOL | 0x04 | Whether the asset is accessible only when a lock screen password is set. | 768| AUTH_TYPE | TagType.NUMBER | 0x05 | Type of user authentication required for accessing the asset. | 769| AUTH_VALIDITY_PERIOD | TagType.NUMBER | 0x06 | Validity period of the user authentication. | 770| AUTH_CHALLENGE | TagType.BYTES | 0x07 | Challenge for the user authentication. | 771| AUTH_TOKEN | TagType.BYTES | 0x08 | Authorization token obtained after the user authentication is successful. | 772| SYNC_TYPE | TagType.NUMBER | 0x10 | Type of sync supported by the asset. | 773| IS_PERSISTENT | TagType.BOOL | 0x11 | Whether to retain the asset when the application is uninstalled.<br>**Required permissions**: ohos.permission.STORE_PERSISTENT_DATA<br>**NOTE**: This parameter is used only in [asset.add](#assetadd) or [asset.addSync](#assetaddsync12), and permission verification is required when this parameter is passed in. | 774| DATA_LABEL_CRITICAL_1 | TagType.BYTES | 0x20 | Additional asset data customized by the service with integrity protection. | 775| DATA_LABEL_CRITICAL_2 | TagType.BYTES | 0x21 | Additional asset data customized by the service with integrity protection. | 776| DATA_LABEL_CRITICAL_3 | TagType.BYTES | 0x22 | Additional asset data customized by the service with integrity protection. | 777| DATA_LABEL_CRITICAL_4 | TagType.BYTES | 0x23 | Additional asset data customized by the service with integrity protection. | 778| DATA_LABEL_NORMAL_1 | TagType.BYTES | 0x30 | Additional data of the asset customized by the service without integrity protection. | 779| DATA_LABEL_NORMAL_2 | TagType.BYTES | 0x31 | Additional data of the asset customized by the service without integrity protection. | 780| DATA_LABEL_NORMAL_3 | TagType.BYTES | 0x32 | Additional data of the asset customized by the service without integrity protection. | 781| DATA_LABEL_NORMAL_4 | TagType.BYTES | 0x33 | Additional data of the asset customized by the service without integrity protection. | 782| DATA_LABEL_NORMAL_LOCAL_1<sup>12+</sup> | TagType.BYTES | 0x34 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced. | 783| DATA_LABEL_NORMAL_LOCAL_2<sup>12+</sup> | TagType.BYTES | 0x35 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced. | 784| DATA_LABEL_NORMAL_LOCAL_3<sup>12+</sup> | TagType.BYTES | 0x36 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced. | 785| DATA_LABEL_NORMAL_LOCAL_4<sup>12+</sup> | TagType.BYTES | 0x37 | Local information about the asset. The value is assigned by the service without integrity protection and will not be synced. | 786| RETURN_TYPE | TagType.NUMBER | 0x40 | Type of the asset query result to return. | 787| RETURN_LIMIT | TagType.NUMBER | 0x41 | Maximum number of asset records to return. | 788| RETURN_OFFSET | TagType.NUMBER | 0x42 | Offset of the asset query result.<br>**NOTE**: This parameter specifies the starting asset record to return in batch asset query. | 789| RETURN_ORDERED_BY | TagType.NUMBER | 0x43 | How the query results are sorted. Currently, the results can be sorted only by **DATA_LABEL**.<br>**NOTE**: By default, assets are returned in the order in which they are added. | 790| CONFLICT_RESOLUTION | TagType.NUMBER | 0x44 | Policy for resolving the conflict (for example, a duplicate alias). | 791| UPDATE_TIME<sup>12+</sup> | TagType.BYTES | 0x45 | Data update time, in timestamp. | 792| OPERATION_TYPE<sup>12+</sup> | TagType.NUMBER | 0x46 | Additional operation type. | 793 794## Value 795 796type Value = boolean | number | Uint8Array; 797 798Represents the value of each attribute in [AssetMap](#assetmap). 799 800**System capability**: SystemCapability.Security.Asset 801 802## AssetMap 803 804type AssetMap = Map\<Tag, Value> 805 806Represents a set of asset attributes in KV pairs. 807 808**System capability**: SystemCapability.Security.Asset 809 810## Accessibility 811 812Enumerates the types of access control based on the lock screen status. 813 814**System capability**: SystemCapability.Security.Asset 815 816| Name | Value | Description | 817| --------------------- | ---- | ------------------------------------------------------------ | 818| DEVICE_POWERED_ON | 0 | The asset can be accessed after the device is powered on. | 819| DEVICE_FIRST_UNLOCKED | 1 | The asset can be accessed only after the device is unlocked for the first time.<br>**NOTE**: If no lock screen password is set, this option is equivalent to **DEVICE_POWERED_ON**. | 820| DEVICE_UNLOCKED | 2 | The asset can be accessed only when the device is unlocked.<br>**NOTE**: If no lock screen password is set, this option is equivalent to **DEVICE_POWERED_ON**. | 821 822## AuthType 823 824Enumerates the types of user authentication supported by an asset. 825 826**System capability**: SystemCapability.Security.Asset 827 828| Name | Value | Description | 829| ---- | ---- | ------------------------------------------------------------ | 830| NONE | 0 | No user authentication is required before the asset is accessed. | 831| ANY | 255 | The asset can be accessed if any user authentication (such as PIN, facial, or fingerprint authentication) is successful. | 832 833## SyncType 834 835Enumerates the sync types supported by an asset. 836 837> **NOTE** 838> 839> This field is an embedded parameter. Currently, asset sync is not supported. 840 841**System capability**: SystemCapability.Security.Asset 842 843| Name | Value | Description | 844| ----------------------------- | ------ | ------------------------------------------------ | 845| NEVER | 0 | Asset sync is not allowed. | 846| THIS_DEVICE | 1 << 0 | Asset sync is allowed only on the local device, for example, in data restore on the local device. | 847| TRUSTED_DEVICE | 1 << 1 | Asset sync is allowed only between trusted devices, for example, in the case of cloning. | 848| TRUSTED_ACCOUNT<sup>12+</sup> | 1 << 2 | Asset sync is allowed only between the devices that are logged in with trusted accounts, for example, in cloud sync scenarios. | 849 850## ReturnType 851 852Enumerates the type of information returned by an asset query operation. 853 854**System capability**: SystemCapability.Security.Asset 855 856| Name | Value | Description | 857| ---------- | ---- | ------------------------------------------------------------ | 858| ALL | 0 | The query result contains the asset plaintext and its attributes.<br>**NOTE**: Use this option when you need to query the plaintext of a single asset. | 859| ATTRIBUTES | 1 | The query result contains only the asset attributes.<br>**NOTE**: Use this option when you need to query attributes of multiple assets. | 860 861## ConflictResolution 862 863Enumerates the policies for resolving conflicts (for example, a duplicate alias) when an asset is added. 864 865**System capability**: SystemCapability.Security.Asset 866 867| Name | Value | Description | 868| ----------- | ---- | ---------------------------- | 869| OVERWRITE | 0 | Overwrite the original asset. | 870| THROW_ERROR | 1 | Throw an exception for the service to perform subsequent processing. | 871 872## OperationType<sup>12+</sup> 873 874Enumerates the types of additional operation to perform. 875 876**System capability**: SystemCapability.Security.Asset 877 878| Name | Value | Description | 879| ----------- | ---- | ------------------ | 880| NEED_SYNC | 0 | Sync. | 881| NEED_LOGOUT | 1 | Logout. | 882 883## ErrorCode 884 885Enumerates the error codes. 886 887**System capability**: SystemCapability.Security.Asset 888 889| Name | Value | Description | 890| -------------------------- | ----- | ---- | 891| PERMISSION_DENIED | 201 |The caller does not have the permission.| 892| NOT_SYSTEM_APPLICATION<sup>12+</sup> | 202 |The caller is not a system application.| 893| INVALID_ARGUMENT | 401 |Incorrect parameters are detected.| 894| SERVICE_UNAVAILABLE | 24000001 |The asset store service is unavailable.| 895| NOT_FOUND | 24000002 |Failed to find the asset.| 896| DUPLICATED | 24000003 |The specified asset already exists.| 897| ACCESS_DENIED | 24000004 |The access to the asset is denied.| 898| STATUS_MISMATCH | 24000005 |The screen lock status does not match.| 899| OUT_OF_MEMORY | 24000006 |The system memory is insufficient.| 900| DATA_CORRUPTED | 24000007 |The asset is corrupted.| 901| DATABASE_ERROR | 24000008 |The database operation failed.| 902| CRYPTO_ERROR | 24000009 |The crypto operation failed.| 903| IPC_ERROR | 24000010 |IPC failed.| 904| BMS_ERROR | 24000011 |The Bundle Manager service is abnormal.| 905| ACCOUNT_ERROR | 24000012 |The account service is abnormal.| 906| ACCESS_TOKEN_ERROR | 24000013 |The Access Token service is abnormal.| 907| FILE_OPERATION_ERROR | 24000014 |The file operation failed.| 908| GET_SYSTEM_TIME_ERROR | 24000015 |Failed to obtain the system time.| 909| LIMIT_EXCEEDED | 24000016 |The number of cached records exceeds the upper limit.| 910| UNSUPPORTED | 24000017 |The feature is not supported.| 911