1e41f4b71Sopenharmony_ci# Generating a Key (C/C++) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci 4e41f4b71Sopenharmony_ciThis topic walks you through on how to randomly generate an ECC key. For details about the scenarios and supported algorithms, see [Supported Algorithms](huks-key-generation-overview.md#supported-algorithms). 5e41f4b71Sopenharmony_ci 6e41f4b71Sopenharmony_ci> **NOTE**<br> 7e41f4b71Sopenharmony_ci> Key aliases must not contain sensitive information, such as personal data. 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci## Add the dynamic library in the CMake script. 10e41f4b71Sopenharmony_ci```txt 11e41f4b71Sopenharmony_ci target_link_libraries(entry PUBLIC libhuks_ndk.z.so) 12e41f4b71Sopenharmony_ci``` 13e41f4b71Sopenharmony_ci 14e41f4b71Sopenharmony_ci## How to Develop 15e41f4b71Sopenharmony_ci 16e41f4b71Sopenharmony_ci1. Set the alias (**keyAlias**) of the key to generate. 17e41f4b71Sopenharmony_ci - The key alias cannot exceed 128 bytes. 18e41f4b71Sopenharmony_ci - For the keys generated for different services, HUKS isolates the storage paths based on the service identity information to prevent conflicts caused by the same key alias. 19e41f4b71Sopenharmony_ci 20e41f4b71Sopenharmony_ci2. Initialize the key property set. Construct the key property set **paramSet** using [OH_Huks_InitParamSet](../../reference/apis-universal-keystore-kit/_huks_param_set_api.md#oh_huks_initparamset), [OH_Huks_AddParams](../../reference/apis-universal-keystore-kit/_huks_param_set_api.md#oh_huks_addparams), and [OH_Huks_BuildParamSet](../../reference/apis-universal-keystore-kit/_huks_param_set_api.md#oh_huks_buildparamset). 21e41f4b71Sopenharmony_ci ** paramSet** must contain [OH_Huks_KeyAlg](../../reference/apis-universal-keystore-kit/_huks_type_api.md#oh_huks_keyalg), [OH_Huks_KeySize](../../reference/apis-universal-keystore-kit/_huks_type_api.md#oh_huks_keysize), and [OH_Huks_KeyPurpose](../../reference/apis-universal-keystore-kit/_huks_type_api.md#oh_huks_keypurpose). 22e41f4b71Sopenharmony_ci 23e41f4b71Sopenharmony_ci3. Use [OH_Huks_GenerateKeyItem](../../reference/apis-universal-keystore-kit/_huks_key_api.md#oh_huks_generatekeyitem) to generate a key based on the key alias and key properties specified. 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_ci> **NOTE**<br> 26e41f4b71Sopenharmony_ci> If the service uses the same key alias to call the HUKS API to generate a key again, HUKS will generate a new key and overwrite the historical key file. 27e41f4b71Sopenharmony_ci 28e41f4b71Sopenharmony_ci```c++ 29e41f4b71Sopenharmony_ci/* Generate an ECC key. */ 30e41f4b71Sopenharmony_ci#include "huks/native_huks_api.h" 31e41f4b71Sopenharmony_ci#include "huks/native_huks_param.h" 32e41f4b71Sopenharmony_ci#include <string.h> 33e41f4b71Sopenharmony_ciOH_Huks_Result InitParamSet( 34e41f4b71Sopenharmony_ci struct OH_Huks_ParamSet **paramSet, 35e41f4b71Sopenharmony_ci const struct OH_Huks_Param *params, 36e41f4b71Sopenharmony_ci uint32_t paramCount) 37e41f4b71Sopenharmony_ci{ 38e41f4b71Sopenharmony_ci OH_Huks_Result ret = OH_Huks_InitParamSet(paramSet); 39e41f4b71Sopenharmony_ci if (ret.errorCode != OH_HUKS_SUCCESS) { 40e41f4b71Sopenharmony_ci return ret; 41e41f4b71Sopenharmony_ci } 42e41f4b71Sopenharmony_ci ret = OH_Huks_AddParams(*paramSet, params, paramCount); 43e41f4b71Sopenharmony_ci if (ret.errorCode != OH_HUKS_SUCCESS) { 44e41f4b71Sopenharmony_ci OH_Huks_FreeParamSet(paramSet); 45e41f4b71Sopenharmony_ci return ret; 46e41f4b71Sopenharmony_ci } 47e41f4b71Sopenharmony_ci ret = OH_Huks_BuildParamSet(paramSet); 48e41f4b71Sopenharmony_ci if (ret.errorCode != OH_HUKS_SUCCESS) { 49e41f4b71Sopenharmony_ci OH_Huks_FreeParamSet(paramSet); 50e41f4b71Sopenharmony_ci return ret; 51e41f4b71Sopenharmony_ci } 52e41f4b71Sopenharmony_ci return ret; 53e41f4b71Sopenharmony_ci} 54e41f4b71Sopenharmony_cistruct OH_Huks_Param g_testGenerateKeyParam[] = { 55e41f4b71Sopenharmony_ci { 56e41f4b71Sopenharmony_ci .tag = OH_HUKS_TAG_ALGORITHM, 57e41f4b71Sopenharmony_ci .uint32Param = OH_HUKS_ALG_ECC 58e41f4b71Sopenharmony_ci }, { 59e41f4b71Sopenharmony_ci .tag = OH_HUKS_TAG_PURPOSE, 60e41f4b71Sopenharmony_ci .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE 61e41f4b71Sopenharmony_ci }, { 62e41f4b71Sopenharmony_ci .tag = OH_HUKS_TAG_KEY_SIZE, 63e41f4b71Sopenharmony_ci .uint32Param = OH_HUKS_ECC_KEY_SIZE_256 64e41f4b71Sopenharmony_ci }, { 65e41f4b71Sopenharmony_ci .tag = OH_HUKS_TAG_DIGEST, 66e41f4b71Sopenharmony_ci .uint32Param = OH_HUKS_DIGEST_NONE 67e41f4b71Sopenharmony_ci } 68e41f4b71Sopenharmony_ci}; 69e41f4b71Sopenharmony_cistatic napi_value GenerateKey(napi_env env, napi_callback_info info) 70e41f4b71Sopenharmony_ci{ 71e41f4b71Sopenharmony_ci /* 1. Set the key alias. */ 72e41f4b71Sopenharmony_ci const char *alias = "test_generate"; 73e41f4b71Sopenharmony_ci struct OH_Huks_Blob aliasBlob = { .size = (uint32_t)strlen(alias), .data = (uint8_t *)alias }; 74e41f4b71Sopenharmony_ci struct OH_Huks_ParamSet *testGenerateKeyParamSet = nullptr; 75e41f4b71Sopenharmony_ci struct OH_Huks_Result ohResult; 76e41f4b71Sopenharmony_ci do { 77e41f4b71Sopenharmony_ci /* 2. Initialize the key property set. */ 78e41f4b71Sopenharmony_ci ohResult = InitParamSet(&testGenerateKeyParamSet, g_testGenerateKeyParam, 79e41f4b71Sopenharmony_ci sizeof(g_testGenerateKeyParam) / sizeof(OH_Huks_Param)); 80e41f4b71Sopenharmony_ci if (ohResult.errorCode != OH_HUKS_SUCCESS) { 81e41f4b71Sopenharmony_ci break; 82e41f4b71Sopenharmony_ci } 83e41f4b71Sopenharmony_ci /* 3. Generate a key. */ 84e41f4b71Sopenharmony_ci ohResult = OH_Huks_GenerateKeyItem(&aliasBlob, testGenerateKeyParamSet, nullptr); 85e41f4b71Sopenharmony_ci } while (0); 86e41f4b71Sopenharmony_ci OH_Huks_FreeParamSet(&testGenerateKeyParamSet); 87e41f4b71Sopenharmony_ci napi_value ret; 88e41f4b71Sopenharmony_ci napi_create_int32(env, ohResult.errorCode, &ret); 89e41f4b71Sopenharmony_ci return ret; 90e41f4b71Sopenharmony_ci} 91e41f4b71Sopenharmony_ci``` 92