1e41f4b71Sopenharmony_ci# @ohos.security.cryptoFramework (加解密算法库框架) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci为屏蔽底层硬件和算法库,向上提供统一的密码算法库加解密相关接口。 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci> **说明:** 6e41f4b71Sopenharmony_ci> 7e41f4b71Sopenharmony_ci> - 本模块首批接口从API version 9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci## 导入模块 10e41f4b71Sopenharmony_ci 11e41f4b71Sopenharmony_ci```ts 12e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 13e41f4b71Sopenharmony_ci``` 14e41f4b71Sopenharmony_ci 15e41f4b71Sopenharmony_ci## Result 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci 表示执行结果的枚举。 18e41f4b71Sopenharmony_ci 19e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.CryptoFramework 20e41f4b71Sopenharmony_ci 21e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 22e41f4b71Sopenharmony_ci| ------------------------------------- | -------- | ---------------------------- | 23e41f4b71Sopenharmony_ci| INVALID_PARAMS | 401 | 非法入参。<br>**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 | 24e41f4b71Sopenharmony_ci| NOT_SUPPORT | 801 | 操作不支持。<br>**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 25e41f4b71Sopenharmony_ci| ERR_OUT_OF_MEMORY | 17620001 | 内存错误。<br>**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 | 26e41f4b71Sopenharmony_ci| ERR_RUNTIME_ERROR | 17620002 | 运行时外部错误。<br>**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 | 27e41f4b71Sopenharmony_ci| ERR_CRYPTO_OPERATION | 17630001 | 调用三方算法库API出错。<br>**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 | 28e41f4b71Sopenharmony_ci 29e41f4b71Sopenharmony_ci## DataBlob 30e41f4b71Sopenharmony_ci 31e41f4b71Sopenharmony_cibuffer数组,提供blob数据类型。 32e41f4b71Sopenharmony_ci 33e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 34e41f4b71Sopenharmony_ci 35e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.CryptoFramework 36e41f4b71Sopenharmony_ci 37e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 38e41f4b71Sopenharmony_ci| ---- | ---------- | ---- | ---- | ------ | 39e41f4b71Sopenharmony_ci| data | Uint8Array | 是 | 是 | 数据。 | 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci> **说明:** 42e41f4b71Sopenharmony_ci> 43e41f4b71Sopenharmony_ci> Uint8Array类型数据表示8位无符号整数的数组。 44e41f4b71Sopenharmony_ci 45e41f4b71Sopenharmony_ci## ParamsSpec 46e41f4b71Sopenharmony_ci 47e41f4b71Sopenharmony_ci加解密参数,在进行对称加解密时需要构造其子类对象,并将子类对象传入[init()](#init-2)方法。 48e41f4b71Sopenharmony_ci 49e41f4b71Sopenharmony_ci适用于需要iv等参数的对称加解密模式(对于无iv等参数的模式如ECB模式,无需构造,在[init()](#init-2)中传入null即可)。 50e41f4b71Sopenharmony_ci 51e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 52e41f4b71Sopenharmony_ci 53e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 54e41f4b71Sopenharmony_ci 55e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 56e41f4b71Sopenharmony_ci 57e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 58e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 59e41f4b71Sopenharmony_ci| algName | string | 是 | 是 | 指明对称加解密参数的算法模式。可选值如下:<br/> - "IvParamsSpec": 适用于CBC\|CTR\|OFB\|CFB模式<br/> - "GcmParamsSpec": 适用于GCM模式<br/> - "CcmParamsSpec": 适用于CCM模式 | 60e41f4b71Sopenharmony_ci 61e41f4b71Sopenharmony_ci> **说明:** 62e41f4b71Sopenharmony_ci> 63e41f4b71Sopenharmony_ci> 由于[init()](#init-2)的params参数是ParamsSpec类型(父类),而实际需要传入具体的子类对象(如IvParamsSpec),因此在构造子类对象时应设置其父类ParamsSpec的algName参数,使算法库在init()时知道传入的是哪种子类对象。 64e41f4b71Sopenharmony_ci 65e41f4b71Sopenharmony_ci## IvParamsSpec 66e41f4b71Sopenharmony_ci 67e41f4b71Sopenharmony_ci加解密参数[ParamsSpec](#paramsspec)的子类,用于在对称加解密时作为[init()](#init-2)方法的参数。 68e41f4b71Sopenharmony_ci 69e41f4b71Sopenharmony_ci适用于CBC、CTR、OFB、CFB这些仅使用iv作为参数的加解密模式。 70e41f4b71Sopenharmony_ci 71e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 72e41f4b71Sopenharmony_ci 73e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 74e41f4b71Sopenharmony_ci 75e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 76e41f4b71Sopenharmony_ci 77e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 78e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | ---- | ------------------------------------------------------------ | 79e41f4b71Sopenharmony_ci| iv | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数iv。常见取值如下:<br/>- AES的CBC\|CTR\|OFB\|CFB模式:iv长度为16字节<br/>- 3DES的CBC\|OFB\|CFB模式:iv长度为8字节<br/>- SM4<sup>10+</sup>的CBC\|CTR\|OFB\|CFB模式:iv长度为16字节。 | 80e41f4b71Sopenharmony_ci 81e41f4b71Sopenharmony_ci> **说明:** 82e41f4b71Sopenharmony_ci> 83e41f4b71Sopenharmony_ci> 传入[init()](#init-2)方法前需要指定其algName属性(来源于父类[ParamsSpec](#paramsspec))。 84e41f4b71Sopenharmony_ci 85e41f4b71Sopenharmony_ci## GcmParamsSpec 86e41f4b71Sopenharmony_ci 87e41f4b71Sopenharmony_ci加解密参数[ParamsSpec](#paramsspec)的子类,用于在对称加解密时作为[init()](#init-2)方法的参数。 88e41f4b71Sopenharmony_ci 89e41f4b71Sopenharmony_ci适用于GCM模式。 90e41f4b71Sopenharmony_ci 91e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 92e41f4b71Sopenharmony_ci 93e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 94e41f4b71Sopenharmony_ci 95e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 96e41f4b71Sopenharmony_ci 97e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 98e41f4b71Sopenharmony_ci| ------- | --------------------- | ---- | ---- | ------------------------------------------------------------ | 99e41f4b71Sopenharmony_ci| iv | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数iv,长度为1~16字节,常用为12字节。 | 100e41f4b71Sopenharmony_ci| aad | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数aad,长度为0~INT_MAX字节,常用为16字节。 | 101e41f4b71Sopenharmony_ci| authTag | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数authTag,长度为16字节。<br/>采用GCM模式加密时,需要获取[doFinal()](#dofinal-2)或[doFinalSync()](#dofinalsync12)输出的[DataBlob](#datablob),取出其末尾16字节作为解密时[init()](#init-2)或[initSync()](#initsync12)方法的入参GcmParamsSpec中的的authTag。 | 102e41f4b71Sopenharmony_ci 103e41f4b71Sopenharmony_ci> **说明:** 104e41f4b71Sopenharmony_ci> 105e41f4b71Sopenharmony_ci> 1. 传入[init()](#init-2)方法前需要指定其algName属性(来源于父类[ParamsSpec](#paramsspec))。 106e41f4b71Sopenharmony_ci> 2. 对于在1~16字节长度范围内的iv,加解密算法库不作额外限制,但其结果取决于底层openssl是否支持。 107e41f4b71Sopenharmony_ci> 3. 用户不需要使用aad参数或aad长度为0时,可以指定aad的data属性为空的Uint8Array,来构造GcmParamsSpec,写法为aad: { data: new Uint8Array() }。 108e41f4b71Sopenharmony_ci 109e41f4b71Sopenharmony_ci## CcmParamsSpec 110e41f4b71Sopenharmony_ci 111e41f4b71Sopenharmony_ci加解密参数[ParamsSpec](#paramsspec)的子类,用于在对称加解密时作为[init()](#init-2)方法的参数。 112e41f4b71Sopenharmony_ci 113e41f4b71Sopenharmony_ci适用于CCM模式。 114e41f4b71Sopenharmony_ci 115e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 116e41f4b71Sopenharmony_ci 117e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 118e41f4b71Sopenharmony_ci 119e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 120e41f4b71Sopenharmony_ci 121e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 122e41f4b71Sopenharmony_ci| ------- | --------------------- | ---- | ---- | ------------------------------------------------------------ | 123e41f4b71Sopenharmony_ci| iv | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数iv,长度为7字节。 | 124e41f4b71Sopenharmony_ci| aad | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数aad,长度为8字节。 | 125e41f4b71Sopenharmony_ci| authTag | [DataBlob](#datablob) | 是 | 是 | 指明加解密参数authTag,长度为12字节。<br/>采用CCM模式加密时,需要获取[doFinal()](#dofinal-2)或[doFinalSync()](#dofinalsync12)输出的[DataBlob](#datablob),取出其末尾12字节作为解密时[init()](#init-2)或[initSync()](#initsync12)方法的入参[CcmParamsSpec](#ccmparamsspec)中的authTag。 | 126e41f4b71Sopenharmony_ci 127e41f4b71Sopenharmony_ci> **说明:** 128e41f4b71Sopenharmony_ci> 129e41f4b71Sopenharmony_ci> 传入[init()](#init-2)方法前需要指定其algName属性(来源于父类[ParamsSpec](#paramsspec))。 130e41f4b71Sopenharmony_ci 131e41f4b71Sopenharmony_ci## CryptoMode 132e41f4b71Sopenharmony_ci 133e41f4b71Sopenharmony_ci表示加解密操作的枚举。 134e41f4b71Sopenharmony_ci 135e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 136e41f4b71Sopenharmony_ci 137e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 138e41f4b71Sopenharmony_ci 139e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 140e41f4b71Sopenharmony_ci 141e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 142e41f4b71Sopenharmony_ci| ------------ | ---- | ------------------ | 143e41f4b71Sopenharmony_ci| ENCRYPT_MODE | 0 | 表示进行加密操作。 | 144e41f4b71Sopenharmony_ci| DECRYPT_MODE | 1 | 表示进行解密操作。 | 145e41f4b71Sopenharmony_ci 146e41f4b71Sopenharmony_ci## AsyKeySpecItem<sup>10+</sup> 147e41f4b71Sopenharmony_ci 148e41f4b71Sopenharmony_ci表示密钥参数的枚举。 149e41f4b71Sopenharmony_ci 150e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 151e41f4b71Sopenharmony_ci 152e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 153e41f4b71Sopenharmony_ci 154e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 155e41f4b71Sopenharmony_ci 156e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 157e41f4b71Sopenharmony_ci| ------------ | ---- | ---------------- | 158e41f4b71Sopenharmony_ci| DSA_P_BN | 101 | DSA算法的素模数p。 | 159e41f4b71Sopenharmony_ci| DSA_Q_BN | 102 | DSA算法中密钥参数q(p-1的素因子)。 | 160e41f4b71Sopenharmony_ci| DSA_G_BN | 103 | DSA算法的参数g。 | 161e41f4b71Sopenharmony_ci| DSA_SK_BN | 104 | DSA算法的私钥sk。 | 162e41f4b71Sopenharmony_ci| DSA_PK_BN | 105 | DSA算法的公钥pk。 | 163e41f4b71Sopenharmony_ci| ECC_FP_P_BN | 201 | ECC算法中表示椭圆曲线Fp域的素数p。 | 164e41f4b71Sopenharmony_ci| ECC_A_BN | 202 | ECC算法中椭圆曲线的第一个系数a。 | 165e41f4b71Sopenharmony_ci| ECC_B_BN | 203 | ECC算法中椭圆曲线的第二个系数b。 | 166e41f4b71Sopenharmony_ci| ECC_G_X_BN | 204 | ECC算法中基点g的x坐标。 | 167e41f4b71Sopenharmony_ci| ECC_G_Y_BN | 205 | ECC算法中基点g的y坐标。 | 168e41f4b71Sopenharmony_ci| ECC_N_BN | 206 | ECC算法中基点g的阶n。 | 169e41f4b71Sopenharmony_ci| ECC_H_NUM | 207 | ECC算法中的余因子h。 | 170e41f4b71Sopenharmony_ci| ECC_SK_BN | 208 | ECC算法中的私钥sk。 | 171e41f4b71Sopenharmony_ci| ECC_PK_X_BN | 209 | ECC算法中,公钥pk(椭圆曲线上的一个点)的x坐标。 | 172e41f4b71Sopenharmony_ci| ECC_PK_Y_BN | 210 | ECC算法中,公钥pk(椭圆曲线上的一个点)的y坐标。 | 173e41f4b71Sopenharmony_ci| ECC_FIELD_TYPE_STR | 211 | ECC算法中,椭圆曲线的域类型(当前只支持Fp域)。 | 174e41f4b71Sopenharmony_ci| ECC_FIELD_SIZE_NUM | 212 | ECC算法中域的大小,单位为bits(注:对于Fp域,域的大小为素数p的bits长度)。 | 175e41f4b71Sopenharmony_ci| ECC_CURVE_NAME_STR | 213 | ECC算法中的SECG(Standards for Efficient Cryptography Group)曲线名称。 | 176e41f4b71Sopenharmony_ci| RSA_N_BN | 301 | RSA算法中的模数n。 | 177e41f4b71Sopenharmony_ci| RSA_SK_BN | 302 | RSA算法中的私钥sk(即私钥指数d)。 | 178e41f4b71Sopenharmony_ci| RSA_PK_BN | 303 | RSA算法中的公钥pk(即公钥指数e)。 | 179e41f4b71Sopenharmony_ci| DH_P_BN<sup>11+</sup> | 401 | DH算法中的素数p。 | 180e41f4b71Sopenharmony_ci| DH_G_BN<sup>11+</sup> | 402 | DH算法中的参数g。 | 181e41f4b71Sopenharmony_ci| DH_L_NUM<sup>11+</sup> | 403 | DH算法中私钥长度,单位为bit。 | 182e41f4b71Sopenharmony_ci| DH_SK_BN<sup>11+</sup> | 404 | DH算法中的私钥sk。 | 183e41f4b71Sopenharmony_ci| DH_PK_BN<sup>11+</sup> | 405 | DH算法中的公钥pk。 | 184e41f4b71Sopenharmony_ci| ED25519_SK_BN<sup>11+</sup> | 501 | ED25519算法中的私钥sk。 | 185e41f4b71Sopenharmony_ci| ED25519_PK_BN<sup>11+</sup> | 502 | ED25519算法中的公钥pk。 | 186e41f4b71Sopenharmony_ci| X25519_SK_BN<sup>11+</sup> | 601 | X25519算法中的私钥sk。 | 187e41f4b71Sopenharmony_ci| X25519_PK_BN<sup>11+</sup> | 602 | X25519算法中的公钥pk。 | 188e41f4b71Sopenharmony_ci 189e41f4b71Sopenharmony_ci## AsyKeySpecType<sup>10+</sup> 190e41f4b71Sopenharmony_ci 191e41f4b71Sopenharmony_ci表示密钥参数类型的枚举。 192e41f4b71Sopenharmony_ci 193e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 194e41f4b71Sopenharmony_ci 195e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 196e41f4b71Sopenharmony_ci 197e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 198e41f4b71Sopenharmony_ci 199e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 200e41f4b71Sopenharmony_ci| ------------ | ---- | ---------------- | 201e41f4b71Sopenharmony_ci| COMMON_PARAMS_SPEC | 0 | 表示公私钥中包含的公共参数。使用此类型的参数可以调用[generateKeyPair](#generatekeypair-2)随机生成密钥对。 | 202e41f4b71Sopenharmony_ci| PRIVATE_KEY_SPEC | 1 | 表示私钥中包含的参数。使用此类型的参数可以调用[generatePriKey](#generateprikey)生成指定的私钥。 | 203e41f4b71Sopenharmony_ci| PUBLIC_KEY_SPEC | 2 | 表示公钥中包含的参数。使用此类型的参数可以调用[generatePubKey](#generatepubkey)生成指定的公钥。 | 204e41f4b71Sopenharmony_ci| KEY_PAIR_SPEC | 3 | 表示公私钥中包含的全量参数。使用此类型的参数可以调用[generateKeyPair](#generatekeypair-2)生成指定的密钥对。 | 205e41f4b71Sopenharmony_ci 206e41f4b71Sopenharmony_ci## CipherSpecItem<sup>10+</sup> 207e41f4b71Sopenharmony_ci 208e41f4b71Sopenharmony_ci表示加解密参数的枚举,这些加解密参数支持通过[setCipherSpec](#setcipherspec10)接口设置/通过[getCipherSpec](#getcipherspec10)接口获取。 209e41f4b71Sopenharmony_ci 210e41f4b71Sopenharmony_ci当前只支持RSA算法和SM2算法,从API version 11开始,增加对SM2_MD_NAME_STR参数的支持,详细规格请参考[加解密规格](../../security/CryptoArchitectureKit/crypto-asym-encrypt-decrypt-spec.md) 211e41f4b71Sopenharmony_ci 212e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 213e41f4b71Sopenharmony_ci 214e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 215e41f4b71Sopenharmony_ci 216e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 217e41f4b71Sopenharmony_ci 218e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 219e41f4b71Sopenharmony_ci| ------------ | ---- | ---------------- | 220e41f4b71Sopenharmony_ci| OAEP_MD_NAME_STR | 100 | 表示RSA算法中,使用PKCS1_OAEP模式时,消息摘要功能的算法名。 | 221e41f4b71Sopenharmony_ci| OAEP_MGF_NAME_STR | 101 | 表示RSA算法中,使用PKCS1_OAEP模式时,掩码生成算法(目前仅支持MGF1)。 | 222e41f4b71Sopenharmony_ci| OAEP_MGF1_MD_STR | 102 | 表示RSA算法中,使用PKCS1_OAEP模式时,MGF1掩码生成功能的消息摘要算法。 | 223e41f4b71Sopenharmony_ci| OAEP_MGF1_PSRC_UINT8ARR | 103 | 表示RSA算法中,使用PKCS1_OAEP模式时,pSource的字节流。 | 224e41f4b71Sopenharmony_ci| SM2_MD_NAME_STR<sup>11+</sup> | 104 | 表示SM2算法中,使用的摘要算法名。 | 225e41f4b71Sopenharmony_ci 226e41f4b71Sopenharmony_ci## SignSpecItem<sup>10+</sup> 227e41f4b71Sopenharmony_ci 228e41f4b71Sopenharmony_ci表示签名验签参数的枚举,这些签名验签参数支持通过[setSignSpec](#setsignspec10)、[setVerifySpec](#setverifyspec10)接口设置/通过[getSignSpec](#getsignspec10)、[getVerifySpec](#getverifyspec10)接口获取。 229e41f4b71Sopenharmony_ci 230e41f4b71Sopenharmony_ci当前只支持RSA算法和SM2算法,从API version 11开始,增加对SM2_USER_ID_UINT8ARR参数的支持,详细规格请参考[签名验签规格](../../security/CryptoArchitectureKit/crypto-sign-sig-verify-overview.md) 231e41f4b71Sopenharmony_ci 232e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 233e41f4b71Sopenharmony_ci 234e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 235e41f4b71Sopenharmony_ci 236e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 237e41f4b71Sopenharmony_ci 238e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 239e41f4b71Sopenharmony_ci| ------------ | ---- | ---------------- | 240e41f4b71Sopenharmony_ci| PSS_MD_NAME_STR | 100 | 表示RSA算法中,使用PSS模式时,消息摘要功能的算法名。 | 241e41f4b71Sopenharmony_ci| PSS_MGF_NAME_STR | 101 | 表示RSA算法中,使用PSS模式时,掩码生成算法(目前仅支持MGF1)。 | 242e41f4b71Sopenharmony_ci| PSS_MGF1_MD_STR | 102 | 表示RSA算法中,使用PSS模式时,MGF1掩码生成功能的消息摘要参数。 | 243e41f4b71Sopenharmony_ci| PSS_SALT_LEN_NUM | 103 | 表示RSA算法中,使用PSS模式时,盐值的长度,长度以字节为单位。 | 244e41f4b71Sopenharmony_ci| PSS_TRAILER_FIELD_NUM | 104 | 表示RSA算法中,使用PSS模式时,用于编码操作的整数。 | 245e41f4b71Sopenharmony_ci| SM2_USER_ID_UINT8ARR<sup>11+</sup> | 105 | 表示SM2算法中,用户身份标识字段。 | 246e41f4b71Sopenharmony_ci 247e41f4b71Sopenharmony_ci## AsyKeySpec<sup>10+</sup> 248e41f4b71Sopenharmony_ci 249e41f4b71Sopenharmony_ci指定非对称密钥参数的基本接口,用于创建密钥生成器。在指定非对称密钥参数时需要构造其子类对象,并将子类对象传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。构造子类对象时,除了RSA密钥采用小端写法外,其他bigint类型的密钥参数均采用大端写法,并使用正数。 250e41f4b71Sopenharmony_ci 251e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 252e41f4b71Sopenharmony_ci 253e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 254e41f4b71Sopenharmony_ci 255e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 256e41f4b71Sopenharmony_ci 257e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 258e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 259e41f4b71Sopenharmony_ci| algName | string | 是 | 是 | 指定非对称密钥的算法名称,比如"RSA"、"DSA"、"ECC"、"SM2"、"Ed25519"、"X25519"、"DH"。 | 260e41f4b71Sopenharmony_ci| specType | [AsyKeySpecType](#asykeyspectype10) | 是 | 是 | 指定密钥参数类型,用于区分公/私钥参数。 | 261e41f4b71Sopenharmony_ci 262e41f4b71Sopenharmony_ci## DSACommonParamsSpec<sup>10+</sup> 263e41f4b71Sopenharmony_ci 264e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DSA算法中公私钥包含的公共参数,随机生成公/私钥。 265e41f4b71Sopenharmony_ci 266e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 267e41f4b71Sopenharmony_ci 268e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 269e41f4b71Sopenharmony_ci 270e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 271e41f4b71Sopenharmony_ci 272e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 273e41f4b71Sopenharmony_ci 274e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 275e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 276e41f4b71Sopenharmony_ci| p | bigint | 是 | 是 | 指定DSA算法的素模数p。 | 277e41f4b71Sopenharmony_ci| q | bigint | 是 | 是 | 指定DSA算法中密钥参数q(p-1的素因子)。 | 278e41f4b71Sopenharmony_ci| g | bigint | 是 | 是 | 指定DSA算法的参数g。 | 279e41f4b71Sopenharmony_ci 280e41f4b71Sopenharmony_ci## DSAPubKeySpec<sup>10+</sup> 281e41f4b71Sopenharmony_ci 282e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DSA算法中公钥包含的参数。 283e41f4b71Sopenharmony_ci 284e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 285e41f4b71Sopenharmony_ci 286e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 287e41f4b71Sopenharmony_ci 288e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 289e41f4b71Sopenharmony_ci 290e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 291e41f4b71Sopenharmony_ci 292e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 293e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 294e41f4b71Sopenharmony_ci| params | [DSACommonParamsSpec](#dsacommonparamsspec10) | 是 | 是 | 指定DSA算法中公私钥都包含的公共参数。 | 295e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定DSA算法的公钥。 | 296e41f4b71Sopenharmony_ci 297e41f4b71Sopenharmony_ci## DSAKeyPairSpec<sup>10+</sup> 298e41f4b71Sopenharmony_ci 299e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DSA算法中公私钥包含的全量参数。 300e41f4b71Sopenharmony_ci 301e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 302e41f4b71Sopenharmony_ci 303e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 304e41f4b71Sopenharmony_ci 305e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 306e41f4b71Sopenharmony_ci 307e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 308e41f4b71Sopenharmony_ci 309e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 310e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 311e41f4b71Sopenharmony_ci| params | [DSACommonParamsSpec](#dsacommonparamsspec10) | 是 | 是 | 指定DSA算法中公私钥都包含的公共参数。 | 312e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定DSA算法的私钥sk。 | 313e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定DSA算法的公钥pk。 | 314e41f4b71Sopenharmony_ci 315e41f4b71Sopenharmony_ci## ECField<sup>10+</sup> 316e41f4b71Sopenharmony_ci 317e41f4b71Sopenharmony_ci指定椭圆曲线的域。当前只支持Fp域。 318e41f4b71Sopenharmony_ci 319e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 320e41f4b71Sopenharmony_ci 321e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 322e41f4b71Sopenharmony_ci 323e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 324e41f4b71Sopenharmony_ci 325e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 326e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 327e41f4b71Sopenharmony_ci| fieldType | string | 是 | 是 | 指定椭圆曲线域的类型,当前只支持"Fp"。 | 328e41f4b71Sopenharmony_ci 329e41f4b71Sopenharmony_ci## ECFieldFp<sup>10+</sup> 330e41f4b71Sopenharmony_ci 331e41f4b71Sopenharmony_ci指定椭圆曲线素数域。是[ECField](#ecfield10)的子类。 332e41f4b71Sopenharmony_ci 333e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 334e41f4b71Sopenharmony_ci 335e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 336e41f4b71Sopenharmony_ci 337e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 338e41f4b71Sopenharmony_ci 339e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 340e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 341e41f4b71Sopenharmony_ci| p | bigint | 是 | 是 | 指定素数p。 | 342e41f4b71Sopenharmony_ci 343e41f4b71Sopenharmony_ci## Point<sup>10+</sup> 344e41f4b71Sopenharmony_ci 345e41f4b71Sopenharmony_ci指定椭圆曲线上的一个点。 346e41f4b71Sopenharmony_ci 347e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 348e41f4b71Sopenharmony_ci 349e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 350e41f4b71Sopenharmony_ci 351e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 352e41f4b71Sopenharmony_ci 353e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 354e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 355e41f4b71Sopenharmony_ci| x | bigint | 是 | 是 | 指定椭圆曲线上,点的x坐标。 | 356e41f4b71Sopenharmony_ci| y | bigint | 是 | 是 | 指定椭圆曲线上,点的y坐标。 | 357e41f4b71Sopenharmony_ci 358e41f4b71Sopenharmony_ci## ECCCommonParamsSpec<sup>10+</sup> 359e41f4b71Sopenharmony_ci 360e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ECC算法中公私钥包含的公共参数,随机生成公/私钥。 361e41f4b71Sopenharmony_ci 362e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 363e41f4b71Sopenharmony_ci 364e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 365e41f4b71Sopenharmony_ci 366e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 367e41f4b71Sopenharmony_ci 368e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 369e41f4b71Sopenharmony_ci 370e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 371e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 372e41f4b71Sopenharmony_ci| field | [ECField](#ecfield10) | 是 | 是 | 指定椭圆曲线的域(当前只支持Fp域)。 | 373e41f4b71Sopenharmony_ci| a | bigint | 是 | 是 | 指定椭圆曲线的第一个系数a。 | 374e41f4b71Sopenharmony_ci| b | bigint | 是 | 是 | 指定椭圆曲线的第二个系数b。 | 375e41f4b71Sopenharmony_ci| g | [Point](#point10) | 是 | 是 | 指定基点g。 | 376e41f4b71Sopenharmony_ci| n | bigint | 是 | 是 | 指定基点g的阶数n。 | 377e41f4b71Sopenharmony_ci| h | number | 是 | 是 | 指定余因子h。 | 378e41f4b71Sopenharmony_ci 379e41f4b71Sopenharmony_ci## ECCPriKeySpec<sup>10+</sup> 380e41f4b71Sopenharmony_ci 381e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ECC算法中私钥包含的参数。 382e41f4b71Sopenharmony_ci 383e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 384e41f4b71Sopenharmony_ci 385e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 386e41f4b71Sopenharmony_ci 387e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 388e41f4b71Sopenharmony_ci 389e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 390e41f4b71Sopenharmony_ci 391e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 392e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 393e41f4b71Sopenharmony_ci| params | [ECCCommonParamsSpec](#ecccommonparamsspec10) | 是 | 是 | 指定ECC算法中公私钥都包含的公共参数。 | 394e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定ECC算法的私钥sk。 | 395e41f4b71Sopenharmony_ci 396e41f4b71Sopenharmony_ci## ECCPubKeySpec<sup>10+</sup> 397e41f4b71Sopenharmony_ci 398e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ECC算法中公钥包含的参数。 399e41f4b71Sopenharmony_ci 400e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 401e41f4b71Sopenharmony_ci 402e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 403e41f4b71Sopenharmony_ci 404e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 405e41f4b71Sopenharmony_ci 406e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 407e41f4b71Sopenharmony_ci 408e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 409e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 410e41f4b71Sopenharmony_ci| params | [ECCCommonParamsSpec](#ecccommonparamsspec10) | 是 | 是 | 指定ECC算法中公私钥都包含的公共参数。 | 411e41f4b71Sopenharmony_ci| pk | [Point](#point10) | 是 | 是 | 指定ECC算法的公钥pk。 | 412e41f4b71Sopenharmony_ci 413e41f4b71Sopenharmony_ci## ECCKeyPairSpec<sup>10+</sup> 414e41f4b71Sopenharmony_ci 415e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ECC算法中公私钥包含的全量参数。 416e41f4b71Sopenharmony_ci 417e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 418e41f4b71Sopenharmony_ci 419e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 420e41f4b71Sopenharmony_ci 421e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 422e41f4b71Sopenharmony_ci 423e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 424e41f4b71Sopenharmony_ci 425e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 426e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 427e41f4b71Sopenharmony_ci| params | [ECCCommonParamsSpec](#ecccommonparamsspec10) | 是 | 是 | 指定ECC算法中公私钥都包含的公共参数。 | 428e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定ECC算法的私钥sk。 | 429e41f4b71Sopenharmony_ci| pk | [Point](#point10) | 是 | 是 | 指定ECC算法的公钥pk。 | 430e41f4b71Sopenharmony_ci 431e41f4b71Sopenharmony_ci## RSACommonParamsSpec<sup>10+</sup> 432e41f4b71Sopenharmony_ci 433e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定RSA算法中公私钥包含的公共参数,随机生成公/私钥。 434e41f4b71Sopenharmony_ci 435e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 436e41f4b71Sopenharmony_ci 437e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 438e41f4b71Sopenharmony_ci 439e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 440e41f4b71Sopenharmony_ci 441e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 442e41f4b71Sopenharmony_ci 443e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 444e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 445e41f4b71Sopenharmony_ci| n | bigint | 是 | 是 | 指定模数n。 | 446e41f4b71Sopenharmony_ci 447e41f4b71Sopenharmony_ci## RSAPubKeySpec<sup>10+</sup> 448e41f4b71Sopenharmony_ci 449e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定RSA算法中公钥包含的参数。 450e41f4b71Sopenharmony_ci 451e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 452e41f4b71Sopenharmony_ci 453e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 454e41f4b71Sopenharmony_ci 455e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 456e41f4b71Sopenharmony_ci 457e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 458e41f4b71Sopenharmony_ci 459e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 460e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 461e41f4b71Sopenharmony_ci| params | [RSACommonParamsSpec](#rsacommonparamsspec10) | 是 | 是 | 指定RSA算法中公私钥都包含的公共参数。 | 462e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定RSA算法的公钥pk。 | 463e41f4b71Sopenharmony_ci 464e41f4b71Sopenharmony_ci## RSAKeyPairSpec<sup>10+</sup> 465e41f4b71Sopenharmony_ci 466e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定RSA算法中公私钥包含的全量参数。 467e41f4b71Sopenharmony_ci 468e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 469e41f4b71Sopenharmony_ci 470e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 471e41f4b71Sopenharmony_ci 472e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 473e41f4b71Sopenharmony_ci 474e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 475e41f4b71Sopenharmony_ci 476e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 477e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 478e41f4b71Sopenharmony_ci| params | [RSACommonParamsSpec](#rsacommonparamsspec10) | 是 | 是 | 指定RSA算法中公私钥都包含的公共参数。 | 479e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定RSA算法的私钥sk。 | 480e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定RSA算法的公钥pk。 | 481e41f4b71Sopenharmony_ci 482e41f4b71Sopenharmony_ci## ED25519PriKeySpec<sup>11+</sup> 483e41f4b71Sopenharmony_ci 484e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ED25519算法中私钥包含的参数。 485e41f4b71Sopenharmony_ci 486e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 487e41f4b71Sopenharmony_ci 488e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 489e41f4b71Sopenharmony_ci 490e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 491e41f4b71Sopenharmony_ci 492e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 493e41f4b71Sopenharmony_ci 494e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 495e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------- | 496e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定ED25519算法的私钥sk。 | 497e41f4b71Sopenharmony_ci 498e41f4b71Sopenharmony_ci## ED25519PubKeySpec<sup>11+</sup> 499e41f4b71Sopenharmony_ci 500e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ED25519算法中公钥包含的参数。 501e41f4b71Sopenharmony_ci 502e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 503e41f4b71Sopenharmony_ci 504e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 505e41f4b71Sopenharmony_ci 506e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 507e41f4b71Sopenharmony_ci 508e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 509e41f4b71Sopenharmony_ci 510e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 511e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------- | 512e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定ED25519算法的公钥pk。 | 513e41f4b71Sopenharmony_ci 514e41f4b71Sopenharmony_ci## ED25519KeyPairSpec<sup>11+</sup> 515e41f4b71Sopenharmony_ci 516e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定ED25519算法中公私钥包含的全量参数。 517e41f4b71Sopenharmony_ci 518e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 519e41f4b71Sopenharmony_ci 520e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 521e41f4b71Sopenharmony_ci 522e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 523e41f4b71Sopenharmony_ci 524e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 525e41f4b71Sopenharmony_ci 526e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 527e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------- | 528e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定ED25519算法的私钥sk。 | 529e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定ED25519算法的公钥pk。 | 530e41f4b71Sopenharmony_ci 531e41f4b71Sopenharmony_ci## X25519PriKeySpec<sup>11+</sup> 532e41f4b71Sopenharmony_ci 533e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定X25519算法中私钥包含的参数。 534e41f4b71Sopenharmony_ci 535e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 536e41f4b71Sopenharmony_ci 537e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 538e41f4b71Sopenharmony_ci 539e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 540e41f4b71Sopenharmony_ci 541e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 542e41f4b71Sopenharmony_ci 543e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 544e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------ | 545e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定X25519算法的私钥sk。 | 546e41f4b71Sopenharmony_ci 547e41f4b71Sopenharmony_ci## X25519PubKeySpec<sup>11+</sup> 548e41f4b71Sopenharmony_ci 549e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定X25519算法中公钥包含的参数。 550e41f4b71Sopenharmony_ci 551e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 552e41f4b71Sopenharmony_ci 553e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 554e41f4b71Sopenharmony_ci 555e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 556e41f4b71Sopenharmony_ci 557e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 558e41f4b71Sopenharmony_ci 559e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 560e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------ | 561e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定X25519算法的公钥pk。 | 562e41f4b71Sopenharmony_ci 563e41f4b71Sopenharmony_ci## X25519KeyPairSpec<sup>11+</sup> 564e41f4b71Sopenharmony_ci 565e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定X25519算法中公私钥包含的全量参数。 566e41f4b71Sopenharmony_ci 567e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 568e41f4b71Sopenharmony_ci 569e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 570e41f4b71Sopenharmony_ci 571e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 572e41f4b71Sopenharmony_ci 573e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 574e41f4b71Sopenharmony_ci 575e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 576e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ------------------------ | 577e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定X25519算法的私钥sk。 | 578e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定X25519算法的公钥pk。 | 579e41f4b71Sopenharmony_ci 580e41f4b71Sopenharmony_ci## DHCommonParamsSpec<sup>11+</sup> 581e41f4b71Sopenharmony_ci 582e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DH算法中公私钥包含的参数。 583e41f4b71Sopenharmony_ci 584e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 585e41f4b71Sopenharmony_ci 586e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 587e41f4b71Sopenharmony_ci 588e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 589e41f4b71Sopenharmony_ci 590e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 591e41f4b71Sopenharmony_ci 592e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 593e41f4b71Sopenharmony_ci| ---- | ------ | ---- | ---- | ----------------------------------- | 594e41f4b71Sopenharmony_ci| p | bigint | 是 | 是 | 指定DH算法中大素数p。 | 595e41f4b71Sopenharmony_ci| g | bigint | 是 | 是 | 指定DH算法中参数g。 | 596e41f4b71Sopenharmony_ci| l | number | 是 | 是 | 指定DH算法中私钥的长度,单位为bit。 | 597e41f4b71Sopenharmony_ci 598e41f4b71Sopenharmony_ci## DHPriKeySpec<sup>11+</sup> 599e41f4b71Sopenharmony_ci 600e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DH算法中私钥包含的参数。 601e41f4b71Sopenharmony_ci 602e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 603e41f4b71Sopenharmony_ci 604e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 605e41f4b71Sopenharmony_ci 606e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 607e41f4b71Sopenharmony_ci 608e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 609e41f4b71Sopenharmony_ci 610e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 611e41f4b71Sopenharmony_ci| ------ | ------------------ | ---- | ---- | ------------------------------------ | 612e41f4b71Sopenharmony_ci| params | [DHCommonParamsSpec](#dhcommonparamsspec11) | 是 | 是 | 指定DH算法中公私钥都包含的公共参数。 | 613e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定DH算法的私钥sk。 | 614e41f4b71Sopenharmony_ci 615e41f4b71Sopenharmony_ci## DHPubKeySpec<sup>11+</sup> 616e41f4b71Sopenharmony_ci 617e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DH算法中公钥包含的参数。 618e41f4b71Sopenharmony_ci 619e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 620e41f4b71Sopenharmony_ci 621e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 622e41f4b71Sopenharmony_ci 623e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 624e41f4b71Sopenharmony_ci 625e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 626e41f4b71Sopenharmony_ci 627e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 628e41f4b71Sopenharmony_ci| ------ | ------------------ | ---- | ---- | ------------------------------------ | 629e41f4b71Sopenharmony_ci| params | [DHCommonParamsSpec](#dhcommonparamsspec11) | 是 | 是 | 指定DH算法中公私钥都包含的公共参数。 | 630e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定DH算法的公钥pk。 | 631e41f4b71Sopenharmony_ci 632e41f4b71Sopenharmony_ci## DHKeyPairSpec<sup>11+</sup> 633e41f4b71Sopenharmony_ci 634e41f4b71Sopenharmony_ci密钥参数[AsyKeySpec](#asykeyspec10)的子类,用于指定DH算法中公私钥包含的全量参数。 635e41f4b71Sopenharmony_ci 636e41f4b71Sopenharmony_ci在使用密钥参数生成密钥时,将其传入[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法创建密钥生成器。 637e41f4b71Sopenharmony_ci 638e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 639e41f4b71Sopenharmony_ci 640e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 641e41f4b71Sopenharmony_ci 642e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 643e41f4b71Sopenharmony_ci 644e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 645e41f4b71Sopenharmony_ci| ------ | ------------------ | ---- | ---- | ------------------------------------ | 646e41f4b71Sopenharmony_ci| params | [DHCommonParamsSpec](#dhcommonparamsspec11) | 是 | 是 | 指定DH算法中公私钥都包含的公共参数。 | 647e41f4b71Sopenharmony_ci| sk | bigint | 是 | 是 | 指定DH算法的私钥sk。 | 648e41f4b71Sopenharmony_ci| pk | bigint | 是 | 是 | 指定DH算法的公钥pk。 | 649e41f4b71Sopenharmony_ci 650e41f4b71Sopenharmony_ci## KdfSpec<sup>11+</sup> 651e41f4b71Sopenharmony_ci 652e41f4b71Sopenharmony_ci密钥派生函数参数,使用密钥派生函数进行密钥派生时,需要构建其子类对象并作为输入。 653e41f4b71Sopenharmony_ci 654e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 655e41f4b71Sopenharmony_ci 656e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 657e41f4b71Sopenharmony_ci 658e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 659e41f4b71Sopenharmony_ci 660e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 661e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 662e41f4b71Sopenharmony_ci| algName | string | 是 | 是 | 指明密钥派生函数的算法名,如"PBKDF2"。 | 663e41f4b71Sopenharmony_ci 664e41f4b71Sopenharmony_ci## PBKDF2Spec<sup>11+</sup> 665e41f4b71Sopenharmony_ci 666e41f4b71Sopenharmony_ci密钥派生函数参数[KdfSpec](#kdfspec11)的子类,作为PBKDF2密钥派生函数进行密钥派生时的输入。 667e41f4b71Sopenharmony_ci 668e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 669e41f4b71Sopenharmony_ci 670e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 671e41f4b71Sopenharmony_ci 672e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 673e41f4b71Sopenharmony_ci 674e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 675e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 676e41f4b71Sopenharmony_ci| password | string \| Uint8Array | 是 | 是 | 用户输入的原始密码。| 677e41f4b71Sopenharmony_ci| salt | Uint8Array | 是 | 是 | 盐值。 | 678e41f4b71Sopenharmony_ci| iterations | number | 是 | 是 | 迭代次数,需要为正整数。 | 679e41f4b71Sopenharmony_ci| keySize | number | 是 | 是 | 派生得到的密钥字节长度。 | 680e41f4b71Sopenharmony_ci 681e41f4b71Sopenharmony_ci> **说明:** 682e41f4b71Sopenharmony_ci> 683e41f4b71Sopenharmony_ci> password指的是原始密码,如果使用string类型,需要直接传入用于密钥派生的数据,而不是HexString、base64等字符串类型,同时需要确保该字符串为utf-8编码,否则派生结果会有差异。 684e41f4b71Sopenharmony_ci 685e41f4b71Sopenharmony_ci## HKDFSpec<sup>12+</sup> 686e41f4b71Sopenharmony_ci 687e41f4b71Sopenharmony_ci密钥派生函数参数[KdfSpec](#kdfspec11)的子类,作为HKDF密钥派生函数进行密钥派生时的输入。 688e41f4b71Sopenharmony_ci 689e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 690e41f4b71Sopenharmony_ci 691e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 692e41f4b71Sopenharmony_ci 693e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 694e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 695e41f4b71Sopenharmony_ci| key | string \| Uint8Array | 是 | 是 | 密钥材料。| 696e41f4b71Sopenharmony_ci| salt | Uint8Array | 是 | 是 | 盐值。 | 697e41f4b71Sopenharmony_ci| info | Uint8Array | 是 | 是 | 拓展信息。 | 698e41f4b71Sopenharmony_ci| keySize | number | 是 | 是 | 派生得到的密钥字节长度。 | 699e41f4b71Sopenharmony_ci 700e41f4b71Sopenharmony_ci> **说明:** 701e41f4b71Sopenharmony_ci> 702e41f4b71Sopenharmony_ci> key指的是用户输入的最初的密钥材料。info与salt是可选参数,根据模式的不同可以传空,但是不可不传。 703e41f4b71Sopenharmony_ci> 704e41f4b71Sopenharmony_ci> 例如:EXTRACT_AND_EXPAND模式需要输入全部的值,EXTRACT_ONLY模式info可以为空,在构建HKDFspec的时候,info传入null值。 705e41f4b71Sopenharmony_ci> 706e41f4b71Sopenharmony_ci> 默认的模式为EXTRACT_AND_EXPAND,"HKDF|SHA256|EXTRACT_AND_EXPAND"等价于"HKDF|SHA256"。 707e41f4b71Sopenharmony_ci 708e41f4b71Sopenharmony_ci## SM2CipherTextSpec<sup>12+</sup> 709e41f4b71Sopenharmony_ci 710e41f4b71Sopenharmony_ciSM2密文参数,使用SM2密文格式转换函数进行格式转换时,需要用到此对象。可以通过指定此参数,生成符合国密标准的ASN.1格式的SM2密文,反之,也可以从ASN.1格式的SM2密文中获取具体参数。 711e41f4b71Sopenharmony_ci 712e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 713e41f4b71Sopenharmony_ci 714e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 715e41f4b71Sopenharmony_ci 716e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 717e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------------------------------------ | 718e41f4b71Sopenharmony_ci| xCoordinate | bigint | 是 | 是 | x分量| 719e41f4b71Sopenharmony_ci| yCoordinate | bigint | 是 | 是 | y分量 | 720e41f4b71Sopenharmony_ci| cipherTextData | Uint8Array | 是 | 是 | 密文| 721e41f4b71Sopenharmony_ci| hashData | Uint8Array | 是 | 是 | 杂凑值 | 722e41f4b71Sopenharmony_ci 723e41f4b71Sopenharmony_ci> **说明:** 724e41f4b71Sopenharmony_ci> 725e41f4b71Sopenharmony_ci> 其中,hashData为使用SM3算法对明文数据运算得到的杂凑值,其长度固定为256位。cipherTextData是与明文等长的密文。 726e41f4b71Sopenharmony_ci 727e41f4b71Sopenharmony_ci## Key 728e41f4b71Sopenharmony_ci 729e41f4b71Sopenharmony_ci密钥(父类),在运行密码算法(如加解密)时需要提前生成其子类对象,并传入[Cipher](#cipher)实例的[init()](#init-2)方法。 730e41f4b71Sopenharmony_ci 731e41f4b71Sopenharmony_ci密钥可以通过密钥生成器来生成。 732e41f4b71Sopenharmony_ci 733e41f4b71Sopenharmony_ci### 属性 734e41f4b71Sopenharmony_ci 735e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 736e41f4b71Sopenharmony_ci 737e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key 738e41f4b71Sopenharmony_ci 739e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key 740e41f4b71Sopenharmony_ci 741e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 742e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 743e41f4b71Sopenharmony_ci| format | string | 是 | 否 | 密钥的格式。 | 744e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 密钥对应的算法名(如果是对称密钥,则含密钥长度,否则不含密钥长度)。 | 745e41f4b71Sopenharmony_ci 746e41f4b71Sopenharmony_ci### getEncoded 747e41f4b71Sopenharmony_ci 748e41f4b71Sopenharmony_cigetEncoded(): DataBlob 749e41f4b71Sopenharmony_ci 750e41f4b71Sopenharmony_ci同步方法,获取密钥数据的字节流。密钥可以为对称密钥,公钥或者私钥。其中,公钥格式满足ASN.1语法、X.509规范、DER编码格式;私钥格式满足ASN.1语法,PKCS#8规范、DER编码方式。 751e41f4b71Sopenharmony_ci 752e41f4b71Sopenharmony_ci> **说明:** 753e41f4b71Sopenharmony_ci> 754e41f4b71Sopenharmony_ci> RSA算法使用密钥参数生成私钥时,私钥对象不支持getEncoded。 755e41f4b71Sopenharmony_ci 756e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 757e41f4b71Sopenharmony_ci 758e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key 759e41f4b71Sopenharmony_ci 760e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key 761e41f4b71Sopenharmony_ci 762e41f4b71Sopenharmony_ci**返回值:** 763e41f4b71Sopenharmony_ci 764e41f4b71Sopenharmony_ci| 类型 | 说明 | 765e41f4b71Sopenharmony_ci| --------------------- | ------------------------ | 766e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 用于查看密钥的具体内容。 | 767e41f4b71Sopenharmony_ci 768e41f4b71Sopenharmony_ci**错误码:** 769e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 770e41f4b71Sopenharmony_ci 771e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 772e41f4b71Sopenharmony_ci| -------- | ---------------------- | 773e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 774e41f4b71Sopenharmony_ci| 17620001 | memory error. | 775e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 776e41f4b71Sopenharmony_ci 777e41f4b71Sopenharmony_ci**示例:** 778e41f4b71Sopenharmony_ci 779e41f4b71Sopenharmony_ci```ts 780e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 781e41f4b71Sopenharmony_ci 782e41f4b71Sopenharmony_ciasync function testGenerateAesKey() { 783e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES256'); 784e41f4b71Sopenharmony_ci let symKey = await symKeyGenerator.generateSymKey(); 785e41f4b71Sopenharmony_ci let encodedKey = symKey.getEncoded(); 786e41f4b71Sopenharmony_ci console.info('key hex:' + encodedKey.data); 787e41f4b71Sopenharmony_ci} 788e41f4b71Sopenharmony_ci``` 789e41f4b71Sopenharmony_ci 790e41f4b71Sopenharmony_ci## SymKey 791e41f4b71Sopenharmony_ci 792e41f4b71Sopenharmony_ci对称密钥,是[Key](#key)的子类,在对称加解密时需要将其对象传入[Cipher](#cipher)实例的[init()](#init-2)方法使用。 793e41f4b71Sopenharmony_ci 794e41f4b71Sopenharmony_ci对称密钥可以通过对称密钥生成器[SymKeyGenerator](#symkeygenerator)来生成。 795e41f4b71Sopenharmony_ci 796e41f4b71Sopenharmony_ci### clearMem 797e41f4b71Sopenharmony_ci 798e41f4b71Sopenharmony_ciclearMem(): void 799e41f4b71Sopenharmony_ci 800e41f4b71Sopenharmony_ci同步方法,将系统底层内存中的的密钥内容清零。建议在不再使用对称密钥实例时,调用本函数,避免内存中密钥数据存留过久。 801e41f4b71Sopenharmony_ci 802e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 803e41f4b71Sopenharmony_ci 804e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 805e41f4b71Sopenharmony_ci 806e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 807e41f4b71Sopenharmony_ci 808e41f4b71Sopenharmony_ci**示例:** 809e41f4b71Sopenharmony_ci 810e41f4b71Sopenharmony_ci<!--code_no_check--> 811e41f4b71Sopenharmony_ci```ts 812e41f4b71Sopenharmony_cilet key: cryptoFramework.SymKey; // The key is generated by a symKeyGenerator. The generation process is omitted here. 813e41f4b71Sopenharmony_cilet encodedKey = key.getEncoded(); 814e41f4b71Sopenharmony_ciconsole.info('key blob: '+ encodedKey.data); // Display key content. 815e41f4b71Sopenharmony_cikey.clearMem(); 816e41f4b71Sopenharmony_ciencodedKey = key.getEncoded(); 817e41f4b71Sopenharmony_ciconsole.info('key blob:' + encodedKey.data); // Display all 0s. 818e41f4b71Sopenharmony_ci``` 819e41f4b71Sopenharmony_ci 820e41f4b71Sopenharmony_ci## PubKey 821e41f4b71Sopenharmony_ci 822e41f4b71Sopenharmony_ci公钥,是[Key](#key)的子类,在非对称加解密、验签、密钥协商时需要将其对象作为输入使用。 823e41f4b71Sopenharmony_ci 824e41f4b71Sopenharmony_ci公钥可以通过非对称密钥生成器[AsyKeyGenerator](#asykeygenerator)、[AsyKeyGeneratorBySpec](#asykeygeneratorbyspec10)来生成。 825e41f4b71Sopenharmony_ci 826e41f4b71Sopenharmony_ci### getAsyKeySpec<sup>10+</sup> 827e41f4b71Sopenharmony_ci 828e41f4b71Sopenharmony_cigetAsyKeySpec(itemType: AsyKeySpecItem): bigint | string | number 829e41f4b71Sopenharmony_ci 830e41f4b71Sopenharmony_ci同步方法,获取密钥参数。 831e41f4b71Sopenharmony_ci 832e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 833e41f4b71Sopenharmony_ci 834e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 835e41f4b71Sopenharmony_ci 836e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 837e41f4b71Sopenharmony_ci 838e41f4b71Sopenharmony_ci**参数:** 839e41f4b71Sopenharmony_ci 840e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 841e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 842e41f4b71Sopenharmony_ci| itemType | [AsyKeySpecItem](#asykeyspecitem10) | 是 | 指定的密钥参数。 | 843e41f4b71Sopenharmony_ci 844e41f4b71Sopenharmony_ci**返回值:** 845e41f4b71Sopenharmony_ci 846e41f4b71Sopenharmony_ci| 类型 | 说明 | 847e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 848e41f4b71Sopenharmony_ci| bigint \| string \| number | 用于查看密钥参数的具体内容。 | 849e41f4b71Sopenharmony_ci 850e41f4b71Sopenharmony_ci**错误码:** 851e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 852e41f4b71Sopenharmony_ci 853e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 854e41f4b71Sopenharmony_ci| -------- | ---------------------- | 855e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 856e41f4b71Sopenharmony_ci| 17620001 | memory error. | 857e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 858e41f4b71Sopenharmony_ci 859e41f4b71Sopenharmony_ci**示例:** 860e41f4b71Sopenharmony_ci 861e41f4b71Sopenharmony_ci<!--code_no_check--> 862e41f4b71Sopenharmony_ci```ts 863e41f4b71Sopenharmony_cilet key: cryptoFramework.PubKey; // key is a public key object. The generation process is omitted here. 864e41f4b71Sopenharmony_cilet p = key.getAsyKeySpec(cryptoFramework.AsyKeySpecItem.ECC_FP_P_BN); 865e41f4b71Sopenharmony_ciconsole.info('ecc item --- p: ' + p.toString(16)); 866e41f4b71Sopenharmony_ci``` 867e41f4b71Sopenharmony_ci 868e41f4b71Sopenharmony_ci### getEncodedDer<sup>12+</sup> 869e41f4b71Sopenharmony_ci 870e41f4b71Sopenharmony_cigetEncodedDer(format: string): DataBlob 871e41f4b71Sopenharmony_ci 872e41f4b71Sopenharmony_ci支持根据指定的密钥格式(如采用哪个规范、是否压缩等),获取满足ASN.1语法、DER编码的公钥数据。当前仅支持获取ECC压缩/非压缩格式的公钥数据。 873e41f4b71Sopenharmony_ci 874e41f4b71Sopenharmony_ci> **说明:** 875e41f4b71Sopenharmony_ci> 876e41f4b71Sopenharmony_ci> 本接口和[Key.getEncoded()](#getencoded)的区别是:<br/> 877e41f4b71Sopenharmony_ci> 1. 本接口可根据入参决定数据的输出格式。 878e41f4b71Sopenharmony_ci> 2. [Key.getEncoded()](#getencoded)接口,不支持指定密钥格式,生成的数据格式与原始数据格式保持一致。(原始数据格式,指通过[convertKey](#convertkey-3)接口生成密钥对象时的数据格式)。 879e41f4b71Sopenharmony_ci 880e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 881e41f4b71Sopenharmony_ci 882e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 883e41f4b71Sopenharmony_ci 884e41f4b71Sopenharmony_ci**参数:** 885e41f4b71Sopenharmony_ci 886e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 887e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 888e41f4b71Sopenharmony_ci| format | string | 是 | 用于指定当前密钥格式,取值仅支持"X509\|COMPRESSED"和"X509\|UNCOMPRESSED"。 | 889e41f4b71Sopenharmony_ci 890e41f4b71Sopenharmony_ci**返回值:** 891e41f4b71Sopenharmony_ci 892e41f4b71Sopenharmony_ci| 类型 | 说明 | 893e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 894e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 返回指定密钥格式的,满足ASN.1语法、DER编码的公钥数据。 | 895e41f4b71Sopenharmony_ci 896e41f4b71Sopenharmony_ci**错误码:** 897e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 898e41f4b71Sopenharmony_ci 899e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 900e41f4b71Sopenharmony_ci| -------- | ---------------------- | 901e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 902e41f4b71Sopenharmony_ci| 17620001 | memory error. | 903e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 904e41f4b71Sopenharmony_ci 905e41f4b71Sopenharmony_ci**示例:** 906e41f4b71Sopenharmony_ci 907e41f4b71Sopenharmony_ci<!--code_no_check--> 908e41f4b71Sopenharmony_ci```ts 909e41f4b71Sopenharmony_cilet key: cryptoFramework.PubKey; // Key is a public key object. The generation process is omitted here. 910e41f4b71Sopenharmony_cilet returnBlob = key.getEncodedDer('X509|UNCOMPRESSED'); 911e41f4b71Sopenharmony_ciconsole.info('returnBlob data:' + returnBlob.data); 912e41f4b71Sopenharmony_ci``` 913e41f4b71Sopenharmony_ci 914e41f4b71Sopenharmony_ci### getEncodedPem<sup>12+</sup> 915e41f4b71Sopenharmony_ci 916e41f4b71Sopenharmony_cigetEncodedPem(format: string): string 917e41f4b71Sopenharmony_ci 918e41f4b71Sopenharmony_ci同步方法,获取密钥数据的字符串。密钥可以为RSA公钥或者私钥。其中,公钥格式满足X.509规范、PKCS#1规范和PEM编码格式。 919e41f4b71Sopenharmony_ci 920e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 921e41f4b71Sopenharmony_ci 922e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 923e41f4b71Sopenharmony_ci 924e41f4b71Sopenharmony_ci**参数:** 925e41f4b71Sopenharmony_ci 926e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 927e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 928e41f4b71Sopenharmony_ci| format | string | 是 | 指定的获取密钥字符串的编码格式。其中,公钥可为'PKCS1' 或'X509'格式。| 929e41f4b71Sopenharmony_ci 930e41f4b71Sopenharmony_ci**返回值:** 931e41f4b71Sopenharmony_ci 932e41f4b71Sopenharmony_ci| 类型 | 说明 | 933e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 934e41f4b71Sopenharmony_ci| string | 用于获取指定密钥格式的具体内容。 | 935e41f4b71Sopenharmony_ci 936e41f4b71Sopenharmony_ci**错误码:** 937e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 938e41f4b71Sopenharmony_ci 939e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 940e41f4b71Sopenharmony_ci| -------- | ---------------------- | 941e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 942e41f4b71Sopenharmony_ci| 17620001 | memory error. | 943e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 944e41f4b71Sopenharmony_ci 945e41f4b71Sopenharmony_ci**示例:** 946e41f4b71Sopenharmony_ci 947e41f4b71Sopenharmony_ci```ts 948e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 949e41f4b71Sopenharmony_ci 950e41f4b71Sopenharmony_cilet publicPkcs1Str1024: string = 951e41f4b71Sopenharmony_ci "-----BEGIN RSA PUBLIC KEY-----\n" 952e41f4b71Sopenharmony_ci + "MIGJAoGBALAg3eavbX433pOjGdWdpL7HIr1w1EAeIcaCtuMfDpECPdX6X5ZjrwiE\n" 953e41f4b71Sopenharmony_ci + "h7cO51WXMT2gyN45DCQySr/8cLE2UiUVHo7qlrSatdLA9ETtgob3sJ4qTaBg5Lxg\n" 954e41f4b71Sopenharmony_ci + "SHy2gC+bvEpuIuRe64yXGuM/aP+ZvmIj9QBIVI9mJD8jLEOvQBBpAgMBAAE=\n" 955e41f4b71Sopenharmony_ci + "-----END RSA PUBLIC KEY-----\n"; 956e41f4b71Sopenharmony_ci 957e41f4b71Sopenharmony_cifunction TestPubKeyPkcs1ToX509BySync1024() { 958e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 959e41f4b71Sopenharmony_ci let keyPair = rsaGenerator.convertPemKeySync(publicPkcs1Str1024, null); 960e41f4b71Sopenharmony_ci let pubPemKey = keyPair.pubKey; 961e41f4b71Sopenharmony_ci let pubString = pubPemKey.getEncodedPem('X509'); 962e41f4b71Sopenharmony_ci console.info("[sync]TestPubKeyPkcs1ToX509BySync1024 pubString output is " + pubString); 963e41f4b71Sopenharmony_ci} 964e41f4b71Sopenharmony_ci``` 965e41f4b71Sopenharmony_ci 966e41f4b71Sopenharmony_ci## PriKey 967e41f4b71Sopenharmony_ci 968e41f4b71Sopenharmony_ci私钥,是[Key](#key)的子类,在非对称加解密、签名、密钥协商时需要将其作为输入使用。 969e41f4b71Sopenharmony_ci 970e41f4b71Sopenharmony_ci私钥可以通过非对称密钥生成器[AsyKeyGenerator](#asykeygenerator)、[AsyKeyGeneratorBySpec](#asykeygeneratorbyspec10)来生成。 971e41f4b71Sopenharmony_ci 972e41f4b71Sopenharmony_ci### clearMem 973e41f4b71Sopenharmony_ci 974e41f4b71Sopenharmony_ciclearMem(): void 975e41f4b71Sopenharmony_ci 976e41f4b71Sopenharmony_ci同步方法,将系统底层内存中的的密钥内容清零。 977e41f4b71Sopenharmony_ci 978e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 979e41f4b71Sopenharmony_ci 980e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 981e41f4b71Sopenharmony_ci 982e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 983e41f4b71Sopenharmony_ci 984e41f4b71Sopenharmony_ci**示例:** 985e41f4b71Sopenharmony_ci 986e41f4b71Sopenharmony_ci<!--code_no_check--> 987e41f4b71Sopenharmony_ci```ts 988e41f4b71Sopenharmony_cilet key: cryptoFramework.PriKey; // The key is a private key generated by the asymmetric key generator. The generation process is omitted here. 989e41f4b71Sopenharmony_cikey.clearMem(); // For the asymmetric private key, clearMem() releases the internal key struct. After clearMem is executed, getEncoded() is not supported. 990e41f4b71Sopenharmony_ci``` 991e41f4b71Sopenharmony_ci 992e41f4b71Sopenharmony_ci### getAsyKeySpec<sup>10+</sup> 993e41f4b71Sopenharmony_ci 994e41f4b71Sopenharmony_cigetAsyKeySpec(itemType: AsyKeySpecItem): bigint | string | number 995e41f4b71Sopenharmony_ci 996e41f4b71Sopenharmony_ci同步方法,获取密钥参数。 997e41f4b71Sopenharmony_ci 998e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 999e41f4b71Sopenharmony_ci 1000e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1001e41f4b71Sopenharmony_ci 1002e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1003e41f4b71Sopenharmony_ci 1004e41f4b71Sopenharmony_ci**参数:** 1005e41f4b71Sopenharmony_ci 1006e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1007e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 1008e41f4b71Sopenharmony_ci| itemType | [AsyKeySpecItem](#asykeyspecitem10) | 是 | 指定的密钥参数类型。 | 1009e41f4b71Sopenharmony_ci 1010e41f4b71Sopenharmony_ci**返回值:** 1011e41f4b71Sopenharmony_ci 1012e41f4b71Sopenharmony_ci| 类型 | 说明 | 1013e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 1014e41f4b71Sopenharmony_ci| bigint \| string \| number | 用于查看密钥参数的具体内容。 | 1015e41f4b71Sopenharmony_ci 1016e41f4b71Sopenharmony_ci**错误码:** 1017e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1018e41f4b71Sopenharmony_ci 1019e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1020e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1021e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1022e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1023e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1024e41f4b71Sopenharmony_ci 1025e41f4b71Sopenharmony_ci**示例:** 1026e41f4b71Sopenharmony_ci 1027e41f4b71Sopenharmony_ci<!--code_no_check--> 1028e41f4b71Sopenharmony_ci```ts 1029e41f4b71Sopenharmony_cilet key: cryptoFramework.PriKey; // key is a private key object. The generation process is omitted here. 1030e41f4b71Sopenharmony_cilet p = key.getAsyKeySpec(cryptoFramework.AsyKeySpecItem.ECC_FP_P_BN); 1031e41f4b71Sopenharmony_ciconsole.info('ecc item --- p: ' + p.toString(16)); 1032e41f4b71Sopenharmony_ci``` 1033e41f4b71Sopenharmony_ci### getEncodedDer<sup>12+</sup> 1034e41f4b71Sopenharmony_ci 1035e41f4b71Sopenharmony_cigetEncodedDer(format: string): DataBlob 1036e41f4b71Sopenharmony_ci 1037e41f4b71Sopenharmony_ci支持根据指定的密钥格式(如采用哪个规范),获取满足ASN.1语法、DER编码的私钥数据。当前仅支持获取PKCS8格式的ecc私钥数据。 1038e41f4b71Sopenharmony_ci 1039e41f4b71Sopenharmony_ci> **说明:** 1040e41f4b71Sopenharmony_ci> 1041e41f4b71Sopenharmony_ci> 本接口和[Key.getEncoded()](#getencoded)的区别是:<br/> 1042e41f4b71Sopenharmony_ci> 1. 本接口可根据入参决定数据的输出格式,当前支持获取PKCS8格式的ecc私钥数据。 1043e41f4b71Sopenharmony_ci> 2. [Key.getEncoded()](#getencoded)接口,不支持指定密钥格式。 1044e41f4b71Sopenharmony_ci 1045e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1046e41f4b71Sopenharmony_ci 1047e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1048e41f4b71Sopenharmony_ci 1049e41f4b71Sopenharmony_ci**参数:** 1050e41f4b71Sopenharmony_ci 1051e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1052e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 1053e41f4b71Sopenharmony_ci| format | string | 是 | 用于指定当前密钥格式,取值当前仅支持"PKCS8"。 | 1054e41f4b71Sopenharmony_ci 1055e41f4b71Sopenharmony_ci**返回值:** 1056e41f4b71Sopenharmony_ci 1057e41f4b71Sopenharmony_ci| 类型 | 说明 | 1058e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 1059e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 返回指定密钥格式的,满足ASN.1语法、DER编码的ecc私钥数据。 | 1060e41f4b71Sopenharmony_ci 1061e41f4b71Sopenharmony_ci**错误码:** 1062e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1063e41f4b71Sopenharmony_ci 1064e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1065e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1066e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1067e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1068e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1069e41f4b71Sopenharmony_ci 1070e41f4b71Sopenharmony_ci**示例:** 1071e41f4b71Sopenharmony_ci 1072e41f4b71Sopenharmony_ci<!--code_no_check--> 1073e41f4b71Sopenharmony_ci```ts 1074e41f4b71Sopenharmony_cilet key: cryptoFramework.PriKey; // key is a private key object. The generation process is omitted here. 1075e41f4b71Sopenharmony_cilet returnBlob = key.getEncodedDer('PKCS8'); 1076e41f4b71Sopenharmony_ciconsole.info('returnBlob data:' + returnBlob.data); 1077e41f4b71Sopenharmony_ci``` 1078e41f4b71Sopenharmony_ci 1079e41f4b71Sopenharmony_ci### getEncodedPem<sup>12+</sup> 1080e41f4b71Sopenharmony_ci 1081e41f4b71Sopenharmony_cigetEncodedPem(format: string): string 1082e41f4b71Sopenharmony_ci 1083e41f4b71Sopenharmony_ci同步方法,获取密钥数据的字符串。密钥可以为RSA公钥或者私钥。其中,私钥格式满足PKCS#8规范、PKCS#1规范和PEM编码方式。 1084e41f4b71Sopenharmony_ci 1085e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1086e41f4b71Sopenharmony_ci 1087e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1088e41f4b71Sopenharmony_ci 1089e41f4b71Sopenharmony_ci**参数:** 1090e41f4b71Sopenharmony_ci 1091e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1092e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 1093e41f4b71Sopenharmony_ci| format | string | 是 | 指定的获取密钥字符串的编码格式。其中,私钥可为'PKCS1' 或'PKCS8'格式。| 1094e41f4b71Sopenharmony_ci 1095e41f4b71Sopenharmony_ci**返回值:** 1096e41f4b71Sopenharmony_ci 1097e41f4b71Sopenharmony_ci| 类型 | 说明 | 1098e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 1099e41f4b71Sopenharmony_ci| string | 用于获取指定密钥格式的具体内容。 | 1100e41f4b71Sopenharmony_ci 1101e41f4b71Sopenharmony_ci**错误码:** 1102e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1103e41f4b71Sopenharmony_ci 1104e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1105e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1106e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1107e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1108e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1109e41f4b71Sopenharmony_ci 1110e41f4b71Sopenharmony_ci**示例:** 1111e41f4b71Sopenharmony_ci 1112e41f4b71Sopenharmony_ci```ts 1113e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1114e41f4b71Sopenharmony_ci 1115e41f4b71Sopenharmony_cilet priKeyPkcs1Str1024: string = 1116e41f4b71Sopenharmony_ci "-----BEGIN RSA PRIVATE KEY-----\n" 1117e41f4b71Sopenharmony_ci + "MIICXQIBAAKBgQCwIN3mr21+N96ToxnVnaS+xyK9cNRAHiHGgrbjHw6RAj3V+l+W\n" 1118e41f4b71Sopenharmony_ci + "Y68IhIe3DudVlzE9oMjeOQwkMkq//HCxNlIlFR6O6pa0mrXSwPRE7YKG97CeKk2g\n" 1119e41f4b71Sopenharmony_ci + "YOS8YEh8toAvm7xKbiLkXuuMlxrjP2j/mb5iI/UASFSPZiQ/IyxDr0AQaQIDAQAB\n" 1120e41f4b71Sopenharmony_ci + "AoGAEvBFzBNa+7J4PXnRQlYEK/tvsd0bBZX33ceacMubHl6WVZbphltLq+fMTBPP\n" 1121e41f4b71Sopenharmony_ci + "LjXmtpC+aJ7Lvmyl+wTi/TsxE9vxW5JnbuRT48rnZ/Xwq0eozDeEeIBRrpsr7Rvr\n" 1122e41f4b71Sopenharmony_ci + "7ctrgzr4m4yMHq9aDgpxj8IR7oHkfwnmWr0wM3FuiVlj650CQQDineeNZ1hUTkj4\n" 1123e41f4b71Sopenharmony_ci + "D3O+iCi3mxEVEeJrpqrmSFolRMb+iozrIRKuJlgcOs+Gqi2fHfOTTL7LkpYe8SVg\n" 1124e41f4b71Sopenharmony_ci + "e3JxUdVLAkEAxvcZXk+byMFoetrnlcMR13VHUpoVeoV9qkv6CAWLlbMdgf7uKmgp\n" 1125e41f4b71Sopenharmony_ci + "a1Yp3QPDNQQqkPvrqtfR19JWZ4uy1qREmwJALTU3BjyBoH/liqb6fh4HkWk75Som\n" 1126e41f4b71Sopenharmony_ci + "MzeSjFIOubSYxhq5tgZpBZjcpvUMhV7Zrw54kwASZ+YcUJvmyvKViAm9NQJBAKF7\n" 1127e41f4b71Sopenharmony_ci + "DyXSKrem8Ws0m1ybM7HQx5As6l3EVhePDmDQT1eyRbKp+xaD74nkJpnwYdB3jyyY\n" 1128e41f4b71Sopenharmony_ci + "qc7A1tj5J5NmeEFolR0CQQCn76Xp8HCjGgLHw9vg7YyIL28y/XyfFyaZAzzK+Yia\n" 1129e41f4b71Sopenharmony_ci + "akNwQ6NeGtXSsuGCcyyfpacHp9xy8qXQNKSkw03/5vDO\n" 1130e41f4b71Sopenharmony_ci + "-----END RSA PRIVATE KEY-----\n"; 1131e41f4b71Sopenharmony_ci 1132e41f4b71Sopenharmony_cifunction TestPriKeyPkcs1ToPkcs8BySync1024() { 1133e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 1134e41f4b71Sopenharmony_ci let keyPair = rsaGenerator.convertPemKeySync(null, priKeyPkcs1Str1024); 1135e41f4b71Sopenharmony_ci let priPemKey = keyPair.priKey; 1136e41f4b71Sopenharmony_ci let priString = priPemKey.getEncodedPem('PKCS8'); 1137e41f4b71Sopenharmony_ci console.info("[sync]TestPriKeyPkcs1ToPkcs8BySync1024 priString output is " + priString); 1138e41f4b71Sopenharmony_ci} 1139e41f4b71Sopenharmony_ci``` 1140e41f4b71Sopenharmony_ci 1141e41f4b71Sopenharmony_ci## KeyPair 1142e41f4b71Sopenharmony_ci 1143e41f4b71Sopenharmony_ci非对称密钥对,包含:公钥与私钥。 1144e41f4b71Sopenharmony_ci 1145e41f4b71Sopenharmony_ci可以通过非对称密钥生成器[AsyKeyGenerator](#asykeygenerator)、[AsyKeyGeneratorBySpec](#asykeygeneratorbyspec10)来生成。 1146e41f4b71Sopenharmony_ci 1147e41f4b71Sopenharmony_ci> **说明:** 1148e41f4b71Sopenharmony_ci> 1149e41f4b71Sopenharmony_ci> KeyPair对象中的pubKey对象和priKey对象,作为KeyPair对象中的一个参数存在,当离开KeyPair对象作用域时,其内部对象可能被析构。 1150e41f4b71Sopenharmony_ci> 1151e41f4b71Sopenharmony_ci> 业务方使用时应持有KeyPair对象的引用,而非内部pubKey或priKey对象的引用。 1152e41f4b71Sopenharmony_ci 1153e41f4b71Sopenharmony_ci### 属性 1154e41f4b71Sopenharmony_ci 1155e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1156e41f4b71Sopenharmony_ci 1157e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1158e41f4b71Sopenharmony_ci 1159e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1160e41f4b71Sopenharmony_ci 1161e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 1162e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------ | 1163e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 否 | 私钥。 | 1164e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 否 | 公钥。 | 1165e41f4b71Sopenharmony_ci 1166e41f4b71Sopenharmony_ci## cryptoFramework.createSymKeyGenerator 1167e41f4b71Sopenharmony_ci 1168e41f4b71Sopenharmony_cicreateSymKeyGenerator(algName: string): SymKeyGenerator 1169e41f4b71Sopenharmony_ci 1170e41f4b71Sopenharmony_ci通过指定算法名称的字符串,获取相应的对称密钥生成器实例。 1171e41f4b71Sopenharmony_ci 1172e41f4b71Sopenharmony_ci支持的规格详见[对称密钥生成和转换规格](../../security/CryptoArchitectureKit/crypto-sym-key-generation-conversion-spec.md)。 1173e41f4b71Sopenharmony_ci 1174e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1175e41f4b71Sopenharmony_ci 1176e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1177e41f4b71Sopenharmony_ci 1178e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1179e41f4b71Sopenharmony_ci 1180e41f4b71Sopenharmony_ci**参数:** 1181e41f4b71Sopenharmony_ci 1182e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1183e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 1184e41f4b71Sopenharmony_ci| algName | string | 是 | 待生成对称密钥生成器的算法名称。<br/>具体取值详见[对称密钥生成和转换规格](../../security/CryptoArchitectureKit/crypto-sym-key-generation-conversion-spec.md)一节中的“字符串参数”。 | 1185e41f4b71Sopenharmony_ci 1186e41f4b71Sopenharmony_ci**返回值:** 1187e41f4b71Sopenharmony_ci 1188e41f4b71Sopenharmony_ci| 类型 | 说明 | 1189e41f4b71Sopenharmony_ci| ----------------------------------- | -------------------------- | 1190e41f4b71Sopenharmony_ci| [SymKeyGenerator](#symkeygenerator) | 返回对称密钥生成器的对象。 | 1191e41f4b71Sopenharmony_ci 1192e41f4b71Sopenharmony_ci**错误码:** 1193e41f4b71Sopenharmony_ci 1194e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1195e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1196e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1197e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1198e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 1199e41f4b71Sopenharmony_ci 1200e41f4b71Sopenharmony_ci**示例:** 1201e41f4b71Sopenharmony_ci 1202e41f4b71Sopenharmony_ci```ts 1203e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1204e41f4b71Sopenharmony_ci 1205e41f4b71Sopenharmony_cilet symKeyGenerator = cryptoFramework.createSymKeyGenerator('3DES192'); 1206e41f4b71Sopenharmony_ci``` 1207e41f4b71Sopenharmony_ci 1208e41f4b71Sopenharmony_ci## SymKeyGenerator 1209e41f4b71Sopenharmony_ci 1210e41f4b71Sopenharmony_ci对称密钥生成器。 1211e41f4b71Sopenharmony_ci 1212e41f4b71Sopenharmony_ci在使用该类的方法前,需要先使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)方法构建一个SymKeyGenerator实例。 1213e41f4b71Sopenharmony_ci 1214e41f4b71Sopenharmony_ci### 属性 1215e41f4b71Sopenharmony_ci 1216e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1217e41f4b71Sopenharmony_ci 1218e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1219e41f4b71Sopenharmony_ci 1220e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1221e41f4b71Sopenharmony_ci 1222e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 1223e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ------------------------------ | 1224e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 对称密钥生成器指定的算法名称。 | 1225e41f4b71Sopenharmony_ci 1226e41f4b71Sopenharmony_ci### generateSymKey 1227e41f4b71Sopenharmony_ci 1228e41f4b71Sopenharmony_cigenerateSymKey(callback: AsyncCallback\<SymKey>): void 1229e41f4b71Sopenharmony_ci 1230e41f4b71Sopenharmony_ci异步获取对称密钥生成器随机生成的密钥,通过注册回调函数获取结果。 1231e41f4b71Sopenharmony_ci 1232e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1233e41f4b71Sopenharmony_ci 1234e41f4b71Sopenharmony_ci目前支持使用OpenSSL的RAND_priv_bytes()作为底层能力生成随机密钥。 1235e41f4b71Sopenharmony_ci 1236e41f4b71Sopenharmony_ci> **说明:** 1237e41f4b71Sopenharmony_ci> 1238e41f4b71Sopenharmony_ci> 对于HMAC算法的对称密钥,如果已经在创建对称密钥生成器时指定了具体哈希算法(如指定“HMAC|SHA256”),则会随机生成与哈希长度一致的二进制密钥数据(如指定“HMAC|SHA256”会随机生成256位的密钥数据)。<br/>如果在创建对称密钥生成器时没有指定具体哈希算法,如仅指定“HMAC”,则不支持随机生成对称密钥数据,可通过[convertKey](#convertkey)方式生成对称密钥数据。 1239e41f4b71Sopenharmony_ci 1240e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1241e41f4b71Sopenharmony_ci 1242e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1243e41f4b71Sopenharmony_ci 1244e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1245e41f4b71Sopenharmony_ci 1246e41f4b71Sopenharmony_ci**参数:** 1247e41f4b71Sopenharmony_ci 1248e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1249e41f4b71Sopenharmony_ci| -------- | --------------------------------- | ---- | ------------------------------------------------------------ | 1250e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[SymKey](#symkey)> | 是 | 回调函数。当生成对称密钥成功,err为undefined,data为获取到的SymKey;否则为错误对象。 | 1251e41f4b71Sopenharmony_ci 1252e41f4b71Sopenharmony_ci**错误码:** 1253e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1254e41f4b71Sopenharmony_ci 1255e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1256e41f4b71Sopenharmony_ci| -------- | ------------- | 1257e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1258e41f4b71Sopenharmony_ci 1259e41f4b71Sopenharmony_ci**示例:** 1260e41f4b71Sopenharmony_ci 1261e41f4b71Sopenharmony_ci```ts 1262e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1263e41f4b71Sopenharmony_ci 1264e41f4b71Sopenharmony_cilet symKeyGenerator = cryptoFramework.createSymKeyGenerator('3DES192'); 1265e41f4b71Sopenharmony_ci symKeyGenerator.generateSymKey((err, symKey) => { 1266e41f4b71Sopenharmony_ci console.info('Generate symKey success, algName:' + symKey.algName); 1267e41f4b71Sopenharmony_ci }); 1268e41f4b71Sopenharmony_ci``` 1269e41f4b71Sopenharmony_ci 1270e41f4b71Sopenharmony_ci### generateSymKey 1271e41f4b71Sopenharmony_ci 1272e41f4b71Sopenharmony_cigenerateSymKey(): Promise\<SymKey> 1273e41f4b71Sopenharmony_ci 1274e41f4b71Sopenharmony_ci异步获取该对称密钥生成器随机生成的密钥,通过Promise获取结果。 1275e41f4b71Sopenharmony_ci 1276e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1277e41f4b71Sopenharmony_ci 1278e41f4b71Sopenharmony_ci目前支持使用OpenSSL的RAND_priv_bytes()作为底层能力生成随机密钥。 1279e41f4b71Sopenharmony_ci 1280e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1281e41f4b71Sopenharmony_ci 1282e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1283e41f4b71Sopenharmony_ci 1284e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1285e41f4b71Sopenharmony_ci 1286e41f4b71Sopenharmony_ci**返回值:** 1287e41f4b71Sopenharmony_ci 1288e41f4b71Sopenharmony_ci| 类型 | 说明 | 1289e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 1290e41f4b71Sopenharmony_ci| Promise\<[SymKey](#symkey)> | Promise对象,返回对称密钥SymKey。 | 1291e41f4b71Sopenharmony_ci 1292e41f4b71Sopenharmony_ci**错误码:** 1293e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1294e41f4b71Sopenharmony_ci 1295e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1296e41f4b71Sopenharmony_ci| -------- | ------------- | 1297e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1298e41f4b71Sopenharmony_ci 1299e41f4b71Sopenharmony_ci**示例:** 1300e41f4b71Sopenharmony_ci 1301e41f4b71Sopenharmony_ci```ts 1302e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1303e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1304e41f4b71Sopenharmony_ci 1305e41f4b71Sopenharmony_cilet symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 1306e41f4b71Sopenharmony_ci symKeyGenerator.generateSymKey() 1307e41f4b71Sopenharmony_ci .then(symKey => { 1308e41f4b71Sopenharmony_ci console.info('Generate symKey success, algName: ' + symKey.algName); 1309e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 1310e41f4b71Sopenharmony_ci console.error(`Generate symKey failed, ${error.code}, ${error.message}`); 1311e41f4b71Sopenharmony_ci }); 1312e41f4b71Sopenharmony_ci``` 1313e41f4b71Sopenharmony_ci 1314e41f4b71Sopenharmony_ci### generateSymKeySync<sup>12+</sup> 1315e41f4b71Sopenharmony_ci 1316e41f4b71Sopenharmony_cigenerateSymKeySync(): SymKey 1317e41f4b71Sopenharmony_ci 1318e41f4b71Sopenharmony_ci同步获取对称密钥生成器随机生成的密钥。 1319e41f4b71Sopenharmony_ci 1320e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1321e41f4b71Sopenharmony_ci 1322e41f4b71Sopenharmony_ci目前支持使用OpenSSL的RAND_priv_bytes()作为底层能力生成随机密钥。 1323e41f4b71Sopenharmony_ci 1324e41f4b71Sopenharmony_ci> **说明:** 1325e41f4b71Sopenharmony_ci> 1326e41f4b71Sopenharmony_ci> 对于HMAC算法的对称密钥,如果已经在创建对称密钥生成器时指定了具体哈希算法(如指定“HMAC|SHA256”),则会随机生成与哈希长度一致的二进制密钥数据(如指定“HMAC|SHA256”会随机生成256位的密钥数据)。<br/>如果在创建对称密钥生成器时没有指定具体哈希算法,如仅指定“HMAC”,则不支持随机生成对称密钥数据,可通过[convertKeySync](#convertkeysync12)方式生成对称密钥数据。 1327e41f4b71Sopenharmony_ci 1328e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1329e41f4b71Sopenharmony_ci 1330e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1331e41f4b71Sopenharmony_ci 1332e41f4b71Sopenharmony_ci**错误码:** 1333e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1334e41f4b71Sopenharmony_ci 1335e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1336e41f4b71Sopenharmony_ci| -------- | ------------- | 1337e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1338e41f4b71Sopenharmony_ci 1339e41f4b71Sopenharmony_ci**示例:** 1340e41f4b71Sopenharmony_ci 1341e41f4b71Sopenharmony_ci```ts 1342e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1343e41f4b71Sopenharmony_ci 1344e41f4b71Sopenharmony_cifunction testGenerateSymKeySync() { 1345e41f4b71Sopenharmony_ci // 创建SymKeyGenerator实例 1346e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES256'); 1347e41f4b71Sopenharmony_ci // 使用密钥生成器随机生成对称密钥 1348e41f4b71Sopenharmony_ci let key = symKeyGenerator.generateSymKeySync(); 1349e41f4b71Sopenharmony_ci let encodedKey = key.getEncoded(); 1350e41f4b71Sopenharmony_ci console.info('key hex:' + encodedKey.data); 1351e41f4b71Sopenharmony_ci} 1352e41f4b71Sopenharmony_ci``` 1353e41f4b71Sopenharmony_ci 1354e41f4b71Sopenharmony_ci### convertKey 1355e41f4b71Sopenharmony_ci 1356e41f4b71Sopenharmony_ciconvertKey(key: DataBlob, callback: AsyncCallback\<SymKey>): void 1357e41f4b71Sopenharmony_ci 1358e41f4b71Sopenharmony_ci异步根据指定数据生成对称密钥,通过注册回调函数获取结果。 1359e41f4b71Sopenharmony_ci 1360e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1361e41f4b71Sopenharmony_ci 1362e41f4b71Sopenharmony_ci> **说明:** 1363e41f4b71Sopenharmony_ci> 1364e41f4b71Sopenharmony_ci> 对于HMAC算法的对称密钥,如果已经在创建对称密钥生成器时指定了具体哈希算法(如指定“HMAC|SHA256”),则需要传入与哈希长度一致的二进制密钥数据(如传入SHA256对应256位的密钥数据)。<br/>如果在创建对称密钥生成器时没有指定具体哈希算法,如仅指定“HMAC”,则支持传入长度在[1,4096]范围内(单位为byte)的任意二进制密钥数据。 1365e41f4b71Sopenharmony_ci 1366e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1367e41f4b71Sopenharmony_ci 1368e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1369e41f4b71Sopenharmony_ci 1370e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1371e41f4b71Sopenharmony_ci 1372e41f4b71Sopenharmony_ci**参数:** 1373e41f4b71Sopenharmony_ci 1374e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1375e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ---------------------| 1376e41f4b71Sopenharmony_ci| key | [DataBlob](#datablob) | 是 | 指定的对称密钥材料。 | 1377e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[SymKey](#symkey)> | 是 | 回调函数。当生成对称密钥成功,err为undefined,data为获取到的SymKey;否则为错误对象。 | 1378e41f4b71Sopenharmony_ci 1379e41f4b71Sopenharmony_ci**错误码:** 1380e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1381e41f4b71Sopenharmony_ci 1382e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1383e41f4b71Sopenharmony_ci| -------- | --------------------------------------------------- | 1384e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1385e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1386e41f4b71Sopenharmony_ci 1387e41f4b71Sopenharmony_ci**示例:** 1388e41f4b71Sopenharmony_ci 1389e41f4b71Sopenharmony_ci```ts 1390e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1391e41f4b71Sopenharmony_ci 1392e41f4b71Sopenharmony_cifunction genKeyMaterialBlob(): cryptoFramework.DataBlob { 1393e41f4b71Sopenharmony_ci let arr = [ 1394e41f4b71Sopenharmony_ci 0xba, 0x3d, 0xc2, 0x71, 0x21, 0x1e, 0x30, 0x56, 1395e41f4b71Sopenharmony_ci 0xad, 0x47, 0xfc, 0x5a, 0x46, 0x39, 0xee, 0x7c, 1396e41f4b71Sopenharmony_ci 0xba, 0x3b, 0xc2, 0x71, 0xab, 0xa0, 0x30, 0x72]; // keyLen = 192 (24 bytes) 1397e41f4b71Sopenharmony_ci let keyMaterial = new Uint8Array(arr); 1398e41f4b71Sopenharmony_ci return { data: keyMaterial }; 1399e41f4b71Sopenharmony_ci} 1400e41f4b71Sopenharmony_ci 1401e41f4b71Sopenharmony_cifunction testConvertKey() { 1402e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('3DES192'); 1403e41f4b71Sopenharmony_ci let keyMaterialBlob = genKeyMaterialBlob(); 1404e41f4b71Sopenharmony_ci symKeyGenerator.convertKey(keyMaterialBlob, (err, symKey) => { 1405e41f4b71Sopenharmony_ci console.info('Convert symKey success, algName: ' + symKey.algName); 1406e41f4b71Sopenharmony_ci }); 1407e41f4b71Sopenharmony_ci} 1408e41f4b71Sopenharmony_ci``` 1409e41f4b71Sopenharmony_ci 1410e41f4b71Sopenharmony_ci### convertKey 1411e41f4b71Sopenharmony_ci 1412e41f4b71Sopenharmony_ciconvertKey(key: DataBlob): Promise\<SymKey> 1413e41f4b71Sopenharmony_ci 1414e41f4b71Sopenharmony_ci异步根据指定数据生成对称密钥,通过Promise获取结果。 1415e41f4b71Sopenharmony_ci 1416e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1417e41f4b71Sopenharmony_ci 1418e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1419e41f4b71Sopenharmony_ci 1420e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1421e41f4b71Sopenharmony_ci 1422e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.SymKey 1423e41f4b71Sopenharmony_ci 1424e41f4b71Sopenharmony_ci**参数:** 1425e41f4b71Sopenharmony_ci 1426e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1427e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 1428e41f4b71Sopenharmony_ci| key | [DataBlob](#datablob) | 是 | 指定的密钥材料数据。 | 1429e41f4b71Sopenharmony_ci 1430e41f4b71Sopenharmony_ci**返回值:** 1431e41f4b71Sopenharmony_ci 1432e41f4b71Sopenharmony_ci| 类型 | 说明 | 1433e41f4b71Sopenharmony_ci| --------------------------- | --------------------------------- | 1434e41f4b71Sopenharmony_ci| Promise\<[SymKey](#symkey)> | Promise对象,返回对称密钥SymKey。 | 1435e41f4b71Sopenharmony_ci 1436e41f4b71Sopenharmony_ci**错误码:** 1437e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1438e41f4b71Sopenharmony_ci 1439e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1440e41f4b71Sopenharmony_ci| -------- | --------------------------------------------- | 1441e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1442e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1443e41f4b71Sopenharmony_ci 1444e41f4b71Sopenharmony_ci**示例:** 1445e41f4b71Sopenharmony_ci 1446e41f4b71Sopenharmony_ci```ts 1447e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1448e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1449e41f4b71Sopenharmony_ci 1450e41f4b71Sopenharmony_cifunction genKeyMaterialBlob(): cryptoFramework.DataBlob { 1451e41f4b71Sopenharmony_ci let arr = [ 1452e41f4b71Sopenharmony_ci 0xba, 0x3d, 0xc2, 0x71, 0x21, 0x1e, 0x30, 0x56, 1453e41f4b71Sopenharmony_ci 0xad, 0x47, 0xfc, 0x5a, 0x46, 0x39, 0xee, 0x7c, 1454e41f4b71Sopenharmony_ci 0xba, 0x3b, 0xc2, 0x71, 0xab, 0xa0, 0x30, 0x72]; // keyLen = 192 (24 bytes) 1455e41f4b71Sopenharmony_ci let keyMaterial = new Uint8Array(arr); 1456e41f4b71Sopenharmony_ci return { data: keyMaterial }; 1457e41f4b71Sopenharmony_ci} 1458e41f4b71Sopenharmony_ci 1459e41f4b71Sopenharmony_cifunction testConvertKey() { 1460e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('3DES192'); 1461e41f4b71Sopenharmony_ci let keyMaterialBlob = genKeyMaterialBlob(); 1462e41f4b71Sopenharmony_ci symKeyGenerator.convertKey(keyMaterialBlob) 1463e41f4b71Sopenharmony_ci .then(symKey => { 1464e41f4b71Sopenharmony_ci console.info('Convert symKey success, algName:' + symKey.algName); 1465e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 1466e41f4b71Sopenharmony_ci console.error(`Convert symKey failed, ${error.code}, ${error.message}`); 1467e41f4b71Sopenharmony_ci }); 1468e41f4b71Sopenharmony_ci} 1469e41f4b71Sopenharmony_ci``` 1470e41f4b71Sopenharmony_ci 1471e41f4b71Sopenharmony_ci### convertKeySync<sup>12+</sup> 1472e41f4b71Sopenharmony_ci 1473e41f4b71Sopenharmony_ciconvertKeySync(key: DataBlob): SymKey 1474e41f4b71Sopenharmony_ci 1475e41f4b71Sopenharmony_ci同步根据指定数据生成对称密钥。 1476e41f4b71Sopenharmony_ci 1477e41f4b71Sopenharmony_ci必须在使用[createSymKeyGenerator](#cryptoframeworkcreatesymkeygenerator)创建对称密钥生成器后,才能使用本函数。 1478e41f4b71Sopenharmony_ci 1479e41f4b71Sopenharmony_ci> **说明:** 1480e41f4b71Sopenharmony_ci> 1481e41f4b71Sopenharmony_ci> 对于HMAC算法的对称密钥,如果已经在创建对称密钥生成器时指定了具体哈希算法(如指定“HMAC|SHA256”),则需要传入与哈希长度一致的二进制密钥数据(如传入SHA256对应256位的密钥数据)。<br/>如果在创建对称密钥生成器时没有指定具体哈希算法,如仅指定“HMAC”,则支持传入长度在[1,4096]范围内(单位为byte)的任意二进制密钥数据。 1482e41f4b71Sopenharmony_ci 1483e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1484e41f4b71Sopenharmony_ci 1485e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.SymKey 1486e41f4b71Sopenharmony_ci 1487e41f4b71Sopenharmony_ci**参数:** 1488e41f4b71Sopenharmony_ci 1489e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1490e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ---------------------| 1491e41f4b71Sopenharmony_ci| key | [DataBlob](#datablob) | 是 | 指定的对称密钥材料。 | 1492e41f4b71Sopenharmony_ci 1493e41f4b71Sopenharmony_ci**错误码:** 1494e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1495e41f4b71Sopenharmony_ci 1496e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1497e41f4b71Sopenharmony_ci| -------- | --------------------------------------------------- | 1498e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1499e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1500e41f4b71Sopenharmony_ci 1501e41f4b71Sopenharmony_ci**示例:** 1502e41f4b71Sopenharmony_ci 1503e41f4b71Sopenharmony_ci```ts 1504e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1505e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 1506e41f4b71Sopenharmony_ci 1507e41f4b71Sopenharmony_cifunction testConvertKeySync() { 1508e41f4b71Sopenharmony_ci // 对称密钥长度为64字节,512比特 1509e41f4b71Sopenharmony_ci let keyMessage = '87654321abcdefgh87654321abcdefgh87654321abcdefgh87654321abcdefgh'; 1510e41f4b71Sopenharmony_ci let keyBlob: cryptoFramework.DataBlob = { 1511e41f4b71Sopenharmony_ci data : new Uint8Array(buffer.from(keyMessage, 'utf-8').buffer) 1512e41f4b71Sopenharmony_ci } 1513e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('HMAC'); 1514e41f4b71Sopenharmony_ci let key = symKeyGenerator.convertKeySync(keyBlob); 1515e41f4b71Sopenharmony_ci let encodedKey = key.getEncoded(); 1516e41f4b71Sopenharmony_ci console.info('key encoded data:' + encodedKey.data); 1517e41f4b71Sopenharmony_ci} 1518e41f4b71Sopenharmony_ci``` 1519e41f4b71Sopenharmony_ci 1520e41f4b71Sopenharmony_ci## cryptoFramework.createAsyKeyGenerator 1521e41f4b71Sopenharmony_ci 1522e41f4b71Sopenharmony_cicreateAsyKeyGenerator(algName: string): AsyKeyGenerator 1523e41f4b71Sopenharmony_ci 1524e41f4b71Sopenharmony_ci通过指定算法名称的字符串,获取相应的非对称密钥生成器实例。 1525e41f4b71Sopenharmony_ci 1526e41f4b71Sopenharmony_ci支持的规格详见[非对称密钥生成和转换规格](../../security/CryptoArchitectureKit/crypto-asym-key-generation-conversion-spec.md)。 1527e41f4b71Sopenharmony_ci 1528e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1529e41f4b71Sopenharmony_ci 1530e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1531e41f4b71Sopenharmony_ci 1532e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1533e41f4b71Sopenharmony_ci 1534e41f4b71Sopenharmony_ci**参数:** 1535e41f4b71Sopenharmony_ci 1536e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1537e41f4b71Sopenharmony_ci| ------- | ------ | ---- | -------------------------------- | 1538e41f4b71Sopenharmony_ci| algName | string | 是 | 待生成对称密钥生成器的算法名称。 | 1539e41f4b71Sopenharmony_ci 1540e41f4b71Sopenharmony_ci**返回值:** 1541e41f4b71Sopenharmony_ci 1542e41f4b71Sopenharmony_ci| 类型 | 说明 | 1543e41f4b71Sopenharmony_ci| --------------- | ---------------------------- | 1544e41f4b71Sopenharmony_ci| [AsyKeyGenerator](#asykeygenerator) | 返回非对称密钥生成器的对象。 | 1545e41f4b71Sopenharmony_ci 1546e41f4b71Sopenharmony_ci**错误码:** 1547e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1548e41f4b71Sopenharmony_ci 1549e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1550e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1551e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1552e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 1553e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1554e41f4b71Sopenharmony_ci 1555e41f4b71Sopenharmony_ci**示例:** 1556e41f4b71Sopenharmony_ci 1557e41f4b71Sopenharmony_ci```ts 1558e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1559e41f4b71Sopenharmony_ci 1560e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1561e41f4b71Sopenharmony_ci``` 1562e41f4b71Sopenharmony_ci 1563e41f4b71Sopenharmony_ci## AsyKeyGenerator 1564e41f4b71Sopenharmony_ci 1565e41f4b71Sopenharmony_ci非对称密钥生成器。在使用该类的方法前,需要先使用createAsyKeyGenerator()方法构建一个AsyKeyGenerator实例。 1566e41f4b71Sopenharmony_ci 1567e41f4b71Sopenharmony_ci### 属性 1568e41f4b71Sopenharmony_ci 1569e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1570e41f4b71Sopenharmony_ci 1571e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1572e41f4b71Sopenharmony_ci 1573e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1574e41f4b71Sopenharmony_ci 1575e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 1576e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | -------------------------------- | 1577e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 非对称密钥生成器指定的算法名称。 | 1578e41f4b71Sopenharmony_ci 1579e41f4b71Sopenharmony_ci### generateKeyPair 1580e41f4b71Sopenharmony_ci 1581e41f4b71Sopenharmony_cigenerateKeyPair(callback: AsyncCallback\<KeyPair>): void 1582e41f4b71Sopenharmony_ci 1583e41f4b71Sopenharmony_ci异步获取非对称密钥生成器随机生成的密钥,通过注册回调函数获取结果。 1584e41f4b71Sopenharmony_ci 1585e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1586e41f4b71Sopenharmony_ci 1587e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1588e41f4b71Sopenharmony_ci 1589e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1590e41f4b71Sopenharmony_ci 1591e41f4b71Sopenharmony_ci**参数:** 1592e41f4b71Sopenharmony_ci 1593e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1594e41f4b71Sopenharmony_ci| -------- | ----------------------- | ---- | ------------------------------ | 1595e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[KeyPair](#keypair)> | 是 | 回调函数,用于获取非对称密钥。 | 1596e41f4b71Sopenharmony_ci 1597e41f4b71Sopenharmony_ci**错误码:** 1598e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1599e41f4b71Sopenharmony_ci 1600e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1601e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1602e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>Incorrect parameter types;| 1603e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1604e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1605e41f4b71Sopenharmony_ci 1606e41f4b71Sopenharmony_ci**示例:** 1607e41f4b71Sopenharmony_ci 1608e41f4b71Sopenharmony_ci```ts 1609e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1610e41f4b71Sopenharmony_ci 1611e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1612e41f4b71Sopenharmony_ciasyKeyGenerator.generateKeyPair((err, keyPair) => { 1613e41f4b71Sopenharmony_ci if (err) { 1614e41f4b71Sopenharmony_ci console.error("generateKeyPair: error."); 1615e41f4b71Sopenharmony_ci return; 1616e41f4b71Sopenharmony_ci } 1617e41f4b71Sopenharmony_ci console.info('generateKeyPair: success.'); 1618e41f4b71Sopenharmony_ci}) 1619e41f4b71Sopenharmony_ci``` 1620e41f4b71Sopenharmony_ci 1621e41f4b71Sopenharmony_ci### generateKeyPair 1622e41f4b71Sopenharmony_ci 1623e41f4b71Sopenharmony_cigenerateKeyPair(): Promise\<KeyPair> 1624e41f4b71Sopenharmony_ci 1625e41f4b71Sopenharmony_ci异步获取该非对称密钥生成器随机生成的密钥,通过Promise获取结果。 1626e41f4b71Sopenharmony_ci 1627e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1628e41f4b71Sopenharmony_ci 1629e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1630e41f4b71Sopenharmony_ci 1631e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1632e41f4b71Sopenharmony_ci 1633e41f4b71Sopenharmony_ci**返回值:** 1634e41f4b71Sopenharmony_ci 1635e41f4b71Sopenharmony_ci| 类型 | 说明 | 1636e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1637e41f4b71Sopenharmony_ci| Promise\<[KeyPair](#keypair)> | 使用Promise的方式获取非对称密钥。 | 1638e41f4b71Sopenharmony_ci 1639e41f4b71Sopenharmony_ci**错误码:** 1640e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1641e41f4b71Sopenharmony_ci 1642e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1643e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1644e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 1645e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1646e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1647e41f4b71Sopenharmony_ci 1648e41f4b71Sopenharmony_ci**示例:** 1649e41f4b71Sopenharmony_ci 1650e41f4b71Sopenharmony_ci```ts 1651e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1652e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1653e41f4b71Sopenharmony_ci 1654e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1655e41f4b71Sopenharmony_cilet keyGenPromise = asyKeyGenerator.generateKeyPair(); 1656e41f4b71Sopenharmony_cikeyGenPromise.then(keyPair => { 1657e41f4b71Sopenharmony_ci console.info('generateKeyPair success.'); 1658e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 1659e41f4b71Sopenharmony_ci console.error("generateKeyPair error."); 1660e41f4b71Sopenharmony_ci}); 1661e41f4b71Sopenharmony_ci``` 1662e41f4b71Sopenharmony_ci 1663e41f4b71Sopenharmony_ci### generateKeyPairSync<sup>12+</sup> 1664e41f4b71Sopenharmony_ci 1665e41f4b71Sopenharmony_cigenerateKeyPairSync(): KeyPair 1666e41f4b71Sopenharmony_ci 1667e41f4b71Sopenharmony_ci同步获取该非对称密钥生成器随机生成的密钥。 1668e41f4b71Sopenharmony_ci 1669e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1670e41f4b71Sopenharmony_ci 1671e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1672e41f4b71Sopenharmony_ci 1673e41f4b71Sopenharmony_ci**返回值:** 1674e41f4b71Sopenharmony_ci 1675e41f4b71Sopenharmony_ci| 类型 | 说明 | 1676e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1677e41f4b71Sopenharmony_ci| [KeyPair](#keypair) | 非对称密钥。 | 1678e41f4b71Sopenharmony_ci 1679e41f4b71Sopenharmony_ci**错误码:** 1680e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1681e41f4b71Sopenharmony_ci 1682e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1683e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1684e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 1685e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1686e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1687e41f4b71Sopenharmony_ci 1688e41f4b71Sopenharmony_ci**示例:** 1689e41f4b71Sopenharmony_ci 1690e41f4b71Sopenharmony_ci```ts 1691e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1692e41f4b71Sopenharmony_ci 1693e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1694e41f4b71Sopenharmony_citry { 1695e41f4b71Sopenharmony_ci let keyPairData = asyKeyGenerator.generateKeyPairSync(); 1696e41f4b71Sopenharmony_ci if (keyPairData != null) { 1697e41f4b71Sopenharmony_ci console.info('[Sync]: key pair success'); 1698e41f4b71Sopenharmony_ci } else { 1699e41f4b71Sopenharmony_ci console.error("[Sync]: get key pair result fail!"); 1700e41f4b71Sopenharmony_ci } 1701e41f4b71Sopenharmony_ci} catch (e) { 1702e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 1703e41f4b71Sopenharmony_ci} 1704e41f4b71Sopenharmony_ci``` 1705e41f4b71Sopenharmony_ci 1706e41f4b71Sopenharmony_ci### convertKey 1707e41f4b71Sopenharmony_ci 1708e41f4b71Sopenharmony_ciconvertKey(pubKey: DataBlob | null, priKey: DataBlob | null, callback: AsyncCallback\<KeyPair\>): void 1709e41f4b71Sopenharmony_ci 1710e41f4b71Sopenharmony_ci异步获取指定数据生成非对称密钥,通过注册回调函数获取结果。详情请看下方**密钥转换说明**。 1711e41f4b71Sopenharmony_ci 1712e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1713e41f4b71Sopenharmony_ci 1714e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1715e41f4b71Sopenharmony_ci 1716e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1717e41f4b71Sopenharmony_ci 1718e41f4b71Sopenharmony_ci**参数:** 1719e41f4b71Sopenharmony_ci 1720e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1721e41f4b71Sopenharmony_ci| -------- | ----------- | ---- | ------------------------------ | 1722e41f4b71Sopenharmony_ci| pubKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的公钥材料。如果公钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1723e41f4b71Sopenharmony_ci| priKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的私钥材料。如果私钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1724e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[KeyPair](#keypair)> | 是 | 回调函数,用于获取非对称密钥。 | 1725e41f4b71Sopenharmony_ci 1726e41f4b71Sopenharmony_ci**错误码:** 1727e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1728e41f4b71Sopenharmony_ci 1729e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1730e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1731e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1732e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1733e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1734e41f4b71Sopenharmony_ci 1735e41f4b71Sopenharmony_ci**示例:** 1736e41f4b71Sopenharmony_ci 1737e41f4b71Sopenharmony_ci```ts 1738e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1739e41f4b71Sopenharmony_ci 1740e41f4b71Sopenharmony_cilet pubKeyArray = new Uint8Array([48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0, 4, 83, 96, 142, 9, 86, 214, 126, 106, 247, 233, 92, 125, 4, 128, 138, 105, 246, 162, 215, 71, 81, 58, 202, 121, 26, 105, 211, 55, 130, 45, 236, 143, 55, 16, 248, 75, 167, 160, 167, 106, 2, 152, 243, 44, 68, 66, 0, 167, 99, 92, 235, 215, 159, 239, 28, 106, 124, 171, 34, 145, 124, 174, 57, 92]); 1741e41f4b71Sopenharmony_cilet priKeyArray = new Uint8Array([48, 49, 2, 1, 1, 4, 32, 115, 56, 137, 35, 207, 0, 60, 191, 90, 61, 136, 105, 210, 16, 27, 4, 171, 57, 10, 61, 123, 40, 189, 28, 34, 207, 236, 22, 45, 223, 10, 189, 160, 10, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7]); 1742e41f4b71Sopenharmony_cilet pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyArray }; // 公钥二进制数据 1743e41f4b71Sopenharmony_cilet priKeyBlob: cryptoFramework.DataBlob = { data: priKeyArray }; // 私钥二进制数据 1744e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1745e41f4b71Sopenharmony_ciasyKeyGenerator.convertKey(pubKeyBlob, priKeyBlob, (err, keyPair) => { 1746e41f4b71Sopenharmony_ci if (err) { 1747e41f4b71Sopenharmony_ci console.error("convertKey: error."); 1748e41f4b71Sopenharmony_ci return; 1749e41f4b71Sopenharmony_ci } 1750e41f4b71Sopenharmony_ci console.info('convertKey: success.'); 1751e41f4b71Sopenharmony_ci}); 1752e41f4b71Sopenharmony_ci``` 1753e41f4b71Sopenharmony_ci 1754e41f4b71Sopenharmony_ci### convertKey 1755e41f4b71Sopenharmony_ci 1756e41f4b71Sopenharmony_ciconvertKey(pubKey: DataBlob | null, priKey: DataBlob | null): Promise\<KeyPair> 1757e41f4b71Sopenharmony_ci 1758e41f4b71Sopenharmony_ci异步获取指定数据生成非对称密钥,通过Promise获取结果。详情请看下方**密钥转换说明**。 1759e41f4b71Sopenharmony_ci 1760e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1761e41f4b71Sopenharmony_ci 1762e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1763e41f4b71Sopenharmony_ci 1764e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 1765e41f4b71Sopenharmony_ci 1766e41f4b71Sopenharmony_ci**参数:** 1767e41f4b71Sopenharmony_ci 1768e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1769e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------------- | 1770e41f4b71Sopenharmony_ci| pubKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的公钥材料。如果公钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1771e41f4b71Sopenharmony_ci| priKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的私钥材料。如果私钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1772e41f4b71Sopenharmony_ci 1773e41f4b71Sopenharmony_ci**返回值:** 1774e41f4b71Sopenharmony_ci 1775e41f4b71Sopenharmony_ci| 类型 | 说明 | 1776e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1777e41f4b71Sopenharmony_ci| Promise\<[KeyPair](#keypair)> | 使用Promise的方式获取非对称密钥。 | 1778e41f4b71Sopenharmony_ci 1779e41f4b71Sopenharmony_ci**错误码:** 1780e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1781e41f4b71Sopenharmony_ci 1782e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1783e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1784e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1785e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1786e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1787e41f4b71Sopenharmony_ci 1788e41f4b71Sopenharmony_ci**示例:** 1789e41f4b71Sopenharmony_ci 1790e41f4b71Sopenharmony_ci```ts 1791e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1792e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1793e41f4b71Sopenharmony_ci 1794e41f4b71Sopenharmony_cilet pubKeyArray = new Uint8Array([48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0, 4, 83, 96, 142, 9, 86, 214, 126, 106, 247, 233, 92, 125, 4, 128, 138, 105, 246, 162, 215, 71, 81, 58, 202, 121, 26, 105, 211, 55, 130, 45, 236, 143, 55, 16, 248, 75, 167, 160, 167, 106, 2, 152, 243, 44, 68, 66, 0, 167, 99, 92, 235, 215, 159, 239, 28, 106, 124, 171, 34, 145, 124, 174, 57, 92]); 1795e41f4b71Sopenharmony_cilet priKeyArray = new Uint8Array([48, 49, 2, 1, 1, 4, 32, 115, 56, 137, 35, 207, 0, 60, 191, 90, 61, 136, 105, 210, 16, 27, 4, 171, 57, 10, 61, 123, 40, 189, 28, 34, 207, 236, 22, 45, 223, 10, 189, 160, 10, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7]); 1796e41f4b71Sopenharmony_cilet pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyArray }; // 公钥二进制数据 1797e41f4b71Sopenharmony_cilet priKeyBlob: cryptoFramework.DataBlob = { data: priKeyArray }; // 私钥二进制数据 1798e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1799e41f4b71Sopenharmony_cilet keyGenPromise = asyKeyGenerator.convertKey(pubKeyBlob, priKeyBlob); 1800e41f4b71Sopenharmony_cikeyGenPromise.then(keyPair => { 1801e41f4b71Sopenharmony_ci console.info('convertKey success.'); 1802e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 1803e41f4b71Sopenharmony_ci console.error("convertKey error."); 1804e41f4b71Sopenharmony_ci}); 1805e41f4b71Sopenharmony_ci``` 1806e41f4b71Sopenharmony_ci 1807e41f4b71Sopenharmony_ci### convertKeySync<sup>12+</sup> 1808e41f4b71Sopenharmony_ci 1809e41f4b71Sopenharmony_ciconvertKeySync(pubKey: DataBlob | null, priKey: DataBlob | null): KeyPair 1810e41f4b71Sopenharmony_ci 1811e41f4b71Sopenharmony_ci同步获取指定数据生成非对称密钥。详情请看下方**密钥转换说明**。 1812e41f4b71Sopenharmony_ci 1813e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1814e41f4b71Sopenharmony_ci 1815e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1816e41f4b71Sopenharmony_ci 1817e41f4b71Sopenharmony_ci**参数:** 1818e41f4b71Sopenharmony_ci 1819e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1820e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------------- | 1821e41f4b71Sopenharmony_ci| pubKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的公钥材料。如果公钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1822e41f4b71Sopenharmony_ci| priKey | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 指定的私钥材料。如果私钥不需要转换,可直接传入null。API 10之前只支持DataBlob, API 10之后增加支持null。 | 1823e41f4b71Sopenharmony_ci 1824e41f4b71Sopenharmony_ci**返回值:** 1825e41f4b71Sopenharmony_ci 1826e41f4b71Sopenharmony_ci| 类型 | 说明 | 1827e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1828e41f4b71Sopenharmony_ci| [KeyPair](#keypair) | 非对称密钥。 | 1829e41f4b71Sopenharmony_ci 1830e41f4b71Sopenharmony_ci**错误码:** 1831e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1832e41f4b71Sopenharmony_ci 1833e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1834e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1835e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 1836e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1837e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1838e41f4b71Sopenharmony_ci 1839e41f4b71Sopenharmony_ci**示例:** 1840e41f4b71Sopenharmony_ci 1841e41f4b71Sopenharmony_ci```ts 1842e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1843e41f4b71Sopenharmony_ci 1844e41f4b71Sopenharmony_cilet pubKeyArray = new Uint8Array([48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0, 4, 83, 96, 142, 9, 86, 214, 126, 106, 247, 233, 92, 125, 4, 128, 138, 105, 246, 162, 215, 71, 81, 58, 202, 121, 26, 105, 211, 55, 130, 45, 236, 143, 55, 16, 248, 75, 167, 160, 167, 106, 2, 152, 243, 44, 68, 66, 0, 167, 99, 92, 235, 215, 159, 239, 28, 106, 124, 171, 34, 145, 124, 174, 57, 92]); 1845e41f4b71Sopenharmony_cilet priKeyArray = new Uint8Array([48, 49, 2, 1, 1, 4, 32, 115, 56, 137, 35, 207, 0, 60, 191, 90, 61, 136, 105, 210, 16, 27, 4, 171, 57, 10, 61, 123, 40, 189, 28, 34, 207, 236, 22, 45, 223, 10, 189, 160, 10, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7]); 1846e41f4b71Sopenharmony_cilet pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyArray }; // 公钥二进制数据 1847e41f4b71Sopenharmony_cilet priKeyBlob: cryptoFramework.DataBlob = { data: priKeyArray }; // 私钥二进制数据 1848e41f4b71Sopenharmony_cilet asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('ECC256'); 1849e41f4b71Sopenharmony_citry { 1850e41f4b71Sopenharmony_ci let keyPairData = asyKeyGenerator.convertKeySync(pubKeyBlob, priKeyBlob); 1851e41f4b71Sopenharmony_ci if (keyPairData != null) { 1852e41f4b71Sopenharmony_ci console.info('[Sync]: key pair success'); 1853e41f4b71Sopenharmony_ci } else { 1854e41f4b71Sopenharmony_ci console.error("[Sync]: convert key pair result fail!"); 1855e41f4b71Sopenharmony_ci } 1856e41f4b71Sopenharmony_ci} catch (e) { 1857e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 1858e41f4b71Sopenharmony_ci} 1859e41f4b71Sopenharmony_ci``` 1860e41f4b71Sopenharmony_ci 1861e41f4b71Sopenharmony_ci**密钥转换说明** 1862e41f4b71Sopenharmony_ci 1863e41f4b71Sopenharmony_ci1. 非对称密钥(RSA、ECC、DSA)的公钥和私钥调用getEncoded()方法后,分别返回X.509格式和PKCS#8格式的二进制数据,其中对于ecc私钥,返回的是RFC5915定义格式。上述数据可用于跨应用传输或持久化存储。 1864e41f4b71Sopenharmony_ci2. 当调用convertKey方法将外来二进制数据转换为算法库非对称密钥对象时,公钥应满足ASN.1语法、X.509规范、DER编码格式,私钥应满足ASN.1语法、PKCS#8规范、DER编码格式。 1865e41f4b71Sopenharmony_ci3. convertKey方法中,公钥和密钥二进制数据非必选项,可单独传入公钥或私钥的数据,生成对应只包含公钥或私钥的KeyPair对象。 1866e41f4b71Sopenharmony_ci4. convertKey或convertKeySync方法将外来二进制数据转换为算法库非对称密钥对象时,不会校验生成的密钥对象的规格与创建非对称密钥生成器时指定的密钥规格是否一致。 1867e41f4b71Sopenharmony_ci 1868e41f4b71Sopenharmony_ci### convertPemKey<sup>12+</sup> 1869e41f4b71Sopenharmony_ci 1870e41f4b71Sopenharmony_ciconvertPemKey(pubKey: string | null, priKey: string | null): Promise\<KeyPair> 1871e41f4b71Sopenharmony_ci 1872e41f4b71Sopenharmony_ci异步获取指定数据生成非对称密钥,通过Promise获取结果。 1873e41f4b71Sopenharmony_ci 1874e41f4b71Sopenharmony_ci> **说明:** 1875e41f4b71Sopenharmony_ci> 1. 当调用convertPemKey方法将外来字符串数据转换为算法库非对称密钥对象时,公钥应满足ASN.1语法、X.509规范、PEM编码格式,私钥应满足ASN.1语法、PKCS#8规范、PEM编码格式。 1876e41f4b71Sopenharmony_ci> 2. convertPemKey方法中,公钥和私钥字符串数据为非必选项,可单独传入公钥或私钥的数据,生成对应只包含公钥或私钥的KeyPair对象。 1877e41f4b71Sopenharmony_ci> 3. convertPemKey方法将外来字符串数据转换为算法库非对称密钥对象时,不会校验生成的密钥对象的规格与创建非对称密钥生成器时指定的密钥规格是否一致。 1878e41f4b71Sopenharmony_ci 1879e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1880e41f4b71Sopenharmony_ci 1881e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1882e41f4b71Sopenharmony_ci 1883e41f4b71Sopenharmony_ci**参数:** 1884e41f4b71Sopenharmony_ci 1885e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1886e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------------- | 1887e41f4b71Sopenharmony_ci| pubKey | string \| null | 是 | 指定的公钥材料。如果公钥不需要转换,可直接传入null。| 1888e41f4b71Sopenharmony_ci| priKey | string \| null | 是 | 指定的私钥材料。如果私钥不需要转换,可直接传入null。注:公钥和私钥材料不能同时为null。| 1889e41f4b71Sopenharmony_ci 1890e41f4b71Sopenharmony_ci**返回值:** 1891e41f4b71Sopenharmony_ci 1892e41f4b71Sopenharmony_ci| 类型 | 说明 | 1893e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1894e41f4b71Sopenharmony_ci| Promise\<[KeyPair](#keypair)> | 使用Promise的方式获取非对称密钥。 | 1895e41f4b71Sopenharmony_ci 1896e41f4b71Sopenharmony_ci**错误码:** 1897e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1898e41f4b71Sopenharmony_ci 1899e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1900e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1901e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 1902e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1903e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1904e41f4b71Sopenharmony_ci 1905e41f4b71Sopenharmony_ci**示例:** 1906e41f4b71Sopenharmony_ci 1907e41f4b71Sopenharmony_ci```ts 1908e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1909e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1910e41f4b71Sopenharmony_ci 1911e41f4b71Sopenharmony_cilet priKeyPkcs1Str1024: string = 1912e41f4b71Sopenharmony_ci "-----BEGIN RSA PRIVATE KEY-----\n" 1913e41f4b71Sopenharmony_ci + "MIICXQIBAAKBgQCwIN3mr21+N96ToxnVnaS+xyK9cNRAHiHGgrbjHw6RAj3V+l+W\n" 1914e41f4b71Sopenharmony_ci + "Y68IhIe3DudVlzE9oMjeOQwkMkq//HCxNlIlFR6O6pa0mrXSwPRE7YKG97CeKk2g\n" 1915e41f4b71Sopenharmony_ci + "YOS8YEh8toAvm7xKbiLkXuuMlxrjP2j/mb5iI/UASFSPZiQ/IyxDr0AQaQIDAQAB\n" 1916e41f4b71Sopenharmony_ci + "AoGAEvBFzBNa+7J4PXnRQlYEK/tvsd0bBZX33ceacMubHl6WVZbphltLq+fMTBPP\n" 1917e41f4b71Sopenharmony_ci + "LjXmtpC+aJ7Lvmyl+wTi/TsxE9vxW5JnbuRT48rnZ/Xwq0eozDeEeIBRrpsr7Rvr\n" 1918e41f4b71Sopenharmony_ci + "7ctrgzr4m4yMHq9aDgpxj8IR7oHkfwnmWr0wM3FuiVlj650CQQDineeNZ1hUTkj4\n" 1919e41f4b71Sopenharmony_ci + "D3O+iCi3mxEVEeJrpqrmSFolRMb+iozrIRKuJlgcOs+Gqi2fHfOTTL7LkpYe8SVg\n" 1920e41f4b71Sopenharmony_ci + "e3JxUdVLAkEAxvcZXk+byMFoetrnlcMR13VHUpoVeoV9qkv6CAWLlbMdgf7uKmgp\n" 1921e41f4b71Sopenharmony_ci + "a1Yp3QPDNQQqkPvrqtfR19JWZ4uy1qREmwJALTU3BjyBoH/liqb6fh4HkWk75Som\n" 1922e41f4b71Sopenharmony_ci + "MzeSjFIOubSYxhq5tgZpBZjcpvUMhV7Zrw54kwASZ+YcUJvmyvKViAm9NQJBAKF7\n" 1923e41f4b71Sopenharmony_ci + "DyXSKrem8Ws0m1ybM7HQx5As6l3EVhePDmDQT1eyRbKp+xaD74nkJpnwYdB3jyyY\n" 1924e41f4b71Sopenharmony_ci + "qc7A1tj5J5NmeEFolR0CQQCn76Xp8HCjGgLHw9vg7YyIL28y/XyfFyaZAzzK+Yia\n" 1925e41f4b71Sopenharmony_ci + "akNwQ6NeGtXSsuGCcyyfpacHp9xy8qXQNKSkw03/5vDO\n" 1926e41f4b71Sopenharmony_ci + "-----END RSA PRIVATE KEY-----\n"; 1927e41f4b71Sopenharmony_ci let publicPkcs1Str1024: string = 1928e41f4b71Sopenharmony_ci "-----BEGIN RSA PUBLIC KEY-----\n" 1929e41f4b71Sopenharmony_ci + "MIGJAoGBALAg3eavbX433pOjGdWdpL7HIr1w1EAeIcaCtuMfDpECPdX6X5ZjrwiE\n" 1930e41f4b71Sopenharmony_ci + "h7cO51WXMT2gyN45DCQySr/8cLE2UiUVHo7qlrSatdLA9ETtgob3sJ4qTaBg5Lxg\n" 1931e41f4b71Sopenharmony_ci + "SHy2gC+bvEpuIuRe64yXGuM/aP+ZvmIj9QBIVI9mJD8jLEOvQBBpAgMBAAE=\n" 1932e41f4b71Sopenharmony_ci + "-----END RSA PUBLIC KEY-----\n"; 1933e41f4b71Sopenharmony_ciasync function TestConvertPemKeyByPromise() { 1934e41f4b71Sopenharmony_ci let asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 1935e41f4b71Sopenharmony_ci let keyGenPromise = asyKeyGenerator.convertPemKey(publicPkcs1Str1024, priKeyPkcs1Str1024); 1936e41f4b71Sopenharmony_ci keyGenPromise.then(keyPair => { 1937e41f4b71Sopenharmony_ci console.info('convertPemKey success.'); 1938e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 1939e41f4b71Sopenharmony_ci console.error("convertPemKey error."); 1940e41f4b71Sopenharmony_ci }); 1941e41f4b71Sopenharmony_ci} 1942e41f4b71Sopenharmony_ci``` 1943e41f4b71Sopenharmony_ci 1944e41f4b71Sopenharmony_ci### convertPemKeySync<sup>12+</sup> 1945e41f4b71Sopenharmony_ci 1946e41f4b71Sopenharmony_ciconvertPemKeySync(pubKey: string | null, priKey: string | null): KeyPair 1947e41f4b71Sopenharmony_ci 1948e41f4b71Sopenharmony_ci同步获取指定数据生成非对称密钥。 1949e41f4b71Sopenharmony_ci 1950e41f4b71Sopenharmony_ci> **说明:** 1951e41f4b71Sopenharmony_ci> convertPemKeySync接口与convertPemKey接口注意事项相同,见[convertPemKey](#convertpemkey12)接口说明。 1952e41f4b71Sopenharmony_ci 1953e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1954e41f4b71Sopenharmony_ci 1955e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 1956e41f4b71Sopenharmony_ci 1957e41f4b71Sopenharmony_ci**参数:** 1958e41f4b71Sopenharmony_ci 1959e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1960e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------------- | 1961e41f4b71Sopenharmony_ci| pubKey | string \| null| 是 | 指定的公钥材料。如果公钥不需要转换,可直接传入null。| 1962e41f4b71Sopenharmony_ci| priKey | string \| null| 是 | 指定的私钥材料。如果私钥不需要转换,可直接传入null。注:公钥和私钥材料不能同时为null。| 1963e41f4b71Sopenharmony_ci 1964e41f4b71Sopenharmony_ci**返回值:** 1965e41f4b71Sopenharmony_ci 1966e41f4b71Sopenharmony_ci| 类型 | 说明 | 1967e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 1968e41f4b71Sopenharmony_ci| [KeyPair](#keypair) | 非对称密钥。 | 1969e41f4b71Sopenharmony_ci 1970e41f4b71Sopenharmony_ci**错误码:** 1971e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 1972e41f4b71Sopenharmony_ci 1973e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1974e41f4b71Sopenharmony_ci| -------- | ---------------------- | 1975e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 1976e41f4b71Sopenharmony_ci| 17620001 | memory error. | 1977e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 1978e41f4b71Sopenharmony_ci 1979e41f4b71Sopenharmony_ci**示例:** 1980e41f4b71Sopenharmony_ci 1981e41f4b71Sopenharmony_ci```ts 1982e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 1983e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1984e41f4b71Sopenharmony_ci 1985e41f4b71Sopenharmony_cilet priKeyPkcs1Str1024: string = 1986e41f4b71Sopenharmony_ci "-----BEGIN RSA PRIVATE KEY-----\n" 1987e41f4b71Sopenharmony_ci + "MIICXQIBAAKBgQCwIN3mr21+N96ToxnVnaS+xyK9cNRAHiHGgrbjHw6RAj3V+l+W\n" 1988e41f4b71Sopenharmony_ci + "Y68IhIe3DudVlzE9oMjeOQwkMkq//HCxNlIlFR6O6pa0mrXSwPRE7YKG97CeKk2g\n" 1989e41f4b71Sopenharmony_ci + "YOS8YEh8toAvm7xKbiLkXuuMlxrjP2j/mb5iI/UASFSPZiQ/IyxDr0AQaQIDAQAB\n" 1990e41f4b71Sopenharmony_ci + "AoGAEvBFzBNa+7J4PXnRQlYEK/tvsd0bBZX33ceacMubHl6WVZbphltLq+fMTBPP\n" 1991e41f4b71Sopenharmony_ci + "LjXmtpC+aJ7Lvmyl+wTi/TsxE9vxW5JnbuRT48rnZ/Xwq0eozDeEeIBRrpsr7Rvr\n" 1992e41f4b71Sopenharmony_ci + "7ctrgzr4m4yMHq9aDgpxj8IR7oHkfwnmWr0wM3FuiVlj650CQQDineeNZ1hUTkj4\n" 1993e41f4b71Sopenharmony_ci + "D3O+iCi3mxEVEeJrpqrmSFolRMb+iozrIRKuJlgcOs+Gqi2fHfOTTL7LkpYe8SVg\n" 1994e41f4b71Sopenharmony_ci + "e3JxUdVLAkEAxvcZXk+byMFoetrnlcMR13VHUpoVeoV9qkv6CAWLlbMdgf7uKmgp\n" 1995e41f4b71Sopenharmony_ci + "a1Yp3QPDNQQqkPvrqtfR19JWZ4uy1qREmwJALTU3BjyBoH/liqb6fh4HkWk75Som\n" 1996e41f4b71Sopenharmony_ci + "MzeSjFIOubSYxhq5tgZpBZjcpvUMhV7Zrw54kwASZ+YcUJvmyvKViAm9NQJBAKF7\n" 1997e41f4b71Sopenharmony_ci + "DyXSKrem8Ws0m1ybM7HQx5As6l3EVhePDmDQT1eyRbKp+xaD74nkJpnwYdB3jyyY\n" 1998e41f4b71Sopenharmony_ci + "qc7A1tj5J5NmeEFolR0CQQCn76Xp8HCjGgLHw9vg7YyIL28y/XyfFyaZAzzK+Yia\n" 1999e41f4b71Sopenharmony_ci + "akNwQ6NeGtXSsuGCcyyfpacHp9xy8qXQNKSkw03/5vDO\n" 2000e41f4b71Sopenharmony_ci + "-----END RSA PRIVATE KEY-----\n"; 2001e41f4b71Sopenharmony_ci let publicPkcs1Str1024: string = 2002e41f4b71Sopenharmony_ci "-----BEGIN RSA PUBLIC KEY-----\n" 2003e41f4b71Sopenharmony_ci + "MIGJAoGBALAg3eavbX433pOjGdWdpL7HIr1w1EAeIcaCtuMfDpECPdX6X5ZjrwiE\n" 2004e41f4b71Sopenharmony_ci + "h7cO51WXMT2gyN45DCQySr/8cLE2UiUVHo7qlrSatdLA9ETtgob3sJ4qTaBg5Lxg\n" 2005e41f4b71Sopenharmony_ci + "SHy2gC+bvEpuIuRe64yXGuM/aP+ZvmIj9QBIVI9mJD8jLEOvQBBpAgMBAAE=\n" 2006e41f4b71Sopenharmony_ci + "-----END RSA PUBLIC KEY-----\n"; 2007e41f4b71Sopenharmony_cifunction TestConvertPemKeyBySync() { 2008e41f4b71Sopenharmony_ci let asyKeyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 2009e41f4b71Sopenharmony_ci try { 2010e41f4b71Sopenharmony_ci let keyPairData = asyKeyGenerator.convertPemKeySync(publicPkcs1Str1024, priKeyPkcs1Str1024); 2011e41f4b71Sopenharmony_ci if (keyPairData != null) { 2012e41f4b71Sopenharmony_ci console.info('[Sync]: convert pem key pair success'); 2013e41f4b71Sopenharmony_ci } else { 2014e41f4b71Sopenharmony_ci console.error("[Sync]: convert pem key pair result fail!"); 2015e41f4b71Sopenharmony_ci } 2016e41f4b71Sopenharmony_ci } catch (e) { 2017e41f4b71Sopenharmony_ci console.error(`Sync error, ${e.code}, ${e.message}`); 2018e41f4b71Sopenharmony_ci } 2019e41f4b71Sopenharmony_ci} 2020e41f4b71Sopenharmony_ci``` 2021e41f4b71Sopenharmony_ci 2022e41f4b71Sopenharmony_ci## cryptoFramework.createAsyKeyGeneratorBySpec<sup>10+</sup> 2023e41f4b71Sopenharmony_ci 2024e41f4b71Sopenharmony_cicreateAsyKeyGeneratorBySpec(asyKeySpec: AsyKeySpec): AsyKeyGeneratorBySpec 2025e41f4b71Sopenharmony_ci 2026e41f4b71Sopenharmony_ci通过指定密钥参数,获取相应的非对称密钥生成器实例。 2027e41f4b71Sopenharmony_ci 2028e41f4b71Sopenharmony_ci支持的规格详见[非对称密钥生成和转换规格](../../security/CryptoArchitectureKit/crypto-asym-key-generation-conversion-spec.md)。 2029e41f4b71Sopenharmony_ci 2030e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2031e41f4b71Sopenharmony_ci 2032e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2033e41f4b71Sopenharmony_ci 2034e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2035e41f4b71Sopenharmony_ci 2036e41f4b71Sopenharmony_ci**参数:** 2037e41f4b71Sopenharmony_ci 2038e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2039e41f4b71Sopenharmony_ci| ------- | ------ | ---- | -------------------------------- | 2040e41f4b71Sopenharmony_ci| asyKeySpec | [AsyKeySpec](#asykeyspec10) | 是 | 密钥参数。非对称密钥生成器根据指定的这些参数生成公/私钥。 | 2041e41f4b71Sopenharmony_ci 2042e41f4b71Sopenharmony_ci**返回值:** 2043e41f4b71Sopenharmony_ci 2044e41f4b71Sopenharmony_ci| 类型 | 说明 | 2045e41f4b71Sopenharmony_ci| ----------------------------------------------- | -------------------------- | 2046e41f4b71Sopenharmony_ci| [AsyKeyGeneratorBySpec](#asykeygeneratorbyspec10) | 返回非对称密钥生成器实例。 | 2047e41f4b71Sopenharmony_ci 2048e41f4b71Sopenharmony_ci**错误码:** 2049e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2050e41f4b71Sopenharmony_ci 2051e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2052e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2053e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2054e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2055e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2056e41f4b71Sopenharmony_ci 2057e41f4b71Sopenharmony_ci**示例:** 2058e41f4b71Sopenharmony_ci 2059e41f4b71Sopenharmony_ci```ts 2060e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2061e41f4b71Sopenharmony_ci 2062e41f4b71Sopenharmony_ci// 配置DSA1024公钥和私钥中包含的公共参数 2063e41f4b71Sopenharmony_cifunction genDsa1024CommonSpecBigE() { 2064e41f4b71Sopenharmony_ci let dsaCommonSpec: cryptoFramework.DSACommonParamsSpec = { 2065e41f4b71Sopenharmony_ci algName: "DSA", 2066e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC, 2067e41f4b71Sopenharmony_ci p: BigInt("0xed1501551b8ab3547f6355ffdc2913856ddeca198833dbd04f020e5f25e47c50e0b3894f7690a0d2ea5ed3a7be25c54292a698e1f086eb3a97deb4dbf04fcad2dafd94a9f35c3ae338ab35477e16981ded6a5b13d5ff20bf55f1b262303ad3a80af71aa6aa2354d20e9c82647664bdb6b333b7bea0a5f49d55ca40bc312a1729"), 2068e41f4b71Sopenharmony_ci q: BigInt("0xd23304044019d5d382cfeabf351636c7ab219694ac845051f60b047b"), 2069e41f4b71Sopenharmony_ci g: BigInt("0x2cc266d8bd33c3009bd67f285a257ba74f0c3a7e12b722864632a0ac3f2c17c91c2f3f67eb2d57071ef47aaa8f8e17a21ad2c1072ee1ce281362aad01dcbcd3876455cd17e1dd55d4ed36fa011db40f0bbb8cba01d066f392b5eaa9404bfcb775f2196a6bc20eeec3db32d54e94d87ecdb7a0310a5a017c5cdb8ac78597778bd"), 2070e41f4b71Sopenharmony_ci } 2071e41f4b71Sopenharmony_ci return dsaCommonSpec; 2072e41f4b71Sopenharmony_ci} 2073e41f4b71Sopenharmony_ci 2074e41f4b71Sopenharmony_ci// 设置DSA1024密钥对中包含的全参数 2075e41f4b71Sopenharmony_cifunction genDsa1024KeyPairSpecBigE() { 2076e41f4b71Sopenharmony_ci let dsaCommonSpec = genDsa1024CommonSpecBigE(); 2077e41f4b71Sopenharmony_ci let dsaKeyPairSpec: cryptoFramework.DSAKeyPairSpec = { 2078e41f4b71Sopenharmony_ci algName: "DSA", 2079e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.KEY_PAIR_SPEC, 2080e41f4b71Sopenharmony_ci params: dsaCommonSpec, 2081e41f4b71Sopenharmony_ci sk: BigInt("0xa2dd2adb2d11392c2541930f61f1165c370aabd2d78d00342e0a2fd9"), 2082e41f4b71Sopenharmony_ci pk: BigInt("0xae6b5d5042e758f3fc9a02d009d896df115811a75b5f7b382d8526270dbb3c029403fafb8573ba4ef0314ea86f09d01e82a14d1ebb67b0c331f41049bd6b1842658b0592e706a5e4d20c14b67977e17df7bdd464cce14b5f13bae6607760fcdf394e0b73ac70aaf141fa4dafd736bd0364b1d6e6c0d7683a5de6b9221e7f2d6b"), 2083e41f4b71Sopenharmony_ci } 2084e41f4b71Sopenharmony_ci return dsaKeyPairSpec; 2085e41f4b71Sopenharmony_ci} 2086e41f4b71Sopenharmony_ci 2087e41f4b71Sopenharmony_cilet asyKeyPairSpec = genDsa1024KeyPairSpecBigE(); // The JS input must be a positive number in big-endian format. 2088e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2089e41f4b71Sopenharmony_ci``` 2090e41f4b71Sopenharmony_ci 2091e41f4b71Sopenharmony_ci## AsyKeyGeneratorBySpec<sup>10+</sup> 2092e41f4b71Sopenharmony_ci 2093e41f4b71Sopenharmony_ci非对称密钥生成器。在使用该类的方法前,需要先使用[createAsyKeyGeneratorBySpec()](#cryptoframeworkcreateasykeygeneratorbyspec10)方法构建一个AsyKeyGeneratorBySpec实例。 2094e41f4b71Sopenharmony_ci 2095e41f4b71Sopenharmony_ci### 属性 2096e41f4b71Sopenharmony_ci 2097e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2098e41f4b71Sopenharmony_ci 2099e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2100e41f4b71Sopenharmony_ci 2101e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2102e41f4b71Sopenharmony_ci 2103e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 2104e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | -------------------------- | 2105e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 非对称密钥生成器的算法名。 | 2106e41f4b71Sopenharmony_ci 2107e41f4b71Sopenharmony_ci### generateKeyPair 2108e41f4b71Sopenharmony_ci 2109e41f4b71Sopenharmony_cigenerateKeyPair(callback: AsyncCallback\<KeyPair>): void 2110e41f4b71Sopenharmony_ci 2111e41f4b71Sopenharmony_ci异步获取非对称密钥生成器生成的密钥,通过注册回调函数获取结果。 2112e41f4b71Sopenharmony_ci 2113e41f4b71Sopenharmony_ci当使用[COMMON_PARAMS_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到随机生成的密钥对;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到各项数据与密钥参数一致的密钥对。 2114e41f4b71Sopenharmony_ci 2115e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2116e41f4b71Sopenharmony_ci 2117e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2118e41f4b71Sopenharmony_ci 2119e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2120e41f4b71Sopenharmony_ci 2121e41f4b71Sopenharmony_ci**参数:** 2122e41f4b71Sopenharmony_ci 2123e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2124e41f4b71Sopenharmony_ci| -------- | ----------------------- | ---- | ------------------------------ | 2125e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[KeyPair](#keypair)> | 是 | 回调函数,用于获取非对称密钥。 | 2126e41f4b71Sopenharmony_ci 2127e41f4b71Sopenharmony_ci**错误码:** 2128e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2129e41f4b71Sopenharmony_ci 2130e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2131e41f4b71Sopenharmony_ci| -------- | ----------------------- | 2132e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>Incorrect parameter types; | 2133e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2134e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2135e41f4b71Sopenharmony_ci 2136e41f4b71Sopenharmony_ci**示例:** 2137e41f4b71Sopenharmony_ci 2138e41f4b71Sopenharmony_ci<!--code_no_check--> 2139e41f4b71Sopenharmony_ci```ts 2140e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2141e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2142e41f4b71Sopenharmony_ciasyKeyGeneratorBySpec.generateKeyPair((err, keyPair) => { 2143e41f4b71Sopenharmony_ci if (err) { 2144e41f4b71Sopenharmony_ci console.error("generateKeyPair: error."); 2145e41f4b71Sopenharmony_ci return; 2146e41f4b71Sopenharmony_ci } 2147e41f4b71Sopenharmony_ci console.info('generateKeyPair: success.'); 2148e41f4b71Sopenharmony_ci}) 2149e41f4b71Sopenharmony_ci``` 2150e41f4b71Sopenharmony_ci 2151e41f4b71Sopenharmony_ci### generateKeyPair 2152e41f4b71Sopenharmony_ci 2153e41f4b71Sopenharmony_cigenerateKeyPair(): Promise\<KeyPair> 2154e41f4b71Sopenharmony_ci 2155e41f4b71Sopenharmony_ci异步获取该非对称密钥生成器生成的密钥,通过Promise获取结果。 2156e41f4b71Sopenharmony_ci 2157e41f4b71Sopenharmony_ci当使用[COMMON_PARAMS_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到随机生成的密钥对;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到各项数据与密钥参数一致的密钥对。 2158e41f4b71Sopenharmony_ci 2159e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2160e41f4b71Sopenharmony_ci 2161e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2162e41f4b71Sopenharmony_ci 2163e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2164e41f4b71Sopenharmony_ci 2165e41f4b71Sopenharmony_ci**返回值:** 2166e41f4b71Sopenharmony_ci 2167e41f4b71Sopenharmony_ci| 类型 | 说明 | 2168e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2169e41f4b71Sopenharmony_ci| Promise\<[KeyPair](#keypair)> | 使用Promise的方式获取非对称密钥。 | 2170e41f4b71Sopenharmony_ci 2171e41f4b71Sopenharmony_ci**错误码:** 2172e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2173e41f4b71Sopenharmony_ci 2174e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2175e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2176e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2177e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2178e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2179e41f4b71Sopenharmony_ci 2180e41f4b71Sopenharmony_ci**示例:** 2181e41f4b71Sopenharmony_ci 2182e41f4b71Sopenharmony_ci<!--code_no_check--> 2183e41f4b71Sopenharmony_ci```ts 2184e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2185e41f4b71Sopenharmony_ci 2186e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2187e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2188e41f4b71Sopenharmony_cilet keyGenPromise = asyKeyGeneratorBySpec.generateKeyPair(); 2189e41f4b71Sopenharmony_cikeyGenPromise.then(keyPair => { 2190e41f4b71Sopenharmony_ci console.info('generateKeyPair success.'); 2191e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 2192e41f4b71Sopenharmony_ci console.error("generateKeyPair error."); 2193e41f4b71Sopenharmony_ci}); 2194e41f4b71Sopenharmony_ci``` 2195e41f4b71Sopenharmony_ci 2196e41f4b71Sopenharmony_ci### generateKeyPairSync<sup>12+</sup> 2197e41f4b71Sopenharmony_ci 2198e41f4b71Sopenharmony_cigenerateKeyPairSync(): KeyPair 2199e41f4b71Sopenharmony_ci 2200e41f4b71Sopenharmony_ci同步获取该非对称密钥生成器生成的密钥。 2201e41f4b71Sopenharmony_ci 2202e41f4b71Sopenharmony_ci当使用[COMMON_PARAMS_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到随机生成的密钥对;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到各项数据与密钥参数一致的密钥对。 2203e41f4b71Sopenharmony_ci 2204e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2205e41f4b71Sopenharmony_ci 2206e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2207e41f4b71Sopenharmony_ci 2208e41f4b71Sopenharmony_ci**返回值:** 2209e41f4b71Sopenharmony_ci 2210e41f4b71Sopenharmony_ci| 类型 | 说明 | 2211e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2212e41f4b71Sopenharmony_ci| [KeyPair](#keypair) | 非对称密钥。 | 2213e41f4b71Sopenharmony_ci 2214e41f4b71Sopenharmony_ci**错误码:** 2215e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2216e41f4b71Sopenharmony_ci 2217e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2218e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2219e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2220e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2221e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2222e41f4b71Sopenharmony_ci 2223e41f4b71Sopenharmony_ci**示例:** 2224e41f4b71Sopenharmony_ci 2225e41f4b71Sopenharmony_ci<!--code_no_check--> 2226e41f4b71Sopenharmony_ci```ts 2227e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2228e41f4b71Sopenharmony_ci 2229e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2230e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2231e41f4b71Sopenharmony_citry { 2232e41f4b71Sopenharmony_ci let keyPairData = asyKeyGeneratorBySpec.generateKeyPairSync(); 2233e41f4b71Sopenharmony_ci if (keyPairData != null) { 2234e41f4b71Sopenharmony_ci console.info('[Sync]: key pair success'); 2235e41f4b71Sopenharmony_ci } else { 2236e41f4b71Sopenharmony_ci console.error("[Sync]: get key pair result fail!"); 2237e41f4b71Sopenharmony_ci } 2238e41f4b71Sopenharmony_ci} catch (error) { 2239e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 2240e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 2241e41f4b71Sopenharmony_ci} 2242e41f4b71Sopenharmony_ci``` 2243e41f4b71Sopenharmony_ci 2244e41f4b71Sopenharmony_ci### generatePriKey 2245e41f4b71Sopenharmony_ci 2246e41f4b71Sopenharmony_cigeneratePriKey(callback: AsyncCallback\<PriKey>): void 2247e41f4b71Sopenharmony_ci 2248e41f4b71Sopenharmony_ci异步获取非对称密钥生成器生成的密钥,通过注册回调函数获取结果。 2249e41f4b71Sopenharmony_ci 2250e41f4b71Sopenharmony_ci当使用[PRIVATE_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的私钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的私钥。 2251e41f4b71Sopenharmony_ci 2252e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2253e41f4b71Sopenharmony_ci 2254e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2255e41f4b71Sopenharmony_ci 2256e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2257e41f4b71Sopenharmony_ci 2258e41f4b71Sopenharmony_ci**参数:** 2259e41f4b71Sopenharmony_ci 2260e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2261e41f4b71Sopenharmony_ci| -------- | ----------------------- | ---- | ------------------------------ | 2262e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[PriKey](#prikey)> | 是 | 回调函数,用于获取非对称密钥。 | 2263e41f4b71Sopenharmony_ci 2264e41f4b71Sopenharmony_ci**错误码:** 2265e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2266e41f4b71Sopenharmony_ci 2267e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2268e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2269e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>Mandatory parameters are left unspecified; | 2270e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2271e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2272e41f4b71Sopenharmony_ci 2273e41f4b71Sopenharmony_ci**示例:** 2274e41f4b71Sopenharmony_ci 2275e41f4b71Sopenharmony_ci<!--code_no_check--> 2276e41f4b71Sopenharmony_ci```ts 2277e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2278e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2279e41f4b71Sopenharmony_ciasyKeyGeneratorBySpec.generatePriKey((err, prikey) => { 2280e41f4b71Sopenharmony_ci if (err) { 2281e41f4b71Sopenharmony_ci console.error("generatePriKey: error."); 2282e41f4b71Sopenharmony_ci return; 2283e41f4b71Sopenharmony_ci } 2284e41f4b71Sopenharmony_ci console.info('generatePriKey: success.'); 2285e41f4b71Sopenharmony_ci}) 2286e41f4b71Sopenharmony_ci``` 2287e41f4b71Sopenharmony_ci 2288e41f4b71Sopenharmony_ci### generatePriKey 2289e41f4b71Sopenharmony_ci 2290e41f4b71Sopenharmony_cigeneratePriKey(): Promise\<PriKey> 2291e41f4b71Sopenharmony_ci 2292e41f4b71Sopenharmony_ci异步获取该非对称密钥生成器生成的密钥,通过Promise获取结果。 2293e41f4b71Sopenharmony_ci 2294e41f4b71Sopenharmony_ci当使用[PRIVATE_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的私钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的私钥。 2295e41f4b71Sopenharmony_ci 2296e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2297e41f4b71Sopenharmony_ci 2298e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2299e41f4b71Sopenharmony_ci 2300e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2301e41f4b71Sopenharmony_ci 2302e41f4b71Sopenharmony_ci**返回值:** 2303e41f4b71Sopenharmony_ci 2304e41f4b71Sopenharmony_ci| 类型 | 说明 | 2305e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2306e41f4b71Sopenharmony_ci| Promise\<[PriKey](#prikey)> | 使用Promise的方式获取非对称密钥。 | 2307e41f4b71Sopenharmony_ci 2308e41f4b71Sopenharmony_ci**错误码:** 2309e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2310e41f4b71Sopenharmony_ci 2311e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2312e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2313e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2314e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2315e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2316e41f4b71Sopenharmony_ci 2317e41f4b71Sopenharmony_ci**示例:** 2318e41f4b71Sopenharmony_ci 2319e41f4b71Sopenharmony_ci<!--code_no_check--> 2320e41f4b71Sopenharmony_ci```ts 2321e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2322e41f4b71Sopenharmony_ci 2323e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2324e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2325e41f4b71Sopenharmony_cilet keyGenPromise = asyKeyGeneratorBySpec.generatePriKey(); 2326e41f4b71Sopenharmony_cikeyGenPromise.then(priKey => { 2327e41f4b71Sopenharmony_ci console.info('generatePriKey success.'); 2328e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 2329e41f4b71Sopenharmony_ci console.error("generatePriKey error."); 2330e41f4b71Sopenharmony_ci}); 2331e41f4b71Sopenharmony_ci``` 2332e41f4b71Sopenharmony_ci 2333e41f4b71Sopenharmony_ci### generatePriKeySync<sup>12+</sup> 2334e41f4b71Sopenharmony_ci 2335e41f4b71Sopenharmony_cigeneratePriKeySync(): PriKey 2336e41f4b71Sopenharmony_ci 2337e41f4b71Sopenharmony_ci同步获取该非对称密钥生成器生成的密钥。 2338e41f4b71Sopenharmony_ci 2339e41f4b71Sopenharmony_ci当使用[PRIVATE_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的私钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的私钥。 2340e41f4b71Sopenharmony_ci 2341e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2342e41f4b71Sopenharmony_ci 2343e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2344e41f4b71Sopenharmony_ci 2345e41f4b71Sopenharmony_ci**返回值:** 2346e41f4b71Sopenharmony_ci 2347e41f4b71Sopenharmony_ci| 类型 | 说明 | 2348e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2349e41f4b71Sopenharmony_ci| [PriKey](#prikey) | 非对称密钥。 | 2350e41f4b71Sopenharmony_ci 2351e41f4b71Sopenharmony_ci**错误码:** 2352e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2353e41f4b71Sopenharmony_ci 2354e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2355e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2356e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2357e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2358e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2359e41f4b71Sopenharmony_ci 2360e41f4b71Sopenharmony_ci**示例:** 2361e41f4b71Sopenharmony_ci 2362e41f4b71Sopenharmony_ci<!--code_no_check--> 2363e41f4b71Sopenharmony_ci```ts 2364e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2365e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2366e41f4b71Sopenharmony_citry { 2367e41f4b71Sopenharmony_ci let priKeyData = asyKeyGeneratorBySpec.generatePriKeySync(); 2368e41f4b71Sopenharmony_ci if (priKeyData != null) { 2369e41f4b71Sopenharmony_ci console.info('[Sync]: pri key success'); 2370e41f4b71Sopenharmony_ci } else { 2371e41f4b71Sopenharmony_ci console.error("[Sync]: get pri key result fail!"); 2372e41f4b71Sopenharmony_ci } 2373e41f4b71Sopenharmony_ci} catch (e) { 2374e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 2375e41f4b71Sopenharmony_ci} 2376e41f4b71Sopenharmony_ci``` 2377e41f4b71Sopenharmony_ci 2378e41f4b71Sopenharmony_ci### generatePubKey 2379e41f4b71Sopenharmony_ci 2380e41f4b71Sopenharmony_cigeneratePubKey(callback: AsyncCallback\<PubKey>): void 2381e41f4b71Sopenharmony_ci 2382e41f4b71Sopenharmony_ci异步获取非对称密钥生成器生成的密钥,通过注册回调函数获取结果。 2383e41f4b71Sopenharmony_ci 2384e41f4b71Sopenharmony_ci当使用[PUBLIC_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的公钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的公钥。 2385e41f4b71Sopenharmony_ci 2386e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2387e41f4b71Sopenharmony_ci 2388e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2389e41f4b71Sopenharmony_ci 2390e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2391e41f4b71Sopenharmony_ci 2392e41f4b71Sopenharmony_ci**参数:** 2393e41f4b71Sopenharmony_ci 2394e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2395e41f4b71Sopenharmony_ci| -------- | ----------------------- | ---- | ------------------------------ | 2396e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[PubKey](#pubkey)> | 是 | 回调函数,用于获取非对称密钥。 | 2397e41f4b71Sopenharmony_ci 2398e41f4b71Sopenharmony_ci**错误码:** 2399e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2400e41f4b71Sopenharmony_ci 2401e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2402e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2403e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes:<br> Incorrect parameter types; | 2404e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2405e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2406e41f4b71Sopenharmony_ci 2407e41f4b71Sopenharmony_ci**示例:** 2408e41f4b71Sopenharmony_ci 2409e41f4b71Sopenharmony_ci<!--code_no_check--> 2410e41f4b71Sopenharmony_ci```ts 2411e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2412e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2413e41f4b71Sopenharmony_ciasyKeyGeneratorBySpec.generatePubKey((err, pubKey) => { 2414e41f4b71Sopenharmony_ci if (err) { 2415e41f4b71Sopenharmony_ci console.error("generatePubKey: error."); 2416e41f4b71Sopenharmony_ci return; 2417e41f4b71Sopenharmony_ci } 2418e41f4b71Sopenharmony_ci console.info('generatePubKey: success.'); 2419e41f4b71Sopenharmony_ci}) 2420e41f4b71Sopenharmony_ci``` 2421e41f4b71Sopenharmony_ci 2422e41f4b71Sopenharmony_ci### generatePubKey 2423e41f4b71Sopenharmony_ci 2424e41f4b71Sopenharmony_cigeneratePubKey(): Promise\<PubKey> 2425e41f4b71Sopenharmony_ci 2426e41f4b71Sopenharmony_ci异步获取该非对称密钥生成器生成的密钥,通过Promise获取结果。 2427e41f4b71Sopenharmony_ci 2428e41f4b71Sopenharmony_ci当使用[PUBLIC_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的公钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的公钥。 2429e41f4b71Sopenharmony_ci 2430e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2431e41f4b71Sopenharmony_ci 2432e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2433e41f4b71Sopenharmony_ci 2434e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2435e41f4b71Sopenharmony_ci 2436e41f4b71Sopenharmony_ci**返回值:** 2437e41f4b71Sopenharmony_ci 2438e41f4b71Sopenharmony_ci| 类型 | 说明 | 2439e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2440e41f4b71Sopenharmony_ci| Promise\<[PubKey](#pubkey)> | 使用Promise的方式获取非对称密钥。 | 2441e41f4b71Sopenharmony_ci 2442e41f4b71Sopenharmony_ci**错误码:** 2443e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2444e41f4b71Sopenharmony_ci 2445e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2446e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2447e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2448e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2449e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2450e41f4b71Sopenharmony_ci 2451e41f4b71Sopenharmony_ci**示例:** 2452e41f4b71Sopenharmony_ci 2453e41f4b71Sopenharmony_ci<!--code_no_check--> 2454e41f4b71Sopenharmony_ci```ts 2455e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2456e41f4b71Sopenharmony_ci 2457e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2458e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2459e41f4b71Sopenharmony_cilet keyGenPromise = asyKeyGeneratorBySpec.generatePubKey(); 2460e41f4b71Sopenharmony_cikeyGenPromise.then(pubKey => { 2461e41f4b71Sopenharmony_ci console.info('generatePubKey success.'); 2462e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 2463e41f4b71Sopenharmony_ci console.error("generatePubKey error."); 2464e41f4b71Sopenharmony_ci}); 2465e41f4b71Sopenharmony_ci``` 2466e41f4b71Sopenharmony_ci 2467e41f4b71Sopenharmony_ci### generatePubKeySync<sup>12+</sup> 2468e41f4b71Sopenharmony_ci 2469e41f4b71Sopenharmony_cigeneratePubKeySync(): PubKey 2470e41f4b71Sopenharmony_ci 2471e41f4b71Sopenharmony_ci同步获取该非对称密钥生成器生成的密钥。 2472e41f4b71Sopenharmony_ci 2473e41f4b71Sopenharmony_ci当使用[PUBLIC_KEY_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以得到指定的公钥;当使用[KEY_PAIR_SPEC](#asykeyspectype10)类型的密钥参数来创建密钥生成器时,可以从生成的密钥对中获取指定的公钥。 2474e41f4b71Sopenharmony_ci 2475e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2476e41f4b71Sopenharmony_ci 2477e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2478e41f4b71Sopenharmony_ci 2479e41f4b71Sopenharmony_ci**返回值:** 2480e41f4b71Sopenharmony_ci 2481e41f4b71Sopenharmony_ci| 类型 | 说明 | 2482e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2483e41f4b71Sopenharmony_ci| [PubKey](#pubkey) | 非对称密钥。 | 2484e41f4b71Sopenharmony_ci 2485e41f4b71Sopenharmony_ci**错误码:** 2486e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2487e41f4b71Sopenharmony_ci 2488e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2489e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2490e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 2491e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2492e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2493e41f4b71Sopenharmony_ci 2494e41f4b71Sopenharmony_ci**示例:** 2495e41f4b71Sopenharmony_ci 2496e41f4b71Sopenharmony_ci<!--code_no_check--> 2497e41f4b71Sopenharmony_ci```ts 2498e41f4b71Sopenharmony_cilet asyKeyPairSpec: cryptoFramework.DSAKeyPairSpec; // dsa as example, asyKeyPairSpec specifies full parameters contained in the private and public keys. The generation process is omitted here. 2499e41f4b71Sopenharmony_cilet asyKeyGeneratorBySpec = cryptoFramework.createAsyKeyGeneratorBySpec(asyKeyPairSpec); 2500e41f4b71Sopenharmony_citry { 2501e41f4b71Sopenharmony_ci let pubKeyData = asyKeyGeneratorBySpec.generatePubKeySync(); 2502e41f4b71Sopenharmony_ci if (pubKeyData != null) { 2503e41f4b71Sopenharmony_ci console.info('[Sync]: pub key success'); 2504e41f4b71Sopenharmony_ci } else { 2505e41f4b71Sopenharmony_ci console.error("[Sync]: get pub key result fail!"); 2506e41f4b71Sopenharmony_ci } 2507e41f4b71Sopenharmony_ci} catch (e) { 2508e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 2509e41f4b71Sopenharmony_ci} 2510e41f4b71Sopenharmony_ci``` 2511e41f4b71Sopenharmony_ci 2512e41f4b71Sopenharmony_ci## ECCKeyUtil<sup>11+</sup> 2513e41f4b71Sopenharmony_ci 2514e41f4b71Sopenharmony_ci根据椭圆曲线名生成相应的非对称公共密钥参数。 2515e41f4b71Sopenharmony_ci 2516e41f4b71Sopenharmony_ci### genECCCommonParamsSpec<sup>11+</sup> 2517e41f4b71Sopenharmony_ci 2518e41f4b71Sopenharmony_cistatic genECCCommonParamsSpec(curveName: string): ECCCommonParamsSpec 2519e41f4b71Sopenharmony_ci 2520e41f4b71Sopenharmony_ci根据椭圆曲线相应的NID(Name IDentifier)字符串名称生成相应的非对称公共密钥参数。详见[ECC密钥生成规格](../../security/CryptoArchitectureKit/crypto-asym-key-generation-conversion-spec.md#ecc)和[SM2密钥生成规格](../../security/CryptoArchitectureKit/crypto-asym-key-generation-conversion-spec.md#sm2)。 2521e41f4b71Sopenharmony_ci 2522e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2523e41f4b71Sopenharmony_ci 2524e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2525e41f4b71Sopenharmony_ci 2526e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2527e41f4b71Sopenharmony_ci 2528e41f4b71Sopenharmony_ci**参数:** 2529e41f4b71Sopenharmony_ci 2530e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2531e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---------------------------------------------- | 2532e41f4b71Sopenharmony_ci| curveName | string | 是 | 椭圆曲线相应的NID(Name IDentifier)字符串名称。 | 2533e41f4b71Sopenharmony_ci 2534e41f4b71Sopenharmony_ci**返回值:** 2535e41f4b71Sopenharmony_ci 2536e41f4b71Sopenharmony_ci| 类型 | 说明 | 2537e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2538e41f4b71Sopenharmony_ci| [ECCCommonParamsSpec](#ecccommonparamsspec10) | 返回ECC公共密钥参数。 | 2539e41f4b71Sopenharmony_ci 2540e41f4b71Sopenharmony_ci**错误码:** 2541e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2542e41f4b71Sopenharmony_ci 2543e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2544e41f4b71Sopenharmony_ci| -------- | -------------------------------- | 2545e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2546e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2547e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2548e41f4b71Sopenharmony_ci 2549e41f4b71Sopenharmony_ci**示例:** 2550e41f4b71Sopenharmony_ci 2551e41f4b71Sopenharmony_ci```ts 2552e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2553e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2554e41f4b71Sopenharmony_citry { 2555e41f4b71Sopenharmony_ci let ECCCommonParamsSpec = cryptoFramework.ECCKeyUtil.genECCCommonParamsSpec('NID_brainpoolP160r1'); 2556e41f4b71Sopenharmony_ci console.info('genECCCommonParamsSpec success'); 2557e41f4b71Sopenharmony_ci} catch (err) { 2558e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2559e41f4b71Sopenharmony_ci console.error(`genECCCommonParamsSpec error, ${e.code}, ${e.message}`); 2560e41f4b71Sopenharmony_ci} 2561e41f4b71Sopenharmony_ci``` 2562e41f4b71Sopenharmony_ci 2563e41f4b71Sopenharmony_ci### convertPoint<sup>12+</sup> 2564e41f4b71Sopenharmony_ci 2565e41f4b71Sopenharmony_cistatic convertPoint(curveName: string, encodedPoint: Uint8Array): Point 2566e41f4b71Sopenharmony_ci 2567e41f4b71Sopenharmony_ci根据椭圆曲线的曲线名,即相应的NID(Name IDentifier),将指定的点数据转换为Point对象。当前支持压缩/非压缩格式的点数据。 2568e41f4b71Sopenharmony_ci 2569e41f4b71Sopenharmony_ci> **说明:** 2570e41f4b71Sopenharmony_ci> 2571e41f4b71Sopenharmony_ci> 根据RFC5480规范中第2.2节的描述:<br/> 2572e41f4b71Sopenharmony_ci> 1. 非压缩的点数据,表示为:前缀0x04\|x坐标\|y坐标; 2573e41f4b71Sopenharmony_ci> 2. 压缩的点数据,对于Fp素数域上的点(当前暂不支持F2m域),表示为:前缀0x03\|x坐标 (坐标y是奇数时),前缀0x02\|x坐标 (坐标y是偶数时)。 2574e41f4b71Sopenharmony_ci 2575e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2576e41f4b71Sopenharmony_ci 2577e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2578e41f4b71Sopenharmony_ci 2579e41f4b71Sopenharmony_ci**参数:** 2580e41f4b71Sopenharmony_ci 2581e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2582e41f4b71Sopenharmony_ci| ------------ | ---------- | ---- | ---------------------------------------------- | 2583e41f4b71Sopenharmony_ci| curveName | string | 是 | 椭圆曲线的曲线名,即相应的NID(Name IDentifier)。 | 2584e41f4b71Sopenharmony_ci| encodedPoint | Uint8Array | 是 | 指定的ECC椭圆曲线上的点的数据。 | 2585e41f4b71Sopenharmony_ci 2586e41f4b71Sopenharmony_ci**返回值:** 2587e41f4b71Sopenharmony_ci 2588e41f4b71Sopenharmony_ci| 类型 | 说明 | 2589e41f4b71Sopenharmony_ci| ----------------- | ------------------- | 2590e41f4b71Sopenharmony_ci| [Point](#point10) | 返回ECC的Point对象。 | 2591e41f4b71Sopenharmony_ci 2592e41f4b71Sopenharmony_ci**错误码:** 2593e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2594e41f4b71Sopenharmony_ci 2595e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2596e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2597e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2598e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2599e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2600e41f4b71Sopenharmony_ci 2601e41f4b71Sopenharmony_ci**示例:** 2602e41f4b71Sopenharmony_ci 2603e41f4b71Sopenharmony_ci```ts 2604e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2605e41f4b71Sopenharmony_ci 2606e41f4b71Sopenharmony_ci// 随机生成的非压缩点数据 2607e41f4b71Sopenharmony_cilet pkData = new Uint8Array([4, 143, 39, 57, 249, 145, 50, 63, 222, 35, 70, 178, 121, 202, 154, 21, 146, 129, 75, 76, 63, 8, 195, 157, 111, 40, 217, 215, 148, 120, 224, 205, 82, 83, 92, 185, 21, 211, 184, 5, 19, 114, 33, 86, 85, 228, 123, 242, 206, 200, 98, 178, 184, 130, 35, 232, 45, 5, 202, 189, 11, 46, 163, 156, 152]); 2608e41f4b71Sopenharmony_cilet returnPoint = cryptoFramework.ECCKeyUtil.convertPoint('NID_brainpoolP256r1', pkData); 2609e41f4b71Sopenharmony_ciconsole.info('returnPoint: ' + returnPoint.x.toString(16)); 2610e41f4b71Sopenharmony_ci``` 2611e41f4b71Sopenharmony_ci 2612e41f4b71Sopenharmony_ci### getEncodedPoint<sup>12+</sup> 2613e41f4b71Sopenharmony_ci 2614e41f4b71Sopenharmony_cistatic getEncodedPoint(curveName: string, point: Point, format: string): Uint8Array 2615e41f4b71Sopenharmony_ci 2616e41f4b71Sopenharmony_ci根据椭圆曲线的曲线名,即相应的NID(Name IDentifier),按照指定的点数据格式,将Point对象转换为点数据。当前支持压缩/非压缩格式的点数据。 2617e41f4b71Sopenharmony_ci 2618e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2619e41f4b71Sopenharmony_ci 2620e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2621e41f4b71Sopenharmony_ci 2622e41f4b71Sopenharmony_ci**参数:** 2623e41f4b71Sopenharmony_ci 2624e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2625e41f4b71Sopenharmony_ci| ------------ | ----------------- | ---- | ---------------------------------------------- | 2626e41f4b71Sopenharmony_ci| curveName | string | 是 | 椭圆曲线的曲线名,即相应的NID(Name IDentifier)。 | 2627e41f4b71Sopenharmony_ci| point | [Point](#point10) | 是 | 椭圆曲线上的Point点对象。 | 2628e41f4b71Sopenharmony_ci| format | string | 是 | 需要获取的点数据格式,当前支持"COMPRESSED"或"UNCOMPRESSED"。 | 2629e41f4b71Sopenharmony_ci 2630e41f4b71Sopenharmony_ci**返回值:** 2631e41f4b71Sopenharmony_ci 2632e41f4b71Sopenharmony_ci| 类型 | 说明 | 2633e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2634e41f4b71Sopenharmony_ci| Uint8Array | 返回指定格式的点数据。 | 2635e41f4b71Sopenharmony_ci 2636e41f4b71Sopenharmony_ci**错误码:** 2637e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2638e41f4b71Sopenharmony_ci 2639e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2640e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2641e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2642e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2643e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2644e41f4b71Sopenharmony_ci 2645e41f4b71Sopenharmony_ci**示例:** 2646e41f4b71Sopenharmony_ci 2647e41f4b71Sopenharmony_ci```ts 2648e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2649e41f4b71Sopenharmony_ci 2650e41f4b71Sopenharmony_ciasync function doTest() { 2651e41f4b71Sopenharmony_ci let generator = cryptoFramework.createAsyKeyGenerator('ECC_BrainPoolP256r1'); 2652e41f4b71Sopenharmony_ci let keyPair = await generator.generateKeyPair(); 2653e41f4b71Sopenharmony_ci let eccPkX = keyPair.pubKey.getAsyKeySpec(cryptoFramework.AsyKeySpecItem.ECC_PK_X_BN); 2654e41f4b71Sopenharmony_ci let eccPkY = keyPair.pubKey.getAsyKeySpec(cryptoFramework.AsyKeySpecItem.ECC_PK_Y_BN); 2655e41f4b71Sopenharmony_ci console.info('ECC_PK_X_BN 16:' + eccPkX.toString(16)); 2656e41f4b71Sopenharmony_ci console.info('ECC_PK_Y_BN 16:' + eccPkY.toString(16)); 2657e41f4b71Sopenharmony_ci // 将eccPkX.toString(16)结果放入x,eccPkY.toString(16)结果放入y 2658e41f4b71Sopenharmony_ci let returnPoint: cryptoFramework.Point = { 2659e41f4b71Sopenharmony_ci x: BigInt('0x' + eccPkX.toString(16)), 2660e41f4b71Sopenharmony_ci y: BigInt('0x' + eccPkY.toString(16)) 2661e41f4b71Sopenharmony_ci }; 2662e41f4b71Sopenharmony_ci let returnData = cryptoFramework.ECCKeyUtil.getEncodedPoint('NID_brainpoolP256r1', returnPoint, 'UNCOMPRESSED'); 2663e41f4b71Sopenharmony_ci console.info('returnData: ' + returnData); 2664e41f4b71Sopenharmony_ci} 2665e41f4b71Sopenharmony_ci``` 2666e41f4b71Sopenharmony_ci 2667e41f4b71Sopenharmony_ci## DHKeyUtil<sup>11+</sup> 2668e41f4b71Sopenharmony_ci 2669e41f4b71Sopenharmony_ci根据素数P的长度和私钥长度(bit位数)生成DH公共密钥参数。 2670e41f4b71Sopenharmony_ci 2671e41f4b71Sopenharmony_ci### genDHCommonParamsSpec<sup>11+</sup> 2672e41f4b71Sopenharmony_ci 2673e41f4b71Sopenharmony_cistatic genDHCommonParamsSpec(pLen: number, skLen?: number): DHCommonParamsSpec 2674e41f4b71Sopenharmony_ci 2675e41f4b71Sopenharmony_ci根据素数P的长度和私钥长度(bit位数)生成DH公共密钥参数。详见[DH密钥生成规格](../../security/CryptoArchitectureKit/crypto-asym-key-generation-conversion-spec.md#dh)。 2676e41f4b71Sopenharmony_ci 2677e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2678e41f4b71Sopenharmony_ci 2679e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Key.AsymKey 2680e41f4b71Sopenharmony_ci 2681e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Key.AsymKey 2682e41f4b71Sopenharmony_ci 2683e41f4b71Sopenharmony_ci**参数:** 2684e41f4b71Sopenharmony_ci 2685e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2686e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------------------------------------------ | 2687e41f4b71Sopenharmony_ci| pLen | number | 是 | 用于指定DH公共密钥参数中素数P的长度,单位为bit。 | 2688e41f4b71Sopenharmony_ci| skLen | number | 否 | 用于指定DH公共密钥参数中私钥的长度,单位为bit。 | 2689e41f4b71Sopenharmony_ci 2690e41f4b71Sopenharmony_ci**返回值:** 2691e41f4b71Sopenharmony_ci 2692e41f4b71Sopenharmony_ci| 类型 | 说明 | 2693e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2694e41f4b71Sopenharmony_ci| [DHCommonParamsSpec](#dhcommonparamsspec11) | 返回DH公共密钥参数。 | 2695e41f4b71Sopenharmony_ci 2696e41f4b71Sopenharmony_ci**错误码:** 2697e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2698e41f4b71Sopenharmony_ci 2699e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2700e41f4b71Sopenharmony_ci| -------- | -------------------------------- | 2701e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2702e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2703e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2704e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2705e41f4b71Sopenharmony_ci 2706e41f4b71Sopenharmony_ci**示例:** 2707e41f4b71Sopenharmony_ci 2708e41f4b71Sopenharmony_ci```ts 2709e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2710e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2711e41f4b71Sopenharmony_citry { 2712e41f4b71Sopenharmony_ci let DHCommonParamsSpec = cryptoFramework.DHKeyUtil.genDHCommonParamsSpec(2048); 2713e41f4b71Sopenharmony_ci console.info('genDHCommonParamsSpec success'); 2714e41f4b71Sopenharmony_ci} catch (err) { 2715e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2716e41f4b71Sopenharmony_ci console.error(`genDHCommonParamsSpec error, ${e.code}, ${e.message}`); 2717e41f4b71Sopenharmony_ci} 2718e41f4b71Sopenharmony_ci``` 2719e41f4b71Sopenharmony_ci 2720e41f4b71Sopenharmony_ci## SM2CryptoUtil<sup>12+</sup> 2721e41f4b71Sopenharmony_ci 2722e41f4b71Sopenharmony_ci用于SM2密码学运算的工具类。 2723e41f4b71Sopenharmony_ci 2724e41f4b71Sopenharmony_ci### genCipherTextBySpec<sup>12+</sup> 2725e41f4b71Sopenharmony_ci 2726e41f4b71Sopenharmony_cistatic genCipherTextBySpec(spec: SM2CipherTextSpec, mode?: string): DataBlob 2727e41f4b71Sopenharmony_ci 2728e41f4b71Sopenharmony_ci根据指定的SM2密文参数,生成符合国密标准的ASN.1格式的SM2密文。 2729e41f4b71Sopenharmony_ci 2730e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2731e41f4b71Sopenharmony_ci 2732e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2733e41f4b71Sopenharmony_ci 2734e41f4b71Sopenharmony_ci**参数:** 2735e41f4b71Sopenharmony_ci 2736e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2737e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------------------------------------------ | 2738e41f4b71Sopenharmony_ci| spec | [SM2CipherTextSpec](#sm2ciphertextspec12) | 是 | 指定的SM2密文参数。 | 2739e41f4b71Sopenharmony_ci| mode | string | 否 | 可选的密文转换模式,可用于指定密文参数的拼接顺序,当前仅支持默认值"C1C3C2"。 | 2740e41f4b71Sopenharmony_ci 2741e41f4b71Sopenharmony_ci**返回值:** 2742e41f4b71Sopenharmony_ci 2743e41f4b71Sopenharmony_ci| 类型 | 说明 | 2744e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2745e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 返回符合国密标准的ASN.1格式的SM2密文。 | 2746e41f4b71Sopenharmony_ci 2747e41f4b71Sopenharmony_ci**错误码:** 2748e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2749e41f4b71Sopenharmony_ci 2750e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2751e41f4b71Sopenharmony_ci| -------- | -------------------------------- | 2752e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2753e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2754e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2755e41f4b71Sopenharmony_ci 2756e41f4b71Sopenharmony_ci**示例:** 2757e41f4b71Sopenharmony_ci 2758e41f4b71Sopenharmony_ci```ts 2759e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2760e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2761e41f4b71Sopenharmony_citry { 2762e41f4b71Sopenharmony_ci let spec : cryptoFramework.SM2CipherTextSpec = { 2763e41f4b71Sopenharmony_ci xCoordinate: BigInt('20625015362595980457695435345498579729138244358573902431560627260141789922999'), 2764e41f4b71Sopenharmony_ci yCoordinate: BigInt('48563164792857017065725892921053777369510340820930241057309844352421738767712'), 2765e41f4b71Sopenharmony_ci cipherTextData: new Uint8Array([100,227,78,195,249,179,43,70,242,69,169,10,65,123]), 2766e41f4b71Sopenharmony_ci hashData: new Uint8Array([87,167,167,247,88,146,203,234,83,126,117,129,52,142,82,54,152,226,201,111,143,115,169,125,128,42,157,31,114,198,109,244]), 2767e41f4b71Sopenharmony_ci } 2768e41f4b71Sopenharmony_ci let data = cryptoFramework.SM2CryptoUtil.genCipherTextBySpec(spec, 'C1C3C2'); 2769e41f4b71Sopenharmony_ci console.info('genCipherTextBySpec success'); 2770e41f4b71Sopenharmony_ci} catch (err) { 2771e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2772e41f4b71Sopenharmony_ci console.error(`genCipherTextBySpec error, ${e.code}, ${e.message}`); 2773e41f4b71Sopenharmony_ci} 2774e41f4b71Sopenharmony_ci``` 2775e41f4b71Sopenharmony_ci 2776e41f4b71Sopenharmony_ci### getCipherTextSpec<sup>12+</sup> 2777e41f4b71Sopenharmony_ci 2778e41f4b71Sopenharmony_cistatic getCipherTextSpec(cipherText: DataBlob, mode?: string): SM2CipherTextSpec 2779e41f4b71Sopenharmony_ci 2780e41f4b71Sopenharmony_ci从符合国密标准的ASN.1格式的SM2密文中,获取具体的SM2密文参数。 2781e41f4b71Sopenharmony_ci 2782e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2783e41f4b71Sopenharmony_ci 2784e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2785e41f4b71Sopenharmony_ci 2786e41f4b71Sopenharmony_ci**参数:** 2787e41f4b71Sopenharmony_ci 2788e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2789e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------------------------------------------ | 2790e41f4b71Sopenharmony_ci| cipherText | [DataBlob](#datablob) | 是 | 符合国密标准的ASN.1格式的SM2密文。 2791e41f4b71Sopenharmony_ci| mode | string | 否 | 可选的密文转换模式,可用于指定密文参数的拼接顺序,当前仅支持默认值"C1C3C2"。 | 2792e41f4b71Sopenharmony_ci 2793e41f4b71Sopenharmony_ci**返回值:** 2794e41f4b71Sopenharmony_ci 2795e41f4b71Sopenharmony_ci| 类型 | 说明 | 2796e41f4b71Sopenharmony_ci| ----------------- | --------------------------------- | 2797e41f4b71Sopenharmony_ci| [SM2CipherTextSpec](#sm2ciphertextspec12) | 返回具体的SM2密文参数。 | 2798e41f4b71Sopenharmony_ci 2799e41f4b71Sopenharmony_ci**错误码:** 2800e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2801e41f4b71Sopenharmony_ci 2802e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2803e41f4b71Sopenharmony_ci| -------- | -------------------------------- | 2804e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2805e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2806e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 2807e41f4b71Sopenharmony_ci 2808e41f4b71Sopenharmony_ci```ts 2809e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2810e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2811e41f4b71Sopenharmony_citry { 2812e41f4b71Sopenharmony_ci let cipherTextArray = new Uint8Array([48,118,2,32,45,153,88,82,104,221,226,43,174,21,122,248,5,232,105,41,92,95,102,224,216,149,85,236,110,6,64,188,149,70,70,183,2,32,107,93,198,247,119,18,40,110,90,156,193,158,205,113,170,128,146,109,75,17,181,109,110,91,149,5,110,233,209,78,229,96,4,32,87,167,167,247,88,146,203,234,83,126,117,129,52,142,82,54,152,226,201,111,143,115,169,125,128,42,157,31,114,198,109,244,4,14,100,227,78,195,249,179,43,70,242,69,169,10,65,123]); 2813e41f4b71Sopenharmony_ci let cipherText : cryptoFramework.DataBlob = {data : cipherTextArray}; 2814e41f4b71Sopenharmony_ci let spec : cryptoFramework.SM2CipherTextSpec = cryptoFramework.SM2CryptoUtil.getCipherTextSpec(cipherText, 'C1C3C2'); 2815e41f4b71Sopenharmony_ci console.info('getCipherTextSpec success'); 2816e41f4b71Sopenharmony_ci} catch (err) { 2817e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2818e41f4b71Sopenharmony_ci console.error(`getCipherTextSpec error, ${e.code}, ${e.message}`); 2819e41f4b71Sopenharmony_ci} 2820e41f4b71Sopenharmony_ci``` 2821e41f4b71Sopenharmony_ci 2822e41f4b71Sopenharmony_ci## cryptoFramework.createCipher 2823e41f4b71Sopenharmony_ci 2824e41f4b71Sopenharmony_cicreateCipher(transformation: string): Cipher 2825e41f4b71Sopenharmony_ci 2826e41f4b71Sopenharmony_ci通过指定算法名称,获取相应的[Cipher](#cipher)实例。 2827e41f4b71Sopenharmony_ci 2828e41f4b71Sopenharmony_ci支持的规格详见[对称密钥加解密算法规格](../../security/CryptoArchitectureKit/crypto-sym-encrypt-decrypt-spec.md)和[非对称密钥加解密算法规格](../../security/CryptoArchitectureKit/crypto-asym-encrypt-decrypt-spec.md)。 2829e41f4b71Sopenharmony_ci 2830e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2831e41f4b71Sopenharmony_ci 2832e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2833e41f4b71Sopenharmony_ci 2834e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 2835e41f4b71Sopenharmony_ci 2836e41f4b71Sopenharmony_ci**参数:** 2837e41f4b71Sopenharmony_ci 2838e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2839e41f4b71Sopenharmony_ci| -------------- | ------ | ---- | ------------------------------------------------------------ | 2840e41f4b71Sopenharmony_ci| transformation | string | 是 | 待生成Cipher的算法名称(含密钥长度)、加密模式以及填充方法的组合。 | 2841e41f4b71Sopenharmony_ci 2842e41f4b71Sopenharmony_ci> **说明:** 2843e41f4b71Sopenharmony_ci> 2844e41f4b71Sopenharmony_ci> 1. 目前对称加解密中,PKCS5和PKCS7的实现相同,其padding长度和分组长度保持一致(即PKCS5和PKCS7在3DES中均按照8字节填充,在AES中均按照16字节填充),另有NoPadding表示不填充。 2845e41f4b71Sopenharmony_ci> <br/>开发者需要自行了解密码学不同分组模式的差异,以便选择合适的参数规格。例如选择ECB和CBC模式时,建议启用填充,否则必须确保明文长度是分组大小的整数倍;选择其他模式时,可以不启用填充,此时密文长度和明文长度一致(即可能不是分组大小的整数倍)。 2846e41f4b71Sopenharmony_ci> 2. 使用RSA、SM2进行非对称加解密时,必须创建两个Cipher对象分别进行加密和解密操作,而不能对同一个Cipher对象进行加解密。对称加解密没有此要求(即只要算法规格一样,可以对同一个Cipher对象进行加解密操作)。 2847e41f4b71Sopenharmony_ci 2848e41f4b71Sopenharmony_ci**返回值:** 2849e41f4b71Sopenharmony_ci 2850e41f4b71Sopenharmony_ci| 类型 | 说明 | 2851e41f4b71Sopenharmony_ci| ----------------- | ------------------------ | 2852e41f4b71Sopenharmony_ci| [Cipher](#cipher) | 返回加解密生成器的对象。 | 2853e41f4b71Sopenharmony_ci 2854e41f4b71Sopenharmony_ci**错误码:** 2855e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2856e41f4b71Sopenharmony_ci 2857e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2858e41f4b71Sopenharmony_ci| -------- | ---------------------- | 2859e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2860e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2861e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2862e41f4b71Sopenharmony_ci 2863e41f4b71Sopenharmony_ci**示例:** 2864e41f4b71Sopenharmony_ci 2865e41f4b71Sopenharmony_ci```ts 2866e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 2867e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2868e41f4b71Sopenharmony_ci 2869e41f4b71Sopenharmony_cilet cipherAlgName = '3DES192|ECB|PKCS7'; 2870e41f4b71Sopenharmony_citry { 2871e41f4b71Sopenharmony_ci let cipher = cryptoFramework.createCipher(cipherAlgName); 2872e41f4b71Sopenharmony_ci console.info('cipher algName:' + cipher.algName); 2873e41f4b71Sopenharmony_ci} catch (error) { 2874e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 2875e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 2876e41f4b71Sopenharmony_ci} 2877e41f4b71Sopenharmony_ci``` 2878e41f4b71Sopenharmony_ci 2879e41f4b71Sopenharmony_ci## Cipher 2880e41f4b71Sopenharmony_ci 2881e41f4b71Sopenharmony_ci提供加解密的算法操作功能,按序调用本类中的[init()](#init-1)、[update()](#update)、[doFinal()](#dofinal)方法,可以实现对称加密/对称解密/非对称加密/非对称解密。 2882e41f4b71Sopenharmony_ci 2883e41f4b71Sopenharmony_ci完整的加解密流程示例可参考开发指导中的[加解密开发指导](../../security/CryptoArchitectureKit/crypto-encryption-decryption-overview.md)。 2884e41f4b71Sopenharmony_ci 2885e41f4b71Sopenharmony_ci一次完整的加/解密流程在对称加密和非对称加密中略有不同: 2886e41f4b71Sopenharmony_ci 2887e41f4b71Sopenharmony_ci- 对称加解密:init为必选,update为可选(且允许多次update加/解密大数据),doFinal为必选;doFinal结束后可以重新init开始新一轮加/解密流程。 2888e41f4b71Sopenharmony_ci- RSA、SM2非对称加解密:init为必选,不支持update操作,doFinal为必选(允许连续多次doFinal加/解密大数据);RSA不支持重复init,切换加解密模式或填充方式时,需要重新创建Cipher对象。 2889e41f4b71Sopenharmony_ci 2890e41f4b71Sopenharmony_ci### 属性 2891e41f4b71Sopenharmony_ci 2892e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2893e41f4b71Sopenharmony_ci 2894e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2895e41f4b71Sopenharmony_ci 2896e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 2897e41f4b71Sopenharmony_ci 2898e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 2899e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 2900e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 加解密生成器指定的算法名称。 | 2901e41f4b71Sopenharmony_ci 2902e41f4b71Sopenharmony_ci### init 2903e41f4b71Sopenharmony_ci 2904e41f4b71Sopenharmony_ciinit(opMode: CryptoMode, key: Key, params: ParamsSpec | null, callback: AsyncCallback\<void>): void 2905e41f4b71Sopenharmony_ci 2906e41f4b71Sopenharmony_ci初始化加解密的[cipher](#cipher)对象,通过注册回调函数获取结果。init、update、doFinal为三段式接口,需要成组使用。其中init和doFinal必选,update可选。 2907e41f4b71Sopenharmony_ci 2908e41f4b71Sopenharmony_ci必须在使用[createCipher](#cryptoframeworkcreatecipher)创建[Cipher](#cipher)实例后,才能使用本函数。 2909e41f4b71Sopenharmony_ci 2910e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2911e41f4b71Sopenharmony_ci 2912e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2913e41f4b71Sopenharmony_ci 2914e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 2915e41f4b71Sopenharmony_ci 2916e41f4b71Sopenharmony_ci**参数:** 2917e41f4b71Sopenharmony_ci 2918e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2919e41f4b71Sopenharmony_ci| -------- | ------------------------- | ---- | ------------------------------------------------------------ | 2920e41f4b71Sopenharmony_ci| opMode | [CryptoMode](#cryptomode) | 是 | 加密或者解密模式。 | 2921e41f4b71Sopenharmony_ci| key | [Key](#key) | 是 | 指定加密或解密的密钥。 | 2922e41f4b71Sopenharmony_ci| params | [ParamsSpec](#paramsspec) \| null<sup>10+</sup> | 是 | 指定加密或解密的参数,对于ECB等没有参数的算法模式,可以传入null。API 10之前只支持ParamsSpec, API 10之后增加支持null。 | 2923e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当加解密初始化成功,err为undefined,否则为错误对象。 | 2924e41f4b71Sopenharmony_ci 2925e41f4b71Sopenharmony_ci**错误码:** 2926e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2927e41f4b71Sopenharmony_ci 2928e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2929e41f4b71Sopenharmony_ci| -------- | --------------------------------------------------------- | 2930e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2931e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2932e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 2933e41f4b71Sopenharmony_ci| 17630001 | crypto operation error.| 2934e41f4b71Sopenharmony_ci 2935e41f4b71Sopenharmony_ci### init 2936e41f4b71Sopenharmony_ci 2937e41f4b71Sopenharmony_ciinit(opMode: CryptoMode, key: Key, params: ParamsSpec | null): Promise\<void> 2938e41f4b71Sopenharmony_ci 2939e41f4b71Sopenharmony_ci初始化加解密的cipher对象,通过Promise获取结果。init、update、doFinal为三段式接口,需要成组使用。其中init和doFinal必选,update可选。 2940e41f4b71Sopenharmony_ci 2941e41f4b71Sopenharmony_ci必须在使用[createCipher](#cryptoframeworkcreatecipher)创建[Cipher](#cipher)实例后,才能使用本函数。 2942e41f4b71Sopenharmony_ci 2943e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2944e41f4b71Sopenharmony_ci 2945e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2946e41f4b71Sopenharmony_ci 2947e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 2948e41f4b71Sopenharmony_ci 2949e41f4b71Sopenharmony_ci**参数:** 2950e41f4b71Sopenharmony_ci 2951e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2952e41f4b71Sopenharmony_ci| ------ | ------------------------- | ---- | ------------------------------------------------------------ | 2953e41f4b71Sopenharmony_ci| opMode | [CryptoMode](#cryptomode) | 是 | 加密或者解密模式。 | 2954e41f4b71Sopenharmony_ci| key | [Key](#key) | 是 | 指定加密或解密的密钥。 | 2955e41f4b71Sopenharmony_ci| params | [ParamsSpec](#paramsspec) \| null<sup>10+</sup> | 是 | 指定加密或解密的参数,对于ECB等没有参数的算法模式,可以传入null。API 10之前只支持ParamsSpec, API 10之后增加支持null。 | 2956e41f4b71Sopenharmony_ci 2957e41f4b71Sopenharmony_ci**返回值:** 2958e41f4b71Sopenharmony_ci 2959e41f4b71Sopenharmony_ci| 类型 | 说明 | 2960e41f4b71Sopenharmony_ci| -------------- | -------------------------------------- | 2961e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 2962e41f4b71Sopenharmony_ci 2963e41f4b71Sopenharmony_ci**错误码:** 2964e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2965e41f4b71Sopenharmony_ci 2966e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2967e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 2968e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2969e41f4b71Sopenharmony_ci| 17620001 | memory error. | 2970e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 2971e41f4b71Sopenharmony_ci| 17630001 | crypto operation error.| 2972e41f4b71Sopenharmony_ci 2973e41f4b71Sopenharmony_ci### initSync<sup>12+</sup> 2974e41f4b71Sopenharmony_ci 2975e41f4b71Sopenharmony_ciinitSync(opMode: CryptoMode, key: Key, params: ParamsSpec | null): void 2976e41f4b71Sopenharmony_ci 2977e41f4b71Sopenharmony_ci初始化加解密的[cipher](#cipher)对象,通过注册回调函数获取结果。initSync、updateSync、doFinalSync为三段式接口,需要成组使用。其中initSync和doFinalSync必选,updateSync可选。 2978e41f4b71Sopenharmony_ci 2979e41f4b71Sopenharmony_ci必须在使用[createCipher](#cryptoframeworkcreatecipher)创建[Cipher](#cipher)实例后,才能使用本函数。 2980e41f4b71Sopenharmony_ci 2981e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2982e41f4b71Sopenharmony_ci 2983e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 2984e41f4b71Sopenharmony_ci 2985e41f4b71Sopenharmony_ci**参数:** 2986e41f4b71Sopenharmony_ci 2987e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2988e41f4b71Sopenharmony_ci| ------ | ----------------------------------------------- | ---- | ------------------------------------------------------------ | 2989e41f4b71Sopenharmony_ci| opMode | [CryptoMode](#cryptomode) | 是 | 加密或者解密模式。 | 2990e41f4b71Sopenharmony_ci| key | [Key](#key) | 是 | 指定加密或解密的密钥。 | 2991e41f4b71Sopenharmony_ci| params | [ParamsSpec](#paramsspec) | 是 | 指定加密或解密的参数,对于ECB等没有参数的算法模式,可以传入null。 | 2992e41f4b71Sopenharmony_ci 2993e41f4b71Sopenharmony_ci**错误码:** 2994e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 2995e41f4b71Sopenharmony_ci 2996e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2997e41f4b71Sopenharmony_ci| -------- | ----------------------- | 2998e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2999e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3000e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3001e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3002e41f4b71Sopenharmony_ci 3003e41f4b71Sopenharmony_ci### update 3004e41f4b71Sopenharmony_ci 3005e41f4b71Sopenharmony_ciupdate(data: DataBlob, callback: AsyncCallback\<DataBlob>): void 3006e41f4b71Sopenharmony_ci 3007e41f4b71Sopenharmony_ci分段更新加密或者解密数据操作,通过注册回调函数获取加/解密数据。 3008e41f4b71Sopenharmony_ci 3009e41f4b71Sopenharmony_ci必须在对[Cipher](#cipher)实例使用[init()](#init-1)初始化后,才能使用本函数。 3010e41f4b71Sopenharmony_ci 3011e41f4b71Sopenharmony_ci> **说明:** 3012e41f4b71Sopenharmony_ci> 3013e41f4b71Sopenharmony_ci> 1. 在进行对称加解密操作的时候,如果开发者对各个分组模式不够熟悉,建议对每次update和doFinal的结果都判断是否为null,并在结果不为null时取出其中的数据进行拼接,形成完整的密文/明文。这是因为选择的分组模式等各项规格都可能对update和doFinal结果产生影响。<br/>(例如对于ECB和CBC模式,不论update传入的数据是否为分组长度的整数倍,都会以分组作为基本单位进行加/解密,并输出本次update新产生的加/解密分组结果。<br/>可以理解为,update只要凑满一个新的分组就会有输出,如果没有凑满则此次update输出为null,把当前还没被加/解密的数据留着,等下一次update/doFinal传入数据的时候,拼接起来继续凑分组。<br/>最后doFinal的时候,会把剩下的还没加/解密的数据,根据[createCipher](#cryptoframeworkcreatecipher)时设置的padding模式进行填充,补齐到分组的整数倍长度,再输出剩余加解密结果。<br/>而对于可以将分组密码转化为流模式实现的模式,还可能出现密文长度和明文长度相同的情况等。) 3014e41f4b71Sopenharmony_ci> 2. 根据数据量,可以不调用update(即init完成后直接调用doFinal)或多次调用update。<br/> 3015e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的对称加解密,采用多次update的方式传入数据。<br/> 3016e41f4b71Sopenharmony_ci> AES使用多次update操作的示例代码详见[使用AES对称密钥分段加解密](../../security/CryptoArchitectureKit/crypto-aes-sym-encrypt-decrypt-gcm-by-segment.md)。 3017e41f4b71Sopenharmony_ci> 3. RSA、SM2非对称加解密不支持update操作。 3018e41f4b71Sopenharmony_ci> 4. 对于CCM模式的对称加解密算法,加密时只能调用1次update接口加密数据并调用doFinal接口获取tag,或直接调用doFinal接口加密数据并获取tag,解密时只能调用1次update接口或调用1次doFinal接口解密数据并验证tag。 3019e41f4b71Sopenharmony_ci 3020e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3021e41f4b71Sopenharmony_ci 3022e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3023e41f4b71Sopenharmony_ci 3024e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3025e41f4b71Sopenharmony_ci 3026e41f4b71Sopenharmony_ci**参数:** 3027e41f4b71Sopenharmony_ci 3028e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3029e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | ------------------------------------------------------------ | 3030e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 加密或者解密的数据。data不能为null。 | 3031e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数。当更新加/解密数据成功,err为undefined,data为此次更新的加/解密结果DataBlob;否则为错误对象。 | 3032e41f4b71Sopenharmony_ci 3033e41f4b71Sopenharmony_ci**错误码:** 3034e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3035e41f4b71Sopenharmony_ci 3036e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3037e41f4b71Sopenharmony_ci| -------- | ------------------------------------------- | 3038e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3039e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3040e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3041e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3042e41f4b71Sopenharmony_ci 3043e41f4b71Sopenharmony_ci### update 3044e41f4b71Sopenharmony_ci 3045e41f4b71Sopenharmony_ciupdate(data: DataBlob): Promise\<DataBlob> 3046e41f4b71Sopenharmony_ci 3047e41f4b71Sopenharmony_ci分段更新加密或者解密数据操作,通过Promise获取加/解密数据。 3048e41f4b71Sopenharmony_ci 3049e41f4b71Sopenharmony_ci必须在对[Cipher](#cipher)实例使用[init()](#init-2)初始化后,才能使用本函数。 3050e41f4b71Sopenharmony_ci 3051e41f4b71Sopenharmony_ci> **说明:** 3052e41f4b71Sopenharmony_ci> 3053e41f4b71Sopenharmony_ci> 1. 在进行对称加解密操作的时候,如果开发者对各个分组模式不够熟悉,建议对每次update和doFinal的结果都判断是否为null,并在结果不为null时取出其中的数据进行拼接,形成完整的密文/明文。这是因为选择的分组模式等各项规格都可能对update和doFinal结果产生影响。 3054e41f4b71Sopenharmony_ci> <br/>(例如对于ECB和CBC模式,不论update传入的数据是否为分组长度的整数倍,都会以分组作为基本单位进行加/解密,并输出本次update新产生的加/解密分组结果。<br/>可以理解为,update只要凑满一个新的分组就会有输出,如果没有凑满则此次update输出为null,把当前还没被加/解密的数据留着,等下一次update/doFinal传入数据的时候,拼接起来继续凑分组。<br/>最后doFinal的时候,会把剩下的还没加/解密的数据,根据[createCipher](#cryptoframeworkcreatecipher)时设置的padding模式进行填充,补齐到分组的整数倍长度,再输出剩余加解密结果。<br/>而对于可以将分组密码转化为流模式实现的模式,还可能出现密文长度和明文长度相同的情况等。) 3055e41f4b71Sopenharmony_ci> 2. 根据数据量,可以不调用update(即init完成后直接调用doFinal)或多次调用update。<br/> 3056e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的对称加解密,可以采用多次update的方式传入数据。<br/> 3057e41f4b71Sopenharmony_ci> AES使用多次update操作的示例代码详见[使用AES对称密钥分段加解密](../../security/CryptoArchitectureKit/crypto-aes-sym-encrypt-decrypt-gcm-by-segment.md)。 3058e41f4b71Sopenharmony_ci> 3. RSA、SM2非对称加解密不支持update操作。 3059e41f4b71Sopenharmony_ci> 4. 对于CCM模式的对称加解密算法,加密时只能调用1次update接口加密数据并调用doFinal接口获取tag,或直接调用doFinal接口加密数据并获取tag,解密时只能调用1次update接口或调用1次doFinal接口解密数据并验证tag。 3060e41f4b71Sopenharmony_ci 3061e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3062e41f4b71Sopenharmony_ci 3063e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3064e41f4b71Sopenharmony_ci 3065e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3066e41f4b71Sopenharmony_ci 3067e41f4b71Sopenharmony_ci**参数:** 3068e41f4b71Sopenharmony_ci 3069e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3070e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 3071e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 加密或者解密的数据。data不能为null。 | 3072e41f4b71Sopenharmony_ci 3073e41f4b71Sopenharmony_ci**返回值:** 3074e41f4b71Sopenharmony_ci 3075e41f4b71Sopenharmony_ci| 类型 | 说明 | 3076e41f4b71Sopenharmony_ci| ------------------------------- | ------------------------------------------------ | 3077e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | Promise对象,返回此次更新的加/解密结果DataBlob。 | 3078e41f4b71Sopenharmony_ci 3079e41f4b71Sopenharmony_ci**错误码:** 3080e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3081e41f4b71Sopenharmony_ci 3082e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3083e41f4b71Sopenharmony_ci| -------- | -------------------------------------------- | 3084e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3085e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3086e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3087e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3088e41f4b71Sopenharmony_ci 3089e41f4b71Sopenharmony_ci### updateSync<sup>12+</sup> 3090e41f4b71Sopenharmony_ci 3091e41f4b71Sopenharmony_ciupdateSync(data: DataBlob): DataBlob 3092e41f4b71Sopenharmony_ci 3093e41f4b71Sopenharmony_ci分段更新加密或者解密数据操作,通过注册回调函数获取加/解密数据。 3094e41f4b71Sopenharmony_ci 3095e41f4b71Sopenharmony_ci必须在对[Cipher](#cipher)实例使用[initSync()](#initsync12)初始化后,才能使用本函数。 3096e41f4b71Sopenharmony_ci 3097e41f4b71Sopenharmony_ci其他注意事项同上异步接口说明。 3098e41f4b71Sopenharmony_ci 3099e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3100e41f4b71Sopenharmony_ci 3101e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3102e41f4b71Sopenharmony_ci 3103e41f4b71Sopenharmony_ci**参数:** 3104e41f4b71Sopenharmony_ci 3105e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3106e41f4b71Sopenharmony_ci| ------ | --------------------- | ---- | ------------------------------------------------------------ | 3107e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 加密或者解密的数据。data不能为null。 | 3108e41f4b71Sopenharmony_ci 3109e41f4b71Sopenharmony_ci**错误码:** 3110e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3111e41f4b71Sopenharmony_ci 3112e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3113e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3114e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3115e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3116e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3117e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3118e41f4b71Sopenharmony_ci 3119e41f4b71Sopenharmony_ci### doFinal 3120e41f4b71Sopenharmony_ci 3121e41f4b71Sopenharmony_cidoFinal(data: DataBlob | null, callback: AsyncCallback\<DataBlob>): void 3122e41f4b71Sopenharmony_ci 3123e41f4b71Sopenharmony_ci(1)在对称加解密中,doFinal加/解密(分组模式产生的)剩余数据和本次传入的数据,最后结束加密或者解密数据操作,通过注册回调函数获取加密或者解密数据。<br/>如果数据量较小,可以在doFinal中一次性传入数据,而不使用update;如果在本次加解密流程中,已经使用[update](#update-4)传入过数据,可以在doFinal的data参数处传入null。<br/>根据对称加解密的模式不同,doFinal的输出有如下区别: 3124e41f4b71Sopenharmony_ci 3125e41f4b71Sopenharmony_ci- 对于GCM和CCM模式的对称加密:一次加密流程中,如果将每一次update和doFinal的结果拼接起来,会得到“密文+authTag”,即末尾的16字节(GCM模式)或12字节(CCM模式)是authTag,而其余部分均为密文。(也就是说,如果doFinal的data参数传入null,则doFinal的结果就是authTag)authTag需要填入解密时的[GcmParamsSpec](#gcmparamsspec)或[CcmParamsSpec](#ccmparamsspec);密文则作为解密时的入参data。 3126e41f4b71Sopenharmony_ci- 对于其他模式的对称加解密、GCM和CCM模式的对称解密:一次加/解密流程中,每一次update和doFinal的结果拼接起来,得到完整的明文/密文。 3127e41f4b71Sopenharmony_ci 3128e41f4b71Sopenharmony_ci(2)在RSA、SM2非对称加解密中,doFinal加/解密本次传入的数据,通过注册回调函数获取加密或者解密数据。如果数据量较大,可以多次调用doFinal,拼接结果得到完整的明文/密文。 3129e41f4b71Sopenharmony_ci 3130e41f4b71Sopenharmony_ci> **说明:** 3131e41f4b71Sopenharmony_ci> 3132e41f4b71Sopenharmony_ci> 1. 对称加解密中,调用doFinal标志着一次加解密流程已经完成,即[Cipher](#cipher)实例的状态被清除,因此当后续开启新一轮加解密流程时,需要重新调用init()并传入完整的参数列表进行初始化<br/>(比如即使是对同一个Cipher实例,采用同样的对称密钥,进行加密然后解密,则解密中调用init的时候仍需填写params参数,而不能直接省略为null)。 3133e41f4b71Sopenharmony_ci> 2. 如果遇到解密失败,需检查加解密数据和init时的参数是否匹配,包括GCM模式下加密得到的authTag是否填入解密时的GcmParamsSpec等。 3134e41f4b71Sopenharmony_ci> 3. doFinal的结果可能为null,因此使用.data字段访问doFinal结果的具体数据前,请记得先判断结果是否为null,避免产生异常。 3135e41f4b71Sopenharmony_ci> 4. 非对称加解密时多次doFinal操作的示例代码详见[使用RSA非对称密钥分段加解密](../../security/CryptoArchitectureKit/crypto-rsa-asym-encrypt-decrypt-by-segment.md),SM2和RSA的操作类似。 3136e41f4b71Sopenharmony_ci 3137e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3138e41f4b71Sopenharmony_ci 3139e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3140e41f4b71Sopenharmony_ci 3141e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3142e41f4b71Sopenharmony_ci 3143e41f4b71Sopenharmony_ci**参数:** 3144e41f4b71Sopenharmony_ci 3145e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3146e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | ------------------------------------------------------------ | 3147e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 加密或者解密的数据。在对称加解密中允许为null,但不允许传入{data: Uint8Array(空) }。API 10之前只支持DataBlob, API 10之后增加支持null。 | 3148e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数。当最终加/解密数据成功,err为undefined,data为剩余数据的加/解密结果DataBlob;否则为错误对象。 | 3149e41f4b71Sopenharmony_ci 3150e41f4b71Sopenharmony_ci**错误码:** 3151e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3152e41f4b71Sopenharmony_ci 3153e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3154e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3155e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3156e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3157e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3158e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3159e41f4b71Sopenharmony_ci 3160e41f4b71Sopenharmony_ci**以AES GCM模式加密为例:** 3161e41f4b71Sopenharmony_ci 3162e41f4b71Sopenharmony_ci此外,更多加解密流程的完整示例可参考[加解密开发指导](../../security/CryptoArchitectureKit/crypto-aes-sym-encrypt-decrypt-gcm.md)。 3163e41f4b71Sopenharmony_ci 3164e41f4b71Sopenharmony_ci```ts 3165e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3166e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3167e41f4b71Sopenharmony_ci 3168e41f4b71Sopenharmony_cifunction generateRandom(len: number) { 3169e41f4b71Sopenharmony_ci let rand = cryptoFramework.createRandom(); 3170e41f4b71Sopenharmony_ci let generateRandSync = rand.generateRandomSync(len); 3171e41f4b71Sopenharmony_ci return generateRandSync; 3172e41f4b71Sopenharmony_ci} 3173e41f4b71Sopenharmony_ci 3174e41f4b71Sopenharmony_cifunction genGcmParamsSpec() { 3175e41f4b71Sopenharmony_ci let ivBlob = generateRandom(12); 3176e41f4b71Sopenharmony_ci let arr = [1, 2, 3, 4, 5, 6, 7, 8]; 3177e41f4b71Sopenharmony_ci let dataAad = new Uint8Array(arr); 3178e41f4b71Sopenharmony_ci let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 3179e41f4b71Sopenharmony_ci arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; 3180e41f4b71Sopenharmony_ci let dataTag = new Uint8Array(arr); 3181e41f4b71Sopenharmony_ci let tagBlob: cryptoFramework.DataBlob = { 3182e41f4b71Sopenharmony_ci data: dataTag 3183e41f4b71Sopenharmony_ci }; 3184e41f4b71Sopenharmony_ci let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 3185e41f4b71Sopenharmony_ci iv: ivBlob, 3186e41f4b71Sopenharmony_ci aad: aadBlob, 3187e41f4b71Sopenharmony_ci authTag: tagBlob, 3188e41f4b71Sopenharmony_ci algName: "GcmParamsSpec" 3189e41f4b71Sopenharmony_ci }; 3190e41f4b71Sopenharmony_ci return gcmParamsSpec; 3191e41f4b71Sopenharmony_ci} 3192e41f4b71Sopenharmony_ci 3193e41f4b71Sopenharmony_cifunction cipherByCallback() { 3194e41f4b71Sopenharmony_ci let gcmParams = genGcmParamsSpec(); 3195e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 3196e41f4b71Sopenharmony_ci let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 3197e41f4b71Sopenharmony_ci symKeyGenerator.generateSymKey((err, symKey) => { 3198e41f4b71Sopenharmony_ci cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams, (err,) => { 3199e41f4b71Sopenharmony_ci let message = "This is a test"; 3200e41f4b71Sopenharmony_ci let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 3201e41f4b71Sopenharmony_ci cipher.update(plainText, (err, encryptUpdate) => { 3202e41f4b71Sopenharmony_ci cipher.doFinal(null, (err, tag) => { 3203e41f4b71Sopenharmony_ci gcmParams.authTag = tag; 3204e41f4b71Sopenharmony_ci console.info('encryptUpdate plainText:' + encryptUpdate.data); 3205e41f4b71Sopenharmony_ci }); 3206e41f4b71Sopenharmony_ci }); 3207e41f4b71Sopenharmony_ci }); 3208e41f4b71Sopenharmony_ci }); 3209e41f4b71Sopenharmony_ci} 3210e41f4b71Sopenharmony_ci``` 3211e41f4b71Sopenharmony_ci 3212e41f4b71Sopenharmony_ci### doFinal 3213e41f4b71Sopenharmony_ci 3214e41f4b71Sopenharmony_cidoFinal(data: DataBlob | null): Promise\<DataBlob> 3215e41f4b71Sopenharmony_ci 3216e41f4b71Sopenharmony_ci(1)在对称加解密中,doFinal加/解密(分组模式产生的)剩余数据和本次传入的数据,最后结束加密或者解密数据操作,通过Promise获取加密或者解密数据。<br/>如果数据量较小,可以在doFinal中一次性传入数据,而不使用update;如果在本次加解密流程中,已经使用update传入过数据,可以在doFinal的data参数处传入null。<br/>根据对称加解密的模式不同,doFinal的输出有如下区别: 3217e41f4b71Sopenharmony_ci 3218e41f4b71Sopenharmony_ci- 对于GCM和CCM模式的对称加密:一次加密流程中,如果将每一次update和doFinal的结果拼接起来,会得到“密文+authTag”,即末尾的16字节(GCM模式)或12字节(CCM模式)是authTag,而其余部分均为密文。(也就是说,如果doFinal的data参数传入null,则doFinal的结果就是authTag)<br/>authTag需要填入解密时的[GcmParamsSpec](#gcmparamsspec)或[CcmParamsSpec](#ccmparamsspec);密文则作为解密时的入参data。 3219e41f4b71Sopenharmony_ci- 对于其他模式的对称加解密、GCM和CCM模式的对称解密:一次加/解密流程中,每一次update和doFinal的结果拼接起来,得到完整的明文/密文。 3220e41f4b71Sopenharmony_ci 3221e41f4b71Sopenharmony_ci(2)在RSA、SM2非对称加解密中,doFinal加/解密本次传入的数据,通过Promise获取加密或者解密数据。如果数据量较大,可以多次调用doFinal,拼接结果得到完整的明文/密文。 3222e41f4b71Sopenharmony_ci 3223e41f4b71Sopenharmony_ci> **说明:** 3224e41f4b71Sopenharmony_ci> 3225e41f4b71Sopenharmony_ci> 1. 对称加解密中,调用doFinal标志着一次加解密流程已经完成,即[Cipher](#cipher)实例的状态被清除,因此当后续开启新一轮加解密流程时,需要重新调用init()并传入完整的参数列表进行初始化<br/>(比如即使是对同一个Cipher实例,采用同样的对称密钥,进行加密然后解密,则解密中调用init的时候仍需填写params参数,而不能直接省略为null)。 3226e41f4b71Sopenharmony_ci> 2. 如果遇到解密失败,需检查加解密数据和init时的参数是否匹配,包括GCM模式下加密得到的authTag是否填入解密时的GcmParamsSpec等。 3227e41f4b71Sopenharmony_ci> 3. doFinal的结果可能为null,因此使用.data字段访问doFinal结果的具体数据前,请记得先判断结果是否为null,避免产生异常。 3228e41f4b71Sopenharmony_ci> 4. 非对称加解密时多次doFinal操作的示例代码详见[使用RSA非对称密钥分段加解密](../../security/CryptoArchitectureKit/crypto-rsa-asym-encrypt-decrypt-by-segment.md),SM2和RSA的操作类似。 3229e41f4b71Sopenharmony_ci 3230e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3231e41f4b71Sopenharmony_ci 3232e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3233e41f4b71Sopenharmony_ci 3234e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3235e41f4b71Sopenharmony_ci 3236e41f4b71Sopenharmony_ci**参数:** 3237e41f4b71Sopenharmony_ci 3238e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3239e41f4b71Sopenharmony_ci| ---- | --------------------- | ---- | -------------------- | 3240e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 加密或者解密的数据。data参数允许为null,但不允许传入{data: Uint8Array(空) }。API 10之前只支持DataBlob, API 10之后增加支持null。 | 3241e41f4b71Sopenharmony_ci 3242e41f4b71Sopenharmony_ci**返回值:** 3243e41f4b71Sopenharmony_ci 3244e41f4b71Sopenharmony_ci| 类型 | 说明 | 3245e41f4b71Sopenharmony_ci| ------------------------------- | ------------------------------------------------ | 3246e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | Promise对象,返回剩余数据的加/解密结果DataBlob。 | 3247e41f4b71Sopenharmony_ci 3248e41f4b71Sopenharmony_ci**错误码:** 3249e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3250e41f4b71Sopenharmony_ci 3251e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3252e41f4b71Sopenharmony_ci| -------- | -------------------------------------------- | 3253e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3254e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3255e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3256e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3257e41f4b71Sopenharmony_ci 3258e41f4b71Sopenharmony_ci**以AES GCM模式加密为例:** 3259e41f4b71Sopenharmony_ci 3260e41f4b71Sopenharmony_ci此外,更多加解密流程的完整示例可参考[加解密开发指导](../../security/CryptoArchitectureKit/crypto-aes-sym-encrypt-decrypt-gcm.md)。 3261e41f4b71Sopenharmony_ci 3262e41f4b71Sopenharmony_ci```ts 3263e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3264e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3265e41f4b71Sopenharmony_ci 3266e41f4b71Sopenharmony_cifunction generateRandom(len: number) { 3267e41f4b71Sopenharmony_ci let rand = cryptoFramework.createRandom(); 3268e41f4b71Sopenharmony_ci let generateRandSync = rand.generateRandomSync(len); 3269e41f4b71Sopenharmony_ci return generateRandSync; 3270e41f4b71Sopenharmony_ci} 3271e41f4b71Sopenharmony_ci 3272e41f4b71Sopenharmony_cifunction genGcmParamsSpec() { 3273e41f4b71Sopenharmony_ci let ivBlob = generateRandom(12); 3274e41f4b71Sopenharmony_ci let arr = [1, 2, 3, 4, 5, 6, 7, 8]; 3275e41f4b71Sopenharmony_ci let dataAad = new Uint8Array(arr); 3276e41f4b71Sopenharmony_ci let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 3277e41f4b71Sopenharmony_ci arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; 3278e41f4b71Sopenharmony_ci let dataTag = new Uint8Array(arr); 3279e41f4b71Sopenharmony_ci let tagBlob: cryptoFramework.DataBlob = { 3280e41f4b71Sopenharmony_ci data: dataTag 3281e41f4b71Sopenharmony_ci }; 3282e41f4b71Sopenharmony_ci let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 3283e41f4b71Sopenharmony_ci iv: ivBlob, 3284e41f4b71Sopenharmony_ci aad: aadBlob, 3285e41f4b71Sopenharmony_ci authTag: tagBlob, 3286e41f4b71Sopenharmony_ci algName: "GcmParamsSpec" 3287e41f4b71Sopenharmony_ci }; 3288e41f4b71Sopenharmony_ci return gcmParamsSpec; 3289e41f4b71Sopenharmony_ci} 3290e41f4b71Sopenharmony_ci 3291e41f4b71Sopenharmony_ciasync function cipherByPromise() { 3292e41f4b71Sopenharmony_ci let gcmParams = genGcmParamsSpec(); 3293e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 3294e41f4b71Sopenharmony_ci let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 3295e41f4b71Sopenharmony_ci let symKey = await symKeyGenerator.generateSymKey(); 3296e41f4b71Sopenharmony_ci await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 3297e41f4b71Sopenharmony_ci let message = "This is a test"; 3298e41f4b71Sopenharmony_ci let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 3299e41f4b71Sopenharmony_ci let encryptUpdate = await cipher.update(plainText); 3300e41f4b71Sopenharmony_ci gcmParams.authTag = await cipher.doFinal(null); 3301e41f4b71Sopenharmony_ci console.info('encryptUpdate plainText: ' + encryptUpdate.data); 3302e41f4b71Sopenharmony_ci} 3303e41f4b71Sopenharmony_ci``` 3304e41f4b71Sopenharmony_ci 3305e41f4b71Sopenharmony_ci### doFinalSync<sup>12+</sup> 3306e41f4b71Sopenharmony_ci 3307e41f4b71Sopenharmony_cidoFinalSync(data: DataBlob | null): DataBlob 3308e41f4b71Sopenharmony_ci 3309e41f4b71Sopenharmony_ci(1)在对称加解密中,doFinalSync加/解密(分组模式产生的)剩余数据和本次传入的数据,最后结束加密或者解密数据操作,通过注册回调函数获取加密或者解密数据。<br/>如果数据量较小,可以在doFinalSync中一次性传入数据,而不使用updateSync;如果在本次加解密流程中,已经使用[updateSync](#updatesync12)传入过数据,可以在doFinalSync的data参数处传入null。<br/>根据对称加解密的模式不同,doFinalSync的输出有如下区别: 3310e41f4b71Sopenharmony_ci 3311e41f4b71Sopenharmony_ci- 对于GCM和CCM模式的对称加密:一次加密流程中,如果将每一次updateSync和doFinalSync的结果拼接起来,会得到“密文+authTag”,即末尾的16字节(GCM模式)或12字节(CCM模式)是authTag,而其余部分均为密文。(也就是说,如果doFinalSync的data参数传入null,则doFinalSync的结果就是authTag)<br/>authTag需要填入解密时的[GcmParamsSpec](#gcmparamsspec)或[CcmParamsSpec](#ccmparamsspec);密文则作为解密时的入参data。 3312e41f4b71Sopenharmony_ci- 对于其他模式的对称加解密、GCM和CCM模式的对称解密:一次加/解密流程中,每一次updateSync和doFinalSync的结果拼接起来,得到完整的明文/密文。 3313e41f4b71Sopenharmony_ci 3314e41f4b71Sopenharmony_ci(2)在RSA、SM2非对称加解密中,doFinalSync加/解密本次传入的数据,通过注册回调函数获取加密或者解密数据。如果数据量较大,可以多次调用doFinalSync,拼接结果得到完整的明文/密文。 3315e41f4b71Sopenharmony_ci 3316e41f4b71Sopenharmony_ci其他注意事项同接口[doFinal()](#dofinal)说明。 3317e41f4b71Sopenharmony_ci 3318e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3319e41f4b71Sopenharmony_ci 3320e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3321e41f4b71Sopenharmony_ci 3322e41f4b71Sopenharmony_ci**参数:** 3323e41f4b71Sopenharmony_ci 3324e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3325e41f4b71Sopenharmony_ci| ------ | ------------------------------------------- | ---- | ------------------------------------------------------------ | 3326e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 加密或者解密的数据。在对称加解密中允许为null,但不允许传入{data: Uint8Array(空) }。 | 3327e41f4b71Sopenharmony_ci 3328e41f4b71Sopenharmony_ci**错误码:** 3329e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3330e41f4b71Sopenharmony_ci 3331e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3332e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3333e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3334e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3335e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3336e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3337e41f4b71Sopenharmony_ci 3338e41f4b71Sopenharmony_ci**以AES GCM模式加密为例:** 3339e41f4b71Sopenharmony_ci 3340e41f4b71Sopenharmony_ci此外,更多加解密流程的完整示例可参考[加解密开发指导](../../security/CryptoArchitectureKit/crypto-aes-sym-encrypt-decrypt-gcm.md)。 3341e41f4b71Sopenharmony_ci 3342e41f4b71Sopenharmony_ci```ts 3343e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3344e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3345e41f4b71Sopenharmony_ci 3346e41f4b71Sopenharmony_cifunction generateRandom(len: number) { 3347e41f4b71Sopenharmony_ci let rand = cryptoFramework.createRandom(); 3348e41f4b71Sopenharmony_ci let generateRandSync = rand.generateRandomSync(len); 3349e41f4b71Sopenharmony_ci return generateRandSync; 3350e41f4b71Sopenharmony_ci} 3351e41f4b71Sopenharmony_ci 3352e41f4b71Sopenharmony_cifunction genGcmParamsSpec() { 3353e41f4b71Sopenharmony_ci let ivBlob = generateRandom(12); 3354e41f4b71Sopenharmony_ci let arr = [1, 2, 3, 4, 5, 6, 7, 8]; 3355e41f4b71Sopenharmony_ci let dataAad = new Uint8Array(arr); 3356e41f4b71Sopenharmony_ci let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 3357e41f4b71Sopenharmony_ci arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; 3358e41f4b71Sopenharmony_ci let dataTag = new Uint8Array(arr); 3359e41f4b71Sopenharmony_ci let tagBlob: cryptoFramework.DataBlob = { 3360e41f4b71Sopenharmony_ci data: dataTag 3361e41f4b71Sopenharmony_ci }; 3362e41f4b71Sopenharmony_ci let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 3363e41f4b71Sopenharmony_ci iv: ivBlob, 3364e41f4b71Sopenharmony_ci aad: aadBlob, 3365e41f4b71Sopenharmony_ci authTag: tagBlob, 3366e41f4b71Sopenharmony_ci algName: "GcmParamsSpec" 3367e41f4b71Sopenharmony_ci }; 3368e41f4b71Sopenharmony_ci return gcmParamsSpec; 3369e41f4b71Sopenharmony_ci} 3370e41f4b71Sopenharmony_ci 3371e41f4b71Sopenharmony_ciasync function cipherBySync() { 3372e41f4b71Sopenharmony_ci let gcmParams = genGcmParamsSpec(); 3373e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 3374e41f4b71Sopenharmony_ci let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 3375e41f4b71Sopenharmony_ci let symKey = await symKeyGenerator.generateSymKey(); 3376e41f4b71Sopenharmony_ci await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 3377e41f4b71Sopenharmony_ci let message = "This is a test"; 3378e41f4b71Sopenharmony_ci let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 3379e41f4b71Sopenharmony_ci let encryptUpdate = cipher.updateSync(plainText); 3380e41f4b71Sopenharmony_ci gcmParams.authTag = cipher.doFinalSync(null); 3381e41f4b71Sopenharmony_ci console.info('encryptUpdate plainText: ' + encryptUpdate.data); 3382e41f4b71Sopenharmony_ci} 3383e41f4b71Sopenharmony_ci 3384e41f4b71Sopenharmony_ci``` 3385e41f4b71Sopenharmony_ci 3386e41f4b71Sopenharmony_ci### setCipherSpec<sup>10+</sup> 3387e41f4b71Sopenharmony_ci 3388e41f4b71Sopenharmony_cisetCipherSpec(itemType: CipherSpecItem, itemValue: Uint8Array): void 3389e41f4b71Sopenharmony_ci 3390e41f4b71Sopenharmony_ci设置加解密参数。常用的加解密参数可以直接通过[createCipher](#cryptoframeworkcreatecipher) 来指定,剩余参数可以通过本接口指定。当前只支持RSA算法。 3391e41f4b71Sopenharmony_ci 3392e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3393e41f4b71Sopenharmony_ci 3394e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3395e41f4b71Sopenharmony_ci 3396e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3397e41f4b71Sopenharmony_ci 3398e41f4b71Sopenharmony_ci**参数:** 3399e41f4b71Sopenharmony_ci 3400e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3401e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ---------- | 3402e41f4b71Sopenharmony_ci| itemType | [CipherSpecItem](#cipherspecitem10) | 是 | 用于指定需要设置的加解密参数。 | 3403e41f4b71Sopenharmony_ci| itemValue | Uint8Array | 是 | 用于指定加解密参数的具体值。 | 3404e41f4b71Sopenharmony_ci 3405e41f4b71Sopenharmony_ci**错误码:** 3406e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3407e41f4b71Sopenharmony_ci 3408e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3409e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3410e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3411e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3412e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3413e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3414e41f4b71Sopenharmony_ci 3415e41f4b71Sopenharmony_ci**示例:** 3416e41f4b71Sopenharmony_ci 3417e41f4b71Sopenharmony_ci<!--code_no_check--> 3418e41f4b71Sopenharmony_ci```ts 3419e41f4b71Sopenharmony_cilet cipher: cryptoFramework.Cipher; // The process of generating the Cipher instance is omitted here. 3420e41f4b71Sopenharmony_cilet pSource = new Uint8Array([1,2,3,4]); 3421e41f4b71Sopenharmony_cicipher.setCipherSpec(cryptoFramework.CipherSpecItem.OAEP_MGF1_PSRC_UINT8ARR, pSource); 3422e41f4b71Sopenharmony_ci``` 3423e41f4b71Sopenharmony_ci 3424e41f4b71Sopenharmony_ci### getCipherSpec<sup>10+</sup> 3425e41f4b71Sopenharmony_ci 3426e41f4b71Sopenharmony_cigetCipherSpec(itemType: CipherSpecItem): string | Uint8Array 3427e41f4b71Sopenharmony_ci 3428e41f4b71Sopenharmony_ci获取加解密参数。当前只支持RSA算法和SM2算法,从API version 11开始,支持SM2算法获取加解密参数。 3429e41f4b71Sopenharmony_ci 3430e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3431e41f4b71Sopenharmony_ci 3432e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Cipher 3433e41f4b71Sopenharmony_ci 3434e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Cipher 3435e41f4b71Sopenharmony_ci 3436e41f4b71Sopenharmony_ci**参数:** 3437e41f4b71Sopenharmony_ci 3438e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3439e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 3440e41f4b71Sopenharmony_ci| itemType | [CipherSpecItem](#cipherspecitem10) | 是 | 用于指定需要获取的加解密参数。 | 3441e41f4b71Sopenharmony_ci 3442e41f4b71Sopenharmony_ci**返回值:** 3443e41f4b71Sopenharmony_ci 3444e41f4b71Sopenharmony_ci| 类型 | 说明 | 3445e41f4b71Sopenharmony_ci| -------------- | ----------- | 3446e41f4b71Sopenharmony_ci| string \| Uint8Array | 获取的加解密参数的具体值。 | 3447e41f4b71Sopenharmony_ci 3448e41f4b71Sopenharmony_ci**错误码:** 3449e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3450e41f4b71Sopenharmony_ci 3451e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3452e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3453e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3454e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3455e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3456e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3457e41f4b71Sopenharmony_ci 3458e41f4b71Sopenharmony_ci**示例:** 3459e41f4b71Sopenharmony_ci 3460e41f4b71Sopenharmony_ci<!--code_no_check--> 3461e41f4b71Sopenharmony_ci```ts 3462e41f4b71Sopenharmony_cilet cipher: cryptoFramework.Cipher; // The process of generating the Cipher instance is omitted here. 3463e41f4b71Sopenharmony_cilet mdName = cipher.getCipherSpec(cryptoFramework.CipherSpecItem.OAEP_MD_NAME_STR); 3464e41f4b71Sopenharmony_ci``` 3465e41f4b71Sopenharmony_ci 3466e41f4b71Sopenharmony_ci## cryptoFramework.createSign 3467e41f4b71Sopenharmony_ci 3468e41f4b71Sopenharmony_cicreateSign(algName: string): Sign 3469e41f4b71Sopenharmony_ci 3470e41f4b71Sopenharmony_ciSign实例生成。 3471e41f4b71Sopenharmony_ci 3472e41f4b71Sopenharmony_ci支持的规格详见[签名验签规格](../../security/CryptoArchitectureKit/crypto-sign-sig-verify-overview.md)。 3473e41f4b71Sopenharmony_ci 3474e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3475e41f4b71Sopenharmony_ci 3476e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3477e41f4b71Sopenharmony_ci 3478e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3479e41f4b71Sopenharmony_ci 3480e41f4b71Sopenharmony_ci**参数:** 3481e41f4b71Sopenharmony_ci 3482e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3483e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 3484e41f4b71Sopenharmony_ci| algName | string | 是 | 指定签名算法:RSA,ECC,DSA,SM2<sup>10+</sup>或ED25519<sup>11+</sup>。使用RSA PKCS1模式时需要设置摘要,使用RSA PSS模式时需要设置摘要和掩码摘要。<br/>使用RSA算法签名时,通过设置OnlySign参数可支持传入数据摘要仅作签名。 | 3485e41f4b71Sopenharmony_ci 3486e41f4b71Sopenharmony_ci**返回值**: 3487e41f4b71Sopenharmony_ci 3488e41f4b71Sopenharmony_ci| 类型 | 说明 | 3489e41f4b71Sopenharmony_ci| ---- | ---------------------------------- | 3490e41f4b71Sopenharmony_ci| Sign | 返回由输入算法指定生成的Sign对象。 | 3491e41f4b71Sopenharmony_ci 3492e41f4b71Sopenharmony_ci**错误码:** 3493e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3494e41f4b71Sopenharmony_ci 3495e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3496e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3497e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3498e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3499e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3500e41f4b71Sopenharmony_ci 3501e41f4b71Sopenharmony_ci**示例:** 3502e41f4b71Sopenharmony_ci 3503e41f4b71Sopenharmony_ci```ts 3504e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3505e41f4b71Sopenharmony_ci 3506e41f4b71Sopenharmony_cilet signer1 = cryptoFramework.createSign('RSA1024|PKCS1|SHA256'); 3507e41f4b71Sopenharmony_ci 3508e41f4b71Sopenharmony_cilet signer2 = cryptoFramework.createSign('RSA1024|PSS|SHA256|MGF1_SHA256'); 3509e41f4b71Sopenharmony_ci 3510e41f4b71Sopenharmony_cilet signer3 = cryptoFramework.createSign('ECC224|SHA256'); 3511e41f4b71Sopenharmony_ci 3512e41f4b71Sopenharmony_cilet signer4 = cryptoFramework.createSign('DSA2048|SHA256'); 3513e41f4b71Sopenharmony_ci 3514e41f4b71Sopenharmony_cilet signer5 = cryptoFramework.createSign('RSA1024|PKCS1|SHA256|OnlySign'); 3515e41f4b71Sopenharmony_ci``` 3516e41f4b71Sopenharmony_ci 3517e41f4b71Sopenharmony_ci## Sign 3518e41f4b71Sopenharmony_ci 3519e41f4b71Sopenharmony_ciSign类,使用Sign方法之前需要创建该类的实例进行操作,通过[createSign(algName: string): Sign](#cryptoframeworkcreatesign)方法构造此实例。按序调用本类中的init、update、sign方法完成签名操作。签名操作的示例代码详见[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 3520e41f4b71Sopenharmony_ci 3521e41f4b71Sopenharmony_ciSign类不支持重复初始化,当业务方需要使用新密钥签名时,需要重新创建新Sign对象并调用init初始化。 3522e41f4b71Sopenharmony_ci 3523e41f4b71Sopenharmony_ci业务方使用时,在createSign时确定签名的模式,调用init接口设置密钥。 3524e41f4b71Sopenharmony_ci 3525e41f4b71Sopenharmony_ci当待签名数据较短时,可在init初始化后,(无需update)直接调用sign接口传入原文数据进行签名。 3526e41f4b71Sopenharmony_ci 3527e41f4b71Sopenharmony_ci当待签名数据较长时,可通过update接口分段传入切分后的原文数据,最后调用sign接口对整体原文数据进行签名。 3528e41f4b71Sopenharmony_ci 3529e41f4b71Sopenharmony_ci当使用update分段传入原文时,sign接口API 10之前只支持传入DataBlob, API 10之后增加支持null。业务方可在循环中调用update接口,循环结束后调用sign进行签名。 3530e41f4b71Sopenharmony_ci 3531e41f4b71Sopenharmony_ci当使用DSA算法进行签名,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 3532e41f4b71Sopenharmony_ci 3533e41f4b71Sopenharmony_ci### 属性 3534e41f4b71Sopenharmony_ci 3535e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3536e41f4b71Sopenharmony_ci 3537e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3538e41f4b71Sopenharmony_ci 3539e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3540e41f4b71Sopenharmony_ci 3541e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 3542e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 3543e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 签名指定的算法名称。 | 3544e41f4b71Sopenharmony_ci 3545e41f4b71Sopenharmony_ci### init 3546e41f4b71Sopenharmony_ci 3547e41f4b71Sopenharmony_ciinit(priKey: PriKey, callback: AsyncCallback\<void>): void 3548e41f4b71Sopenharmony_ci 3549e41f4b71Sopenharmony_ci使用私钥初始化Sign对象,通过注册回调函数获取结果。init、update、sign为三段式接口,需要成组使用。其中init和sign必选,update可选。 3550e41f4b71Sopenharmony_ci 3551e41f4b71Sopenharmony_ciSign类暂不支持重复init。 3552e41f4b71Sopenharmony_ci 3553e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3554e41f4b71Sopenharmony_ci 3555e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3556e41f4b71Sopenharmony_ci 3557e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3558e41f4b71Sopenharmony_ci 3559e41f4b71Sopenharmony_ci**参数:** 3560e41f4b71Sopenharmony_ci 3561e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3562e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ---------------- | 3563e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 用于Sign的初始化。 | 3564e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当签名初始化成功,err为undefined,否则为错误对象。 | 3565e41f4b71Sopenharmony_ci 3566e41f4b71Sopenharmony_ci**错误码:** 3567e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3568e41f4b71Sopenharmony_ci 3569e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3570e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3571e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3572e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3573e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3574e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3575e41f4b71Sopenharmony_ci 3576e41f4b71Sopenharmony_ci### init 3577e41f4b71Sopenharmony_ci 3578e41f4b71Sopenharmony_ciinit(priKey: PriKey): Promise\<void> 3579e41f4b71Sopenharmony_ci 3580e41f4b71Sopenharmony_ci使用私钥初始化Sign对象,通过Promise获取结果。init、update、sign为三段式接口,需要成组使用。其中init和sign必选,update可选。 3581e41f4b71Sopenharmony_ci 3582e41f4b71Sopenharmony_ciSign类暂不支持重复init。 3583e41f4b71Sopenharmony_ci 3584e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3585e41f4b71Sopenharmony_ci 3586e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3587e41f4b71Sopenharmony_ci 3588e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3589e41f4b71Sopenharmony_ci 3590e41f4b71Sopenharmony_ci**参数:** 3591e41f4b71Sopenharmony_ci 3592e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3593e41f4b71Sopenharmony_ci| ------ | ---- | ---- | ---------------- | 3594e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 用于Sign的初始化。 | 3595e41f4b71Sopenharmony_ci 3596e41f4b71Sopenharmony_ci**返回值:** 3597e41f4b71Sopenharmony_ci 3598e41f4b71Sopenharmony_ci| 类型 | 说明 | 3599e41f4b71Sopenharmony_ci| -------------- | ------------- | 3600e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 3601e41f4b71Sopenharmony_ci 3602e41f4b71Sopenharmony_ci**错误码:** 3603e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3604e41f4b71Sopenharmony_ci 3605e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3606e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3607e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3608e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3609e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3610e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3611e41f4b71Sopenharmony_ci 3612e41f4b71Sopenharmony_ci### initSync<sup>12+</sup> 3613e41f4b71Sopenharmony_ci 3614e41f4b71Sopenharmony_ciinitSync(priKey: PriKey): void 3615e41f4b71Sopenharmony_ci 3616e41f4b71Sopenharmony_ci使用私钥初始化Sign对象,通过同步方式获取结果。initSync、updateSync、signSync为三段式接口,需要成组使用。其中initSync和signSync必选,updateSync可选。 3617e41f4b71Sopenharmony_ci 3618e41f4b71Sopenharmony_ciSign类暂不支持重复initSync。 3619e41f4b71Sopenharmony_ci 3620e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3621e41f4b71Sopenharmony_ci 3622e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3623e41f4b71Sopenharmony_ci 3624e41f4b71Sopenharmony_ci**参数:** 3625e41f4b71Sopenharmony_ci 3626e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3627e41f4b71Sopenharmony_ci| ------ | ---- | ---- | ---------------- | 3628e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 用于Sign的初始化。 | 3629e41f4b71Sopenharmony_ci 3630e41f4b71Sopenharmony_ci**错误码:** 3631e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3632e41f4b71Sopenharmony_ci 3633e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3634e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3635e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3636e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3637e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3638e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3639e41f4b71Sopenharmony_ci 3640e41f4b71Sopenharmony_ci### update 3641e41f4b71Sopenharmony_ci 3642e41f4b71Sopenharmony_ciupdate(data: DataBlob, callback: AsyncCallback\<void>): void 3643e41f4b71Sopenharmony_ci 3644e41f4b71Sopenharmony_ci追加待签名数据,通过注册回调函数完成更新。 3645e41f4b71Sopenharmony_ci 3646e41f4b71Sopenharmony_ci必须在对[Sign](#sign)实例使用[init()](#init-2)初始化后,才能使用本函数。 3647e41f4b71Sopenharmony_ci 3648e41f4b71Sopenharmony_ci> **说明:** 3649e41f4b71Sopenharmony_ci> 3650e41f4b71Sopenharmony_ci> 根据数据量,可以不调用update(即[init](#init-2)完成后直接调用[sign](#sign-1))或多次调用update。<br/> 3651e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的签名操作,采用多次update的方式传入数据,避免一次性申请过大内存。<br/> 3652e41f4b71Sopenharmony_ci> 签名使用多次update操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 3653e41f4b71Sopenharmony_ci> OnlySign模式下,不支持update操作,需要直接使用sign传入数据。<br/> 3654e41f4b71Sopenharmony_ci> 当使用DSA算法进行签名,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 3655e41f4b71Sopenharmony_ci 3656e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3657e41f4b71Sopenharmony_ci 3658e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3659e41f4b71Sopenharmony_ci 3660e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3661e41f4b71Sopenharmony_ci 3662e41f4b71Sopenharmony_ci**参数:** 3663e41f4b71Sopenharmony_ci 3664e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3665e41f4b71Sopenharmony_ci| -------- | --------------------- | ---- | ------------ | 3666e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 3667e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当签名更新成功,err为undefined,否则为错误对象。| 3668e41f4b71Sopenharmony_ci 3669e41f4b71Sopenharmony_ci**错误码:** 3670e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3671e41f4b71Sopenharmony_ci 3672e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3673e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3674e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3675e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3676e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3677e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3678e41f4b71Sopenharmony_ci 3679e41f4b71Sopenharmony_ci### update 3680e41f4b71Sopenharmony_ci 3681e41f4b71Sopenharmony_ciupdate(data: DataBlob): Promise\<void> 3682e41f4b71Sopenharmony_ci 3683e41f4b71Sopenharmony_ci追加待签名数据,通过Promise方式完成更新。 3684e41f4b71Sopenharmony_ci 3685e41f4b71Sopenharmony_ci必须在对[Sign](#sign)实例使用[init()](#init-3)初始化后,才能使用本函数。 3686e41f4b71Sopenharmony_ci 3687e41f4b71Sopenharmony_ci> **说明:** 3688e41f4b71Sopenharmony_ci> 3689e41f4b71Sopenharmony_ci> 根据数据量,可以不调用update(即[init](#init-3)完成后直接调用[sign](#sign-2))或多次调用update。<br/> 3690e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的签名操作,采用多次update的方式传入数据,避免一次性申请过大内存。<br/> 3691e41f4b71Sopenharmony_ci> 签名使用多次update操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 3692e41f4b71Sopenharmony_ci> OnlySign模式下,不支持update操作,需要直接使用sign传入数据。<br/> 3693e41f4b71Sopenharmony_ci> 当使用DSA算法进行签名,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 3694e41f4b71Sopenharmony_ci 3695e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3696e41f4b71Sopenharmony_ci 3697e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3698e41f4b71Sopenharmony_ci 3699e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3700e41f4b71Sopenharmony_ci 3701e41f4b71Sopenharmony_ci**参数:** 3702e41f4b71Sopenharmony_ci 3703e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3704e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 3705e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 3706e41f4b71Sopenharmony_ci 3707e41f4b71Sopenharmony_ci**返回值:** 3708e41f4b71Sopenharmony_ci 3709e41f4b71Sopenharmony_ci| 类型 | 说明 | 3710e41f4b71Sopenharmony_ci| -------------- | ------------- | 3711e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 3712e41f4b71Sopenharmony_ci 3713e41f4b71Sopenharmony_ci**错误码:** 3714e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3715e41f4b71Sopenharmony_ci 3716e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3717e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3718e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3719e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3720e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3721e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3722e41f4b71Sopenharmony_ci 3723e41f4b71Sopenharmony_ci### updateSync<sup>12+</sup> 3724e41f4b71Sopenharmony_ci 3725e41f4b71Sopenharmony_ciupdateSync(data: DataBlob): void 3726e41f4b71Sopenharmony_ci 3727e41f4b71Sopenharmony_ci追加待签名数据,通过同步方式完成更新。 3728e41f4b71Sopenharmony_ci 3729e41f4b71Sopenharmony_ci必须在对[Sign](#sign)实例使用[initSync()](#initsync12-1)初始化后,才能使用本函数。 3730e41f4b71Sopenharmony_ci 3731e41f4b71Sopenharmony_ci> **说明:** 3732e41f4b71Sopenharmony_ci> 3733e41f4b71Sopenharmony_ci> 根据数据量,可以不调用updateSync(即[initSync](#initsync12-1)完成后直接调用[signSync](#signsync12))或多次调用updateSync。<br/> 3734e41f4b71Sopenharmony_ci> 算法库目前没有对updateSync(单次或累计)的数据量设置大小限制,建议对于大数据量的签名操作,采用多次updateSync的方式传入数据,避免一次性申请过大内存。<br/> 3735e41f4b71Sopenharmony_ci> 签名使用多次updateSync操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 3736e41f4b71Sopenharmony_ci> OnlySign模式下,不支持updateSync操作,需要直接使用signSync传入数据。<br/> 3737e41f4b71Sopenharmony_ci> 当使用DSA算法进行签名,并设置了摘要算法为NoHash时,则不支持updateSync操作,updateSync接口会返回错误码ERR_CRYPTO_OPERATION。 3738e41f4b71Sopenharmony_ci 3739e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3740e41f4b71Sopenharmony_ci 3741e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3742e41f4b71Sopenharmony_ci 3743e41f4b71Sopenharmony_ci**参数:** 3744e41f4b71Sopenharmony_ci 3745e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3746e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 3747e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 3748e41f4b71Sopenharmony_ci 3749e41f4b71Sopenharmony_ci**返回值:** 3750e41f4b71Sopenharmony_ci 3751e41f4b71Sopenharmony_ci| 类型 | 说明 | 3752e41f4b71Sopenharmony_ci| -------------- | ------------- | 3753e41f4b71Sopenharmony_ci| void | 无返回结果。 | 3754e41f4b71Sopenharmony_ci 3755e41f4b71Sopenharmony_ci**错误码:** 3756e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3757e41f4b71Sopenharmony_ci 3758e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3759e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3760e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3761e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3762e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3763e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3764e41f4b71Sopenharmony_ci 3765e41f4b71Sopenharmony_ci### sign 3766e41f4b71Sopenharmony_ci 3767e41f4b71Sopenharmony_cisign(data: DataBlob | null, callback: AsyncCallback\<DataBlob>): void 3768e41f4b71Sopenharmony_ci 3769e41f4b71Sopenharmony_ci对数据进行签名,通过注册回调函数获取签名结果。 3770e41f4b71Sopenharmony_ci 3771e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3772e41f4b71Sopenharmony_ci 3773e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3774e41f4b71Sopenharmony_ci 3775e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3776e41f4b71Sopenharmony_ci 3777e41f4b71Sopenharmony_ci**参数:** 3778e41f4b71Sopenharmony_ci 3779e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3780e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ---------- | 3781e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 传入的消息。API 10之前只支持DataBlob, API 10之后增加支持null。 | 3782e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数,用于获取DataBlob数据。 | 3783e41f4b71Sopenharmony_ci 3784e41f4b71Sopenharmony_ci**错误码:** 3785e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3786e41f4b71Sopenharmony_ci 3787e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3788e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3789e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3790e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3791e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3792e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3793e41f4b71Sopenharmony_ci 3794e41f4b71Sopenharmony_ci### sign 3795e41f4b71Sopenharmony_ci 3796e41f4b71Sopenharmony_cisign(data: DataBlob | null): Promise\<DataBlob> 3797e41f4b71Sopenharmony_ci 3798e41f4b71Sopenharmony_ci对数据进行签名,通过Promise方式返回签名结果。 3799e41f4b71Sopenharmony_ci 3800e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3801e41f4b71Sopenharmony_ci 3802e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3803e41f4b71Sopenharmony_ci 3804e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3805e41f4b71Sopenharmony_ci 3806e41f4b71Sopenharmony_ci**参数:** 3807e41f4b71Sopenharmony_ci 3808e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3809e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 3810e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 传入的消息。 | 3811e41f4b71Sopenharmony_ci 3812e41f4b71Sopenharmony_ci**返回值:** 3813e41f4b71Sopenharmony_ci 3814e41f4b71Sopenharmony_ci| 类型 | 说明 | 3815e41f4b71Sopenharmony_ci| -------------- | ------------- | 3816e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | 返回签名结果。 | 3817e41f4b71Sopenharmony_ci 3818e41f4b71Sopenharmony_ci**错误码:** 3819e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3820e41f4b71Sopenharmony_ci 3821e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3822e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3823e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3824e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3825e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3826e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3827e41f4b71Sopenharmony_ci 3828e41f4b71Sopenharmony_ci### signSync<sup>12+</sup> 3829e41f4b71Sopenharmony_ci 3830e41f4b71Sopenharmony_cisignSync(data: DataBlob | null): DataBlob 3831e41f4b71Sopenharmony_ci 3832e41f4b71Sopenharmony_ci对数据进行签名,通过同步方式返回签名结果。 3833e41f4b71Sopenharmony_ci 3834e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3835e41f4b71Sopenharmony_ci 3836e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3837e41f4b71Sopenharmony_ci 3838e41f4b71Sopenharmony_ci**参数:** 3839e41f4b71Sopenharmony_ci 3840e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3841e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 3842e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null | 是 | 传入的消息。 | 3843e41f4b71Sopenharmony_ci 3844e41f4b71Sopenharmony_ci**返回值:** 3845e41f4b71Sopenharmony_ci 3846e41f4b71Sopenharmony_ci| 类型 | 说明 | 3847e41f4b71Sopenharmony_ci| -------------- | ------------- | 3848e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 返回签名结果。 | 3849e41f4b71Sopenharmony_ci 3850e41f4b71Sopenharmony_ci**错误码:** 3851e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3852e41f4b71Sopenharmony_ci 3853e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3854e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3855e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3856e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3857e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 3858e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3859e41f4b71Sopenharmony_ci 3860e41f4b71Sopenharmony_ci**callback示例:** 3861e41f4b71Sopenharmony_ci 3862e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 3863e41f4b71Sopenharmony_ci 3864e41f4b71Sopenharmony_ci```ts 3865e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3866e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3867e41f4b71Sopenharmony_ci 3868e41f4b71Sopenharmony_cifunction signByCallback() { 3869e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 3870e41f4b71Sopenharmony_ci let inputVerify: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 3871e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 3872e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 3873e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pkData }; 3874e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: skData }; 3875e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 3876e41f4b71Sopenharmony_ci let signer = cryptoFramework.createSign('RSA1024|PKCS1|SHA256'); 3877e41f4b71Sopenharmony_ci rsaGenerator.convertKey(pubKeyBlob, priKeyBlob, (err, keyPair) => { 3878e41f4b71Sopenharmony_ci signer.init(keyPair.priKey, err => { 3879e41f4b71Sopenharmony_ci signer.update(inputUpdate, err => { 3880e41f4b71Sopenharmony_ci signer.sign(inputVerify, (err, signData) => { 3881e41f4b71Sopenharmony_ci console.info('sign output is ' + signData.data); 3882e41f4b71Sopenharmony_ci }); 3883e41f4b71Sopenharmony_ci }); 3884e41f4b71Sopenharmony_ci }); 3885e41f4b71Sopenharmony_ci }); 3886e41f4b71Sopenharmony_ci} 3887e41f4b71Sopenharmony_ci``` 3888e41f4b71Sopenharmony_ci 3889e41f4b71Sopenharmony_ci**Promise示例:** 3890e41f4b71Sopenharmony_ci 3891e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 3892e41f4b71Sopenharmony_ci 3893e41f4b71Sopenharmony_ci```ts 3894e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3895e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3896e41f4b71Sopenharmony_ci 3897e41f4b71Sopenharmony_ciasync function genKeyPairByData(pubKeyData: Uint8Array, priKeyData: Uint8Array) { 3898e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyData }; 3899e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: priKeyData }; 3900e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 3901e41f4b71Sopenharmony_ci let keyPair = await rsaGenerator.convertKey(pubKeyBlob, priKeyBlob); 3902e41f4b71Sopenharmony_ci console.info('convertKey success'); 3903e41f4b71Sopenharmony_ci return keyPair; 3904e41f4b71Sopenharmony_ci} 3905e41f4b71Sopenharmony_ci 3906e41f4b71Sopenharmony_ciasync function signByPromise() { 3907e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 3908e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 3909e41f4b71Sopenharmony_ci let keyPair = await genKeyPairByData(pkData, skData); 3910e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 3911e41f4b71Sopenharmony_ci let inputSign: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 3912e41f4b71Sopenharmony_ci let signer = cryptoFramework.createSign('RSA1024|PKCS1|SHA256'); 3913e41f4b71Sopenharmony_ci await signer.init(keyPair.priKey); 3914e41f4b71Sopenharmony_ci await signer.update(inputUpdate); 3915e41f4b71Sopenharmony_ci let signData = await signer.sign(inputSign); 3916e41f4b71Sopenharmony_ci console.info('signData result: ' + signData.data); 3917e41f4b71Sopenharmony_ci} 3918e41f4b71Sopenharmony_ci``` 3919e41f4b71Sopenharmony_ci 3920e41f4b71Sopenharmony_ci**Sync示例:** 3921e41f4b71Sopenharmony_ci 3922e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 3923e41f4b71Sopenharmony_ci 3924e41f4b71Sopenharmony_ci```ts 3925e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3926e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 3927e41f4b71Sopenharmony_ci 3928e41f4b71Sopenharmony_cifunction genKeyPairByData(pubKeyData: Uint8Array, priKeyData: Uint8Array) { 3929e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyData }; 3930e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: priKeyData }; 3931e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 3932e41f4b71Sopenharmony_ci let keyPair = rsaGenerator.convertKeySync(pubKeyBlob, priKeyBlob); 3933e41f4b71Sopenharmony_ci console.info('convertKeySync success'); 3934e41f4b71Sopenharmony_ci return keyPair; 3935e41f4b71Sopenharmony_ci} 3936e41f4b71Sopenharmony_ci 3937e41f4b71Sopenharmony_cifunction signBySync() { 3938e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 3939e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 3940e41f4b71Sopenharmony_ci let keyPair = genKeyPairByData(pkData, skData); 3941e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 3942e41f4b71Sopenharmony_ci let inputSign: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 3943e41f4b71Sopenharmony_ci let signer = cryptoFramework.createSign('RSA1024|PKCS1|SHA256'); 3944e41f4b71Sopenharmony_ci signer.initSync(keyPair.priKey); 3945e41f4b71Sopenharmony_ci signer.updateSync(inputUpdate); 3946e41f4b71Sopenharmony_ci let signData = signer.signSync(inputSign); 3947e41f4b71Sopenharmony_ci console.info('signData result: ' + signData.data); 3948e41f4b71Sopenharmony_ci} 3949e41f4b71Sopenharmony_ci``` 3950e41f4b71Sopenharmony_ci 3951e41f4b71Sopenharmony_ci### setSignSpec<sup>10+</sup> 3952e41f4b71Sopenharmony_ci 3953e41f4b71Sopenharmony_cisetSignSpec(itemType: SignSpecItem, itemValue: number): void 3954e41f4b71Sopenharmony_ci 3955e41f4b71Sopenharmony_cisetSignSpec(itemType: SignSpecItem, itemValue: number \| Uint8Array): void 3956e41f4b71Sopenharmony_ci 3957e41f4b71Sopenharmony_ci设置签名参数。常用的签名参数可以直接通过[createSign](#cryptoframeworkcreatesign) 来指定,剩余参数可以通过本接口指定。 3958e41f4b71Sopenharmony_ci 3959e41f4b71Sopenharmony_ci只支持RSA算法、SM2算法,从API version11开始,支持SM2算法设置签名参数。 3960e41f4b71Sopenharmony_ci 3961e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3962e41f4b71Sopenharmony_ci 3963e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 3964e41f4b71Sopenharmony_ci 3965e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 3966e41f4b71Sopenharmony_ci 3967e41f4b71Sopenharmony_ci**参数:** 3968e41f4b71Sopenharmony_ci 3969e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3970e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ---------- | 3971e41f4b71Sopenharmony_ci| itemType | [SignSpecItem](#signspecitem10) | 是 | 用于指定需要设置的签名参数。 | 3972e41f4b71Sopenharmony_ci| itemValue | number \| Uint8Array<sup>11+</sup> | 是 | 用于指定签名参数的具体值。 | 3973e41f4b71Sopenharmony_ci 3974e41f4b71Sopenharmony_ci**错误码:** 3975e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 3976e41f4b71Sopenharmony_ci 3977e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3978e41f4b71Sopenharmony_ci| -------- | ---------------------- | 3979e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3980e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3981e41f4b71Sopenharmony_ci| 17620001 | memory error. | 3982e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 3983e41f4b71Sopenharmony_ci 3984e41f4b71Sopenharmony_ci**示例:** 3985e41f4b71Sopenharmony_ci 3986e41f4b71Sopenharmony_ci<!--code_no_check--> 3987e41f4b71Sopenharmony_ci```ts 3988e41f4b71Sopenharmony_cilet signer: cryptoFramework.Sign; // The process of generating the Sign instance is omitted here. 3989e41f4b71Sopenharmony_cilet setN = 20; 3990e41f4b71Sopenharmony_cisigner.setSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 3991e41f4b71Sopenharmony_ci``` 3992e41f4b71Sopenharmony_ci 3993e41f4b71Sopenharmony_ci### getSignSpec<sup>10+</sup> 3994e41f4b71Sopenharmony_ci 3995e41f4b71Sopenharmony_cigetSignSpec(itemType: SignSpecItem): string | number 3996e41f4b71Sopenharmony_ci 3997e41f4b71Sopenharmony_ci获取签名参数。当前只支持RSA算法。 3998e41f4b71Sopenharmony_ci 3999e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4000e41f4b71Sopenharmony_ci 4001e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4002e41f4b71Sopenharmony_ci 4003e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4004e41f4b71Sopenharmony_ci 4005e41f4b71Sopenharmony_ci**参数:** 4006e41f4b71Sopenharmony_ci 4007e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4008e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 4009e41f4b71Sopenharmony_ci| itemType | [SignSpecItem](#signspecitem10) | 是 | 用于指定需要获取的签名参数。 | 4010e41f4b71Sopenharmony_ci 4011e41f4b71Sopenharmony_ci**返回值:** 4012e41f4b71Sopenharmony_ci 4013e41f4b71Sopenharmony_ci| 类型 | 说明 | 4014e41f4b71Sopenharmony_ci| -------------- | ----------- | 4015e41f4b71Sopenharmony_ci| string \| number | 获取的签名参数的具体值。 | 4016e41f4b71Sopenharmony_ci 4017e41f4b71Sopenharmony_ci**错误码:** 4018e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4019e41f4b71Sopenharmony_ci 4020e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4021e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4022e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4023e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 4024e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4025e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4026e41f4b71Sopenharmony_ci 4027e41f4b71Sopenharmony_ci**示例:** 4028e41f4b71Sopenharmony_ci 4029e41f4b71Sopenharmony_ci<!--code_no_check--> 4030e41f4b71Sopenharmony_ci```ts 4031e41f4b71Sopenharmony_cilet signer: cryptoFramework.Sign; // The process of generating the Sign instance is omitted here. 4032e41f4b71Sopenharmony_cilet saltLen = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 4033e41f4b71Sopenharmony_ci``` 4034e41f4b71Sopenharmony_ci 4035e41f4b71Sopenharmony_ci## cryptoFramework.createVerify 4036e41f4b71Sopenharmony_ci 4037e41f4b71Sopenharmony_cicreateVerify(algName: string): Verify 4038e41f4b71Sopenharmony_ci 4039e41f4b71Sopenharmony_ciVerify实例生成。 4040e41f4b71Sopenharmony_ci 4041e41f4b71Sopenharmony_ci支持的规格详见[签名验签规格](../../security/CryptoArchitectureKit/crypto-sign-sig-verify-overview.md)。 4042e41f4b71Sopenharmony_ci 4043e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4044e41f4b71Sopenharmony_ci 4045e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4046e41f4b71Sopenharmony_ci 4047e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4048e41f4b71Sopenharmony_ci 4049e41f4b71Sopenharmony_ci**参数:** 4050e41f4b71Sopenharmony_ci 4051e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4052e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 4053e41f4b71Sopenharmony_ci| algName | string | 是 | 指定签名算法:RSA,ECC,DSA,SM2<sup>10+</sup>或ED25519<sup>11+</sup>。使用RSA PKCS1模式时需要设置摘要,使用RSA PSS模式时需要设置摘要和掩码摘要。<br/>使用RSA算法验签时,通过设置Recover参数可支持对签名后数据进行验签恢复。 | 4054e41f4b71Sopenharmony_ci 4055e41f4b71Sopenharmony_ci**返回值**: 4056e41f4b71Sopenharmony_ci 4057e41f4b71Sopenharmony_ci| 类型 | 说明 | 4058e41f4b71Sopenharmony_ci| ------ | ------------------------------------ | 4059e41f4b71Sopenharmony_ci| Verify | 返回由输入算法指定生成的Verify对象。 | 4060e41f4b71Sopenharmony_ci 4061e41f4b71Sopenharmony_ci**错误码:** 4062e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4063e41f4b71Sopenharmony_ci 4064e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4065e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4066e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4067e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 4068e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4069e41f4b71Sopenharmony_ci 4070e41f4b71Sopenharmony_ci**示例:** 4071e41f4b71Sopenharmony_ci 4072e41f4b71Sopenharmony_ci```ts 4073e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4074e41f4b71Sopenharmony_ci 4075e41f4b71Sopenharmony_cilet verifyer1 = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256'); 4076e41f4b71Sopenharmony_ci 4077e41f4b71Sopenharmony_cilet verifyer2 = cryptoFramework.createVerify('RSA1024|PSS|SHA256|MGF1_SHA256'); 4078e41f4b71Sopenharmony_ci 4079e41f4b71Sopenharmony_cilet verifyer3 = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256|Recover'); 4080e41f4b71Sopenharmony_ci``` 4081e41f4b71Sopenharmony_ci 4082e41f4b71Sopenharmony_ci## Verify 4083e41f4b71Sopenharmony_ci 4084e41f4b71Sopenharmony_ciVerify类,使用Verify方法之前需要创建该类的实例进行操作,通过[createVerify(algName: string): Verify](#cryptoframeworkcreateverify)方法构造此实例。按序调用本类中的init、update、verify方法完成签名操作。验签操作的示例代码详见[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 4085e41f4b71Sopenharmony_ci 4086e41f4b71Sopenharmony_ciVerify类不支持重复初始化,当业务方需要使用新密钥验签时,需要重新创建新Verify对象并调用init初始化。 4087e41f4b71Sopenharmony_ci 4088e41f4b71Sopenharmony_ci业务方使用时,在createVerify时确定验签的模式,调用init接口设置密钥。 4089e41f4b71Sopenharmony_ci 4090e41f4b71Sopenharmony_ci当被签名的消息较短时,可在init初始化后,(无需update)直接调用verify接口传入被签名的消息和签名(signatureData)进行验签。 4091e41f4b71Sopenharmony_ci 4092e41f4b71Sopenharmony_ci当被签名的消息较长时,可通过update接口分段传入被签名的消息,最后调用verify接口对消息全文进行验签。verify接口的data入参在API 10之前只支持DataBlob, API 10之后增加支持null。业务方可在循环中调用update接口,循环结束后调用verify传入签名(signatureData)进行验签。 4093e41f4b71Sopenharmony_ci 4094e41f4b71Sopenharmony_ci当使用DSA算法进行验签,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 4095e41f4b71Sopenharmony_ci 4096e41f4b71Sopenharmony_ci### 属性 4097e41f4b71Sopenharmony_ci 4098e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4099e41f4b71Sopenharmony_ci 4100e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4101e41f4b71Sopenharmony_ci 4102e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4103e41f4b71Sopenharmony_ci 4104e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 4105e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 4106e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 验签指定的算法名称。 | 4107e41f4b71Sopenharmony_ci 4108e41f4b71Sopenharmony_ci### init 4109e41f4b71Sopenharmony_ci 4110e41f4b71Sopenharmony_ciinit(pubKey: PubKey, callback: AsyncCallback\<void>): void 4111e41f4b71Sopenharmony_ci 4112e41f4b71Sopenharmony_ci传入公钥初始化Verify对象,通过注册回调函数获取结果。init、update、verify为三段式接口,需要成组使用。其中init和verify必选,update可选。 4113e41f4b71Sopenharmony_ci 4114e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4115e41f4b71Sopenharmony_ci 4116e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4117e41f4b71Sopenharmony_ci 4118e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4119e41f4b71Sopenharmony_ci 4120e41f4b71Sopenharmony_ci**参数:** 4121e41f4b71Sopenharmony_ci 4122e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4123e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ------------------------------ | 4124e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 公钥对象,用于Verify的初始化。 | 4125e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当验签初始化成功,err为undefined,否则为错误对象。 | 4126e41f4b71Sopenharmony_ci 4127e41f4b71Sopenharmony_ci**错误码:** 4128e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4129e41f4b71Sopenharmony_ci 4130e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4131e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4132e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4133e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4134e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4135e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4136e41f4b71Sopenharmony_ci 4137e41f4b71Sopenharmony_ci### init 4138e41f4b71Sopenharmony_ci 4139e41f4b71Sopenharmony_ciinit(pubKey: PubKey): Promise\<void> 4140e41f4b71Sopenharmony_ci 4141e41f4b71Sopenharmony_ci传入公钥初始化Verify对象,通过Promise获取结果。init、update、verify为三段式接口,需要成组使用。其中init和verify必选,update可选。 4142e41f4b71Sopenharmony_ci 4143e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4144e41f4b71Sopenharmony_ci 4145e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4146e41f4b71Sopenharmony_ci 4147e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4148e41f4b71Sopenharmony_ci 4149e41f4b71Sopenharmony_ci**参数:** 4150e41f4b71Sopenharmony_ci 4151e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4152e41f4b71Sopenharmony_ci| ------ | ---- | ---- | ---------------------------- | 4153e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 公钥对象,用于Verify的初始化。 | 4154e41f4b71Sopenharmony_ci 4155e41f4b71Sopenharmony_ci**返回值:** 4156e41f4b71Sopenharmony_ci 4157e41f4b71Sopenharmony_ci| 类型 | 说明 | 4158e41f4b71Sopenharmony_ci| -------------- | ------------- | 4159e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 4160e41f4b71Sopenharmony_ci 4161e41f4b71Sopenharmony_ci**错误码:** 4162e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4163e41f4b71Sopenharmony_ci 4164e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4165e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4166e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4167e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4168e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4169e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4170e41f4b71Sopenharmony_ci 4171e41f4b71Sopenharmony_ci### initSync<sup>12+</sup> 4172e41f4b71Sopenharmony_ci 4173e41f4b71Sopenharmony_ciinitSync(pubKey: PubKey): void 4174e41f4b71Sopenharmony_ci 4175e41f4b71Sopenharmony_ci传入公钥初始化Verify对象,通过同步方式获取结果。initSync、updateSync、verifySync为三段式接口,需要成组使用。其中initSync和verifySync必选,updateSync可选。 4176e41f4b71Sopenharmony_ci 4177e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4178e41f4b71Sopenharmony_ci 4179e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4180e41f4b71Sopenharmony_ci 4181e41f4b71Sopenharmony_ci**参数:** 4182e41f4b71Sopenharmony_ci 4183e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4184e41f4b71Sopenharmony_ci| ------ | ---- | ---- | ---------------------------- | 4185e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 公钥对象,用于Verify的初始化。 | 4186e41f4b71Sopenharmony_ci 4187e41f4b71Sopenharmony_ci**返回值:** 4188e41f4b71Sopenharmony_ci 4189e41f4b71Sopenharmony_ci| 类型 | 说明 | 4190e41f4b71Sopenharmony_ci| -------------- | ------------- | 4191e41f4b71Sopenharmony_ci| void | 无返回结果。 | 4192e41f4b71Sopenharmony_ci 4193e41f4b71Sopenharmony_ci**错误码:** 4194e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4195e41f4b71Sopenharmony_ci 4196e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4197e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4198e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4199e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4200e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4201e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4202e41f4b71Sopenharmony_ci 4203e41f4b71Sopenharmony_ci### update 4204e41f4b71Sopenharmony_ci 4205e41f4b71Sopenharmony_ciupdate(data: DataBlob, callback: AsyncCallback\<void>): void 4206e41f4b71Sopenharmony_ci 4207e41f4b71Sopenharmony_ci追加待验签数据,通过注册回调函数完成更新。 4208e41f4b71Sopenharmony_ci 4209e41f4b71Sopenharmony_ci必须在对[Verify](#verify)实例使用[init()](#init-4)初始化后,才能使用本函数。 4210e41f4b71Sopenharmony_ci 4211e41f4b71Sopenharmony_ci> **说明:** 4212e41f4b71Sopenharmony_ci> 4213e41f4b71Sopenharmony_ci> 根据数据量,可以不调用update(即[init](#init-4)完成后直接调用[verify](#verify-1))或多次调用update。<br/> 4214e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的验签操作,采用多次update的方式传入数据,避免一次性申请过大内存。<br/> 4215e41f4b71Sopenharmony_ci> 验签使用多次update操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 4216e41f4b71Sopenharmony_ci> 当使用DSA算法进行验签,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 4217e41f4b71Sopenharmony_ci 4218e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4219e41f4b71Sopenharmony_ci 4220e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4221e41f4b71Sopenharmony_ci 4222e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4223e41f4b71Sopenharmony_ci 4224e41f4b71Sopenharmony_ci**参数:** 4225e41f4b71Sopenharmony_ci 4226e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4227e41f4b71Sopenharmony_ci| -------- | --------------------- | ---- | ------------ | 4228e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 4229e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当验签更新成功,err为undefined,否则为错误对象。| 4230e41f4b71Sopenharmony_ci 4231e41f4b71Sopenharmony_ci**错误码:** 4232e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4233e41f4b71Sopenharmony_ci 4234e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4235e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4236e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4237e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4238e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4239e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4240e41f4b71Sopenharmony_ci 4241e41f4b71Sopenharmony_ci### update 4242e41f4b71Sopenharmony_ci 4243e41f4b71Sopenharmony_ciupdate(data: DataBlob): Promise\<void> 4244e41f4b71Sopenharmony_ci 4245e41f4b71Sopenharmony_ci追加待验签数据,通过Promise方式完成更新。 4246e41f4b71Sopenharmony_ci 4247e41f4b71Sopenharmony_ci必须在对[Verify](#verify)实例使用[init()](#init-5)初始化后,才能使用本函数。 4248e41f4b71Sopenharmony_ci 4249e41f4b71Sopenharmony_ci> **说明:** 4250e41f4b71Sopenharmony_ci> 4251e41f4b71Sopenharmony_ci> 根据数据量,可以不调用update(即[init](#init-5)完成后直接调用[verify](#verify-2))或多次调用update。<br/> 4252e41f4b71Sopenharmony_ci> 算法库目前没有对update(单次或累计)的数据量设置大小限制,建议对于大数据量的验签操作,采用多次update的方式传入数据,避免一次性申请过大内存。<br/> 4253e41f4b71Sopenharmony_ci> 验签使用多次update操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 4254e41f4b71Sopenharmony_ci> 当使用DSA算法进行验签,并设置了摘要算法为NoHash时,则不支持update操作,update接口会返回错误码ERR_CRYPTO_OPERATION。 4255e41f4b71Sopenharmony_ci 4256e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4257e41f4b71Sopenharmony_ci 4258e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4259e41f4b71Sopenharmony_ci 4260e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4261e41f4b71Sopenharmony_ci 4262e41f4b71Sopenharmony_ci**参数:** 4263e41f4b71Sopenharmony_ci 4264e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4265e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 4266e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 4267e41f4b71Sopenharmony_ci 4268e41f4b71Sopenharmony_ci**返回值:** 4269e41f4b71Sopenharmony_ci 4270e41f4b71Sopenharmony_ci| 类型 | 说明 | 4271e41f4b71Sopenharmony_ci| -------------- | ------------- | 4272e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 4273e41f4b71Sopenharmony_ci 4274e41f4b71Sopenharmony_ci**错误码:** 4275e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4276e41f4b71Sopenharmony_ci 4277e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4278e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4279e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4280e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4281e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4282e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4283e41f4b71Sopenharmony_ci 4284e41f4b71Sopenharmony_ci### updateSync<sup>12+</sup> 4285e41f4b71Sopenharmony_ci 4286e41f4b71Sopenharmony_ciupdateSync(data: DataBlob): void 4287e41f4b71Sopenharmony_ci 4288e41f4b71Sopenharmony_ci追加待验签数据,通过同步方式完成更新。 4289e41f4b71Sopenharmony_ci 4290e41f4b71Sopenharmony_ci必须在对[Verify](#verify)实例使用[initSync()](#initsync12-2)初始化后,才能使用本函数。 4291e41f4b71Sopenharmony_ci 4292e41f4b71Sopenharmony_ci> **说明:** 4293e41f4b71Sopenharmony_ci> 4294e41f4b71Sopenharmony_ci> 根据数据量,可以不调用updateSync(即[initSync](#initsync12-2)完成后直接调用[verifySync](#verifysync12))或多次调用updateSync。<br/> 4295e41f4b71Sopenharmony_ci> 算法库目前没有对updateSync(单次或累计)的数据量设置大小限制,建议对于大数据量的验签操作,采用多次updateSync的方式传入数据,避免一次性申请过大内存。<br/> 4296e41f4b71Sopenharmony_ci> 验签使用多次updateSync操作的示例代码详见[使用RSA密钥对分段签名验签](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1-by-segment.md),其余算法操作类似。<br/> 4297e41f4b71Sopenharmony_ci> 当使用DSA算法进行验签,并设置了摘要算法为NoHash时,则不支持updateSync操作,updateSync接口会返回错误码ERR_CRYPTO_OPERATION。 4298e41f4b71Sopenharmony_ci 4299e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4300e41f4b71Sopenharmony_ci 4301e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4302e41f4b71Sopenharmony_ci 4303e41f4b71Sopenharmony_ci**参数:** 4304e41f4b71Sopenharmony_ci 4305e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4306e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 4307e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) | 是 | 传入的消息。 | 4308e41f4b71Sopenharmony_ci 4309e41f4b71Sopenharmony_ci**返回值:** 4310e41f4b71Sopenharmony_ci 4311e41f4b71Sopenharmony_ci| 类型 | 说明 | 4312e41f4b71Sopenharmony_ci| -------------- | ------------- | 4313e41f4b71Sopenharmony_ci| void | 无返回结果。 | 4314e41f4b71Sopenharmony_ci 4315e41f4b71Sopenharmony_ci**错误码:** 4316e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4317e41f4b71Sopenharmony_ci 4318e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4319e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4320e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4321e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4322e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4323e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4324e41f4b71Sopenharmony_ci 4325e41f4b71Sopenharmony_ci### verify 4326e41f4b71Sopenharmony_ci 4327e41f4b71Sopenharmony_civerify(data: DataBlob | null, signatureData: DataBlob, callback: AsyncCallback\<boolean>): void 4328e41f4b71Sopenharmony_ci 4329e41f4b71Sopenharmony_ci对数据进行验签,通过注册回调函数返回返回验签结果。 4330e41f4b71Sopenharmony_ci 4331e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4332e41f4b71Sopenharmony_ci 4333e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4334e41f4b71Sopenharmony_ci 4335e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4336e41f4b71Sopenharmony_ci 4337e41f4b71Sopenharmony_ci**参数:** 4338e41f4b71Sopenharmony_ci 4339e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4340e41f4b71Sopenharmony_ci| ------------- | -------------------- | ---- | ---------- | 4341e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 传入的消息。API 10之前只支持DataBlob, API 10之后增加支持null。 | 4342e41f4b71Sopenharmony_ci| signatureData | [DataBlob](#datablob) | 是 | 签名数据。 | 4343e41f4b71Sopenharmony_ci| callback | AsyncCallback\<boolean> | 是 | 回调函数,用于获取以boolean值表示的验签结果。 | 4344e41f4b71Sopenharmony_ci 4345e41f4b71Sopenharmony_ci**错误码:** 4346e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4347e41f4b71Sopenharmony_ci 4348e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4349e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4350e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4351e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4352e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4353e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4354e41f4b71Sopenharmony_ci 4355e41f4b71Sopenharmony_ci### verify 4356e41f4b71Sopenharmony_ci 4357e41f4b71Sopenharmony_civerify(data: DataBlob | null, signatureData: DataBlob): Promise\<boolean> 4358e41f4b71Sopenharmony_ci 4359e41f4b71Sopenharmony_ci对数据进行验签,通过Promise返回验签结果。 4360e41f4b71Sopenharmony_ci 4361e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4362e41f4b71Sopenharmony_ci 4363e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4364e41f4b71Sopenharmony_ci 4365e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4366e41f4b71Sopenharmony_ci 4367e41f4b71Sopenharmony_ci**参数:** 4368e41f4b71Sopenharmony_ci 4369e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4370e41f4b71Sopenharmony_ci| ------------- | -------- | ---- | ---------- | 4371e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null<sup>10+</sup> | 是 | 传入的消息。API 10之前只支持DataBlob, API 10之后增加支持null。 | 4372e41f4b71Sopenharmony_ci| signatureData | [DataBlob](#datablob) | 是 | 签名数据。 | 4373e41f4b71Sopenharmony_ci 4374e41f4b71Sopenharmony_ci**返回值:** 4375e41f4b71Sopenharmony_ci 4376e41f4b71Sopenharmony_ci| 类型 | 说明 | 4377e41f4b71Sopenharmony_ci| ----------------- | ------------------------------ | 4378e41f4b71Sopenharmony_ci| Promise\<boolean> | 异步返回值,代表验签是否通过。 | 4379e41f4b71Sopenharmony_ci 4380e41f4b71Sopenharmony_ci**错误码:** 4381e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4382e41f4b71Sopenharmony_ci 4383e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4384e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4385e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4386e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4387e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4388e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4389e41f4b71Sopenharmony_ci 4390e41f4b71Sopenharmony_ci### verifySync<sup>12+</sup> 4391e41f4b71Sopenharmony_ci 4392e41f4b71Sopenharmony_civerifySync(data: DataBlob | null, signatureData: DataBlob): boolean 4393e41f4b71Sopenharmony_ci 4394e41f4b71Sopenharmony_ci对数据进行验签,通过同步方式返回验签结果。 4395e41f4b71Sopenharmony_ci 4396e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4397e41f4b71Sopenharmony_ci 4398e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4399e41f4b71Sopenharmony_ci 4400e41f4b71Sopenharmony_ci**参数:** 4401e41f4b71Sopenharmony_ci 4402e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4403e41f4b71Sopenharmony_ci| ------------- | -------- | ---- | ---------- | 4404e41f4b71Sopenharmony_ci| data | [DataBlob](#datablob) \| null | 是 | 传入的消息。 | 4405e41f4b71Sopenharmony_ci| signatureData | [DataBlob](#datablob) | 是 | 签名数据。 | 4406e41f4b71Sopenharmony_ci 4407e41f4b71Sopenharmony_ci**返回值:** 4408e41f4b71Sopenharmony_ci 4409e41f4b71Sopenharmony_ci| 类型 | 说明 | 4410e41f4b71Sopenharmony_ci| ----------------- | ------------------------------ | 4411e41f4b71Sopenharmony_ci| boolean | 同步返回值,代表验签是否通过。 | 4412e41f4b71Sopenharmony_ci 4413e41f4b71Sopenharmony_ci**错误码:** 4414e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4415e41f4b71Sopenharmony_ci 4416e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4417e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4418e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4419e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4420e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4421e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4422e41f4b71Sopenharmony_ci 4423e41f4b71Sopenharmony_ci**callback示例:** 4424e41f4b71Sopenharmony_ci 4425e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 4426e41f4b71Sopenharmony_ci 4427e41f4b71Sopenharmony_ci```ts 4428e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4429e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 4430e41f4b71Sopenharmony_ci 4431e41f4b71Sopenharmony_cifunction verifyByCallback() { 4432e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 4433e41f4b71Sopenharmony_ci let inputVerify: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 4434e41f4b71Sopenharmony_ci // 根据密钥数据生成的密钥和输入的验签数据,这部分代码Verify与Sign中保持一致,保证验签通过 4435e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 4436e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 4437e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pkData }; 4438e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: skData }; 4439e41f4b71Sopenharmony_ci // 该数据取自Sign中的signData.data 4440e41f4b71Sopenharmony_ci let signMessageBlob: cryptoFramework.DataBlob = { data: new Uint8Array([9, 68, 164, 161, 230, 155, 255, 153, 10, 12, 14, 22, 146, 115, 209, 167, 223, 133, 89, 173, 50, 249, 176, 104, 10, 251, 219, 104, 117, 196, 105, 65, 249, 139, 119, 41, 15, 171, 191, 11, 177, 177, 1, 119, 130, 142, 87, 183, 32, 220, 226, 28, 38, 73, 222, 172, 153, 26, 87, 58, 188, 42, 150, 67, 94, 214, 147, 64, 202, 87, 155, 125, 254, 112, 95, 176, 255, 207, 106, 43, 228, 153, 131, 240, 120, 88, 253, 179, 207, 207, 110, 223, 173, 15, 113, 11, 183, 122, 237, 205, 206, 123, 246, 33, 167, 169, 251, 237, 199, 26, 220, 152, 190, 117, 131, 74, 232, 50, 39, 172, 232, 178, 112, 73, 251, 235, 131, 209]) } 4441e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 4442e41f4b71Sopenharmony_ci let verifyer = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256'); 4443e41f4b71Sopenharmony_ci rsaGenerator.convertKey(pubKeyBlob, priKeyBlob, (err, keyPair) => { 4444e41f4b71Sopenharmony_ci verifyer.init(keyPair.pubKey, err => { 4445e41f4b71Sopenharmony_ci verifyer.update(inputUpdate, err => { 4446e41f4b71Sopenharmony_ci verifyer.verify(inputVerify, signMessageBlob, (err, res) => { 4447e41f4b71Sopenharmony_ci console.info('verify result is ' + res); 4448e41f4b71Sopenharmony_ci }); 4449e41f4b71Sopenharmony_ci }); 4450e41f4b71Sopenharmony_ci }); 4451e41f4b71Sopenharmony_ci }); 4452e41f4b71Sopenharmony_ci} 4453e41f4b71Sopenharmony_ci``` 4454e41f4b71Sopenharmony_ci 4455e41f4b71Sopenharmony_ci**Promise示例:** 4456e41f4b71Sopenharmony_ci 4457e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 4458e41f4b71Sopenharmony_ci 4459e41f4b71Sopenharmony_ci```ts 4460e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4461e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 4462e41f4b71Sopenharmony_ci 4463e41f4b71Sopenharmony_ciasync function genKeyPairByData(pubKeyData: Uint8Array, priKeyData: Uint8Array) { 4464e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyData }; 4465e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: priKeyData }; 4466e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 4467e41f4b71Sopenharmony_ci let keyPair = await rsaGenerator.convertKey(pubKeyBlob, priKeyBlob); 4468e41f4b71Sopenharmony_ci console.info('convertKey success'); 4469e41f4b71Sopenharmony_ci return keyPair; 4470e41f4b71Sopenharmony_ci} 4471e41f4b71Sopenharmony_ci 4472e41f4b71Sopenharmony_ciasync function verifyByPromise() { 4473e41f4b71Sopenharmony_ci // 根据密钥数据生成的密钥和输入的验签数据,这部分代码Verify与Sign中保持一致,保证验签通过 4474e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 4475e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 4476e41f4b71Sopenharmony_ci let keyPair = await genKeyPairByData(pkData, skData); 4477e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 4478e41f4b71Sopenharmony_ci let inputVerify: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 4479e41f4b71Sopenharmony_ci // 该数据取自Sign中的signData.data 4480e41f4b71Sopenharmony_ci let signMessageBlob: cryptoFramework.DataBlob = { data: new Uint8Array([9, 68, 164, 161, 230, 155, 255, 153, 10, 12, 14, 22, 146, 115, 209, 167, 223, 133, 89, 173, 50, 249, 176, 104, 10, 251, 219, 104, 117, 196, 105, 65, 249, 139, 119, 41, 15, 171, 191, 11, 177, 177, 1, 119, 130, 142, 87, 183, 32, 220, 226, 28, 38, 73, 222, 172, 153, 26, 87, 58, 188, 42, 150, 67, 94, 214, 147, 64, 202, 87, 155, 125, 254, 112, 95, 176, 255, 207, 106, 43, 228, 153, 131, 240, 120, 88, 253, 179, 207, 207, 110, 223, 173, 15, 113, 11, 183, 122, 237, 205, 206, 123, 246, 33, 167, 169, 251, 237, 199, 26, 220, 152, 190, 117, 131, 74, 232, 50, 39, 172, 232, 178, 112, 73, 251, 235, 131, 209]) }; 4481e41f4b71Sopenharmony_ci let verifier = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256'); 4482e41f4b71Sopenharmony_ci await verifier.init(keyPair.pubKey); 4483e41f4b71Sopenharmony_ci await verifier.update(inputUpdate); 4484e41f4b71Sopenharmony_ci let res = await verifier.verify(inputVerify, signMessageBlob); 4485e41f4b71Sopenharmony_ci console.info('verify result: ' + res); 4486e41f4b71Sopenharmony_ci} 4487e41f4b71Sopenharmony_ci``` 4488e41f4b71Sopenharmony_ci 4489e41f4b71Sopenharmony_ci**Sync示例:** 4490e41f4b71Sopenharmony_ci 4491e41f4b71Sopenharmony_ci此外,更多签名验签的完整示例可参考[签名验签开发指导](../../security/CryptoArchitectureKit/crypto-rsa-sign-sig-verify-pkcs1.md)。 4492e41f4b71Sopenharmony_ci 4493e41f4b71Sopenharmony_ci```ts 4494e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4495e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 4496e41f4b71Sopenharmony_ci 4497e41f4b71Sopenharmony_cifunction genKeyPairByData(pubKeyData: Uint8Array, priKeyData: Uint8Array) { 4498e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyData }; 4499e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: priKeyData }; 4500e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 4501e41f4b71Sopenharmony_ci let keyPair = rsaGenerator.convertKeySync(pubKeyBlob, priKeyBlob); 4502e41f4b71Sopenharmony_ci console.info('convertKey success'); 4503e41f4b71Sopenharmony_ci return keyPair; 4504e41f4b71Sopenharmony_ci} 4505e41f4b71Sopenharmony_ci 4506e41f4b71Sopenharmony_cifunction verifyBySync() { 4507e41f4b71Sopenharmony_ci // 根据密钥数据生成的密钥和输入的验签数据,这部分代码Verify与Sign中保持一致,保证验签通过 4508e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 4509e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 4510e41f4b71Sopenharmony_ci let keyPair = genKeyPairByData(pkData, skData); 4511e41f4b71Sopenharmony_ci let inputUpdate: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) }; 4512e41f4b71Sopenharmony_ci let inputVerify: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) }; 4513e41f4b71Sopenharmony_ci // 该数据取自Sign中的signData.data 4514e41f4b71Sopenharmony_ci let signMessageBlob: cryptoFramework.DataBlob = { data: new Uint8Array([9, 68, 164, 161, 230, 155, 255, 153, 10, 12, 14, 22, 146, 115, 209, 167, 223, 133, 89, 173, 50, 249, 176, 104, 10, 251, 219, 104, 117, 196, 105, 65, 249, 139, 119, 41, 15, 171, 191, 11, 177, 177, 1, 119, 130, 142, 87, 183, 32, 220, 226, 28, 38, 73, 222, 172, 153, 26, 87, 58, 188, 42, 150, 67, 94, 214, 147, 64, 202, 87, 155, 125, 254, 112, 95, 176, 255, 207, 106, 43, 228, 153, 131, 240, 120, 88, 253, 179, 207, 207, 110, 223, 173, 15, 113, 11, 183, 122, 237, 205, 206, 123, 246, 33, 167, 169, 251, 237, 199, 26, 220, 152, 190, 117, 131, 74, 232, 50, 39, 172, 232, 178, 112, 73, 251, 235, 131, 209]) }; 4515e41f4b71Sopenharmony_ci let verifier = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256'); 4516e41f4b71Sopenharmony_ci verifier.initSync(keyPair.pubKey); 4517e41f4b71Sopenharmony_ci verifier.updateSync(inputUpdate); 4518e41f4b71Sopenharmony_ci let res = verifier.verifySync(inputVerify, signMessageBlob); 4519e41f4b71Sopenharmony_ci console.info('verify result: ' + res); 4520e41f4b71Sopenharmony_ci} 4521e41f4b71Sopenharmony_ci``` 4522e41f4b71Sopenharmony_ci 4523e41f4b71Sopenharmony_ci### recover<sup>12+</sup> 4524e41f4b71Sopenharmony_ci 4525e41f4b71Sopenharmony_cirecover(signatureData: DataBlob): Promise\<DataBlob | null> 4526e41f4b71Sopenharmony_ci 4527e41f4b71Sopenharmony_ci对数据进行签名恢复原始数据,通过Promise返回恢复结果。 4528e41f4b71Sopenharmony_ci 4529e41f4b71Sopenharmony_ci> **说明:** 4530e41f4b71Sopenharmony_ci> 4531e41f4b71Sopenharmony_ci> - 目前仅RSA支持。 4532e41f4b71Sopenharmony_ci 4533e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4534e41f4b71Sopenharmony_ci 4535e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4536e41f4b71Sopenharmony_ci 4537e41f4b71Sopenharmony_ci**参数:** 4538e41f4b71Sopenharmony_ci 4539e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4540e41f4b71Sopenharmony_ci| ------------- | -------- | ---- | ---------- | 4541e41f4b71Sopenharmony_ci| signatureData | [DataBlob](#datablob) | 是 | 签名数据。 | 4542e41f4b71Sopenharmony_ci 4543e41f4b71Sopenharmony_ci**返回值:** 4544e41f4b71Sopenharmony_ci 4545e41f4b71Sopenharmony_ci| 类型 | 说明 | 4546e41f4b71Sopenharmony_ci| ----------------- | ------------------------------ | 4547e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob) \| null> | 验签恢复的数据。 | 4548e41f4b71Sopenharmony_ci 4549e41f4b71Sopenharmony_ci**错误码:** 4550e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4551e41f4b71Sopenharmony_ci 4552e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4553e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4554e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4555e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4556e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4557e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4558e41f4b71Sopenharmony_ci 4559e41f4b71Sopenharmony_ci**示例:** 4560e41f4b71Sopenharmony_ci 4561e41f4b71Sopenharmony_ci```ts 4562e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4563e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 4564e41f4b71Sopenharmony_ci 4565e41f4b71Sopenharmony_ciasync function genKeyPairByData(pubKeyData: Uint8Array, priKeyData: Uint8Array) { 4566e41f4b71Sopenharmony_ci let pubKeyBlob: cryptoFramework.DataBlob = { data: pubKeyData }; 4567e41f4b71Sopenharmony_ci let priKeyBlob: cryptoFramework.DataBlob = { data: priKeyData }; 4568e41f4b71Sopenharmony_ci let rsaGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024'); 4569e41f4b71Sopenharmony_ci let keyPair = await rsaGenerator.convertKey(pubKeyBlob, priKeyBlob); 4570e41f4b71Sopenharmony_ci console.info('convertKey success'); 4571e41f4b71Sopenharmony_ci return keyPair; 4572e41f4b71Sopenharmony_ci} 4573e41f4b71Sopenharmony_ci 4574e41f4b71Sopenharmony_ciasync function recoverByPromise() { 4575e41f4b71Sopenharmony_ci // 根据密钥数据生成的密钥和输入的验签数据,这部分代码Verify与Sign中保持一致,保证验签通过 4576e41f4b71Sopenharmony_ci let pkData = new Uint8Array([48, 129, 159, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 129, 141, 0, 48, 129, 137, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1]); 4577e41f4b71Sopenharmony_ci let skData = new Uint8Array([48, 130, 2, 120, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 4, 130, 2, 98, 48, 130, 2, 94, 2, 1, 0, 2, 129, 129, 0, 214, 179, 23, 198, 183, 139, 148, 8, 173, 74, 56, 160, 15, 248, 244, 166, 209, 250, 142, 74, 216, 58, 117, 215, 178, 247, 254, 39, 180, 227, 85, 201, 59, 133, 209, 221, 26, 9, 116, 31, 172, 151, 252, 185, 123, 20, 25, 7, 92, 129, 5, 196, 239, 214, 126, 254, 154, 188, 239, 144, 161, 171, 65, 42, 31, 214, 93, 115, 247, 69, 94, 143, 54, 51, 25, 49, 146, 204, 205, 165, 20, 120, 35, 184, 190, 65, 106, 12, 214, 176, 57, 125, 235, 51, 88, 135, 76, 73, 109, 112, 147, 138, 198, 252, 5, 20, 245, 51, 7, 32, 108, 89, 125, 204, 50, 189, 88, 254, 255, 146, 244, 244, 149, 79, 54, 216, 45, 89, 2, 3, 1, 0, 1, 2, 129, 129, 0, 152, 111, 145, 203, 10, 88, 116, 163, 112, 126, 9, 20, 68, 34, 235, 121, 98, 14, 182, 102, 151, 125, 114, 91, 210, 122, 215, 29, 212, 5, 176, 203, 238, 146, 5, 190, 41, 21, 91, 56, 125, 239, 111, 133, 53, 200, 192, 56, 132, 202, 42, 145, 120, 3, 224, 40, 223, 46, 148, 29, 41, 92, 17, 40, 12, 72, 165, 69, 192, 211, 142, 233, 81, 202, 177, 235, 156, 27, 179, 48, 18, 85, 154, 101, 193, 45, 218, 91, 24, 143, 196, 248, 16, 83, 177, 198, 136, 77, 111, 134, 60, 219, 95, 246, 23, 5, 45, 14, 83, 29, 137, 248, 159, 28, 132, 142, 205, 99, 226, 213, 84, 232, 57, 130, 156, 81, 191, 237, 2, 65, 0, 255, 158, 212, 13, 43, 132, 244, 135, 148, 161, 232, 219, 20, 81, 196, 102, 103, 44, 110, 71, 100, 62, 73, 200, 32, 138, 114, 209, 171, 150, 179, 92, 198, 5, 190, 218, 79, 227, 227, 37, 32, 57, 159, 252, 107, 211, 139, 198, 202, 248, 137, 143, 186, 205, 106, 81, 85, 207, 134, 148, 110, 204, 243, 27, 2, 65, 0, 215, 4, 181, 121, 57, 224, 170, 168, 183, 159, 152, 8, 74, 233, 80, 244, 146, 81, 48, 159, 194, 199, 36, 187, 6, 181, 182, 223, 115, 133, 151, 171, 78, 219, 90, 161, 248, 69, 6, 207, 173, 3, 81, 161, 2, 60, 238, 204, 177, 12, 138, 17, 220, 179, 71, 113, 200, 248, 159, 153, 252, 150, 180, 155, 2, 65, 0, 190, 202, 185, 211, 170, 171, 238, 40, 84, 84, 21, 13, 144, 57, 7, 178, 183, 71, 126, 120, 98, 229, 235, 4, 40, 229, 173, 149, 185, 209, 29, 199, 29, 54, 164, 161, 38, 8, 30, 62, 83, 179, 47, 42, 165, 0, 156, 207, 160, 39, 169, 229, 81, 180, 136, 170, 116, 182, 20, 233, 45, 90, 100, 9, 2, 65, 0, 152, 255, 47, 198, 15, 201, 238, 133, 89, 11, 133, 153, 184, 252, 37, 239, 177, 65, 118, 80, 231, 190, 222, 66, 250, 118, 72, 166, 221, 67, 156, 245, 119, 138, 28, 6, 142, 107, 71, 122, 116, 200, 156, 199, 237, 152, 191, 239, 4, 184, 64, 114, 143, 81, 62, 48, 23, 233, 217, 95, 47, 221, 104, 171, 2, 64, 30, 219, 1, 230, 241, 70, 246, 243, 121, 174, 67, 66, 11, 99, 202, 17, 52, 234, 78, 29, 3, 57, 51, 123, 149, 86, 64, 192, 73, 199, 108, 101, 55, 232, 41, 114, 153, 237, 253, 52, 205, 148, 45, 86, 186, 241, 182, 183, 42, 77, 252, 195, 29, 158, 173, 3, 182, 207, 254, 61, 71, 184, 167, 184]); 4578e41f4b71Sopenharmony_ci let keyPair = await genKeyPairByData(pkData, skData); 4579e41f4b71Sopenharmony_ci // 该数据取自Sign中的signData.data 4580e41f4b71Sopenharmony_ci let signMessageBlob: cryptoFramework.DataBlob = { data: new Uint8Array([9, 68, 164, 161, 230, 155, 255, 153, 10, 12, 14, 22, 146, 115, 209, 167, 223, 133, 89, 173, 50, 249, 176, 104, 10, 251, 219, 104, 117, 196, 105, 65, 249, 139, 119, 41, 15, 171, 191, 11, 177, 177, 1, 119, 130, 142, 87, 183, 32, 220, 226, 28, 38, 73, 222, 172, 153, 26, 87, 58, 188, 42, 150, 67, 94, 214, 147, 64, 202, 87, 155, 125, 254, 112, 95, 176, 255, 207, 106, 43, 228, 153, 131, 240, 120, 88, 253, 179, 207, 207, 110, 223, 173, 15, 113, 11, 183, 122, 237, 205, 206, 123, 246, 33, 167, 169, 251, 237, 199, 26, 220, 152, 190, 117, 131, 74, 232, 50, 39, 172, 232, 178, 112, 73, 251, 235, 131, 209]) }; 4581e41f4b71Sopenharmony_ci let verifier = cryptoFramework.createVerify('RSA1024|PKCS1|SHA256|Recover'); 4582e41f4b71Sopenharmony_ci await verifier.init(keyPair.pubKey); 4583e41f4b71Sopenharmony_ci try { 4584e41f4b71Sopenharmony_ci let rawSignData = await verifier.recover(signMessageBlob); 4585e41f4b71Sopenharmony_ci if (rawSignData != null) { 4586e41f4b71Sopenharmony_ci console.info('[Promise]: recover result: ' + rawSignData.data); 4587e41f4b71Sopenharmony_ci } else { 4588e41f4b71Sopenharmony_ci console.error("[Promise]: get verify recover result fail!"); 4589e41f4b71Sopenharmony_ci } 4590e41f4b71Sopenharmony_ci } catch (error) { 4591e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4592e41f4b71Sopenharmony_ci console.error(`promise error, ${e.code}, ${e.message}`); 4593e41f4b71Sopenharmony_ci } 4594e41f4b71Sopenharmony_ci} 4595e41f4b71Sopenharmony_ci``` 4596e41f4b71Sopenharmony_ci 4597e41f4b71Sopenharmony_ci### recoverSync<sup>12+</sup> 4598e41f4b71Sopenharmony_ci 4599e41f4b71Sopenharmony_cirecoverSync(signatureData: DataBlob): DataBlob | null 4600e41f4b71Sopenharmony_ci 4601e41f4b71Sopenharmony_ci对数据进行签名恢复原始数据。 4602e41f4b71Sopenharmony_ci 4603e41f4b71Sopenharmony_ci> **说明:** 4604e41f4b71Sopenharmony_ci> 4605e41f4b71Sopenharmony_ci> - 目前仅RSA支持。 4606e41f4b71Sopenharmony_ci 4607e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4608e41f4b71Sopenharmony_ci 4609e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4610e41f4b71Sopenharmony_ci 4611e41f4b71Sopenharmony_ci**参数:** 4612e41f4b71Sopenharmony_ci 4613e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4614e41f4b71Sopenharmony_ci| ------------- | -------- | ---- | ---------- | 4615e41f4b71Sopenharmony_ci| signatureData | [DataBlob](#datablob) | 是 | 签名数据。 | 4616e41f4b71Sopenharmony_ci 4617e41f4b71Sopenharmony_ci**返回值:** 4618e41f4b71Sopenharmony_ci 4619e41f4b71Sopenharmony_ci| 类型 | 说明 | 4620e41f4b71Sopenharmony_ci| ----------------- | ------------------------------ | 4621e41f4b71Sopenharmony_ci| [DataBlob](#datablob) \| null | 验签恢复的数据。 | 4622e41f4b71Sopenharmony_ci 4623e41f4b71Sopenharmony_ci**错误码:** 4624e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4625e41f4b71Sopenharmony_ci 4626e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4627e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4628e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4629e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4630e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4631e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4632e41f4b71Sopenharmony_ci 4633e41f4b71Sopenharmony_ci### setVerifySpec<sup>10+</sup> 4634e41f4b71Sopenharmony_ci 4635e41f4b71Sopenharmony_cisetVerifySpec(itemType: SignSpecItem, itemValue: number): void 4636e41f4b71Sopenharmony_ci 4637e41f4b71Sopenharmony_cisetVerifySpec(itemType: SignSpecItem, itemValue: number \| Uint8Array): void 4638e41f4b71Sopenharmony_ci 4639e41f4b71Sopenharmony_ci设置验签参数。常用的签名参数可以直接通过[createVerify](#cryptoframeworkcreateverify) 来指定,剩余参数可以通过本接口指定。 4640e41f4b71Sopenharmony_ci 4641e41f4b71Sopenharmony_ci只支持RSA算法、SM2算法,从API version 11开始,支持SM2算法设置验签参数。 4642e41f4b71Sopenharmony_ci 4643e41f4b71Sopenharmony_ci验签的参数应当与签名的参数保持一致。 4644e41f4b71Sopenharmony_ci 4645e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4646e41f4b71Sopenharmony_ci 4647e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4648e41f4b71Sopenharmony_ci 4649e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4650e41f4b71Sopenharmony_ci 4651e41f4b71Sopenharmony_ci**参数:** 4652e41f4b71Sopenharmony_ci 4653e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4654e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ---------- | 4655e41f4b71Sopenharmony_ci| itemType | [SignSpecItem](#signspecitem10) | 是 | 用于指定需要设置的验签参数。 | 4656e41f4b71Sopenharmony_ci| itemValue | number \| Uint8Array<sup>11+</sup> | 是 | 用于指定验签参数的具体值。 | 4657e41f4b71Sopenharmony_ci 4658e41f4b71Sopenharmony_ci**错误码:** 4659e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4660e41f4b71Sopenharmony_ci 4661e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4662e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4663e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4664e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 4665e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4666e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4667e41f4b71Sopenharmony_ci 4668e41f4b71Sopenharmony_ci**示例:** 4669e41f4b71Sopenharmony_ci 4670e41f4b71Sopenharmony_ci<!--code_no_check--> 4671e41f4b71Sopenharmony_ci```ts 4672e41f4b71Sopenharmony_cilet verifyer: cryptoFramework.Verify; // The process of generating the Verify instance is omitted here. 4673e41f4b71Sopenharmony_cilet setN = 20; 4674e41f4b71Sopenharmony_civerifyer.setVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 4675e41f4b71Sopenharmony_ci``` 4676e41f4b71Sopenharmony_ci 4677e41f4b71Sopenharmony_ci### getVerifySpec<sup>10+</sup> 4678e41f4b71Sopenharmony_ci 4679e41f4b71Sopenharmony_cigetVerifySpec(itemType: SignSpecItem): string | number 4680e41f4b71Sopenharmony_ci 4681e41f4b71Sopenharmony_ci获取验签参数。当前只支持RSA算法。 4682e41f4b71Sopenharmony_ci 4683e41f4b71Sopenharmony_ci验签的参数应当与签名的参数保持一致。 4684e41f4b71Sopenharmony_ci 4685e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4686e41f4b71Sopenharmony_ci 4687e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Signature 4688e41f4b71Sopenharmony_ci 4689e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Signature 4690e41f4b71Sopenharmony_ci 4691e41f4b71Sopenharmony_ci**参数:** 4692e41f4b71Sopenharmony_ci 4693e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4694e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 4695e41f4b71Sopenharmony_ci| itemType | [SignSpecItem](#signspecitem10) | 是 | 用于指定需要获取的验签参数。 | 4696e41f4b71Sopenharmony_ci 4697e41f4b71Sopenharmony_ci**返回值:** 4698e41f4b71Sopenharmony_ci 4699e41f4b71Sopenharmony_ci| 类型 | 说明 | 4700e41f4b71Sopenharmony_ci| -------------- | ----------- | 4701e41f4b71Sopenharmony_ci| string \| number | 获取的验签参数的具体值。 | 4702e41f4b71Sopenharmony_ci 4703e41f4b71Sopenharmony_ci**错误码:** 4704e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4705e41f4b71Sopenharmony_ci 4706e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4707e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4708e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4709e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 4710e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4711e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4712e41f4b71Sopenharmony_ci 4713e41f4b71Sopenharmony_ci**示例:** 4714e41f4b71Sopenharmony_ci 4715e41f4b71Sopenharmony_ci<!--code_no_check--> 4716e41f4b71Sopenharmony_ci```ts 4717e41f4b71Sopenharmony_cilet verifyer: cryptoFramework.Verify; // The process of generating the Verify instance is omitted here. 4718e41f4b71Sopenharmony_cilet saltLen = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 4719e41f4b71Sopenharmony_ci``` 4720e41f4b71Sopenharmony_ci 4721e41f4b71Sopenharmony_ci## cryptoFramework.createKeyAgreement 4722e41f4b71Sopenharmony_ci 4723e41f4b71Sopenharmony_cicreateKeyAgreement(algName: string): KeyAgreement 4724e41f4b71Sopenharmony_ci 4725e41f4b71Sopenharmony_ciKeyAgreement实例生成。 4726e41f4b71Sopenharmony_ci 4727e41f4b71Sopenharmony_ci支持的规格详见[密钥协商规格](../../security/CryptoArchitectureKit/crypto-key-agreement-overview.md)。 4728e41f4b71Sopenharmony_ci 4729e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4730e41f4b71Sopenharmony_ci 4731e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.KeyAgreement 4732e41f4b71Sopenharmony_ci 4733e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.KeyAgreement 4734e41f4b71Sopenharmony_ci 4735e41f4b71Sopenharmony_ci**参数:** 4736e41f4b71Sopenharmony_ci 4737e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4738e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 4739e41f4b71Sopenharmony_ci| algName | string | 是 | 指定密钥协商算法:目前仅支持ECC,从API version 11开始,增加支持X25519和DH。 | 4740e41f4b71Sopenharmony_ci 4741e41f4b71Sopenharmony_ci**返回值**: 4742e41f4b71Sopenharmony_ci 4743e41f4b71Sopenharmony_ci| 类型 | 说明 | 4744e41f4b71Sopenharmony_ci| ------------ | ------------------------------------------ | 4745e41f4b71Sopenharmony_ci| KeyAgreement | 返回由输入算法指定生成的KeyAgreement对象。 | 4746e41f4b71Sopenharmony_ci 4747e41f4b71Sopenharmony_ci**错误码:** 4748e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4749e41f4b71Sopenharmony_ci 4750e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4751e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4752e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4753e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 4754e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4755e41f4b71Sopenharmony_ci 4756e41f4b71Sopenharmony_ci**示例:** 4757e41f4b71Sopenharmony_ci 4758e41f4b71Sopenharmony_ci```ts 4759e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4760e41f4b71Sopenharmony_ci 4761e41f4b71Sopenharmony_cilet keyAgreement = cryptoFramework.createKeyAgreement('ECC256'); 4762e41f4b71Sopenharmony_ci``` 4763e41f4b71Sopenharmony_ci 4764e41f4b71Sopenharmony_ci## KeyAgreement 4765e41f4b71Sopenharmony_ci 4766e41f4b71Sopenharmony_ciKeyAgreement类,使用密钥协商方法之前需要创建该类的实例进行操作,通过[createKeyAgreement(algName: string): KeyAgreement](#cryptoframeworkcreatekeyagreement)方法构造此实例。 4767e41f4b71Sopenharmony_ci 4768e41f4b71Sopenharmony_ci### 属性 4769e41f4b71Sopenharmony_ci 4770e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4771e41f4b71Sopenharmony_ci 4772e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.KeyAgreement 4773e41f4b71Sopenharmony_ci 4774e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.KeyAgreement 4775e41f4b71Sopenharmony_ci 4776e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 4777e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 4778e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 密钥协商指定的算法名称。 | 4779e41f4b71Sopenharmony_ci 4780e41f4b71Sopenharmony_ci### generateSecret 4781e41f4b71Sopenharmony_ci 4782e41f4b71Sopenharmony_cigenerateSecret(priKey: PriKey, pubKey: PubKey, callback: AsyncCallback\<DataBlob>): void 4783e41f4b71Sopenharmony_ci 4784e41f4b71Sopenharmony_ci基于传入的私钥与公钥进行密钥协商,通过注册回调函数返回共享密钥。 4785e41f4b71Sopenharmony_ci 4786e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4787e41f4b71Sopenharmony_ci 4788e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.KeyAgreement 4789e41f4b71Sopenharmony_ci 4790e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.KeyAgreement 4791e41f4b71Sopenharmony_ci 4792e41f4b71Sopenharmony_ci**参数:** 4793e41f4b71Sopenharmony_ci 4794e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4795e41f4b71Sopenharmony_ci| -------- | ------------------------ | ---- | ---------------------- | 4796e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 设置密钥协商的私钥输入。 | 4797e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 设置密钥协商的公钥输入。 | 4798e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 异步接受共享密钥的回调。 | 4799e41f4b71Sopenharmony_ci 4800e41f4b71Sopenharmony_ci**错误码:** 4801e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4802e41f4b71Sopenharmony_ci 4803e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4804e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4805e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4806e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4807e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4808e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4809e41f4b71Sopenharmony_ci 4810e41f4b71Sopenharmony_ci### generateSecret 4811e41f4b71Sopenharmony_ci 4812e41f4b71Sopenharmony_cigenerateSecret(priKey: PriKey, pubKey: PubKey): Promise\<DataBlob> 4813e41f4b71Sopenharmony_ci 4814e41f4b71Sopenharmony_ci基于传入的私钥与公钥进行密钥协商,通过Promise返回共享密钥。 4815e41f4b71Sopenharmony_ci 4816e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4817e41f4b71Sopenharmony_ci 4818e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.KeyAgreement 4819e41f4b71Sopenharmony_ci 4820e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.KeyAgreement 4821e41f4b71Sopenharmony_ci 4822e41f4b71Sopenharmony_ci**参数:** 4823e41f4b71Sopenharmony_ci 4824e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4825e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ---------------------- | 4826e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 设置密钥协商的私钥输入。 | 4827e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 设置密钥协商的公钥输入。 | 4828e41f4b71Sopenharmony_ci 4829e41f4b71Sopenharmony_ci**返回值:** 4830e41f4b71Sopenharmony_ci 4831e41f4b71Sopenharmony_ci| 类型 | 说明 | 4832e41f4b71Sopenharmony_ci| ------------------ | -------- | 4833e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | 共享密钥。 | 4834e41f4b71Sopenharmony_ci 4835e41f4b71Sopenharmony_ci**错误码:** 4836e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4837e41f4b71Sopenharmony_ci 4838e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4839e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4840e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4841e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4842e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4843e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4844e41f4b71Sopenharmony_ci 4845e41f4b71Sopenharmony_ci### generateSecretSync<sup>12+</sup> 4846e41f4b71Sopenharmony_ci 4847e41f4b71Sopenharmony_cigenerateSecretSync(priKey: PriKey, pubKey: PubKey): DataBlob 4848e41f4b71Sopenharmony_ci 4849e41f4b71Sopenharmony_ci基于传入的私钥与公钥进行密钥协商,通过同步返回共享密钥。 4850e41f4b71Sopenharmony_ci 4851e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4852e41f4b71Sopenharmony_ci 4853e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.KeyAgreement 4854e41f4b71Sopenharmony_ci 4855e41f4b71Sopenharmony_ci**参数:** 4856e41f4b71Sopenharmony_ci 4857e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4858e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ---------------------- | 4859e41f4b71Sopenharmony_ci| priKey | [PriKey](#prikey) | 是 | 设置密钥协商的私钥输入。 | 4860e41f4b71Sopenharmony_ci| pubKey | [PubKey](#pubkey) | 是 | 设置密钥协商的公钥输入。 | 4861e41f4b71Sopenharmony_ci 4862e41f4b71Sopenharmony_ci**返回值:** 4863e41f4b71Sopenharmony_ci 4864e41f4b71Sopenharmony_ci| 类型 | 说明 | 4865e41f4b71Sopenharmony_ci| ------------------ | -------- | 4866e41f4b71Sopenharmony_ci|[DataBlob](#datablob) | 共享密钥。 | 4867e41f4b71Sopenharmony_ci 4868e41f4b71Sopenharmony_ci**错误码:** 4869e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4870e41f4b71Sopenharmony_ci 4871e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4872e41f4b71Sopenharmony_ci| -------- | ---------------------- | 4873e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4874e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4875e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 4876e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 4877e41f4b71Sopenharmony_ci 4878e41f4b71Sopenharmony_ci**callback示例:** 4879e41f4b71Sopenharmony_ci 4880e41f4b71Sopenharmony_ci<!--code_no_check--> 4881e41f4b71Sopenharmony_ci```ts 4882e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4883e41f4b71Sopenharmony_ci 4884e41f4b71Sopenharmony_cilet globalKeyPair: cryptoFramework.KeyPair; // globalKeyPair is an asymmetric key object generated by the asymmetric key generator. The generation process is omitted here. 4885e41f4b71Sopenharmony_cilet keyAgreement = cryptoFramework.createKeyAgreement('ECC256'); 4886e41f4b71Sopenharmony_cikeyAgreement.generateSecret(globalKeyPair.priKey, globalKeyPair.pubKey, (err, secret) => { 4887e41f4b71Sopenharmony_ci if (err) { 4888e41f4b71Sopenharmony_ci console.error("keyAgreement error."); 4889e41f4b71Sopenharmony_ci return; 4890e41f4b71Sopenharmony_ci } 4891e41f4b71Sopenharmony_ci console.info('keyAgreement output is ' + secret.data); 4892e41f4b71Sopenharmony_ci}); 4893e41f4b71Sopenharmony_ci``` 4894e41f4b71Sopenharmony_ci 4895e41f4b71Sopenharmony_ci**Promise示例:** 4896e41f4b71Sopenharmony_ci 4897e41f4b71Sopenharmony_ci<!--code_no_check--> 4898e41f4b71Sopenharmony_ci```ts 4899e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4900e41f4b71Sopenharmony_ci 4901e41f4b71Sopenharmony_cilet globalKeyPair: cryptoFramework.KeyPair; // globalKeyPair is an asymmetric key object generated by the asymmetric key generator. The generation process is omitted here. 4902e41f4b71Sopenharmony_cilet keyAgreement = cryptoFramework.createKeyAgreement('ECC256'); 4903e41f4b71Sopenharmony_cilet keyAgreementPromise = keyAgreement.generateSecret(globalKeyPair.priKey, globalKeyPair.pubKey); 4904e41f4b71Sopenharmony_cikeyAgreementPromise.then(secret => { 4905e41f4b71Sopenharmony_ci console.info('keyAgreement output is ' + secret.data); 4906e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 4907e41f4b71Sopenharmony_ci console.error("keyAgreement error."); 4908e41f4b71Sopenharmony_ci}); 4909e41f4b71Sopenharmony_ci``` 4910e41f4b71Sopenharmony_ci 4911e41f4b71Sopenharmony_ci**Sync示例:** 4912e41f4b71Sopenharmony_ci 4913e41f4b71Sopenharmony_ci<!--code_no_check--> 4914e41f4b71Sopenharmony_ci```ts 4915e41f4b71Sopenharmony_cilet asyGenerator = cryptoFramework.CreateAsyKeyGenerator("ECC256"); 4916e41f4b71Sopenharmony_cilet globalKeyPair = asyGenerator.generateKeyPairSync(); 4917e41f4b71Sopenharmony_cilet keyAgreement = cryptoFramework.createKeyAgreement('ECC256'); 4918e41f4b71Sopenharmony_cilet secret = keyAgreement.generateSecretSync(globalKeyPair.priKey, globalKeyPair.pubKey); 4919e41f4b71Sopenharmony_ciconsole.info("[Sync]keyAgreement output is " + secret.data); 4920e41f4b71Sopenharmony_ci``` 4921e41f4b71Sopenharmony_ci 4922e41f4b71Sopenharmony_ci## cryptoFramework.createMd 4923e41f4b71Sopenharmony_ci 4924e41f4b71Sopenharmony_cicreateMd(algName: string): Md 4925e41f4b71Sopenharmony_ci 4926e41f4b71Sopenharmony_ci生成Md实例,用于进行消息摘要的计算与操作。 4927e41f4b71Sopenharmony_ci 4928e41f4b71Sopenharmony_ci支持的规格详见[MD消息摘要算法规格](../../security/CryptoArchitectureKit/crypto-generate-message-digest.md#支持的算法与规格)。 4929e41f4b71Sopenharmony_ci 4930e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4931e41f4b71Sopenharmony_ci 4932e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 4933e41f4b71Sopenharmony_ci 4934e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 4935e41f4b71Sopenharmony_ci 4936e41f4b71Sopenharmony_ci**参数:** 4937e41f4b71Sopenharmony_ci 4938e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4939e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 4940e41f4b71Sopenharmony_ci| algName | string | 是 | 指定摘要算法,支持算法请参考[MD消息摘要算法规格](../../security/CryptoArchitectureKit/crypto-generate-message-digest.md#支持的算法与规格)。 | 4941e41f4b71Sopenharmony_ci 4942e41f4b71Sopenharmony_ci**返回值**: 4943e41f4b71Sopenharmony_ci 4944e41f4b71Sopenharmony_ci| 类型 | 说明 | 4945e41f4b71Sopenharmony_ci| ---- | --------------------------------------- | 4946e41f4b71Sopenharmony_ci| Md | 返回由输入算法指定生成的[Md](#md)对象。 | 4947e41f4b71Sopenharmony_ci 4948e41f4b71Sopenharmony_ci**错误码:** 4949e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 4950e41f4b71Sopenharmony_ci 4951e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4952e41f4b71Sopenharmony_ci| -------- | ------------------ | 4953e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4954e41f4b71Sopenharmony_ci| 17620001 | memory error. | 4955e41f4b71Sopenharmony_ci 4956e41f4b71Sopenharmony_ci**示例:** 4957e41f4b71Sopenharmony_ci 4958e41f4b71Sopenharmony_ci```ts 4959e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 4960e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4961e41f4b71Sopenharmony_ci 4962e41f4b71Sopenharmony_citry { 4963e41f4b71Sopenharmony_ci // Set algName based on the algorithm supported. 4964e41f4b71Sopenharmony_ci let md = cryptoFramework.createMd('SHA256'); 4965e41f4b71Sopenharmony_ci} catch (error) { 4966e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4967e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 4968e41f4b71Sopenharmony_ci} 4969e41f4b71Sopenharmony_ci``` 4970e41f4b71Sopenharmony_ci 4971e41f4b71Sopenharmony_ci## Md 4972e41f4b71Sopenharmony_ci 4973e41f4b71Sopenharmony_ciMd类,调用Md方法可以进行MD(Message Digest)摘要计算。调用前,需要通过[createMd](#cryptoframeworkcreatemd)构造Md实例。 4974e41f4b71Sopenharmony_ci 4975e41f4b71Sopenharmony_ci### 属性 4976e41f4b71Sopenharmony_ci 4977e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 4978e41f4b71Sopenharmony_ci 4979e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 4980e41f4b71Sopenharmony_ci 4981e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 4982e41f4b71Sopenharmony_ci 4983e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 4984e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------- | 4985e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 代表指定的摘要算法名。 | 4986e41f4b71Sopenharmony_ci 4987e41f4b71Sopenharmony_ci### update 4988e41f4b71Sopenharmony_ci 4989e41f4b71Sopenharmony_ciupdate(input: DataBlob, callback: AsyncCallback\<void>): void 4990e41f4b71Sopenharmony_ci 4991e41f4b71Sopenharmony_ci传入消息进行Md更新计算,通过注册回调函数更新。update和digest为两段式接口,需要成组使用。其中digest必选,update可选。 4992e41f4b71Sopenharmony_ci 4993e41f4b71Sopenharmony_ci> **说明:** 4994e41f4b71Sopenharmony_ci> 4995e41f4b71Sopenharmony_ci> - Md算法多次调用update更新的代码示例详见开发指导[消息摘要计算](../../security/CryptoArchitectureKit/crypto-generate-message-digest.md#分段摘要算法)。 4996e41f4b71Sopenharmony_ci> 4997e41f4b71Sopenharmony_ci> - 该接口不支持轻量级智能穿戴。 4998e41f4b71Sopenharmony_ci 4999e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5000e41f4b71Sopenharmony_ci 5001e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5002e41f4b71Sopenharmony_ci 5003e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 5004e41f4b71Sopenharmony_ci 5005e41f4b71Sopenharmony_ci**参数:** 5006e41f4b71Sopenharmony_ci 5007e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5008e41f4b71Sopenharmony_ci| -------- | --------------------- | ---- | ------------ | 5009e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5010e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当摘要更新成功,err为undefined,否则为错误对象。 | 5011e41f4b71Sopenharmony_ci 5012e41f4b71Sopenharmony_ci**错误码:** 5013e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5014e41f4b71Sopenharmony_ci 5015e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5016e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5017e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5018e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5019e41f4b71Sopenharmony_ci 5020e41f4b71Sopenharmony_ci### update 5021e41f4b71Sopenharmony_ci 5022e41f4b71Sopenharmony_ciupdate(input: DataBlob): Promise\<void> 5023e41f4b71Sopenharmony_ci 5024e41f4b71Sopenharmony_ci传入消息进行Md更新计算,通过Promise更新。update和digest为两段式接口,需要成组使用。其中digest必选,update可选。 5025e41f4b71Sopenharmony_ci 5026e41f4b71Sopenharmony_ci> **说明:** 5027e41f4b71Sopenharmony_ci> 5028e41f4b71Sopenharmony_ci> - Md算法多次调用update更新的代码示例详见开发指导[消息摘要计算](../../security/CryptoArchitectureKit/crypto-generate-message-digest.md#分段摘要算法)。 5029e41f4b71Sopenharmony_ci> 5030e41f4b71Sopenharmony_ci> - 该接口不支持轻量级智能穿戴。 5031e41f4b71Sopenharmony_ci 5032e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5033e41f4b71Sopenharmony_ci 5034e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5035e41f4b71Sopenharmony_ci 5036e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 5037e41f4b71Sopenharmony_ci 5038e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5039e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ------------ | 5040e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5041e41f4b71Sopenharmony_ci 5042e41f4b71Sopenharmony_ci**返回值:** 5043e41f4b71Sopenharmony_ci 5044e41f4b71Sopenharmony_ci| 类型 | 说明 | 5045e41f4b71Sopenharmony_ci| -------------- | ------------- | 5046e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 5047e41f4b71Sopenharmony_ci 5048e41f4b71Sopenharmony_ci**错误码:** 5049e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5050e41f4b71Sopenharmony_ci 5051e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5052e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5053e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5054e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5055e41f4b71Sopenharmony_ci 5056e41f4b71Sopenharmony_ci### updateSync<sup>12+</sup> 5057e41f4b71Sopenharmony_ci 5058e41f4b71Sopenharmony_ciupdateSync(input: DataBlob): void 5059e41f4b71Sopenharmony_ci 5060e41f4b71Sopenharmony_ci传入消息进行Md更新计算,通过同步方式更新。updateSync和digestSync为两段式接口,需要成组使用。其中digestSync必选,updateSync可选。 5061e41f4b71Sopenharmony_ci 5062e41f4b71Sopenharmony_ci> **说明:** 5063e41f4b71Sopenharmony_ci> 5064e41f4b71Sopenharmony_ci> Md算法多次调用updateSync更新的代码示例详见开发指导[消息摘要计算](../../security/CryptoArchitectureKit/crypto-generate-message-digest.md#分段摘要算法)。 5065e41f4b71Sopenharmony_ci 5066e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5067e41f4b71Sopenharmony_ci 5068e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5069e41f4b71Sopenharmony_ci 5070e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5071e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ------------ | 5072e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5073e41f4b71Sopenharmony_ci 5074e41f4b71Sopenharmony_ci**返回值:** 5075e41f4b71Sopenharmony_ci 5076e41f4b71Sopenharmony_ci| 类型 | 说明 | 5077e41f4b71Sopenharmony_ci| -------------- | ------------- | 5078e41f4b71Sopenharmony_ci| void | 无返回结果。 | 5079e41f4b71Sopenharmony_ci 5080e41f4b71Sopenharmony_ci**错误码:** 5081e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5082e41f4b71Sopenharmony_ci 5083e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5084e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5085e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 5086e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5087e41f4b71Sopenharmony_ci 5088e41f4b71Sopenharmony_ci### digest 5089e41f4b71Sopenharmony_ci 5090e41f4b71Sopenharmony_cidigest(callback: AsyncCallback\<DataBlob>): void 5091e41f4b71Sopenharmony_ci 5092e41f4b71Sopenharmony_ci通过注册回调函数返回Md的计算结果。 5093e41f4b71Sopenharmony_ci 5094e41f4b71Sopenharmony_ci> **说明:** 5095e41f4b71Sopenharmony_ci> 5096e41f4b71Sopenharmony_ci> 该接口不支持轻量级智能穿戴。 5097e41f4b71Sopenharmony_ci 5098e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5099e41f4b71Sopenharmony_ci 5100e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5101e41f4b71Sopenharmony_ci 5102e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 5103e41f4b71Sopenharmony_ci 5104e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5105e41f4b71Sopenharmony_ci| -------- | ------------------------ | ---- | ---------- | 5106e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数,用于获取DataBlob数据。 | 5107e41f4b71Sopenharmony_ci 5108e41f4b71Sopenharmony_ci**错误码:** 5109e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5110e41f4b71Sopenharmony_ci 5111e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5112e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5113e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5114e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5115e41f4b71Sopenharmony_ci 5116e41f4b71Sopenharmony_ci**示例:** 5117e41f4b71Sopenharmony_ci 5118e41f4b71Sopenharmony_ci```ts 5119e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5120e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5121e41f4b71Sopenharmony_ci 5122e41f4b71Sopenharmony_cifunction mdByCallback() { 5123e41f4b71Sopenharmony_ci let md = cryptoFramework.createMd('SHA256'); 5124e41f4b71Sopenharmony_ci md.update({ data: new Uint8Array(buffer.from("mdTestMessage", 'utf-8').buffer) }, (err,) => { 5125e41f4b71Sopenharmony_ci md.digest((err, digestOutput) => { 5126e41f4b71Sopenharmony_ci console.info('[Callback]: MD result: ' + digestOutput.data); 5127e41f4b71Sopenharmony_ci console.info('[Callback]: MD len: ' + md.getMdLength()); 5128e41f4b71Sopenharmony_ci }); 5129e41f4b71Sopenharmony_ci }); 5130e41f4b71Sopenharmony_ci} 5131e41f4b71Sopenharmony_ci``` 5132e41f4b71Sopenharmony_ci 5133e41f4b71Sopenharmony_ci### digest 5134e41f4b71Sopenharmony_ci 5135e41f4b71Sopenharmony_cidigest(): Promise\<DataBlob> 5136e41f4b71Sopenharmony_ci 5137e41f4b71Sopenharmony_ci通过Promise返回Md的计算结果。 5138e41f4b71Sopenharmony_ci 5139e41f4b71Sopenharmony_ci> **说明:** 5140e41f4b71Sopenharmony_ci> 5141e41f4b71Sopenharmony_ci> 该接口不支持轻量级智能穿戴。 5142e41f4b71Sopenharmony_ci 5143e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5144e41f4b71Sopenharmony_ci 5145e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5146e41f4b71Sopenharmony_ci 5147e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 5148e41f4b71Sopenharmony_ci 5149e41f4b71Sopenharmony_ci**返回值:** 5150e41f4b71Sopenharmony_ci 5151e41f4b71Sopenharmony_ci| 类型 | 说明 | 5152e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5153e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | Promise对象。 | 5154e41f4b71Sopenharmony_ci 5155e41f4b71Sopenharmony_ci**错误码:** 5156e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5157e41f4b71Sopenharmony_ci 5158e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5159e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5160e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5161e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5162e41f4b71Sopenharmony_ci 5163e41f4b71Sopenharmony_ci**示例:** 5164e41f4b71Sopenharmony_ci 5165e41f4b71Sopenharmony_ci```ts 5166e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5167e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5168e41f4b71Sopenharmony_ci 5169e41f4b71Sopenharmony_ciasync function mdByPromise() { 5170e41f4b71Sopenharmony_ci let md = cryptoFramework.createMd('SHA256'); 5171e41f4b71Sopenharmony_ci await md.update({ data: new Uint8Array(buffer.from("mdTestMessage", 'utf-8').buffer) }); 5172e41f4b71Sopenharmony_ci let mdOutput = await md.digest(); 5173e41f4b71Sopenharmony_ci console.info('[Promise]: MD result: ' + mdOutput.data); 5174e41f4b71Sopenharmony_ci console.info('[Promise]: MD len: ' + md.getMdLength()); 5175e41f4b71Sopenharmony_ci} 5176e41f4b71Sopenharmony_ci``` 5177e41f4b71Sopenharmony_ci 5178e41f4b71Sopenharmony_ci### digestSync<sup>12+</sup> 5179e41f4b71Sopenharmony_ci 5180e41f4b71Sopenharmony_cidigestSync(): DataBlob 5181e41f4b71Sopenharmony_ci 5182e41f4b71Sopenharmony_ci通过同步方式返回Md的计算结果。 5183e41f4b71Sopenharmony_ci 5184e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5185e41f4b71Sopenharmony_ci 5186e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5187e41f4b71Sopenharmony_ci 5188e41f4b71Sopenharmony_ci**返回值:** 5189e41f4b71Sopenharmony_ci 5190e41f4b71Sopenharmony_ci| 类型 | 说明 | 5191e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5192e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示生成的Md计算结果。 | 5193e41f4b71Sopenharmony_ci 5194e41f4b71Sopenharmony_ci**错误码:** 5195e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5196e41f4b71Sopenharmony_ci 5197e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5198e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5199e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 5200e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5201e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 5202e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5203e41f4b71Sopenharmony_ci 5204e41f4b71Sopenharmony_ci**示例:** 5205e41f4b71Sopenharmony_ci 5206e41f4b71Sopenharmony_ci```ts 5207e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5208e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5209e41f4b71Sopenharmony_ci 5210e41f4b71Sopenharmony_ciasync function mdBySync() { 5211e41f4b71Sopenharmony_ci let md = cryptoFramework.createMd('SHA256'); 5212e41f4b71Sopenharmony_ci md.updateSync({ data: new Uint8Array(buffer.from("mdTestMessage", 'utf-8').buffer) }); 5213e41f4b71Sopenharmony_ci let mdOutput = md.digestSync(); 5214e41f4b71Sopenharmony_ci console.info('[Sync]: MD result: ' + mdOutput.data); 5215e41f4b71Sopenharmony_ci console.info('[Sync]: MD len: ' + md.getMdLength()); 5216e41f4b71Sopenharmony_ci} 5217e41f4b71Sopenharmony_ci``` 5218e41f4b71Sopenharmony_ci 5219e41f4b71Sopenharmony_ci### getMdLength 5220e41f4b71Sopenharmony_ci 5221e41f4b71Sopenharmony_cigetMdLength(): number 5222e41f4b71Sopenharmony_ci 5223e41f4b71Sopenharmony_ci获取Md消息摘要长度(字节数)。 5224e41f4b71Sopenharmony_ci 5225e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5226e41f4b71Sopenharmony_ci 5227e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.MessageDigest 5228e41f4b71Sopenharmony_ci 5229e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.MessageDigest 5230e41f4b71Sopenharmony_ci 5231e41f4b71Sopenharmony_ci**返回值:** 5232e41f4b71Sopenharmony_ci 5233e41f4b71Sopenharmony_ci| 类型 | 说明 | 5234e41f4b71Sopenharmony_ci| ------ | -------------------------- | 5235e41f4b71Sopenharmony_ci| number | 返回md计算结果的字节长度。 | 5236e41f4b71Sopenharmony_ci 5237e41f4b71Sopenharmony_ci**错误码:** 5238e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5239e41f4b71Sopenharmony_ci 5240e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5241e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5242e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5243e41f4b71Sopenharmony_ci 5244e41f4b71Sopenharmony_ci**示例:** 5245e41f4b71Sopenharmony_ci 5246e41f4b71Sopenharmony_ci```ts 5247e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5248e41f4b71Sopenharmony_ci 5249e41f4b71Sopenharmony_cifunction getLength() { 5250e41f4b71Sopenharmony_ci let md = cryptoFramework.createMd('SHA256'); 5251e41f4b71Sopenharmony_ci console.info('[Promise]: MD len: ' + md.getMdLength()); 5252e41f4b71Sopenharmony_ci} 5253e41f4b71Sopenharmony_ci``` 5254e41f4b71Sopenharmony_ci 5255e41f4b71Sopenharmony_ci## cryptoFramework.createMac 5256e41f4b71Sopenharmony_ci 5257e41f4b71Sopenharmony_cicreateMac(algName: string): Mac 5258e41f4b71Sopenharmony_ci 5259e41f4b71Sopenharmony_ci生成Mac实例,用于进行消息认证码的计算与操作。 5260e41f4b71Sopenharmony_ci 5261e41f4b71Sopenharmony_ci支持的规格详见[HMAC消息认证码算法规格](../../security/CryptoArchitectureKit/crypto-compute-mac.md#支持的算法与规格)。 5262e41f4b71Sopenharmony_ci 5263e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5264e41f4b71Sopenharmony_ci 5265e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5266e41f4b71Sopenharmony_ci 5267e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5268e41f4b71Sopenharmony_ci 5269e41f4b71Sopenharmony_ci**参数:** 5270e41f4b71Sopenharmony_ci 5271e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5272e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ------------------------------------------------------------ | 5273e41f4b71Sopenharmony_ci| algName | string | 是 | 指定摘要算法,支持算法请参考[HMAC消息认证码算法规格](../../security/CryptoArchitectureKit/crypto-compute-mac.md#支持的算法与规格)。 | 5274e41f4b71Sopenharmony_ci 5275e41f4b71Sopenharmony_ci**返回值**: 5276e41f4b71Sopenharmony_ci 5277e41f4b71Sopenharmony_ci| 类型 | 说明 | 5278e41f4b71Sopenharmony_ci| ---- | ----------------------------------------- | 5279e41f4b71Sopenharmony_ci| Mac | 返回由输入算法指定生成的[Mac](#mac)对象。 | 5280e41f4b71Sopenharmony_ci 5281e41f4b71Sopenharmony_ci**错误码:** 5282e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5283e41f4b71Sopenharmony_ci 5284e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5285e41f4b71Sopenharmony_ci| -------- | ------------------ | 5286e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5287e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5288e41f4b71Sopenharmony_ci 5289e41f4b71Sopenharmony_ci**示例:** 5290e41f4b71Sopenharmony_ci 5291e41f4b71Sopenharmony_ci```ts 5292e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5293e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5294e41f4b71Sopenharmony_ci 5295e41f4b71Sopenharmony_citry { 5296e41f4b71Sopenharmony_ci // Set algName based on the algorithm supported. 5297e41f4b71Sopenharmony_ci let mac = cryptoFramework.createMac('SHA256'); 5298e41f4b71Sopenharmony_ci} catch (error) { 5299e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5300e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 5301e41f4b71Sopenharmony_ci} 5302e41f4b71Sopenharmony_ci``` 5303e41f4b71Sopenharmony_ci 5304e41f4b71Sopenharmony_ci## Mac 5305e41f4b71Sopenharmony_ci 5306e41f4b71Sopenharmony_ciMac类,调用Mac方法可以进行MAC(Message Authentication Code)加密计算。调用前,需要通过[createMac](#cryptoframeworkcreatemac)构造Mac实例。 5307e41f4b71Sopenharmony_ci 5308e41f4b71Sopenharmony_ci### 属性 5309e41f4b71Sopenharmony_ci 5310e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5311e41f4b71Sopenharmony_ci 5312e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5313e41f4b71Sopenharmony_ci 5314e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5315e41f4b71Sopenharmony_ci 5316e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 5317e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------- | 5318e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 代表指定的摘要算法名。 | 5319e41f4b71Sopenharmony_ci 5320e41f4b71Sopenharmony_ci### init 5321e41f4b71Sopenharmony_ci 5322e41f4b71Sopenharmony_ciinit(key: SymKey, callback: AsyncCallback\<void>): void 5323e41f4b71Sopenharmony_ci 5324e41f4b71Sopenharmony_ci使用对称密钥初始化Mac计算,通过注册回调函数获取结果。init、update、doFinal为三段式接口,需要成组使用。其中init和doFinal必选,update可选。 5325e41f4b71Sopenharmony_ci 5326e41f4b71Sopenharmony_ci > **说明:** 5327e41f4b71Sopenharmony_ci > 5328e41f4b71Sopenharmony_ci > 建议通过[HMAC密钥生成规格](../../security/CryptoArchitectureKit/crypto-sym-key-generation-conversion-spec.md#hmac)创建对称密钥生成器,调用[generateSymKey](#generatesymkey)随机生成对称密钥或调用[convertKey](#convertkey)传入与密钥规格长度一致的二进制密钥数据生成密钥。<br/>当指定“HMAC”生成对称密钥生成器时,仅支持调用[convertKey](#convertkey)传入长度在[1,4096]范围内(单位为byte)的任意二进制密钥数据生成密钥。 5329e41f4b71Sopenharmony_ci 5330e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5331e41f4b71Sopenharmony_ci 5332e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5333e41f4b71Sopenharmony_ci 5334e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5335e41f4b71Sopenharmony_ci 5336e41f4b71Sopenharmony_ci**参数:** 5337e41f4b71Sopenharmony_ci 5338e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5339e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | -------------- | 5340e41f4b71Sopenharmony_ci| key | [SymKey](#symkey) | 是 | 共享对称密钥。 | 5341e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当HMAC初始化成功,err为undefined,否则为错误对象。 | 5342e41f4b71Sopenharmony_ci 5343e41f4b71Sopenharmony_ci**错误码:** 5344e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5345e41f4b71Sopenharmony_ci 5346e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5347e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5348e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5349e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5350e41f4b71Sopenharmony_ci 5351e41f4b71Sopenharmony_ci### init 5352e41f4b71Sopenharmony_ci 5353e41f4b71Sopenharmony_ciinit(key: SymKey): Promise\<void> 5354e41f4b71Sopenharmony_ci 5355e41f4b71Sopenharmony_ci使用对称密钥初始化Mac计算,通过Promise获取结果。init、update、doFinal为三段式接口,需要成组使用。其中init和doFinal必选,update可选。 5356e41f4b71Sopenharmony_ci 5357e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5358e41f4b71Sopenharmony_ci 5359e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5360e41f4b71Sopenharmony_ci 5361e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5362e41f4b71Sopenharmony_ci 5363e41f4b71Sopenharmony_ci**参数:** 5364e41f4b71Sopenharmony_ci 5365e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5366e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------ | 5367e41f4b71Sopenharmony_ci| key | [SymKey](#symkey) | 是 | 共享对称密钥。 | 5368e41f4b71Sopenharmony_ci 5369e41f4b71Sopenharmony_ci**返回值:** 5370e41f4b71Sopenharmony_ci 5371e41f4b71Sopenharmony_ci| 类型 | 说明 | 5372e41f4b71Sopenharmony_ci| -------------- | ------------- | 5373e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 5374e41f4b71Sopenharmony_ci 5375e41f4b71Sopenharmony_ci**错误码:** 5376e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5377e41f4b71Sopenharmony_ci 5378e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5379e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5380e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5381e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5382e41f4b71Sopenharmony_ci 5383e41f4b71Sopenharmony_ci### initSync<sup>12+</sup> 5384e41f4b71Sopenharmony_ci 5385e41f4b71Sopenharmony_ciinitSync(key: SymKey): void 5386e41f4b71Sopenharmony_ci 5387e41f4b71Sopenharmony_ci使用对称密钥初始化Mac计算,通过同步方式获取结果。initSync、updateSync、doFinalSync为三段式接口,需要成组使用。其中initSync和doFinalSync必选,updateSync可选。 5388e41f4b71Sopenharmony_ci 5389e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5390e41f4b71Sopenharmony_ci 5391e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5392e41f4b71Sopenharmony_ci 5393e41f4b71Sopenharmony_ci**参数:** 5394e41f4b71Sopenharmony_ci 5395e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5396e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------ | 5397e41f4b71Sopenharmony_ci| key | [SymKey](#symkey) | 是 | 共享对称密钥。 | 5398e41f4b71Sopenharmony_ci 5399e41f4b71Sopenharmony_ci**返回值:** 5400e41f4b71Sopenharmony_ci 5401e41f4b71Sopenharmony_ci| 类型 | 说明 | 5402e41f4b71Sopenharmony_ci| -------------- | ------------- | 5403e41f4b71Sopenharmony_ci| void | 无返回结果。 | 5404e41f4b71Sopenharmony_ci 5405e41f4b71Sopenharmony_ci**错误码:** 5406e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5407e41f4b71Sopenharmony_ci 5408e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5409e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5410e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 5411e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5412e41f4b71Sopenharmony_ci 5413e41f4b71Sopenharmony_ci### update 5414e41f4b71Sopenharmony_ci 5415e41f4b71Sopenharmony_ciupdate(input: DataBlob, callback: AsyncCallback\<void>): void 5416e41f4b71Sopenharmony_ci 5417e41f4b71Sopenharmony_ci传入消息进行Mac更新计算,通过注册回调函数获取结果。 5418e41f4b71Sopenharmony_ci 5419e41f4b71Sopenharmony_ci> **说明:** 5420e41f4b71Sopenharmony_ci> 5421e41f4b71Sopenharmony_ci> HMAC算法多次调用update更新的代码示例详见开发指导[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5422e41f4b71Sopenharmony_ci 5423e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5424e41f4b71Sopenharmony_ci 5425e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5426e41f4b71Sopenharmony_ci 5427e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5428e41f4b71Sopenharmony_ci 5429e41f4b71Sopenharmony_ci**参数:** 5430e41f4b71Sopenharmony_ci 5431e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5432e41f4b71Sopenharmony_ci| -------- | --------------------- | ---- | ------------ | 5433e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5434e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。当HMAC更新成功,err为undefined,否则为错误对象。| 5435e41f4b71Sopenharmony_ci 5436e41f4b71Sopenharmony_ci**错误码:** 5437e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5438e41f4b71Sopenharmony_ci 5439e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5440e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5441e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5442e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5443e41f4b71Sopenharmony_ci 5444e41f4b71Sopenharmony_ci### update 5445e41f4b71Sopenharmony_ci 5446e41f4b71Sopenharmony_ciupdate(input: DataBlob): Promise\<void> 5447e41f4b71Sopenharmony_ci 5448e41f4b71Sopenharmony_ci传入消息进行Mac更新计算,通过Promise获取结果。 5449e41f4b71Sopenharmony_ci 5450e41f4b71Sopenharmony_ci> **说明:** 5451e41f4b71Sopenharmony_ci> 5452e41f4b71Sopenharmony_ci> HMAC算法多次调用update更新的代码示例详见开发指导[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5453e41f4b71Sopenharmony_ci 5454e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5455e41f4b71Sopenharmony_ci 5456e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5457e41f4b71Sopenharmony_ci 5458e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5459e41f4b71Sopenharmony_ci 5460e41f4b71Sopenharmony_ci**参数:** 5461e41f4b71Sopenharmony_ci 5462e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5463e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 5464e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5465e41f4b71Sopenharmony_ci 5466e41f4b71Sopenharmony_ci**返回值:** 5467e41f4b71Sopenharmony_ci 5468e41f4b71Sopenharmony_ci| 类型 | 说明 | 5469e41f4b71Sopenharmony_ci| -------------- | ------------- | 5470e41f4b71Sopenharmony_ci| Promise\<void> | 无返回结果的Promise对象。 | 5471e41f4b71Sopenharmony_ci 5472e41f4b71Sopenharmony_ci**错误码:** 5473e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5474e41f4b71Sopenharmony_ci 5475e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5476e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5477e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5478e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5479e41f4b71Sopenharmony_ci 5480e41f4b71Sopenharmony_ci### updateSync<sup>12+</sup> 5481e41f4b71Sopenharmony_ci 5482e41f4b71Sopenharmony_ciupdateSync(input: DataBlob): void 5483e41f4b71Sopenharmony_ci 5484e41f4b71Sopenharmony_ci传入消息进行Mac更新计算,通过同步方式获取结果。 5485e41f4b71Sopenharmony_ci 5486e41f4b71Sopenharmony_ci> **说明:** 5487e41f4b71Sopenharmony_ci> 5488e41f4b71Sopenharmony_ci> HMAC算法多次调用updateSync更新的代码示例详见开发指导[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5489e41f4b71Sopenharmony_ci 5490e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5491e41f4b71Sopenharmony_ci 5492e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5493e41f4b71Sopenharmony_ci 5494e41f4b71Sopenharmony_ci**参数:** 5495e41f4b71Sopenharmony_ci 5496e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5497e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ---------- | 5498e41f4b71Sopenharmony_ci| input | [DataBlob](#datablob) | 是 | 传入的消息。 | 5499e41f4b71Sopenharmony_ci 5500e41f4b71Sopenharmony_ci**返回值:** 5501e41f4b71Sopenharmony_ci 5502e41f4b71Sopenharmony_ci| 类型 | 说明 | 5503e41f4b71Sopenharmony_ci| -------------- | ------------- | 5504e41f4b71Sopenharmony_ci| void | 无返回结果的对象。 | 5505e41f4b71Sopenharmony_ci 5506e41f4b71Sopenharmony_ci**错误码:** 5507e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5508e41f4b71Sopenharmony_ci 5509e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5510e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5511e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 5512e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5513e41f4b71Sopenharmony_ci 5514e41f4b71Sopenharmony_ci### doFinal 5515e41f4b71Sopenharmony_ci 5516e41f4b71Sopenharmony_cidoFinal(callback: AsyncCallback\<DataBlob>): void 5517e41f4b71Sopenharmony_ci 5518e41f4b71Sopenharmony_ci通过注册回调函数返回Mac的计算结果。 5519e41f4b71Sopenharmony_ci 5520e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5521e41f4b71Sopenharmony_ci 5522e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5523e41f4b71Sopenharmony_ci 5524e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5525e41f4b71Sopenharmony_ci 5526e41f4b71Sopenharmony_ci**参数:** 5527e41f4b71Sopenharmony_ci 5528e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5529e41f4b71Sopenharmony_ci| -------- | ------------------------ | ---- | -------- | 5530e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数,用于获取DataBlob数据。 | 5531e41f4b71Sopenharmony_ci 5532e41f4b71Sopenharmony_ci**错误码:** 5533e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5534e41f4b71Sopenharmony_ci 5535e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5536e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5537e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5538e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5539e41f4b71Sopenharmony_ci 5540e41f4b71Sopenharmony_ci**示例:** 5541e41f4b71Sopenharmony_ci 5542e41f4b71Sopenharmony_ci此外,更多HMAC的完整示例可参考开发指导中[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5543e41f4b71Sopenharmony_ci 5544e41f4b71Sopenharmony_ci```ts 5545e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5546e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5547e41f4b71Sopenharmony_ci 5548e41f4b71Sopenharmony_cifunction hmacByCallback() { 5549e41f4b71Sopenharmony_ci let mac = cryptoFramework.createMac('SHA256'); 5550e41f4b71Sopenharmony_ci let keyBlob: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("12345678abcdefgh", 'utf-8').buffer) }; 5551e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 5552e41f4b71Sopenharmony_ci symKeyGenerator.convertKey(keyBlob, (err, symKey) => { 5553e41f4b71Sopenharmony_ci mac.init(symKey, (err,) => { 5554e41f4b71Sopenharmony_ci mac.update({ data: new Uint8Array(buffer.from("hmacTestMessage", 'utf-8').buffer) }, (err,) => { 5555e41f4b71Sopenharmony_ci mac.doFinal((err, output) => { 5556e41f4b71Sopenharmony_ci console.info('[Callback]: HMAC result: ' + output.data); 5557e41f4b71Sopenharmony_ci console.info('[Callback]: MAC len: ' + mac.getMacLength()); 5558e41f4b71Sopenharmony_ci }); 5559e41f4b71Sopenharmony_ci }); 5560e41f4b71Sopenharmony_ci }); 5561e41f4b71Sopenharmony_ci }); 5562e41f4b71Sopenharmony_ci} 5563e41f4b71Sopenharmony_ci``` 5564e41f4b71Sopenharmony_ci 5565e41f4b71Sopenharmony_ci### doFinal 5566e41f4b71Sopenharmony_ci 5567e41f4b71Sopenharmony_cidoFinal(): Promise\<DataBlob> 5568e41f4b71Sopenharmony_ci 5569e41f4b71Sopenharmony_ci通过Promise返回Mac的计算结果。 5570e41f4b71Sopenharmony_ci 5571e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5572e41f4b71Sopenharmony_ci 5573e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5574e41f4b71Sopenharmony_ci 5575e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5576e41f4b71Sopenharmony_ci 5577e41f4b71Sopenharmony_ci**返回值:** 5578e41f4b71Sopenharmony_ci 5579e41f4b71Sopenharmony_ci| 类型 | 说明 | 5580e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5581e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | Promise对象。 | 5582e41f4b71Sopenharmony_ci 5583e41f4b71Sopenharmony_ci**错误码:** 5584e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5585e41f4b71Sopenharmony_ci 5586e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5587e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5588e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5589e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5590e41f4b71Sopenharmony_ci 5591e41f4b71Sopenharmony_ci**示例:** 5592e41f4b71Sopenharmony_ci 5593e41f4b71Sopenharmony_ci此外,更多HMAC的完整示例可参考开发指导[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5594e41f4b71Sopenharmony_ci 5595e41f4b71Sopenharmony_ci```ts 5596e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5597e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5598e41f4b71Sopenharmony_ci 5599e41f4b71Sopenharmony_ciasync function hmacByPromise() { 5600e41f4b71Sopenharmony_ci let mac = cryptoFramework.createMac('SHA256'); 5601e41f4b71Sopenharmony_ci let keyBlob: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("12345678abcdefgh", 'utf-8').buffer) }; 5602e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 5603e41f4b71Sopenharmony_ci let symKey = await symKeyGenerator.convertKey(keyBlob); 5604e41f4b71Sopenharmony_ci await mac.init(symKey); 5605e41f4b71Sopenharmony_ci await mac.update({ data: new Uint8Array(buffer.from("hmacTestMessage", 'utf-8').buffer) }); 5606e41f4b71Sopenharmony_ci let macOutput = await mac.doFinal(); 5607e41f4b71Sopenharmony_ci console.info('[Promise]: HMAC result: ' + macOutput.data); 5608e41f4b71Sopenharmony_ci console.info('[Promise]: MAC len: ' + mac.getMacLength()); 5609e41f4b71Sopenharmony_ci} 5610e41f4b71Sopenharmony_ci``` 5611e41f4b71Sopenharmony_ci 5612e41f4b71Sopenharmony_ci### doFinalSync<sup>12+</sup> 5613e41f4b71Sopenharmony_ci 5614e41f4b71Sopenharmony_cidoFinalSync(): DataBlob 5615e41f4b71Sopenharmony_ci 5616e41f4b71Sopenharmony_ci通过同步方式返回Mac的计算结果。 5617e41f4b71Sopenharmony_ci 5618e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5619e41f4b71Sopenharmony_ci 5620e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5621e41f4b71Sopenharmony_ci 5622e41f4b71Sopenharmony_ci**返回值:** 5623e41f4b71Sopenharmony_ci 5624e41f4b71Sopenharmony_ci| 类型 | 说明 | 5625e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5626e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 返回Mac的计算结果。 | 5627e41f4b71Sopenharmony_ci 5628e41f4b71Sopenharmony_ci**错误码:** 5629e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5630e41f4b71Sopenharmony_ci 5631e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5632e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5633e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 5634e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5635e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 5636e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5637e41f4b71Sopenharmony_ci 5638e41f4b71Sopenharmony_ci**示例:** 5639e41f4b71Sopenharmony_ci 5640e41f4b71Sopenharmony_ci此外,更多HMAC的完整示例可参考开发指导[消息认证码计算](../../security/CryptoArchitectureKit/crypto-compute-mac.md#分段hmac)。 5641e41f4b71Sopenharmony_ci 5642e41f4b71Sopenharmony_ci```ts 5643e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5644e41f4b71Sopenharmony_ciimport { buffer } from '@kit.ArkTS'; 5645e41f4b71Sopenharmony_ci 5646e41f4b71Sopenharmony_cifunction hmacBySync() { 5647e41f4b71Sopenharmony_ci let mac = cryptoFramework.createMac('SHA256'); 5648e41f4b71Sopenharmony_ci let keyBlob: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("12345678abcdefgh", 'utf-8').buffer) }; 5649e41f4b71Sopenharmony_ci let symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 5650e41f4b71Sopenharmony_ci let symKey = symKeyGenerator.convertKeySync(keyBlob); 5651e41f4b71Sopenharmony_ci mac.initSync(symKey); 5652e41f4b71Sopenharmony_ci mac.updateSync({ data: new Uint8Array(buffer.from("hmacTestMessage", 'utf-8').buffer) }); 5653e41f4b71Sopenharmony_ci let macOutput = mac.doFinalSync(); 5654e41f4b71Sopenharmony_ci console.info('[Sync]: HMAC result: ' + macOutput.data); 5655e41f4b71Sopenharmony_ci console.info('[Sync]: MAC len: ' + mac.getMacLength()); 5656e41f4b71Sopenharmony_ci} 5657e41f4b71Sopenharmony_ci``` 5658e41f4b71Sopenharmony_ci 5659e41f4b71Sopenharmony_ci### getMacLength 5660e41f4b71Sopenharmony_ci 5661e41f4b71Sopenharmony_cigetMacLength(): number 5662e41f4b71Sopenharmony_ci 5663e41f4b71Sopenharmony_ci获取Mac消息认证码的长度(字节数)。 5664e41f4b71Sopenharmony_ci 5665e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5666e41f4b71Sopenharmony_ci 5667e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Mac 5668e41f4b71Sopenharmony_ci 5669e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Mac 5670e41f4b71Sopenharmony_ci 5671e41f4b71Sopenharmony_ci**返回值:** 5672e41f4b71Sopenharmony_ci 5673e41f4b71Sopenharmony_ci| 类型 | 说明 | 5674e41f4b71Sopenharmony_ci| ------ | --------------------------- | 5675e41f4b71Sopenharmony_ci| number | 返回mac计算结果的字节长度。 | 5676e41f4b71Sopenharmony_ci 5677e41f4b71Sopenharmony_ci**错误码:** 5678e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5679e41f4b71Sopenharmony_ci 5680e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5681e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5682e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5683e41f4b71Sopenharmony_ci 5684e41f4b71Sopenharmony_ci**示例:** 5685e41f4b71Sopenharmony_ci 5686e41f4b71Sopenharmony_ci<!--code_no_check--> 5687e41f4b71Sopenharmony_ci```ts 5688e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5689e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5690e41f4b71Sopenharmony_ci 5691e41f4b71Sopenharmony_cilet mac = cryptoFramework.createMac('SHA256'); 5692e41f4b71Sopenharmony_ciconsole.info('Mac algName is: ' + mac.algName); 5693e41f4b71Sopenharmony_cilet keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 5694e41f4b71Sopenharmony_cilet keyBlob: cryptoFramework.DataBlob = { data: keyData }; 5695e41f4b71Sopenharmony_cilet symKeyGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 5696e41f4b71Sopenharmony_cilet promiseConvertKey = symKeyGenerator.convertKey(keyBlob); 5697e41f4b71Sopenharmony_cipromiseConvertKey.then(symKey => { 5698e41f4b71Sopenharmony_ci let promiseMacInit = mac.init(symKey); 5699e41f4b71Sopenharmony_ci return promiseMacInit; 5700e41f4b71Sopenharmony_ci}).then(() => { 5701e41f4b71Sopenharmony_ci let blob: cryptoFramework.DataBlob = { data : new Uint8Array([83])}; 5702e41f4b71Sopenharmony_ci let promiseMacUpdate = mac.update(blob); 5703e41f4b71Sopenharmony_ci return promiseMacUpdate; 5704e41f4b71Sopenharmony_ci}).then(() => { 5705e41f4b71Sopenharmony_ci let promiseMacDoFinal = mac.doFinal(); 5706e41f4b71Sopenharmony_ci return promiseMacDoFinal; 5707e41f4b71Sopenharmony_ci}).then(macOutput => { 5708e41f4b71Sopenharmony_ci console.info('[Promise]: HMAC result: ' + macOutput.data); 5709e41f4b71Sopenharmony_ci let macLen = mac.getMacLength(); 5710e41f4b71Sopenharmony_ci console.info('MAC len: ' + macLen); 5711e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 5712e41f4b71Sopenharmony_ci console.error("[Promise]: error: " + error.message); 5713e41f4b71Sopenharmony_ci}); 5714e41f4b71Sopenharmony_ci``` 5715e41f4b71Sopenharmony_ci 5716e41f4b71Sopenharmony_ci## cryptoFramework.createRandom 5717e41f4b71Sopenharmony_ci 5718e41f4b71Sopenharmony_cicreateRandom(): Random 5719e41f4b71Sopenharmony_ci 5720e41f4b71Sopenharmony_ci生成Random实例,用于进行随机数的计算与设置种子。 5721e41f4b71Sopenharmony_ci 5722e41f4b71Sopenharmony_ci支持的规格详见框架概述[随机数算法规格](../../security/CryptoArchitectureKit/crypto-generate-random-number.md#支持的算法与规格)。 5723e41f4b71Sopenharmony_ci 5724e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5725e41f4b71Sopenharmony_ci 5726e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5727e41f4b71Sopenharmony_ci 5728e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5729e41f4b71Sopenharmony_ci 5730e41f4b71Sopenharmony_ci**返回值**: 5731e41f4b71Sopenharmony_ci 5732e41f4b71Sopenharmony_ci| 类型 | 说明 | 5733e41f4b71Sopenharmony_ci| ------ | ----------------------------------------------- | 5734e41f4b71Sopenharmony_ci| Random | 返回由输入算法指定生成的[Random](#random)对象。 | 5735e41f4b71Sopenharmony_ci 5736e41f4b71Sopenharmony_ci**错误码:** 5737e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5738e41f4b71Sopenharmony_ci 5739e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5740e41f4b71Sopenharmony_ci| -------- | ------------ | 5741e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5742e41f4b71Sopenharmony_ci 5743e41f4b71Sopenharmony_ci**示例:** 5744e41f4b71Sopenharmony_ci 5745e41f4b71Sopenharmony_ci```ts 5746e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5747e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5748e41f4b71Sopenharmony_ci 5749e41f4b71Sopenharmony_citry { 5750e41f4b71Sopenharmony_ci let rand = cryptoFramework.createRandom(); 5751e41f4b71Sopenharmony_ci} catch (error) { 5752e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5753e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 5754e41f4b71Sopenharmony_ci} 5755e41f4b71Sopenharmony_ci``` 5756e41f4b71Sopenharmony_ci 5757e41f4b71Sopenharmony_ci## Random 5758e41f4b71Sopenharmony_ci 5759e41f4b71Sopenharmony_ciRandom类,调用Random方法可以进行随机数计算。调用前,需要通过[createRandom](#cryptoframeworkcreaterandom)构造Random实例。 5760e41f4b71Sopenharmony_ci 5761e41f4b71Sopenharmony_ci### 属性 5762e41f4b71Sopenharmony_ci 5763e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5764e41f4b71Sopenharmony_ci 5765e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5766e41f4b71Sopenharmony_ci 5767e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5768e41f4b71Sopenharmony_ci 5769e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 5770e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | -------------------- | 5771e41f4b71Sopenharmony_ci| algName<sup>10+</sup> | string | 是 | 否 | 代表当前使用的随机数生成算法,目前只支持“CTR_DRBG"。 | 5772e41f4b71Sopenharmony_ci 5773e41f4b71Sopenharmony_ci### generateRandom 5774e41f4b71Sopenharmony_ci 5775e41f4b71Sopenharmony_cigenerateRandom(len: number, callback: AsyncCallback\<DataBlob>): void 5776e41f4b71Sopenharmony_ci 5777e41f4b71Sopenharmony_ci异步生成指定长度的随机数,通过注册回调函数返回。 5778e41f4b71Sopenharmony_ci 5779e41f4b71Sopenharmony_ci> **说明:** 5780e41f4b71Sopenharmony_ci> 5781e41f4b71Sopenharmony_ci> 该接口不支持轻量级智能穿戴。 5782e41f4b71Sopenharmony_ci 5783e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5784e41f4b71Sopenharmony_ci 5785e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5786e41f4b71Sopenharmony_ci 5787e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5788e41f4b71Sopenharmony_ci 5789e41f4b71Sopenharmony_ci**参数:** 5790e41f4b71Sopenharmony_ci 5791e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5792e41f4b71Sopenharmony_ci| -------- | ------------------------ | ---- | -------------------- | 5793e41f4b71Sopenharmony_ci| len | number | 是 | 表示生成随机数的长度,单位为byte,范围在[1, INT_MAX]。 | 5794e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数,用于获取DataBlob数据。 | 5795e41f4b71Sopenharmony_ci 5796e41f4b71Sopenharmony_ci**错误码:** 5797e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5798e41f4b71Sopenharmony_ci 5799e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5800e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5801e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5802e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5803e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5804e41f4b71Sopenharmony_ci 5805e41f4b71Sopenharmony_ci**示例:** 5806e41f4b71Sopenharmony_ci 5807e41f4b71Sopenharmony_ci```ts 5808e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5809e41f4b71Sopenharmony_ci 5810e41f4b71Sopenharmony_cilet rand = cryptoFramework.createRandom(); 5811e41f4b71Sopenharmony_cirand.generateRandom(12, (err, randData) => { 5812e41f4b71Sopenharmony_ci if (err) { 5813e41f4b71Sopenharmony_ci console.error("[Callback] err: " + err.code); 5814e41f4b71Sopenharmony_ci } else { 5815e41f4b71Sopenharmony_ci console.info('[Callback]: generate random result: ' + randData.data); 5816e41f4b71Sopenharmony_ci } 5817e41f4b71Sopenharmony_ci}); 5818e41f4b71Sopenharmony_ci``` 5819e41f4b71Sopenharmony_ci 5820e41f4b71Sopenharmony_ci### generateRandom 5821e41f4b71Sopenharmony_ci 5822e41f4b71Sopenharmony_cigenerateRandom(len: number): Promise\<DataBlob> 5823e41f4b71Sopenharmony_ci 5824e41f4b71Sopenharmony_ci异步生成指定长度的随机数,通过Promise返回。 5825e41f4b71Sopenharmony_ci 5826e41f4b71Sopenharmony_ci> **说明:** 5827e41f4b71Sopenharmony_ci> 5828e41f4b71Sopenharmony_ci> 该接口不支持轻量级智能穿戴。 5829e41f4b71Sopenharmony_ci 5830e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5831e41f4b71Sopenharmony_ci 5832e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5833e41f4b71Sopenharmony_ci 5834e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5835e41f4b71Sopenharmony_ci 5836e41f4b71Sopenharmony_ci**参数:** 5837e41f4b71Sopenharmony_ci 5838e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5839e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------------------------------------------------ | 5840e41f4b71Sopenharmony_ci| len | number | 是 | 表示生成随机数的长度,单位为byte,范围在[1, INT_MAX]。 | 5841e41f4b71Sopenharmony_ci 5842e41f4b71Sopenharmony_ci**返回值:** 5843e41f4b71Sopenharmony_ci 5844e41f4b71Sopenharmony_ci| 类型 | 说明 | 5845e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5846e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | Promise对象。 | 5847e41f4b71Sopenharmony_ci 5848e41f4b71Sopenharmony_ci**错误码:** 5849e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5850e41f4b71Sopenharmony_ci 5851e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5852e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5853e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5854e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5855e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5856e41f4b71Sopenharmony_ci 5857e41f4b71Sopenharmony_ci**示例:** 5858e41f4b71Sopenharmony_ci 5859e41f4b71Sopenharmony_ci```ts 5860e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5861e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5862e41f4b71Sopenharmony_ci 5863e41f4b71Sopenharmony_cilet rand = cryptoFramework.createRandom(); 5864e41f4b71Sopenharmony_cilet promiseGenerateRand = rand.generateRandom(12); 5865e41f4b71Sopenharmony_cipromiseGenerateRand.then(randData => { 5866e41f4b71Sopenharmony_ci console.info('[Promise]: rand result: ' + randData.data); 5867e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 5868e41f4b71Sopenharmony_ci console.error("[Promise]: error: " + error.message); 5869e41f4b71Sopenharmony_ci}); 5870e41f4b71Sopenharmony_ci``` 5871e41f4b71Sopenharmony_ci 5872e41f4b71Sopenharmony_ci### generateRandomSync<sup>10+</sup> 5873e41f4b71Sopenharmony_ci 5874e41f4b71Sopenharmony_cigenerateRandomSync(len: number): DataBlob 5875e41f4b71Sopenharmony_ci 5876e41f4b71Sopenharmony_ci同步生成指定长度的随机数。 5877e41f4b71Sopenharmony_ci 5878e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5879e41f4b71Sopenharmony_ci 5880e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5881e41f4b71Sopenharmony_ci 5882e41f4b71Sopenharmony_ciAPI version10-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5883e41f4b71Sopenharmony_ci 5884e41f4b71Sopenharmony_ci**参数:** 5885e41f4b71Sopenharmony_ci 5886e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5887e41f4b71Sopenharmony_ci| ------ | ------ | ---- | -------------------- | 5888e41f4b71Sopenharmony_ci| len | number | 是 | 表示生成随机数的长度,单位为byte,范围在[1, INT_MAX]。 | 5889e41f4b71Sopenharmony_ci 5890e41f4b71Sopenharmony_ci**返回值:** 5891e41f4b71Sopenharmony_ci 5892e41f4b71Sopenharmony_ci| 类型 | 说明 | 5893e41f4b71Sopenharmony_ci| ------------------ | ----------- | 5894e41f4b71Sopenharmony_ci|[DataBlob](#datablob) | 表示生成的随机数。 | 5895e41f4b71Sopenharmony_ci 5896e41f4b71Sopenharmony_ci**错误码:** 5897e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5898e41f4b71Sopenharmony_ci 5899e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5900e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5901e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5902e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5903e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 5904e41f4b71Sopenharmony_ci 5905e41f4b71Sopenharmony_ci**示例:** 5906e41f4b71Sopenharmony_ci 5907e41f4b71Sopenharmony_ci```ts 5908e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5909e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5910e41f4b71Sopenharmony_ci 5911e41f4b71Sopenharmony_cilet rand = cryptoFramework.createRandom(); 5912e41f4b71Sopenharmony_citry { 5913e41f4b71Sopenharmony_ci let randData = rand.generateRandomSync(12); 5914e41f4b71Sopenharmony_ci if (randData != null) { 5915e41f4b71Sopenharmony_ci console.info('[Sync]: rand result: ' + randData.data); 5916e41f4b71Sopenharmony_ci } else { 5917e41f4b71Sopenharmony_ci console.error("[Sync]: get rand result fail!"); 5918e41f4b71Sopenharmony_ci } 5919e41f4b71Sopenharmony_ci} catch (error) { 5920e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5921e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 5922e41f4b71Sopenharmony_ci} 5923e41f4b71Sopenharmony_ci``` 5924e41f4b71Sopenharmony_ci 5925e41f4b71Sopenharmony_ci### setSeed 5926e41f4b71Sopenharmony_ci 5927e41f4b71Sopenharmony_cisetSeed(seed: DataBlob): void 5928e41f4b71Sopenharmony_ci 5929e41f4b71Sopenharmony_ci设置指定的种子。 5930e41f4b71Sopenharmony_ci 5931e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 5932e41f4b71Sopenharmony_ci 5933e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Rand 5934e41f4b71Sopenharmony_ci 5935e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Rand 5936e41f4b71Sopenharmony_ci 5937e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5938e41f4b71Sopenharmony_ci| ------ | -------- | ---- | ------------ | 5939e41f4b71Sopenharmony_ci| seed | [DataBlob](#datablob) | 是 | 设置的种子。 | 5940e41f4b71Sopenharmony_ci 5941e41f4b71Sopenharmony_ci**错误码:** 5942e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5943e41f4b71Sopenharmony_ci 5944e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5945e41f4b71Sopenharmony_ci| -------- | ----------------- | 5946e41f4b71Sopenharmony_ci| 17620001 | memory error. | 5947e41f4b71Sopenharmony_ci 5948e41f4b71Sopenharmony_ci**示例:** 5949e41f4b71Sopenharmony_ci 5950e41f4b71Sopenharmony_ci```ts 5951e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5952e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5953e41f4b71Sopenharmony_ci 5954e41f4b71Sopenharmony_cilet rand = cryptoFramework.createRandom(); 5955e41f4b71Sopenharmony_cirand.generateRandom(12, (err, randData) => { 5956e41f4b71Sopenharmony_ci if (err) { 5957e41f4b71Sopenharmony_ci console.error("[Callback] err: " + err.code); 5958e41f4b71Sopenharmony_ci } else { 5959e41f4b71Sopenharmony_ci console.info('[Callback]: generate random result: ' + randData.data); 5960e41f4b71Sopenharmony_ci try { 5961e41f4b71Sopenharmony_ci rand.setSeed(randData); 5962e41f4b71Sopenharmony_ci } catch (error) { 5963e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5964e41f4b71Sopenharmony_ci console.error(`sync error, ${e.code}, ${e.message}`); 5965e41f4b71Sopenharmony_ci } 5966e41f4b71Sopenharmony_ci } 5967e41f4b71Sopenharmony_ci}); 5968e41f4b71Sopenharmony_ci``` 5969e41f4b71Sopenharmony_ci 5970e41f4b71Sopenharmony_ci## cryptoFramework.createKdf<sup>11+</sup> 5971e41f4b71Sopenharmony_ci 5972e41f4b71Sopenharmony_cicreateKdf(algName: string): Kdf 5973e41f4b71Sopenharmony_ci 5974e41f4b71Sopenharmony_ci密钥派生函数(key derivation function)实例生成。<br/>支持的规格详见[密钥派生函数规格](../../security/CryptoArchitectureKit/crypto-key-derivation-overview.md)。 5975e41f4b71Sopenharmony_ci 5976e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5977e41f4b71Sopenharmony_ci 5978e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 5979e41f4b71Sopenharmony_ci 5980e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 5981e41f4b71Sopenharmony_ci 5982e41f4b71Sopenharmony_ci**参数:** 5983e41f4b71Sopenharmony_ci 5984e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5985e41f4b71Sopenharmony_ci| ------- | ------ | ---- | --------------------------------- | 5986e41f4b71Sopenharmony_ci| algName | string | 是 | 指定密钥派生算法(包含HMAC配套的散列函数):目前支持PBKDF2、HKDF算法,如"PBKDF2\|SHA256", "HKDF\|SHA256"。 | 5987e41f4b71Sopenharmony_ci 5988e41f4b71Sopenharmony_ci**返回值**: 5989e41f4b71Sopenharmony_ci 5990e41f4b71Sopenharmony_ci| 类型 | 说明 | 5991e41f4b71Sopenharmony_ci| ------------ | ------------------------------------------ | 5992e41f4b71Sopenharmony_ci| [Kdf](#kdf11) | 返回由输入算法指定生成的Kdf对象。 | 5993e41f4b71Sopenharmony_ci 5994e41f4b71Sopenharmony_ci**错误码:** 5995e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 5996e41f4b71Sopenharmony_ci 5997e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5998e41f4b71Sopenharmony_ci| -------- | ---------------------- | 5999e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6000e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 6001e41f4b71Sopenharmony_ci| 17620001 | memory error. | 6002e41f4b71Sopenharmony_ci 6003e41f4b71Sopenharmony_ci**示例:** 6004e41f4b71Sopenharmony_ci- PBKDF2算法 6005e41f4b71Sopenharmony_ci```ts 6006e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6007e41f4b71Sopenharmony_ci 6008e41f4b71Sopenharmony_cilet kdf = cryptoFramework.createKdf('PBKDF2|SHA256'); 6009e41f4b71Sopenharmony_ci``` 6010e41f4b71Sopenharmony_ci 6011e41f4b71Sopenharmony_ci## Kdf<sup>11+</sup> 6012e41f4b71Sopenharmony_ci 6013e41f4b71Sopenharmony_ci密钥派生函数(key derivation function)类,使用密钥派生方法之前需要创建该类的实例进行操作,通过createKdf(algName: string): Kdf方法构造此实例。 6014e41f4b71Sopenharmony_ci 6015e41f4b71Sopenharmony_ci### 属性 6016e41f4b71Sopenharmony_ci 6017e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6018e41f4b71Sopenharmony_ci 6019e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 6020e41f4b71Sopenharmony_ci 6021e41f4b71Sopenharmony_ciAPI version11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 6022e41f4b71Sopenharmony_ci 6023e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 6024e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | ---------------------------- | 6025e41f4b71Sopenharmony_ci| algName | string | 是 | 否 | 密钥派生函数的算法名称。 | 6026e41f4b71Sopenharmony_ci 6027e41f4b71Sopenharmony_ci### generateSecret 6028e41f4b71Sopenharmony_ci 6029e41f4b71Sopenharmony_cigenerateSecret(params: KdfSpec, callback: AsyncCallback\<DataBlob>): void 6030e41f4b71Sopenharmony_ci 6031e41f4b71Sopenharmony_ci基于传入的密钥派生参数进行密钥派生,通过注册回调函数返回派生得到的密钥。 6032e41f4b71Sopenharmony_ci 6033e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6034e41f4b71Sopenharmony_ci 6035e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 6036e41f4b71Sopenharmony_ci 6037e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 6038e41f4b71Sopenharmony_ci 6039e41f4b71Sopenharmony_ci**参数:** 6040e41f4b71Sopenharmony_ci 6041e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6042e41f4b71Sopenharmony_ci| -------- | ------------------------ | ---- | ---------------------- | 6043e41f4b71Sopenharmony_ci| params | [KdfSpec](#kdfspec11) | 是 | 设置密钥派生函数的参数。 | 6044e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[DataBlob](#datablob)> | 是 | 回调函数,用于获取派生得到的密钥DataBlob数据。 | 6045e41f4b71Sopenharmony_ci 6046e41f4b71Sopenharmony_ci**错误码:** 6047e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 6048e41f4b71Sopenharmony_ci 6049e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6050e41f4b71Sopenharmony_ci| -------- | ---------------------- | 6051e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6052e41f4b71Sopenharmony_ci| 17620001 | memory error. | 6053e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 6054e41f4b71Sopenharmony_ci 6055e41f4b71Sopenharmony_ci**示例:** 6056e41f4b71Sopenharmony_ci 6057e41f4b71Sopenharmony_ci- PBKDF2算法 6058e41f4b71Sopenharmony_ci ```ts 6059e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6060e41f4b71Sopenharmony_ci 6061e41f4b71Sopenharmony_ci let spec: cryptoFramework.PBKDF2Spec = { 6062e41f4b71Sopenharmony_ci algName: 'PBKDF2', 6063e41f4b71Sopenharmony_ci password: '123456', 6064e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6065e41f4b71Sopenharmony_ci iterations: 10000, 6066e41f4b71Sopenharmony_ci keySize: 32 6067e41f4b71Sopenharmony_ci }; 6068e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('PBKDF2|SHA256'); 6069e41f4b71Sopenharmony_ci kdf.generateSecret(spec, (err, secret) => { 6070e41f4b71Sopenharmony_ci if (err) { 6071e41f4b71Sopenharmony_ci console.error("key derivation error."); 6072e41f4b71Sopenharmony_ci return; 6073e41f4b71Sopenharmony_ci } 6074e41f4b71Sopenharmony_ci console.info('key derivation output is ' + secret.data); 6075e41f4b71Sopenharmony_ci }); 6076e41f4b71Sopenharmony_ci ``` 6077e41f4b71Sopenharmony_ci 6078e41f4b71Sopenharmony_ci- HKDF算法 6079e41f4b71Sopenharmony_ci ```ts 6080e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6081e41f4b71Sopenharmony_ci 6082e41f4b71Sopenharmony_ci let spec: cryptoFramework.HKDFSpec = { 6083e41f4b71Sopenharmony_ci algName: 'HKDF', 6084e41f4b71Sopenharmony_ci key: '123456', 6085e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6086e41f4b71Sopenharmony_ci info: new Uint8Array(16), 6087e41f4b71Sopenharmony_ci keySize: 32 6088e41f4b71Sopenharmony_ci }; 6089e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('HKDF|SHA256|EXTRACT_AND_EXPAND'); 6090e41f4b71Sopenharmony_ci kdf.generateSecret(spec, (err, secret) => { 6091e41f4b71Sopenharmony_ci if (err) { 6092e41f4b71Sopenharmony_ci console.error("key derivation error."); 6093e41f4b71Sopenharmony_ci return; 6094e41f4b71Sopenharmony_ci } 6095e41f4b71Sopenharmony_ci console.info('key derivation output is ' + secret.data); 6096e41f4b71Sopenharmony_ci }); 6097e41f4b71Sopenharmony_ci ``` 6098e41f4b71Sopenharmony_ci 6099e41f4b71Sopenharmony_ci### generateSecret 6100e41f4b71Sopenharmony_ci 6101e41f4b71Sopenharmony_cigenerateSecret(params: KdfSpec): Promise\<DataBlob> 6102e41f4b71Sopenharmony_ci 6103e41f4b71Sopenharmony_ci基于传入的密钥派生参数进行密钥派生,通过Promise形式返回派生得到的密钥。 6104e41f4b71Sopenharmony_ci 6105e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6106e41f4b71Sopenharmony_ci 6107e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 6108e41f4b71Sopenharmony_ci 6109e41f4b71Sopenharmony_ciAPI version9-11系统能力为SystemCapability.Security.CryptoFramework;从API version12开始为SystemCapability.Security.CryptoFramework.Kdf 6110e41f4b71Sopenharmony_ci 6111e41f4b71Sopenharmony_ci**参数:** 6112e41f4b71Sopenharmony_ci 6113e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6114e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ---------------------- | 6115e41f4b71Sopenharmony_ci| params | [KdfSpec](#kdfspec11) | 是 | 设置密钥派生函数的参数。 | 6116e41f4b71Sopenharmony_ci 6117e41f4b71Sopenharmony_ci**返回值:** 6118e41f4b71Sopenharmony_ci 6119e41f4b71Sopenharmony_ci| 类型 | 说明 | 6120e41f4b71Sopenharmony_ci| ------------------ | -------- | 6121e41f4b71Sopenharmony_ci| Promise\<[DataBlob](#datablob)> | 回调函数,用于获取派生得到的密钥DataBlob数据。 | 6122e41f4b71Sopenharmony_ci 6123e41f4b71Sopenharmony_ci**错误码:** 6124e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 6125e41f4b71Sopenharmony_ci 6126e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6127e41f4b71Sopenharmony_ci| -------- | ---------------------- | 6128e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6129e41f4b71Sopenharmony_ci| 17620001 | memory error. | 6130e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 6131e41f4b71Sopenharmony_ci 6132e41f4b71Sopenharmony_ci**示例:** 6133e41f4b71Sopenharmony_ci 6134e41f4b71Sopenharmony_ci- PBKDF2算法 6135e41f4b71Sopenharmony_ci ```ts 6136e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6137e41f4b71Sopenharmony_ci import { BusinessError } from '@kit.BasicServicesKit'; 6138e41f4b71Sopenharmony_ci 6139e41f4b71Sopenharmony_ci let spec: cryptoFramework.PBKDF2Spec = { 6140e41f4b71Sopenharmony_ci algName: 'PBKDF2', 6141e41f4b71Sopenharmony_ci password: '123456', 6142e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6143e41f4b71Sopenharmony_ci iterations: 10000, 6144e41f4b71Sopenharmony_ci keySize: 32 6145e41f4b71Sopenharmony_ci }; 6146e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('PBKDF2|SHA256'); 6147e41f4b71Sopenharmony_ci let kdfPromise = kdf.generateSecret(spec); 6148e41f4b71Sopenharmony_ci kdfPromise.then(secret => { 6149e41f4b71Sopenharmony_ci console.info('key derivation output is ' + secret.data); 6150e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 6151e41f4b71Sopenharmony_ci console.error("key derivation error, " + error.message); 6152e41f4b71Sopenharmony_ci }); 6153e41f4b71Sopenharmony_ci ``` 6154e41f4b71Sopenharmony_ci 6155e41f4b71Sopenharmony_ci- HKDF算法 6156e41f4b71Sopenharmony_ci ```ts 6157e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6158e41f4b71Sopenharmony_ci import { BusinessError } from '@kit.BasicServicesKit'; 6159e41f4b71Sopenharmony_ci 6160e41f4b71Sopenharmony_ci let spec: cryptoFramework.HKDFSpec = { 6161e41f4b71Sopenharmony_ci algName: 'HKDF', 6162e41f4b71Sopenharmony_ci key: '123456', 6163e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6164e41f4b71Sopenharmony_ci info: new Uint8Array(16), 6165e41f4b71Sopenharmony_ci keySize: 32 6166e41f4b71Sopenharmony_ci }; 6167e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('HKDF|SHA256|EXTRACT_AND_EXPAND'); 6168e41f4b71Sopenharmony_ci let kdfPromise = kdf.generateSecret(spec); 6169e41f4b71Sopenharmony_ci kdfPromise.then(secret => { 6170e41f4b71Sopenharmony_ci console.info('key derivation output is ' + secret.data); 6171e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 6172e41f4b71Sopenharmony_ci console.error("key derivation error, " + error.message); 6173e41f4b71Sopenharmony_ci }); 6174e41f4b71Sopenharmony_ci ``` 6175e41f4b71Sopenharmony_ci 6176e41f4b71Sopenharmony_ci### generateSecretSync<sup>12+</sup> 6177e41f4b71Sopenharmony_ci 6178e41f4b71Sopenharmony_cigenerateSecretSync(params: KdfSpec): DataBlob 6179e41f4b71Sopenharmony_ci 6180e41f4b71Sopenharmony_ci基于传入的密钥派生参数进行密钥派生,通过同步方式返回派生得到的密钥。 6181e41f4b71Sopenharmony_ci 6182e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6183e41f4b71Sopenharmony_ci 6184e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.CryptoFramework.Kdf 6185e41f4b71Sopenharmony_ci 6186e41f4b71Sopenharmony_ci**参数:** 6187e41f4b71Sopenharmony_ci 6188e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6189e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ---------------------- | 6190e41f4b71Sopenharmony_ci| params | [KdfSpec](#kdfspec11) | 是 | 设置密钥派生函数的参数。 | 6191e41f4b71Sopenharmony_ci 6192e41f4b71Sopenharmony_ci**返回值:** 6193e41f4b71Sopenharmony_ci 6194e41f4b71Sopenharmony_ci| 类型 | 说明 | 6195e41f4b71Sopenharmony_ci| ------------------ | -------- | 6196e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 用于获取派生得到的密钥DataBlob数据。 | 6197e41f4b71Sopenharmony_ci 6198e41f4b71Sopenharmony_ci**错误码:** 6199e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[crypto framework错误码](errorcode-crypto-framework.md) 6200e41f4b71Sopenharmony_ci 6201e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6202e41f4b71Sopenharmony_ci| -------- | ---------------------- | 6203e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed. | 6204e41f4b71Sopenharmony_ci| 17620001 | memory error. | 6205e41f4b71Sopenharmony_ci| 17620002 | runtime error. | 6206e41f4b71Sopenharmony_ci| 17630001 | crypto operation error. | 6207e41f4b71Sopenharmony_ci 6208e41f4b71Sopenharmony_ci**示例:** 6209e41f4b71Sopenharmony_ci 6210e41f4b71Sopenharmony_ci- PBKDF2算法 6211e41f4b71Sopenharmony_ci ```ts 6212e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6213e41f4b71Sopenharmony_ci 6214e41f4b71Sopenharmony_ci let spec: cryptoFramework.PBKDF2Spec = { 6215e41f4b71Sopenharmony_ci algName: 'PBKDF2', 6216e41f4b71Sopenharmony_ci password: '123456', 6217e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6218e41f4b71Sopenharmony_ci iterations: 10000, 6219e41f4b71Sopenharmony_ci keySize: 32 6220e41f4b71Sopenharmony_ci }; 6221e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('PBKDF2|SHA256'); 6222e41f4b71Sopenharmony_ci let secret = kdf.generateSecretSync(spec); 6223e41f4b71Sopenharmony_ci console.info("[Sync]key derivation output is " + secret.data); 6224e41f4b71Sopenharmony_ci ``` 6225e41f4b71Sopenharmony_ci 6226e41f4b71Sopenharmony_ci- HKDF算法 6227e41f4b71Sopenharmony_ci ```ts 6228e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 6229e41f4b71Sopenharmony_ci 6230e41f4b71Sopenharmony_ci let spec: cryptoFramework.HKDFSpec = { 6231e41f4b71Sopenharmony_ci algName: 'HKDF', 6232e41f4b71Sopenharmony_ci key: '123456', 6233e41f4b71Sopenharmony_ci salt: new Uint8Array(16), 6234e41f4b71Sopenharmony_ci info: new Uint8Array(16), 6235e41f4b71Sopenharmony_ci keySize: 32 6236e41f4b71Sopenharmony_ci }; 6237e41f4b71Sopenharmony_ci let kdf = cryptoFramework.createKdf('HKDF|SHA256|EXTRACT_AND_EXPAND'); 6238e41f4b71Sopenharmony_ci let secret = kdf.generateSecretSync(spec); 6239e41f4b71Sopenharmony_ci console.info("[Sync]key derivation output is " + secret.data); 6240e41f4b71Sopenharmony_ci ```