1e41f4b71Sopenharmony_ci# @ohos.security.cert (证书模块) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci证书算法库框架提供证书相关接口。其中,依赖加解密算法库框架的基础算法能力的部分,详细接口说明可参考[cryptoFramework API参考](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md)。 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci> **说明:** 6e41f4b71Sopenharmony_ci> 7e41f4b71Sopenharmony_ci> 本模块首批接口从API version 9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci## 导入模块 10e41f4b71Sopenharmony_ci 11e41f4b71Sopenharmony_ci```ts 12e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 13e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 14e41f4b71Sopenharmony_ci``` 15e41f4b71Sopenharmony_ci 16e41f4b71Sopenharmony_ci## CertResult 17e41f4b71Sopenharmony_ci 18e41f4b71Sopenharmony_ci 表示执行结果的枚举。 19e41f4b71Sopenharmony_ci 20e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 21e41f4b71Sopenharmony_ci 22e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 23e41f4b71Sopenharmony_ci 24e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 25e41f4b71Sopenharmony_ci| --------------------------------------| -------- | -----------------------------| 26e41f4b71Sopenharmony_ci| INVALID_PARAMS | 401 | 非法入参。 | 27e41f4b71Sopenharmony_ci| NOT_SUPPORT | 801 | 操作不支持。 | 28e41f4b71Sopenharmony_ci| ERR_OUT_OF_MEMORY | 19020001 | 内存错误。 | 29e41f4b71Sopenharmony_ci| ERR_RUNTIME_ERROR | 19020002 | 运行时外部错误。 | 30e41f4b71Sopenharmony_ci| ERR_CRYPTO_OPERATION | 19030001 | 调用三方算法库API出错。 | 31e41f4b71Sopenharmony_ci| ERR_CERT_SIGNATURE_FAILURE | 19030002 | 证书签名验证错误。 | 32e41f4b71Sopenharmony_ci| ERR_CERT_NOT_YET_VALID | 19030003 | 证书尚未生效。 | 33e41f4b71Sopenharmony_ci| ERR_CERT_HAS_EXPIRED | 19030004 | 证书过期。 | 34e41f4b71Sopenharmony_ci| ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY | 19030005 | 无法获取证书的颁发者。 | 35e41f4b71Sopenharmony_ci| ERR_KEYUSAGE_NO_CERTSIGN | 19030006 | 证书的秘钥用途不含证书签名。 | 36e41f4b71Sopenharmony_ci| ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE | 19030007 | 证书的秘钥用途不含数字签名。 | 37e41f4b71Sopenharmony_ci 38e41f4b71Sopenharmony_ci## DataBlob 39e41f4b71Sopenharmony_cibuffer数组。 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 42e41f4b71Sopenharmony_ci 43e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 44e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 45e41f4b71Sopenharmony_ci| -------------- | -------------- | ---- | ---- | ----------------| 46e41f4b71Sopenharmony_ci| data | Uint8Array | 是 | 是 | 数据。 | 47e41f4b71Sopenharmony_ci 48e41f4b71Sopenharmony_ci## DataArray 49e41f4b71Sopenharmony_ci 50e41f4b71Sopenharmony_cibuffer数组的列表。 51e41f4b71Sopenharmony_ci 52e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 53e41f4b71Sopenharmony_ci 54e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 55e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 56e41f4b71Sopenharmony_ci| -------------- | -------------- | ---- | ---- | ----------------| 57e41f4b71Sopenharmony_ci| data | Uint8Array | 是 | 是 | 数据列表。 | 58e41f4b71Sopenharmony_ci 59e41f4b71Sopenharmony_ci## EncodingFormat 60e41f4b71Sopenharmony_ci 61e41f4b71Sopenharmony_ci 表示证书编码格式的枚举。 62e41f4b71Sopenharmony_ci 63e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 64e41f4b71Sopenharmony_ci 65e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 66e41f4b71Sopenharmony_ci 67e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 68e41f4b71Sopenharmony_ci| ---------- | ------ | --------- | 69e41f4b71Sopenharmony_ci| FORMAT_DER | 0 | DER格式。 | 70e41f4b71Sopenharmony_ci| FORMAT_PEM | 1 | PEM格式。 | 71e41f4b71Sopenharmony_ci| FORMAT_PKCS7<sup>11+</sup> | 2 | PKCS7格式。 | 72e41f4b71Sopenharmony_ci 73e41f4b71Sopenharmony_ci## CertItemType<sup>10+</sup> 74e41f4b71Sopenharmony_ci 75e41f4b71Sopenharmony_ci 表示获取证书字段的枚举。 76e41f4b71Sopenharmony_ci 77e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 78e41f4b71Sopenharmony_ci 79e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 80e41f4b71Sopenharmony_ci 81e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 82e41f4b71Sopenharmony_ci| -------------------------------- | ---- | ------------------------------ | 83e41f4b71Sopenharmony_ci| CERT_ITEM_TYPE_TBS | 0 | 表示获取证书的待签名信息。 | 84e41f4b71Sopenharmony_ci| CERT_ITEM_TYPE_PUBLIC_KEY | 1 | 表示获取证书的公钥信息。 | 85e41f4b71Sopenharmony_ci| CERT_ITEM_TYPE_ISSUER_UNIQUE_ID | 2 | 表示获取证书的颁发者唯一编号。 | 86e41f4b71Sopenharmony_ci| CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID | 3 | 表示获取证书的主体唯一编号。 | 87e41f4b71Sopenharmony_ci| CERT_ITEM_TYPE_EXTENSIONS | 4 | 表示获取证书的扩展域信息。 | 88e41f4b71Sopenharmony_ci 89e41f4b71Sopenharmony_ci## ExtensionOidType<sup>10+</sup> 90e41f4b71Sopenharmony_ci 91e41f4b71Sopenharmony_ci 表示获取扩展域中对象标识符类型的枚举。 92e41f4b71Sopenharmony_ci 93e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 94e41f4b71Sopenharmony_ci 95e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 96e41f4b71Sopenharmony_ci 97e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 98e41f4b71Sopenharmony_ci| ----------------------------- | ---- | --------------------------------------------- | 99e41f4b71Sopenharmony_ci| EXTENSION_OID_TYPE_ALL | 0 | 表示获取扩展域中所有的对象标识符。 | 100e41f4b71Sopenharmony_ci| EXTENSION_OID_TYPE_CRITICAL | 1 | 表示获取扩展域中critical为true的对象标识符。 | 101e41f4b71Sopenharmony_ci| EXTENSION_OID_TYPE_UNCRITICAL | 2 | 表示获取扩展域中critical为false的对象标识符。 | 102e41f4b71Sopenharmony_ci 103e41f4b71Sopenharmony_ci## ExtensionEntryType<sup>10+</sup> 104e41f4b71Sopenharmony_ci 105e41f4b71Sopenharmony_ci 表示获取扩展域中对象类型的枚举。 106e41f4b71Sopenharmony_ci 107e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 108e41f4b71Sopenharmony_ci 109e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 110e41f4b71Sopenharmony_ci 111e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 112e41f4b71Sopenharmony_ci| ----------------------------------- | ---- | ---------------------------- | 113e41f4b71Sopenharmony_ci| EXTENSION_ENTRY_TYPE_ENTRY | 0 | 表示获取整个对象。 | 114e41f4b71Sopenharmony_ci| EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL | 1 | 表示获取对象的critical属性。 | 115e41f4b71Sopenharmony_ci| EXTENSION_ENTRY_TYPE_ENTRY_VALUE | 2 | 表示获取对象的数据。 | 116e41f4b71Sopenharmony_ci 117e41f4b71Sopenharmony_ci## EncodingType<sup>12+</sup> 118e41f4b71Sopenharmony_ci 119e41f4b71Sopenharmony_ci 表示获取X509证书主体名称编码格式的枚举。 120e41f4b71Sopenharmony_ci 121e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 122e41f4b71Sopenharmony_ci 123e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 124e41f4b71Sopenharmony_ci 125e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 126e41f4b71Sopenharmony_ci| ---------- | ------ | --------- | 127e41f4b71Sopenharmony_ci| ENCODING_UTF8 | 0 | UTF8编码格式。 | 128e41f4b71Sopenharmony_ci 129e41f4b71Sopenharmony_ci## EncodingBlob 130e41f4b71Sopenharmony_ci 131e41f4b71Sopenharmony_ci带编码格式的证书二进制数组。 132e41f4b71Sopenharmony_ci 133e41f4b71Sopenharmony_ci### 属性 134e41f4b71Sopenharmony_ci 135e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 136e41f4b71Sopenharmony_ci 137e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 138e41f4b71Sopenharmony_ci 139e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 140e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ---- | ------------------------------ | 141e41f4b71Sopenharmony_ci| data | Uint8Array | 是 | 是 | 传入的证书数据。 | 142e41f4b71Sopenharmony_ci| encodingFormat | [EncodingFormat](#encodingformat) | 是 | 是 | 指明证书编码格式。 | 143e41f4b71Sopenharmony_ci 144e41f4b71Sopenharmony_ci 145e41f4b71Sopenharmony_ci## CertChainData 146e41f4b71Sopenharmony_ci 147e41f4b71Sopenharmony_ci证书链数据,在证书链校验时,作为入参传入。 148e41f4b71Sopenharmony_ci 149e41f4b71Sopenharmony_ci### 属性 150e41f4b71Sopenharmony_ci 151e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 152e41f4b71Sopenharmony_ci 153e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 154e41f4b71Sopenharmony_ci 155e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 156e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ---- | ------------------------------------------------------------ | 157e41f4b71Sopenharmony_ci| data | Uint8Array | 是 | 是 | 证书数据,按照长度(2字节)-数据的形式传入,如:08ABCDEFGH07ABCDEFG,第一本证书,前2个字节表示证书的长度为8字节,后面附加8字节的证书数据;第2本证书前2个字节表示证书的长度为7字节,后面附加7字节的证书数据。 | 158e41f4b71Sopenharmony_ci| count | number | 是 | 是 | 传入的数据中,包含的证书数量。 | 159e41f4b71Sopenharmony_ci| encodingFormat | [EncodingFormat](#encodingformat) | 是 | 是 | 指明证书编码格式。 | 160e41f4b71Sopenharmony_ci 161e41f4b71Sopenharmony_ci## GeneralNameType<sup>12+</sup> 162e41f4b71Sopenharmony_ci 163e41f4b71Sopenharmony_ci表示证书主体用途的枚举。 164e41f4b71Sopenharmony_ci 165e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 166e41f4b71Sopenharmony_ci 167e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 168e41f4b71Sopenharmony_ci 169e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 170e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ------------------ | 171e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_OTHER_NAME | 0 | 表示其他名称。 | 172e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_RFC822_NAME | 1 | 表示电子邮件地址。 | 173e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_DNS_NAME | 2 | 表示一个DNS名称。 | 174e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_X400_ADDRESS | 3 | 表示X.400地址。 | 175e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_DIRECTORY_NAME | 4 | 表示一个目录名称。 | 176e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_EDI_PARTY_NAME | 5 | 表示特定的EDI实体。 | 177e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_UNIFORM_RESOURCE_ID | 6 | 表示一个统一资源标识符。 | 178e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_IP_ADDRESS | 7 | 表示一个IP地址。 | 179e41f4b71Sopenharmony_ci| GENERAL_NAME_TYPE_REGISTERED_ID | 8 | 表示一个已注册的对象标识符。 | 180e41f4b71Sopenharmony_ci 181e41f4b71Sopenharmony_ci## GeneralName<sup>12+</sup> 182e41f4b71Sopenharmony_ci 183e41f4b71Sopenharmony_ci用于表示证书主体信息对象。 184e41f4b71Sopenharmony_ci 185e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 186e41f4b71Sopenharmony_ci 187e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 188e41f4b71Sopenharmony_ci 189e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 190e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ------------------ | 191e41f4b71Sopenharmony_ci| type | [GeneralNameType](#generalname12) | 是 | 指定具体的证书主体类型。 | 192e41f4b71Sopenharmony_ci| name | Uint8Array | 否 | 指定具体的证书主体DER格式内容。 | 193e41f4b71Sopenharmony_ci 194e41f4b71Sopenharmony_ci## X509CertMatchParameters<sup>11+</sup> 195e41f4b71Sopenharmony_ci 196e41f4b71Sopenharmony_ci用于匹配证书的过滤参数。如果参数中任一项都未指定,则匹配所有证书。 197e41f4b71Sopenharmony_ci 198e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 199e41f4b71Sopenharmony_ci 200e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 201e41f4b71Sopenharmony_ci 202e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 203e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ------------------ | 204e41f4b71Sopenharmony_ci| x509Cert | [X509Cert](#x509cert) | 否 | 指定具体的证书对象。 | 205e41f4b71Sopenharmony_ci| validDate | string | 否 | 指定证书有效期。 | 206e41f4b71Sopenharmony_ci| issuer | Uint8Array | 否 | 指定证书颁发者,为DER编码格式。 | 207e41f4b71Sopenharmony_ci| keyUsage | Array\<boolean> | 否 | 指定是否需要匹配密钥用途。 | 208e41f4b71Sopenharmony_ci| serialNumber | bigint | 否 | 指定证书的序列号。 | 209e41f4b71Sopenharmony_ci| subject | Uint8Array | 否 | 指定证书主题,DER编码格式。 | 210e41f4b71Sopenharmony_ci| publicKey | [DataBlob](#datablob) | 否 | 指定证书公钥,DER编码格式。 | 211e41f4b71Sopenharmony_ci| publicKeyAlgID | string | 否 | 指定证书公钥的算法。 | 212e41f4b71Sopenharmony_ci| subjectAlternativeNames<sup>12+</sup> | Array\<[GeneralName](#generalname12)> | 否 | 指定证书主体名称。 | 213e41f4b71Sopenharmony_ci| matchAllSubjectAltNames<sup>12+</sup> | boolean | 否 | 指定是否需要匹配证书主体名称。 | 214e41f4b71Sopenharmony_ci| authorityKeyIdentifier<sup>12+</sup> | Uint8Array | 否 | 指定证书颁发机构秘钥。 | 215e41f4b71Sopenharmony_ci| minPathLenConstraint<sup>12+</sup> | number | 否 | 指定证书CA路径长度。 | 216e41f4b71Sopenharmony_ci| extendedKeyUsage<sup>12+</sup> | Array\<string> | 否 | 指定证书扩展用途。 | 217e41f4b71Sopenharmony_ci| nameConstraints<sup>12+</sup> | Uint8Array | 否 | 指定证书的使用者名称。 | 218e41f4b71Sopenharmony_ci| certPolicy<sup>12+</sup> | Array\<string> | 否 | 指定证书策略。 | 219e41f4b71Sopenharmony_ci| privateKeyValid<sup>12+</sup> | string | 否 | 指定证书私钥有效期。 | 220e41f4b71Sopenharmony_ci| subjectKeyIdentifier<sup>12+</sup> | Uint8Array | 否 | 指定证书公钥。 | 221e41f4b71Sopenharmony_ci 222e41f4b71Sopenharmony_ci## X509CRLMatchParameters<sup>11+</sup> 223e41f4b71Sopenharmony_ci 224e41f4b71Sopenharmony_ci用于匹配证书吊销列表的过滤参数。如果参数中任一项都未指定,则匹配所有证书吊销列表。 225e41f4b71Sopenharmony_ci 226e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 227e41f4b71Sopenharmony_ci 228e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 229e41f4b71Sopenharmony_ci 230e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 231e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ------------------ | 232e41f4b71Sopenharmony_ci| issuer | Array\<Uint8Array> | 否 | 指定颁发者作为过滤条件, 至少要匹配到其中一个issuer。 | 233e41f4b71Sopenharmony_ci| x509Cert | [X509Cert](#x509cert) | 否 | 指定具体的证书对象作为过滤条件, 判断该证书是否在CRL列表中。 | 234e41f4b71Sopenharmony_ci| updateDateTime<sup>12+</sup> | string | 否 | 指定证书更新时间。 | 235e41f4b71Sopenharmony_ci| maxCRL<sup>12+</sup> | bigint | 否 | 指定CRL个数最大值。 | 236e41f4b71Sopenharmony_ci| minCRL<sup>12+</sup> | bigint | 否 | 指定CRL个数最小值。 | 237e41f4b71Sopenharmony_ci 238e41f4b71Sopenharmony_ci## CertChainBuildParameters<sup>12+</sup> 239e41f4b71Sopenharmony_ci 240e41f4b71Sopenharmony_ci用于指定证书链创建参数。 241e41f4b71Sopenharmony_ci 242e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 243e41f4b71Sopenharmony_ci 244e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 245e41f4b71Sopenharmony_ci 246e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 247e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ------------------ | 248e41f4b71Sopenharmony_ci| certMatchParameters | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 指定过滤条件。 | 249e41f4b71Sopenharmony_ci| maxLength | number | 否 | 指定最终证书链中CA证书的最大长度。 | 250e41f4b71Sopenharmony_ci| validationParameters | [CertChainValidationParameters](#certchainvalidationparameters11) | 是 | 指定验证条件。 | 251e41f4b71Sopenharmony_ci 252e41f4b71Sopenharmony_ci## CertChainBuildResult<sup>12+</sup> 253e41f4b71Sopenharmony_ci 254e41f4b71Sopenharmony_ci用于指定证书链创建结果。 255e41f4b71Sopenharmony_ci 256e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 257e41f4b71Sopenharmony_ci 258e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 259e41f4b71Sopenharmony_ci 260e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 261e41f4b71Sopenharmony_ci| -------------- | --------------------------------- | ---- | ------------------ | 262e41f4b71Sopenharmony_ci| certChain | [X509CertChain](#x509certchain11) | 是 | 生成的证书链对象。 | 263e41f4b71Sopenharmony_ci| validationResult | [CertChainValidationResult](#certchainvalidationresult11) | 是 | 指定最终证书链的最大长度。 | 264e41f4b71Sopenharmony_ci 265e41f4b71Sopenharmony_ci## X509TrustAnchor<sup>11+</sup> 266e41f4b71Sopenharmony_ci 267e41f4b71Sopenharmony_ci表示X509信任锚,用于校验证书链。使用信任锚中的证书或者公钥作为可信根,对证书链进行校验。 268e41f4b71Sopenharmony_ci 269e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 270e41f4b71Sopenharmony_ci 271e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 272e41f4b71Sopenharmony_ci 273e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 274e41f4b71Sopenharmony_ci| --------- | --------------------- | ---- | ---- | --------------------------- | 275e41f4b71Sopenharmony_ci| CACert | [X509Cert](#x509cert) | 是 | 是 | 信任的CA证书。 | 276e41f4b71Sopenharmony_ci| CAPubKey | Uint8Array | 是 | 是 | 信任的CA证书公钥, DER格式。 | 277e41f4b71Sopenharmony_ci| CASubject | Uint8Array | 是 | 是 | 信任的CA证书主题, DER格式。 | 278e41f4b71Sopenharmony_ci| nameConstraints<sup>12+</sup> | Uint8Array | 是 | 是 | 名称约束, DER格式。 | 279e41f4b71Sopenharmony_ci 280e41f4b71Sopenharmony_ci## RevocationCheckOptions<sup>12+</sup> 281e41f4b71Sopenharmony_ci 282e41f4b71Sopenharmony_ci 表示证书链在线校验证书吊销状态选项的枚举。 283e41f4b71Sopenharmony_ci 284e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 285e41f4b71Sopenharmony_ci 286e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 287e41f4b71Sopenharmony_ci 288e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 289e41f4b71Sopenharmony_ci| --------------------------------------| -------- | -----------------------------| 290e41f4b71Sopenharmony_ci| REVOCATION_CHECK_OPTION_PREFER_OCSP | 0 | 优先采用OCSP进行校验,默认采用CRL校验。 | 291e41f4b71Sopenharmony_ci| REVOCATION_CHECK_OPTION_ACCESS_NETWORK | 1 | 支持通过访问网络获取CRL或OCSP响应进行吊销状态的校验,默认为关闭。 | 292e41f4b71Sopenharmony_ci| REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER | 2 | 当ACCESS_NETWORK选项打开时有效,如果优选的校验方法由于网络原因导致无法校验证书状态,则采用备选的方案进行校验。 | 293e41f4b71Sopenharmony_ci| REVOCATION_CHECK_OPTION_FALLBACK_LOCAL | 3 | 当ACCESS_NETWORK选项打开时有效,如果在线获取CRL和OCSP响应都由于网络的原因导致无法校验证书状态,则采用本地设置的CRL和OCSP响应进行校验。 | 294e41f4b71Sopenharmony_ci 295e41f4b71Sopenharmony_ci## ValidationPolicyType<sup>12+</sup> 296e41f4b71Sopenharmony_ci 297e41f4b71Sopenharmony_ci 表示证书链在线校验策略的枚举。 298e41f4b71Sopenharmony_ci 299e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 300e41f4b71Sopenharmony_ci 301e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 302e41f4b71Sopenharmony_ci 303e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 304e41f4b71Sopenharmony_ci| --------------------------------------| -------- | -----------------------------| 305e41f4b71Sopenharmony_ci| VALIDATION_POLICY_TYPE_X509 | 0 | 默认值,不需要校验证书中的sslHostname或dNSName。 | 306e41f4b71Sopenharmony_ci| VALIDATION_POLICY_TYPE_SSL | 1 | 需要校验证书中的sslHostname或dNSName。 | 307e41f4b71Sopenharmony_ci 308e41f4b71Sopenharmony_ci## KeyUsageType<sup>12+</sup> 309e41f4b71Sopenharmony_ci 310e41f4b71Sopenharmony_ci 表示证书中密钥用途的枚举。 311e41f4b71Sopenharmony_ci **原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 312e41f4b71Sopenharmony_ci 313e41f4b71Sopenharmony_ci **系统能力:** SystemCapability.Security.Cert 314e41f4b71Sopenharmony_ci 315e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 316e41f4b71Sopenharmony_ci| --------------------------------------| -------- | -----------------------------| 317e41f4b71Sopenharmony_ci| KEYUSAGE_DIGITAL_SIGNATURE | 0 | 证书持有者可以用证书中包含的私钥进行数字签名操作。 | 318e41f4b71Sopenharmony_ci| KEYUSAGE_NON_REPUDIATION | 1 | 证书持有者不可否认使用证书中包含的私钥进行的数字签名操作。 | 319e41f4b71Sopenharmony_ci| KEYUSAGE_KEY_ENCIPHERMENT | 2 | 证书持有者可以使用证书中包含的公钥进行密钥加密操作。 | 320e41f4b71Sopenharmony_ci| KEYUSAGE_DATA_ENCIPHERMENT | 3 | 证书持有者可以使用证书中包含的公钥进行数据加密操作。 | 321e41f4b71Sopenharmony_ci| KEYUSAGE_KEY_AGREEMENT | 4 | 证书持有者可以使用证书中包含的私钥进行密钥协商操作。 | 322e41f4b71Sopenharmony_ci| KEYUSAGE_KEY_CERT_SIGN | 5 | 证书持有者可以使用证书中包含的私钥对其他证书进行签名。 | 323e41f4b71Sopenharmony_ci| KEYUSAGE_CRL_SIGN | 6 | 证书持有者可以使用证书中包含的私钥对证书吊销列表(CRL)进行签名。 | 324e41f4b71Sopenharmony_ci| KEYUSAGE_ENCIPHER_ONLY | 7 | 证书持有者只能进行加密操作,不能进行解密操作。 | 325e41f4b71Sopenharmony_ci| KEYUSAGE_DECIPHER_ONLY | 8 | 证书持有者只能进行解密操作,不能进行加密操作。 | 326e41f4b71Sopenharmony_ci 327e41f4b71Sopenharmony_ci## RevocationCheckParameter<sup>12+</sup> 328e41f4b71Sopenharmony_ci 329e41f4b71Sopenharmony_ci表示证书链校验证书吊销状态的参数。 330e41f4b71Sopenharmony_ci 331e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 332e41f4b71Sopenharmony_ci 333e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 334e41f4b71Sopenharmony_ci 335e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 336e41f4b71Sopenharmony_ci| ------------ | ------------------------------------------------- | ---- | -------------------------------------- | 337e41f4b71Sopenharmony_ci| ocspRequestExtension | Array\<Uint8Array> | 否 | 表示发送OCSP请求的扩展字段。| 338e41f4b71Sopenharmony_ci| ocspResponderURI | string | 否 | 表示用于OCSP请求的备选服务器URL地址,支持HTTP/HTTPS,具体配置由与服务器协商决定。 | 339e41f4b71Sopenharmony_ci| ocspResponderCert | [X509Cert](#x509cert) | 否 | 表示用于OCSP响应的签名校验的签名证书。 | 340e41f4b71Sopenharmony_ci| ocspResponses | Uint8Array | 否 | 表示用于OCSP服务器响应的备选数据。 | 341e41f4b71Sopenharmony_ci| crlDownloadURI | string | 否 | 表示用于CRL请求的备选下载地址。 | 342e41f4b71Sopenharmony_ci| options | Array\<[RevocationCheckOptions](#revocationcheckoptions12)> | 否 | 表示证书吊销状态查询的策略组合。 | 343e41f4b71Sopenharmony_ci| ocspDigest | string | 否 | 表示OCSP通信时创建证书ID使用的哈希算法。默认为SHA256,支持可配置MD5、SHA1、SHA224、SHA256、SHA384、SHA512算法。 | 344e41f4b71Sopenharmony_ci 345e41f4b71Sopenharmony_ci## CertChainValidationParameters<sup>11+</sup> 346e41f4b71Sopenharmony_ci 347e41f4b71Sopenharmony_ci表示证书链校验的参数。 348e41f4b71Sopenharmony_ci 349e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 350e41f4b71Sopenharmony_ci 351e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 352e41f4b71Sopenharmony_ci 353e41f4b71Sopenharmony_ci| 名称 | 类型 | 必填 | 说明 | 354e41f4b71Sopenharmony_ci| ------------ | ------------------------------------------------- | ---- | -------------------------------------- | 355e41f4b71Sopenharmony_ci| date | string | 否 | 表示需要校验证书的有效期。 | 356e41f4b71Sopenharmony_ci| trustAnchors | Array\<[X509TrustAnchor](#x509trustanchor11)> | 是 | 表示信任锚列表。 | 357e41f4b71Sopenharmony_ci| certCRLs | Array\<[CertCRLCollection](#certcrlcollection11)> | 否 | 表示需要校验证书是否在证书吊销列表中。 | 358e41f4b71Sopenharmony_ci| revocationCheckParam<sup>12+</sup> | [RevocationCheckParameter](#revocationcheckparameter12) | 否 | 表示需要在线校验证证书吊销状态的参数对象。 | 359e41f4b71Sopenharmony_ci| policy<sup>12+</sup> | [ValidationPolicyType](#validationpolicytype12) | 否 | 表示需要校验证书的策略类型。 | 360e41f4b71Sopenharmony_ci| sslHostname<sup>12+</sup> | string | 否 | 表示需要校验证书中主机名,与policy配合使用。 | 361e41f4b71Sopenharmony_ci| keyUsage<sup>12+</sup> | Array\<[KeyUsageType](#keyusagetype12)> | 否 | 表示需要校验证书中的密钥用途。 | 362e41f4b71Sopenharmony_ci 363e41f4b71Sopenharmony_ci## CertChainValidationResult<sup>11+</sup> 364e41f4b71Sopenharmony_ci 365e41f4b71Sopenharmony_ci表示证书链校验的返回值。 366e41f4b71Sopenharmony_ci 367e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 368e41f4b71Sopenharmony_ci 369e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 370e41f4b71Sopenharmony_ci 371e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 372e41f4b71Sopenharmony_ci| ----------- | ------------------------------------- | ---- | ---- | -------------- | 373e41f4b71Sopenharmony_ci| trustAnchor | [X509TrustAnchor](#x509trustanchor11) | 是 | 否 | 表示信任锚。 | 374e41f4b71Sopenharmony_ci| entityCert | [X509Cert](#x509cert) | 是 | 否 | 表示实体证书。 | 375e41f4b71Sopenharmony_ci 376e41f4b71Sopenharmony_ci## cert.createX509Cert 377e41f4b71Sopenharmony_ci 378e41f4b71Sopenharmony_cicreateX509Cert(inStream : EncodingBlob, callback : AsyncCallback\<X509Cert>) : void 379e41f4b71Sopenharmony_ci 380e41f4b71Sopenharmony_ci表示创建X509证书对象,使用Callback回调异步返回结果。 381e41f4b71Sopenharmony_ci 382e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 383e41f4b71Sopenharmony_ci 384e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 385e41f4b71Sopenharmony_ci 386e41f4b71Sopenharmony_ci**参数:** 387e41f4b71Sopenharmony_ci 388e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 389e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | -------------------------- | 390e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据 | 391e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[X509Cert](#x509cert)> | 是 | 回调函数。表示X509证书对象 | 392e41f4b71Sopenharmony_ci 393e41f4b71Sopenharmony_ci**错误码:** 394e41f4b71Sopenharmony_ci 395e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 396e41f4b71Sopenharmony_ci 397e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 398e41f4b71Sopenharmony_ci| -------- | ------------- | 399e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 400e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 401e41f4b71Sopenharmony_ci| 19020001 | memory error. | 402e41f4b71Sopenharmony_ci 403e41f4b71Sopenharmony_ci**示例:** 404e41f4b71Sopenharmony_ci 405e41f4b71Sopenharmony_ci```ts 406e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 407e41f4b71Sopenharmony_ci 408e41f4b71Sopenharmony_ci// string转Uint8Array 409e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 410e41f4b71Sopenharmony_ci let arr: Array<number> = []; 411e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 412e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 413e41f4b71Sopenharmony_ci } 414e41f4b71Sopenharmony_ci return new Uint8Array(arr); 415e41f4b71Sopenharmony_ci} 416e41f4b71Sopenharmony_ci 417e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 418e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 419e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 420e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 421e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 422e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 423e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 424e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 425e41f4b71Sopenharmony_ci 'Qw==\n' + 426e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 427e41f4b71Sopenharmony_ci 428e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 429e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 430e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 431e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 432e41f4b71Sopenharmony_ci}; 433e41f4b71Sopenharmony_ci 434e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 435e41f4b71Sopenharmony_ci if (error) { 436e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 437e41f4b71Sopenharmony_ci } else { 438e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 439e41f4b71Sopenharmony_ci } 440e41f4b71Sopenharmony_ci}); 441e41f4b71Sopenharmony_ci``` 442e41f4b71Sopenharmony_ci 443e41f4b71Sopenharmony_ci## cert.createX509Cert 444e41f4b71Sopenharmony_ci 445e41f4b71Sopenharmony_cicreateX509Cert(inStream : EncodingBlob) : Promise\<X509Cert> 446e41f4b71Sopenharmony_ci 447e41f4b71Sopenharmony_ci表示创建X509证书对象,使用Promise方式异步返回结果。 448e41f4b71Sopenharmony_ci 449e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 450e41f4b71Sopenharmony_ci 451e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 452e41f4b71Sopenharmony_ci 453e41f4b71Sopenharmony_ci**参数:** 454e41f4b71Sopenharmony_ci 455e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 456e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | ------------------ | 457e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据 | 458e41f4b71Sopenharmony_ci 459e41f4b71Sopenharmony_ci**返回值:** 460e41f4b71Sopenharmony_ci 461e41f4b71Sopenharmony_ci| 类型 | 说明 | 462e41f4b71Sopenharmony_ci| ------- | ---------------- | 463e41f4b71Sopenharmony_ci| Promise\<[X509Cert](#x509cert)> | 表示X509证书对象 | 464e41f4b71Sopenharmony_ci 465e41f4b71Sopenharmony_ci**错误码:** 466e41f4b71Sopenharmony_ci 467e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 468e41f4b71Sopenharmony_ci 469e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 470e41f4b71Sopenharmony_ci| -------- | ------------- | 471e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 472e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 473e41f4b71Sopenharmony_ci| 19020001 | memory error. | 474e41f4b71Sopenharmony_ci 475e41f4b71Sopenharmony_ci**示例:** 476e41f4b71Sopenharmony_ci 477e41f4b71Sopenharmony_ci```ts 478e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 479e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 480e41f4b71Sopenharmony_ci 481e41f4b71Sopenharmony_ci// string转Uint8Array 482e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 483e41f4b71Sopenharmony_ci let arr: Array<number> = []; 484e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 485e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 486e41f4b71Sopenharmony_ci } 487e41f4b71Sopenharmony_ci return new Uint8Array(arr); 488e41f4b71Sopenharmony_ci} 489e41f4b71Sopenharmony_ci 490e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 491e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 492e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 493e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 494e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 495e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 496e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 497e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 498e41f4b71Sopenharmony_ci 'Qw==\n' + 499e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 500e41f4b71Sopenharmony_ci 501e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 502e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 503e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 504e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 505e41f4b71Sopenharmony_ci}; 506e41f4b71Sopenharmony_ci 507e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob).then(x509Cert => { 508e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 509e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 510e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 511e41f4b71Sopenharmony_ci}); 512e41f4b71Sopenharmony_ci``` 513e41f4b71Sopenharmony_ci 514e41f4b71Sopenharmony_ci## X509Cert 515e41f4b71Sopenharmony_ci 516e41f4b71Sopenharmony_ciX509证书类。 517e41f4b71Sopenharmony_ci 518e41f4b71Sopenharmony_ci### verify 519e41f4b71Sopenharmony_ci 520e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 521e41f4b71Sopenharmony_ci 522e41f4b71Sopenharmony_ci表示对证书验签,使用Callback回调异步返回结果。 523e41f4b71Sopenharmony_ci 524e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 525e41f4b71Sopenharmony_ci 526e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 527e41f4b71Sopenharmony_ci 528e41f4b71Sopenharmony_ci**参数:** 529e41f4b71Sopenharmony_ci 530e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 531e41f4b71Sopenharmony_ci| -------- | --------------------- | ---- | ------------------------------------------------------------ | 532e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 用于验签的公钥对象 | 533e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,不为null表示失败 | 534e41f4b71Sopenharmony_ci 535e41f4b71Sopenharmony_ci**错误码:** 536e41f4b71Sopenharmony_ci 537e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 538e41f4b71Sopenharmony_ci 539e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 540e41f4b71Sopenharmony_ci| -------- | ------------------ | 541e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 542e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 543e41f4b71Sopenharmony_ci 544e41f4b71Sopenharmony_ci**示例:** 545e41f4b71Sopenharmony_ci 546e41f4b71Sopenharmony_ci```ts 547e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 548e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 549e41f4b71Sopenharmony_ci 550e41f4b71Sopenharmony_ci// string转Uint8Array 551e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 552e41f4b71Sopenharmony_ci let arr: Array<number> = []; 553e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 554e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 555e41f4b71Sopenharmony_ci } 556e41f4b71Sopenharmony_ci return new Uint8Array(arr); 557e41f4b71Sopenharmony_ci} 558e41f4b71Sopenharmony_ci 559e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 560e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 561e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 562e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 563e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 564e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 565e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 566e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 567e41f4b71Sopenharmony_ci 'Qw==\n' + 568e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 569e41f4b71Sopenharmony_ci 570e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 571e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 572e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 573e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 574e41f4b71Sopenharmony_ci}; 575e41f4b71Sopenharmony_ci 576e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 577e41f4b71Sopenharmony_ci if (error) { 578e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 579e41f4b71Sopenharmony_ci } else { 580e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 581e41f4b71Sopenharmony_ci 582e41f4b71Sopenharmony_ci // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey 583e41f4b71Sopenharmony_ci try { 584e41f4b71Sopenharmony_ci let pubKey = x509Cert.getPublicKey(); 585e41f4b71Sopenharmony_ci 586e41f4b71Sopenharmony_ci // 验证证书签名 587e41f4b71Sopenharmony_ci x509Cert.verify(pubKey, (err, data) => { 588e41f4b71Sopenharmony_ci if (err) { 589e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 590e41f4b71Sopenharmony_ci } else { 591e41f4b71Sopenharmony_ci console.log('verify success'); 592e41f4b71Sopenharmony_ci } 593e41f4b71Sopenharmony_ci }); 594e41f4b71Sopenharmony_ci } catch (error) { 595e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 596e41f4b71Sopenharmony_ci console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 597e41f4b71Sopenharmony_ci } 598e41f4b71Sopenharmony_ci } 599e41f4b71Sopenharmony_ci}); 600e41f4b71Sopenharmony_ci``` 601e41f4b71Sopenharmony_ci 602e41f4b71Sopenharmony_ci### verify 603e41f4b71Sopenharmony_ci 604e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey) : Promise\<void> 605e41f4b71Sopenharmony_ci 606e41f4b71Sopenharmony_ci表示对证书验签,使用Promise方式异步返回结果。 607e41f4b71Sopenharmony_ci 608e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 609e41f4b71Sopenharmony_ci 610e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 611e41f4b71Sopenharmony_ci 612e41f4b71Sopenharmony_ci**参数:** 613e41f4b71Sopenharmony_ci 614e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 615e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ------------------ | 616e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 用于验签的公钥对象 | 617e41f4b71Sopenharmony_ci 618e41f4b71Sopenharmony_ci**返回值:** 619e41f4b71Sopenharmony_ci 620e41f4b71Sopenharmony_ci| 类型 | 说明 | 621e41f4b71Sopenharmony_ci| -------------- | ----------- | 622e41f4b71Sopenharmony_ci| Promise\<void> | Promise对象 | 623e41f4b71Sopenharmony_ci 624e41f4b71Sopenharmony_ci**错误码:** 625e41f4b71Sopenharmony_ci 626e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 627e41f4b71Sopenharmony_ci 628e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 629e41f4b71Sopenharmony_ci| -------- | ------------------ | 630e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 631e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 632e41f4b71Sopenharmony_ci 633e41f4b71Sopenharmony_ci**示例:** 634e41f4b71Sopenharmony_ci 635e41f4b71Sopenharmony_ci```ts 636e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 637e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 638e41f4b71Sopenharmony_ci 639e41f4b71Sopenharmony_ci// string转Uint8Array 640e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 641e41f4b71Sopenharmony_ci let arr: Array<number> = []; 642e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 643e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 644e41f4b71Sopenharmony_ci } 645e41f4b71Sopenharmony_ci return new Uint8Array(arr); 646e41f4b71Sopenharmony_ci} 647e41f4b71Sopenharmony_ci 648e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 649e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 650e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 651e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 652e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 653e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 654e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 655e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 656e41f4b71Sopenharmony_ci 'Qw==\n' + 657e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 658e41f4b71Sopenharmony_ci 659e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 660e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 661e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 662e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 663e41f4b71Sopenharmony_ci}; 664e41f4b71Sopenharmony_ci 665e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob).then(x509Cert => { 666e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 667e41f4b71Sopenharmony_ci 668e41f4b71Sopenharmony_ci try { 669e41f4b71Sopenharmony_ci // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey 670e41f4b71Sopenharmony_ci let pubKey = x509Cert.getPublicKey(); 671e41f4b71Sopenharmony_ci x509Cert.verify(pubKey).then(result => { 672e41f4b71Sopenharmony_ci console.log('verify success'); 673e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 674e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 675e41f4b71Sopenharmony_ci }); 676e41f4b71Sopenharmony_ci } catch (err) { 677e41f4b71Sopenharmony_ci console.error('get public key failed'); 678e41f4b71Sopenharmony_ci } 679e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 680e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 681e41f4b71Sopenharmony_ci}); 682e41f4b71Sopenharmony_ci``` 683e41f4b71Sopenharmony_ci 684e41f4b71Sopenharmony_ci### getEncoded 685e41f4b71Sopenharmony_ci 686e41f4b71Sopenharmony_cigetEncoded(callback : AsyncCallback\<EncodingBlob>) : void 687e41f4b71Sopenharmony_ci 688e41f4b71Sopenharmony_ci表示获取X509证书序列化数据,使用Callback回调异步返回结果。 689e41f4b71Sopenharmony_ci 690e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 691e41f4b71Sopenharmony_ci 692e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 693e41f4b71Sopenharmony_ci 694e41f4b71Sopenharmony_ci**参数**: 695e41f4b71Sopenharmony_ci 696e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 697e41f4b71Sopenharmony_ci| -------- | --------------------------------------------- | ---- | -------------------------------- | 698e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数。表示X509证书序列化数据 | 699e41f4b71Sopenharmony_ci 700e41f4b71Sopenharmony_ci**错误码:** 701e41f4b71Sopenharmony_ci 702e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 703e41f4b71Sopenharmony_ci 704e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 705e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 706e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 707e41f4b71Sopenharmony_ci| 19020001 | memory error. | 708e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 709e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 710e41f4b71Sopenharmony_ci 711e41f4b71Sopenharmony_ci**示例:** 712e41f4b71Sopenharmony_ci 713e41f4b71Sopenharmony_ci```ts 714e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 715e41f4b71Sopenharmony_ci 716e41f4b71Sopenharmony_ci// string转Uint8Array 717e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 718e41f4b71Sopenharmony_ci let arr: Array<number> = []; 719e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 720e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 721e41f4b71Sopenharmony_ci } 722e41f4b71Sopenharmony_ci return new Uint8Array(arr); 723e41f4b71Sopenharmony_ci} 724e41f4b71Sopenharmony_ci 725e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 726e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 727e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 728e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 729e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 730e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 731e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 732e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 733e41f4b71Sopenharmony_ci 'Qw==\n' + 734e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 735e41f4b71Sopenharmony_ci 736e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 737e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 738e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 739e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 740e41f4b71Sopenharmony_ci}; 741e41f4b71Sopenharmony_ci 742e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 743e41f4b71Sopenharmony_ci if (error) { 744e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 745e41f4b71Sopenharmony_ci } else { 746e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 747e41f4b71Sopenharmony_ci x509Cert.getEncoded((error, data) => { 748e41f4b71Sopenharmony_ci if (error) { 749e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 750e41f4b71Sopenharmony_ci } else { 751e41f4b71Sopenharmony_ci console.log('getEncoded success'); 752e41f4b71Sopenharmony_ci } 753e41f4b71Sopenharmony_ci }); 754e41f4b71Sopenharmony_ci } 755e41f4b71Sopenharmony_ci}); 756e41f4b71Sopenharmony_ci``` 757e41f4b71Sopenharmony_ci 758e41f4b71Sopenharmony_ci### getEncoded 759e41f4b71Sopenharmony_ci 760e41f4b71Sopenharmony_cigetEncoded() : Promise\<EncodingBlob> 761e41f4b71Sopenharmony_ci 762e41f4b71Sopenharmony_ci表示获取X509证书序列化数据,使用Promise方式异步返回结果。 763e41f4b71Sopenharmony_ci 764e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 765e41f4b71Sopenharmony_ci 766e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 767e41f4b71Sopenharmony_ci 768e41f4b71Sopenharmony_ci**返回值**: 769e41f4b71Sopenharmony_ci 770e41f4b71Sopenharmony_ci| 类型 | 说明 | 771e41f4b71Sopenharmony_ci| --------------------------------------- | ---------------------- | 772e41f4b71Sopenharmony_ci| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书序列化数据 | 773e41f4b71Sopenharmony_ci 774e41f4b71Sopenharmony_ci**错误码:** 775e41f4b71Sopenharmony_ci 776e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 777e41f4b71Sopenharmony_ci 778e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 779e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 780e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 781e41f4b71Sopenharmony_ci| 19020001 | memory error. | 782e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 783e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 784e41f4b71Sopenharmony_ci 785e41f4b71Sopenharmony_ci**示例:** 786e41f4b71Sopenharmony_ci 787e41f4b71Sopenharmony_ci```ts 788e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 789e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 790e41f4b71Sopenharmony_ci 791e41f4b71Sopenharmony_ci// string转Uint8Array 792e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 793e41f4b71Sopenharmony_ci let arr: Array<number> = []; 794e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 795e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 796e41f4b71Sopenharmony_ci } 797e41f4b71Sopenharmony_ci return new Uint8Array(arr); 798e41f4b71Sopenharmony_ci} 799e41f4b71Sopenharmony_ci 800e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 801e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 802e41f4b71Sopenharmony_ci 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 803e41f4b71Sopenharmony_ci 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 804e41f4b71Sopenharmony_ci 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 805e41f4b71Sopenharmony_ci 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 806e41f4b71Sopenharmony_ci 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 807e41f4b71Sopenharmony_ci '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 808e41f4b71Sopenharmony_ci 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 809e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 810e41f4b71Sopenharmony_ci 811e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 812e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 813e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 814e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 815e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 816e41f4b71Sopenharmony_ci}; 817e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob).then(x509Cert => { 818e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 819e41f4b71Sopenharmony_ci x509Cert.getEncoded().then(result => { 820e41f4b71Sopenharmony_ci console.log('getEncoded success'); 821e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 822e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 823e41f4b71Sopenharmony_ci }); 824e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 825e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 826e41f4b71Sopenharmony_ci}); 827e41f4b71Sopenharmony_ci``` 828e41f4b71Sopenharmony_ci 829e41f4b71Sopenharmony_ci### getPublicKey 830e41f4b71Sopenharmony_ci 831e41f4b71Sopenharmony_cigetPublicKey() : cryptoFramework.PubKey 832e41f4b71Sopenharmony_ci 833e41f4b71Sopenharmony_ci表示获取X509证书公钥。 834e41f4b71Sopenharmony_ci 835e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 836e41f4b71Sopenharmony_ci 837e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 838e41f4b71Sopenharmony_ci 839e41f4b71Sopenharmony_ci**返回值**: 840e41f4b71Sopenharmony_ci 841e41f4b71Sopenharmony_ci| 类型 | 说明 | 842e41f4b71Sopenharmony_ci| ------ | ---------------- | 843e41f4b71Sopenharmony_ci| [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | X509证书公钥对象:仅用于X509Cert的verify接口 | 844e41f4b71Sopenharmony_ci 845e41f4b71Sopenharmony_ci**错误码:** 846e41f4b71Sopenharmony_ci 847e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 848e41f4b71Sopenharmony_ci 849e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 850e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 851e41f4b71Sopenharmony_ci| 19020001 | memory error. | 852e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 853e41f4b71Sopenharmony_ci 854e41f4b71Sopenharmony_ci**示例:** 855e41f4b71Sopenharmony_ci 856e41f4b71Sopenharmony_ci```ts 857e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 858e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 859e41f4b71Sopenharmony_ci 860e41f4b71Sopenharmony_ci// string转Uint8Array 861e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 862e41f4b71Sopenharmony_ci let arr: Array<number> = []; 863e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 864e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 865e41f4b71Sopenharmony_ci } 866e41f4b71Sopenharmony_ci return new Uint8Array(arr); 867e41f4b71Sopenharmony_ci} 868e41f4b71Sopenharmony_ci 869e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 870e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 871e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 872e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 873e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 874e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 875e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 876e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 877e41f4b71Sopenharmony_ci 'Qw==\n' + 878e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 879e41f4b71Sopenharmony_ci 880e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 881e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 882e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 883e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 884e41f4b71Sopenharmony_ci}; 885e41f4b71Sopenharmony_ci 886e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 887e41f4b71Sopenharmony_ci if (error) { 888e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 889e41f4b71Sopenharmony_ci } else { 890e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 891e41f4b71Sopenharmony_ci try { 892e41f4b71Sopenharmony_ci let pubKey = x509Cert.getPublicKey(); 893e41f4b71Sopenharmony_ci } catch (error) { 894e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 895e41f4b71Sopenharmony_ci console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 896e41f4b71Sopenharmony_ci } 897e41f4b71Sopenharmony_ci } 898e41f4b71Sopenharmony_ci}); 899e41f4b71Sopenharmony_ci``` 900e41f4b71Sopenharmony_ci 901e41f4b71Sopenharmony_ci### checkValidityWithDate 902e41f4b71Sopenharmony_ci 903e41f4b71Sopenharmony_cicheckValidityWithDate(date: string) : void 904e41f4b71Sopenharmony_ci 905e41f4b71Sopenharmony_ci表示检查X509证书有效期。 906e41f4b71Sopenharmony_ci 907e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 908e41f4b71Sopenharmony_ci 909e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 910e41f4b71Sopenharmony_ci 911e41f4b71Sopenharmony_ci**参数**: 912e41f4b71Sopenharmony_ci 913e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 914e41f4b71Sopenharmony_ci| -------- | -------------- | ---- | ---------- | 915e41f4b71Sopenharmony_ci| date | string | 是 | 日期,为ASN.1时间格式。 | 916e41f4b71Sopenharmony_ci 917e41f4b71Sopenharmony_ci**错误码:** 918e41f4b71Sopenharmony_ci 919e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 920e41f4b71Sopenharmony_ci 921e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 922e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 923e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 924e41f4b71Sopenharmony_ci| 19020001 | memory error. | 925e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 926e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 927e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired.| 928e41f4b71Sopenharmony_ci 929e41f4b71Sopenharmony_ci**示例:** 930e41f4b71Sopenharmony_ci 931e41f4b71Sopenharmony_ci```ts 932e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 933e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 934e41f4b71Sopenharmony_ci 935e41f4b71Sopenharmony_ci// string转Uint8Array 936e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 937e41f4b71Sopenharmony_ci let arr: Array<number> = []; 938e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 939e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 940e41f4b71Sopenharmony_ci } 941e41f4b71Sopenharmony_ci return new Uint8Array(arr); 942e41f4b71Sopenharmony_ci} 943e41f4b71Sopenharmony_ci 944e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 945e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 946e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 947e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 948e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 949e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 950e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 951e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 952e41f4b71Sopenharmony_ci 'Qw==\n' + 953e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 954e41f4b71Sopenharmony_ci 955e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 956e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 957e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 958e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 959e41f4b71Sopenharmony_ci}; 960e41f4b71Sopenharmony_ci 961e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 962e41f4b71Sopenharmony_ci if (error) { 963e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 964e41f4b71Sopenharmony_ci } else { 965e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 966e41f4b71Sopenharmony_ci 967e41f4b71Sopenharmony_ci let date = '231001000001Z'; 968e41f4b71Sopenharmony_ci // Verify the certificate validity period. 969e41f4b71Sopenharmony_ci try { 970e41f4b71Sopenharmony_ci x509Cert.checkValidityWithDate(date); 971e41f4b71Sopenharmony_ci } catch (error) { 972e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 973e41f4b71Sopenharmony_ci console.error('checkValidityWithDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 974e41f4b71Sopenharmony_ci } 975e41f4b71Sopenharmony_ci } 976e41f4b71Sopenharmony_ci}); 977e41f4b71Sopenharmony_ci``` 978e41f4b71Sopenharmony_ci 979e41f4b71Sopenharmony_ci### getVersion 980e41f4b71Sopenharmony_ci 981e41f4b71Sopenharmony_cigetVersion() : number 982e41f4b71Sopenharmony_ci 983e41f4b71Sopenharmony_ci表示获取X509证书版本。 984e41f4b71Sopenharmony_ci 985e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 986e41f4b71Sopenharmony_ci 987e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 988e41f4b71Sopenharmony_ci 989e41f4b71Sopenharmony_ci**返回值**: 990e41f4b71Sopenharmony_ci 991e41f4b71Sopenharmony_ci| 类型 | 说明 | 992e41f4b71Sopenharmony_ci| ------ | ---------------- | 993e41f4b71Sopenharmony_ci| number | 表示X509证书版本 | 994e41f4b71Sopenharmony_ci 995e41f4b71Sopenharmony_ci**示例:** 996e41f4b71Sopenharmony_ci 997e41f4b71Sopenharmony_ci```ts 998e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 999e41f4b71Sopenharmony_ci 1000e41f4b71Sopenharmony_ci// string转Uint8Array 1001e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1002e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1003e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1004e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1005e41f4b71Sopenharmony_ci } 1006e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1007e41f4b71Sopenharmony_ci} 1008e41f4b71Sopenharmony_ci 1009e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1010e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1011e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1012e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1013e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1014e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1015e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1016e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1017e41f4b71Sopenharmony_ci 'Qw==\n' + 1018e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1019e41f4b71Sopenharmony_ci 1020e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1021e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1022e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1023e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1024e41f4b71Sopenharmony_ci}; 1025e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1026e41f4b71Sopenharmony_ci if (error) { 1027e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1028e41f4b71Sopenharmony_ci } else { 1029e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1030e41f4b71Sopenharmony_ci let version = x509Cert.getVersion(); 1031e41f4b71Sopenharmony_ci } 1032e41f4b71Sopenharmony_ci}); 1033e41f4b71Sopenharmony_ci``` 1034e41f4b71Sopenharmony_ci 1035e41f4b71Sopenharmony_ci### getSerialNumber<sup>(deprecated)</sup> 1036e41f4b71Sopenharmony_ci 1037e41f4b71Sopenharmony_cigetSerialNumber() : number 1038e41f4b71Sopenharmony_ci 1039e41f4b71Sopenharmony_ci表示获取X509证书序列号。 1040e41f4b71Sopenharmony_ci 1041e41f4b71Sopenharmony_ci> **说明:** 1042e41f4b71Sopenharmony_ci> 1043e41f4b71Sopenharmony_ci> 从API version 9开始支持,从API version 10开始废弃,建议使用[getCertSerialNumber](#getcertserialnumber10)替代。 1044e41f4b71Sopenharmony_ci 1045e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1046e41f4b71Sopenharmony_ci 1047e41f4b71Sopenharmony_ci**返回值**: 1048e41f4b71Sopenharmony_ci 1049e41f4b71Sopenharmony_ci| 类型 | 说明 | 1050e41f4b71Sopenharmony_ci| ------ | ------------------ | 1051e41f4b71Sopenharmony_ci| number | 表示X509证书序列号 | 1052e41f4b71Sopenharmony_ci 1053e41f4b71Sopenharmony_ci**示例:** 1054e41f4b71Sopenharmony_ci 1055e41f4b71Sopenharmony_ci```ts 1056e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1057e41f4b71Sopenharmony_ci 1058e41f4b71Sopenharmony_ci// string转Uint8Array 1059e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1060e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1061e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1062e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1063e41f4b71Sopenharmony_ci } 1064e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1065e41f4b71Sopenharmony_ci} 1066e41f4b71Sopenharmony_ci 1067e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1068e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1069e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1070e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1071e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1072e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1073e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1074e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1075e41f4b71Sopenharmony_ci 'Qw==\n' + 1076e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1077e41f4b71Sopenharmony_ci 1078e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1079e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1080e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1081e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1082e41f4b71Sopenharmony_ci}; 1083e41f4b71Sopenharmony_ci 1084e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1085e41f4b71Sopenharmony_ci if (error) { 1086e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1087e41f4b71Sopenharmony_ci } else { 1088e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1089e41f4b71Sopenharmony_ci let serialNumber = x509Cert.getSerialNumber(); 1090e41f4b71Sopenharmony_ci } 1091e41f4b71Sopenharmony_ci}); 1092e41f4b71Sopenharmony_ci``` 1093e41f4b71Sopenharmony_ci 1094e41f4b71Sopenharmony_ci### getCertSerialNumber<sup>10+</sup> 1095e41f4b71Sopenharmony_ci 1096e41f4b71Sopenharmony_cigetCertSerialNumber() : bigint 1097e41f4b71Sopenharmony_ci 1098e41f4b71Sopenharmony_ci表示获取X509证书序列号。 1099e41f4b71Sopenharmony_ci 1100e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1101e41f4b71Sopenharmony_ci 1102e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1103e41f4b71Sopenharmony_ci 1104e41f4b71Sopenharmony_ci**返回值**: 1105e41f4b71Sopenharmony_ci 1106e41f4b71Sopenharmony_ci| 类型 | 说明 | 1107e41f4b71Sopenharmony_ci| ------ | ------------------ | 1108e41f4b71Sopenharmony_ci| bigint | 表示X509证书序列号 | 1109e41f4b71Sopenharmony_ci 1110e41f4b71Sopenharmony_ci**错误码:** 1111e41f4b71Sopenharmony_ci 1112e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1113e41f4b71Sopenharmony_ci 1114e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1115e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1116e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1117e41f4b71Sopenharmony_ci 1118e41f4b71Sopenharmony_ci**示例:** 1119e41f4b71Sopenharmony_ci 1120e41f4b71Sopenharmony_ci```ts 1121e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1122e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1123e41f4b71Sopenharmony_ci 1124e41f4b71Sopenharmony_ci// string转Uint8Array 1125e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1126e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1127e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1128e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1129e41f4b71Sopenharmony_ci } 1130e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1131e41f4b71Sopenharmony_ci} 1132e41f4b71Sopenharmony_ci 1133e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1134e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1135e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1136e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1137e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1138e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1139e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1140e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1141e41f4b71Sopenharmony_ci 'Qw==\n' + 1142e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1143e41f4b71Sopenharmony_ci 1144e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1145e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1146e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1147e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1148e41f4b71Sopenharmony_ci}; 1149e41f4b71Sopenharmony_ci 1150e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1151e41f4b71Sopenharmony_ci if (error) { 1152e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1153e41f4b71Sopenharmony_ci } else { 1154e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1155e41f4b71Sopenharmony_ci try { 1156e41f4b71Sopenharmony_ci let serialNumber = x509Cert.getCertSerialNumber(); 1157e41f4b71Sopenharmony_ci } catch (err) { 1158e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1159e41f4b71Sopenharmony_ci console.error('getCertSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1160e41f4b71Sopenharmony_ci } 1161e41f4b71Sopenharmony_ci } 1162e41f4b71Sopenharmony_ci}); 1163e41f4b71Sopenharmony_ci``` 1164e41f4b71Sopenharmony_ci 1165e41f4b71Sopenharmony_ci### getIssuerName 1166e41f4b71Sopenharmony_ci 1167e41f4b71Sopenharmony_cigetIssuerName() : DataBlob 1168e41f4b71Sopenharmony_ci 1169e41f4b71Sopenharmony_ci表示获取X509证书颁发者名称。 1170e41f4b71Sopenharmony_ci 1171e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1172e41f4b71Sopenharmony_ci 1173e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1174e41f4b71Sopenharmony_ci 1175e41f4b71Sopenharmony_ci**返回值**: 1176e41f4b71Sopenharmony_ci 1177e41f4b71Sopenharmony_ci| 类型 | 说明 | 1178e41f4b71Sopenharmony_ci| --------------------- | ---------------------- | 1179e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书颁发者名称 | 1180e41f4b71Sopenharmony_ci 1181e41f4b71Sopenharmony_ci**错误码:** 1182e41f4b71Sopenharmony_ci 1183e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1184e41f4b71Sopenharmony_ci 1185e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1186e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1187e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1188e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1189e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1190e41f4b71Sopenharmony_ci 1191e41f4b71Sopenharmony_ci**示例:** 1192e41f4b71Sopenharmony_ci 1193e41f4b71Sopenharmony_ci```ts 1194e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1195e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1196e41f4b71Sopenharmony_ci 1197e41f4b71Sopenharmony_ci// string转Uint8Array 1198e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1199e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1200e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1201e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1202e41f4b71Sopenharmony_ci } 1203e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1204e41f4b71Sopenharmony_ci} 1205e41f4b71Sopenharmony_ci 1206e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1207e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1208e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1209e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1210e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1211e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1212e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1213e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1214e41f4b71Sopenharmony_ci 'Qw==\n' + 1215e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1216e41f4b71Sopenharmony_ci 1217e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1218e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1219e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1220e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1221e41f4b71Sopenharmony_ci}; 1222e41f4b71Sopenharmony_ci 1223e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1224e41f4b71Sopenharmony_ci if (error) { 1225e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1226e41f4b71Sopenharmony_ci } else { 1227e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1228e41f4b71Sopenharmony_ci try { 1229e41f4b71Sopenharmony_ci let issuerName = x509Cert.getIssuerName(); 1230e41f4b71Sopenharmony_ci } catch (err) { 1231e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1232e41f4b71Sopenharmony_ci console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1233e41f4b71Sopenharmony_ci } 1234e41f4b71Sopenharmony_ci } 1235e41f4b71Sopenharmony_ci}); 1236e41f4b71Sopenharmony_ci``` 1237e41f4b71Sopenharmony_ci 1238e41f4b71Sopenharmony_ci### getSubjectName 1239e41f4b71Sopenharmony_ci 1240e41f4b71Sopenharmony_cigetSubjectName(encodingType?: EncodingType) : DataBlob 1241e41f4b71Sopenharmony_ci 1242e41f4b71Sopenharmony_ci表示获取X509证书主体名称。 1243e41f4b71Sopenharmony_ci 1244e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1245e41f4b71Sopenharmony_ci 1246e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1247e41f4b71Sopenharmony_ci 1248e41f4b71Sopenharmony_ci**参数**: 1249e41f4b71Sopenharmony_ci 1250e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 1251e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | ------------------------------ | 1252e41f4b71Sopenharmony_ci| encodingType | [EncodingType](#encodingtype12) | 否 | 编码类型。设置参数表示获取UTF8格式编码;不设置默认获取ASCII格式编码。<br>API 12后支持设置此参数。 | 1253e41f4b71Sopenharmony_ci 1254e41f4b71Sopenharmony_ci**返回值**: 1255e41f4b71Sopenharmony_ci 1256e41f4b71Sopenharmony_ci| 类型 | 说明 | 1257e41f4b71Sopenharmony_ci| --------------------- | -------------------- | 1258e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书主体名称 | 1259e41f4b71Sopenharmony_ci 1260e41f4b71Sopenharmony_ci**错误码:** 1261e41f4b71Sopenharmony_ci 1262e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1263e41f4b71Sopenharmony_ci 1264e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1265e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1266e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Incorrect parameter types;<br>2. Parameter verification failed. | 1267e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1268e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1269e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1270e41f4b71Sopenharmony_ci 1271e41f4b71Sopenharmony_ci**示例:** 1272e41f4b71Sopenharmony_ci 1273e41f4b71Sopenharmony_ci```ts 1274e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1275e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1276e41f4b71Sopenharmony_ci 1277e41f4b71Sopenharmony_ci// string转Uint8Array 1278e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1279e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1280e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1281e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1282e41f4b71Sopenharmony_ci } 1283e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1284e41f4b71Sopenharmony_ci} 1285e41f4b71Sopenharmony_ci 1286e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1287e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1288e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1289e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1290e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1291e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1292e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1293e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1294e41f4b71Sopenharmony_ci 'Qw==\n' + 1295e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1296e41f4b71Sopenharmony_ci 1297e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1298e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1299e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1300e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1301e41f4b71Sopenharmony_ci}; 1302e41f4b71Sopenharmony_ci 1303e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1304e41f4b71Sopenharmony_ci if (error) { 1305e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1306e41f4b71Sopenharmony_ci } else { 1307e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1308e41f4b71Sopenharmony_ci try { 1309e41f4b71Sopenharmony_ci let subjectName = x509Cert.getSubjectName(); 1310e41f4b71Sopenharmony_ci } catch (err) { 1311e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1312e41f4b71Sopenharmony_ci console.error('getSubjectName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1313e41f4b71Sopenharmony_ci } 1314e41f4b71Sopenharmony_ci try { 1315e41f4b71Sopenharmony_ci let subjectNameutf8 = x509Cert.getSubjectName(cert.EncodingType.ENCODING_UTF8); 1316e41f4b71Sopenharmony_ci } catch (err) { 1317e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1318e41f4b71Sopenharmony_ci console.error('getSubjectNameUtf8 failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1319e41f4b71Sopenharmony_ci } 1320e41f4b71Sopenharmony_ci } 1321e41f4b71Sopenharmony_ci}); 1322e41f4b71Sopenharmony_ci``` 1323e41f4b71Sopenharmony_ci 1324e41f4b71Sopenharmony_ci### getNotBeforeTime 1325e41f4b71Sopenharmony_ci 1326e41f4b71Sopenharmony_cigetNotBeforeTime() : string 1327e41f4b71Sopenharmony_ci 1328e41f4b71Sopenharmony_ci表示获取X509证书有效期起始时间。 1329e41f4b71Sopenharmony_ci 1330e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1331e41f4b71Sopenharmony_ci 1332e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1333e41f4b71Sopenharmony_ci 1334e41f4b71Sopenharmony_ci**返回值**: 1335e41f4b71Sopenharmony_ci 1336e41f4b71Sopenharmony_ci| 类型 | 说明 | 1337e41f4b71Sopenharmony_ci| ------ | ------------------------------------------------------------ | 1338e41f4b71Sopenharmony_ci| string | 表示X509证书有效期起始时间,日期为ASN.1时间格式。 | 1339e41f4b71Sopenharmony_ci 1340e41f4b71Sopenharmony_ci**错误码:** 1341e41f4b71Sopenharmony_ci 1342e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1343e41f4b71Sopenharmony_ci 1344e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1345e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1346e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1347e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1348e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1349e41f4b71Sopenharmony_ci 1350e41f4b71Sopenharmony_ci**示例:** 1351e41f4b71Sopenharmony_ci 1352e41f4b71Sopenharmony_ci```ts 1353e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1354e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1355e41f4b71Sopenharmony_ci 1356e41f4b71Sopenharmony_ci// string转Uint8Array 1357e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1358e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1359e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1360e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1361e41f4b71Sopenharmony_ci } 1362e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1363e41f4b71Sopenharmony_ci} 1364e41f4b71Sopenharmony_ci 1365e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1366e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1367e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1368e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1369e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1370e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1371e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1372e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1373e41f4b71Sopenharmony_ci 'Qw==\n' + 1374e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1375e41f4b71Sopenharmony_ci 1376e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1377e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1378e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1379e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1380e41f4b71Sopenharmony_ci}; 1381e41f4b71Sopenharmony_ci 1382e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1383e41f4b71Sopenharmony_ci if (error) { 1384e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1385e41f4b71Sopenharmony_ci } else { 1386e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1387e41f4b71Sopenharmony_ci try { 1388e41f4b71Sopenharmony_ci let notBefore = x509Cert.getNotBeforeTime(); 1389e41f4b71Sopenharmony_ci } catch (err) { 1390e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1391e41f4b71Sopenharmony_ci console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1392e41f4b71Sopenharmony_ci } 1393e41f4b71Sopenharmony_ci } 1394e41f4b71Sopenharmony_ci}); 1395e41f4b71Sopenharmony_ci``` 1396e41f4b71Sopenharmony_ci 1397e41f4b71Sopenharmony_ci### getNotAfterTime 1398e41f4b71Sopenharmony_ci 1399e41f4b71Sopenharmony_cigetNotAfterTime() : string 1400e41f4b71Sopenharmony_ci 1401e41f4b71Sopenharmony_ci表示获取X509证书有效期截止时间。 1402e41f4b71Sopenharmony_ci 1403e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1404e41f4b71Sopenharmony_ci 1405e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1406e41f4b71Sopenharmony_ci 1407e41f4b71Sopenharmony_ci**返回值**: 1408e41f4b71Sopenharmony_ci 1409e41f4b71Sopenharmony_ci| 类型 | 说明 | 1410e41f4b71Sopenharmony_ci| ------ | ------------------------------------------------------------ | 1411e41f4b71Sopenharmony_ci| string | 表示X509证书有效期截止时间,日期为ASN.1时间格式。 | 1412e41f4b71Sopenharmony_ci 1413e41f4b71Sopenharmony_ci**错误码:** 1414e41f4b71Sopenharmony_ci 1415e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1416e41f4b71Sopenharmony_ci 1417e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1418e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1419e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1420e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1421e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1422e41f4b71Sopenharmony_ci 1423e41f4b71Sopenharmony_ci**示例:** 1424e41f4b71Sopenharmony_ci 1425e41f4b71Sopenharmony_ci```ts 1426e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1427e41f4b71Sopenharmony_ci 1428e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1429e41f4b71Sopenharmony_ci 1430e41f4b71Sopenharmony_ci// string转Uint8Array 1431e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1432e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1433e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1434e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1435e41f4b71Sopenharmony_ci } 1436e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1437e41f4b71Sopenharmony_ci} 1438e41f4b71Sopenharmony_ci 1439e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1440e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1441e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1442e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1443e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1444e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1445e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1446e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1447e41f4b71Sopenharmony_ci 'Qw==\n' + 1448e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1449e41f4b71Sopenharmony_ci 1450e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1451e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1452e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1453e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1454e41f4b71Sopenharmony_ci}; 1455e41f4b71Sopenharmony_ci 1456e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1457e41f4b71Sopenharmony_ci if (error) { 1458e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1459e41f4b71Sopenharmony_ci } else { 1460e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1461e41f4b71Sopenharmony_ci try { 1462e41f4b71Sopenharmony_ci let notAfter = x509Cert.getNotAfterTime(); 1463e41f4b71Sopenharmony_ci } catch (err) { 1464e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1465e41f4b71Sopenharmony_ci console.error('getNotAfterTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1466e41f4b71Sopenharmony_ci } 1467e41f4b71Sopenharmony_ci } 1468e41f4b71Sopenharmony_ci}); 1469e41f4b71Sopenharmony_ci``` 1470e41f4b71Sopenharmony_ci 1471e41f4b71Sopenharmony_ci### getSignature 1472e41f4b71Sopenharmony_ci 1473e41f4b71Sopenharmony_cigetSignature() : DataBlob 1474e41f4b71Sopenharmony_ci 1475e41f4b71Sopenharmony_ci表示获取X509证书签名数据。 1476e41f4b71Sopenharmony_ci 1477e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1478e41f4b71Sopenharmony_ci 1479e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1480e41f4b71Sopenharmony_ci 1481e41f4b71Sopenharmony_ci**返回值**: 1482e41f4b71Sopenharmony_ci 1483e41f4b71Sopenharmony_ci| 类型 | 说明 | 1484e41f4b71Sopenharmony_ci| --------------------- | -------------------- | 1485e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书签名数据 | 1486e41f4b71Sopenharmony_ci 1487e41f4b71Sopenharmony_ci**错误码:** 1488e41f4b71Sopenharmony_ci 1489e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1490e41f4b71Sopenharmony_ci 1491e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1492e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1493e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1494e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1495e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1496e41f4b71Sopenharmony_ci 1497e41f4b71Sopenharmony_ci**示例:** 1498e41f4b71Sopenharmony_ci 1499e41f4b71Sopenharmony_ci```ts 1500e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1501e41f4b71Sopenharmony_ci 1502e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1503e41f4b71Sopenharmony_ci 1504e41f4b71Sopenharmony_ci// string转Uint8Array 1505e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1506e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1507e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1508e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1509e41f4b71Sopenharmony_ci } 1510e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1511e41f4b71Sopenharmony_ci} 1512e41f4b71Sopenharmony_ci 1513e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1514e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1515e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1516e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1517e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1518e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1519e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1520e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1521e41f4b71Sopenharmony_ci 'Qw==\n' + 1522e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1523e41f4b71Sopenharmony_ci 1524e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1525e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1526e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1527e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1528e41f4b71Sopenharmony_ci}; 1529e41f4b71Sopenharmony_ci 1530e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1531e41f4b71Sopenharmony_ci if (error) { 1532e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1533e41f4b71Sopenharmony_ci } else { 1534e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1535e41f4b71Sopenharmony_ci try { 1536e41f4b71Sopenharmony_ci let signature = x509Cert.getSignature(); 1537e41f4b71Sopenharmony_ci } catch (err) { 1538e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1539e41f4b71Sopenharmony_ci console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1540e41f4b71Sopenharmony_ci } 1541e41f4b71Sopenharmony_ci } 1542e41f4b71Sopenharmony_ci}); 1543e41f4b71Sopenharmony_ci``` 1544e41f4b71Sopenharmony_ci 1545e41f4b71Sopenharmony_ci### getSignatureAlgName 1546e41f4b71Sopenharmony_ci 1547e41f4b71Sopenharmony_cigetSignatureAlgName() : string 1548e41f4b71Sopenharmony_ci 1549e41f4b71Sopenharmony_ci表示获取X509证书签名算法名称。 1550e41f4b71Sopenharmony_ci 1551e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1552e41f4b71Sopenharmony_ci 1553e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1554e41f4b71Sopenharmony_ci 1555e41f4b71Sopenharmony_ci**返回值**: 1556e41f4b71Sopenharmony_ci 1557e41f4b71Sopenharmony_ci| 类型 | 说明 | 1558e41f4b71Sopenharmony_ci| ------ | ------------------------ | 1559e41f4b71Sopenharmony_ci| string | 表示X509证书签名算法名称 | 1560e41f4b71Sopenharmony_ci 1561e41f4b71Sopenharmony_ci**错误码:** 1562e41f4b71Sopenharmony_ci 1563e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1564e41f4b71Sopenharmony_ci 1565e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1566e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1567e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1568e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1569e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1570e41f4b71Sopenharmony_ci 1571e41f4b71Sopenharmony_ci**示例:** 1572e41f4b71Sopenharmony_ci 1573e41f4b71Sopenharmony_ci```ts 1574e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1575e41f4b71Sopenharmony_ci 1576e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1577e41f4b71Sopenharmony_ci 1578e41f4b71Sopenharmony_ci// string转Uint8Array 1579e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1580e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1581e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1582e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1583e41f4b71Sopenharmony_ci } 1584e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1585e41f4b71Sopenharmony_ci} 1586e41f4b71Sopenharmony_ci 1587e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1588e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1589e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1590e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1591e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1592e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1593e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1594e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1595e41f4b71Sopenharmony_ci 'Qw==\n' + 1596e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1597e41f4b71Sopenharmony_ci 1598e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1599e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1600e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1601e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1602e41f4b71Sopenharmony_ci}; 1603e41f4b71Sopenharmony_ci 1604e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1605e41f4b71Sopenharmony_ci if (error) { 1606e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1607e41f4b71Sopenharmony_ci } else { 1608e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1609e41f4b71Sopenharmony_ci try { 1610e41f4b71Sopenharmony_ci let sigAlgName = x509Cert.getSignatureAlgName(); 1611e41f4b71Sopenharmony_ci } catch (err) { 1612e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1613e41f4b71Sopenharmony_ci console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1614e41f4b71Sopenharmony_ci } 1615e41f4b71Sopenharmony_ci } 1616e41f4b71Sopenharmony_ci}); 1617e41f4b71Sopenharmony_ci``` 1618e41f4b71Sopenharmony_ci 1619e41f4b71Sopenharmony_ci### getSignatureAlgOid 1620e41f4b71Sopenharmony_ci 1621e41f4b71Sopenharmony_cigetSignatureAlgOid() : string 1622e41f4b71Sopenharmony_ci 1623e41f4b71Sopenharmony_ci表示获取X509证书签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 1624e41f4b71Sopenharmony_ci 1625e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1626e41f4b71Sopenharmony_ci 1627e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1628e41f4b71Sopenharmony_ci 1629e41f4b71Sopenharmony_ci**返回值**: 1630e41f4b71Sopenharmony_ci 1631e41f4b71Sopenharmony_ci| 类型 | 说明 | 1632e41f4b71Sopenharmony_ci| ------ | --------------------------------- | 1633e41f4b71Sopenharmony_ci| string | 表示X509证书签名算法对象标志符OID | 1634e41f4b71Sopenharmony_ci 1635e41f4b71Sopenharmony_ci**错误码:** 1636e41f4b71Sopenharmony_ci 1637e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1638e41f4b71Sopenharmony_ci 1639e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1640e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1641e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1642e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1643e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1644e41f4b71Sopenharmony_ci 1645e41f4b71Sopenharmony_ci**示例:** 1646e41f4b71Sopenharmony_ci 1647e41f4b71Sopenharmony_ci```ts 1648e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1649e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1650e41f4b71Sopenharmony_ci 1651e41f4b71Sopenharmony_ci// string转Uint8Array 1652e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1653e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1654e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1655e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1656e41f4b71Sopenharmony_ci } 1657e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1658e41f4b71Sopenharmony_ci} 1659e41f4b71Sopenharmony_ci 1660e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1661e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1662e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1663e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1664e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1665e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1666e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1667e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1668e41f4b71Sopenharmony_ci 'Qw==\n' + 1669e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1670e41f4b71Sopenharmony_ci 1671e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1672e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1673e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1674e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1675e41f4b71Sopenharmony_ci}; 1676e41f4b71Sopenharmony_ci 1677e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1678e41f4b71Sopenharmony_ci if (error) { 1679e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1680e41f4b71Sopenharmony_ci } else { 1681e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1682e41f4b71Sopenharmony_ci try { 1683e41f4b71Sopenharmony_ci let sigAlgOid = x509Cert.getSignatureAlgOid(); 1684e41f4b71Sopenharmony_ci } catch (err) { 1685e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1686e41f4b71Sopenharmony_ci console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1687e41f4b71Sopenharmony_ci } 1688e41f4b71Sopenharmony_ci } 1689e41f4b71Sopenharmony_ci}); 1690e41f4b71Sopenharmony_ci``` 1691e41f4b71Sopenharmony_ci 1692e41f4b71Sopenharmony_ci### getSignatureAlgParams 1693e41f4b71Sopenharmony_ci 1694e41f4b71Sopenharmony_cigetSignatureAlgParams() : DataBlob 1695e41f4b71Sopenharmony_ci 1696e41f4b71Sopenharmony_ci表示获取X509证书签名算法参数。 1697e41f4b71Sopenharmony_ci 1698e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1699e41f4b71Sopenharmony_ci 1700e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1701e41f4b71Sopenharmony_ci 1702e41f4b71Sopenharmony_ci**返回值**: 1703e41f4b71Sopenharmony_ci 1704e41f4b71Sopenharmony_ci| 类型 | 说明 | 1705e41f4b71Sopenharmony_ci| --------------------- | ------------------------ | 1706e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书签名算法参数 | 1707e41f4b71Sopenharmony_ci 1708e41f4b71Sopenharmony_ci**错误码:** 1709e41f4b71Sopenharmony_ci 1710e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1711e41f4b71Sopenharmony_ci 1712e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1713e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1714e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 1715e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1716e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1717e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1718e41f4b71Sopenharmony_ci 1719e41f4b71Sopenharmony_ci**示例:** 1720e41f4b71Sopenharmony_ci 1721e41f4b71Sopenharmony_ci```ts 1722e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1723e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1724e41f4b71Sopenharmony_ci 1725e41f4b71Sopenharmony_ci// string转Uint8Array 1726e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1727e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1728e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1729e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1730e41f4b71Sopenharmony_ci } 1731e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1732e41f4b71Sopenharmony_ci} 1733e41f4b71Sopenharmony_ci 1734e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1735e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1736e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1737e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1738e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1739e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1740e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1741e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1742e41f4b71Sopenharmony_ci 'Qw==\n' + 1743e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1744e41f4b71Sopenharmony_ci 1745e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1746e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1747e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1748e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1749e41f4b71Sopenharmony_ci}; 1750e41f4b71Sopenharmony_ci 1751e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1752e41f4b71Sopenharmony_ci if (error) { 1753e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1754e41f4b71Sopenharmony_ci } else { 1755e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1756e41f4b71Sopenharmony_ci try { 1757e41f4b71Sopenharmony_ci let sigAlgParams = x509Cert.getSignatureAlgParams(); 1758e41f4b71Sopenharmony_ci } catch (err) { 1759e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1760e41f4b71Sopenharmony_ci console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1761e41f4b71Sopenharmony_ci } 1762e41f4b71Sopenharmony_ci } 1763e41f4b71Sopenharmony_ci}); 1764e41f4b71Sopenharmony_ci``` 1765e41f4b71Sopenharmony_ci 1766e41f4b71Sopenharmony_ci### getKeyUsage 1767e41f4b71Sopenharmony_ci 1768e41f4b71Sopenharmony_cigetKeyUsage() : DataBlob 1769e41f4b71Sopenharmony_ci 1770e41f4b71Sopenharmony_ci表示获取X509证书秘钥用途。 1771e41f4b71Sopenharmony_ci 1772e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1773e41f4b71Sopenharmony_ci 1774e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1775e41f4b71Sopenharmony_ci 1776e41f4b71Sopenharmony_ci**返回值**: 1777e41f4b71Sopenharmony_ci 1778e41f4b71Sopenharmony_ci| 类型 | 说明 | 1779e41f4b71Sopenharmony_ci| --------------------- | -------------------- | 1780e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书秘钥用途 | 1781e41f4b71Sopenharmony_ci 1782e41f4b71Sopenharmony_ci**错误码:** 1783e41f4b71Sopenharmony_ci 1784e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1785e41f4b71Sopenharmony_ci 1786e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1787e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1788e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1789e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1790e41f4b71Sopenharmony_ci 1791e41f4b71Sopenharmony_ci**示例:** 1792e41f4b71Sopenharmony_ci 1793e41f4b71Sopenharmony_ci```ts 1794e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1795e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1796e41f4b71Sopenharmony_ci 1797e41f4b71Sopenharmony_ci// string转Uint8Array 1798e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1799e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1800e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1801e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1802e41f4b71Sopenharmony_ci } 1803e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1804e41f4b71Sopenharmony_ci} 1805e41f4b71Sopenharmony_ci 1806e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1807e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1808e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1809e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1810e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1811e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1812e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1813e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1814e41f4b71Sopenharmony_ci 'Qw==\n' + 1815e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1816e41f4b71Sopenharmony_ci 1817e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1818e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1819e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1820e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1821e41f4b71Sopenharmony_ci}; 1822e41f4b71Sopenharmony_ci 1823e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1824e41f4b71Sopenharmony_ci if (error) { 1825e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1826e41f4b71Sopenharmony_ci } else { 1827e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1828e41f4b71Sopenharmony_ci try { 1829e41f4b71Sopenharmony_ci let keyUsage = x509Cert.getKeyUsage(); 1830e41f4b71Sopenharmony_ci } catch (err) { 1831e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1832e41f4b71Sopenharmony_ci console.error('getKeyUsage failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1833e41f4b71Sopenharmony_ci } 1834e41f4b71Sopenharmony_ci } 1835e41f4b71Sopenharmony_ci}); 1836e41f4b71Sopenharmony_ci``` 1837e41f4b71Sopenharmony_ci 1838e41f4b71Sopenharmony_ci### getExtKeyUsage 1839e41f4b71Sopenharmony_ci 1840e41f4b71Sopenharmony_cigetExtKeyUsage() : DataArray 1841e41f4b71Sopenharmony_ci 1842e41f4b71Sopenharmony_ci表示获取X509证书扩展秘钥用途。 1843e41f4b71Sopenharmony_ci 1844e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1845e41f4b71Sopenharmony_ci 1846e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1847e41f4b71Sopenharmony_ci 1848e41f4b71Sopenharmony_ci**返回值**: 1849e41f4b71Sopenharmony_ci 1850e41f4b71Sopenharmony_ci| 类型 | 说明 | 1851e41f4b71Sopenharmony_ci| ----------------------- | ------------------------ | 1852e41f4b71Sopenharmony_ci| [DataArray](#dataarray) | 表示X509证书扩展秘钥用途 | 1853e41f4b71Sopenharmony_ci 1854e41f4b71Sopenharmony_ci**错误码:** 1855e41f4b71Sopenharmony_ci 1856e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1857e41f4b71Sopenharmony_ci 1858e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1859e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1860e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1861e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1862e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1863e41f4b71Sopenharmony_ci 1864e41f4b71Sopenharmony_ci**示例:** 1865e41f4b71Sopenharmony_ci 1866e41f4b71Sopenharmony_ci```ts 1867e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1868e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1869e41f4b71Sopenharmony_ci 1870e41f4b71Sopenharmony_ci// string转Uint8Array 1871e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1872e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1873e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1874e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1875e41f4b71Sopenharmony_ci } 1876e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1877e41f4b71Sopenharmony_ci} 1878e41f4b71Sopenharmony_ci 1879e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1880e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1881e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1882e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1883e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1884e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1885e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1886e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1887e41f4b71Sopenharmony_ci 'Qw==\n' + 1888e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1889e41f4b71Sopenharmony_ci 1890e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1891e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1892e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1893e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1894e41f4b71Sopenharmony_ci}; 1895e41f4b71Sopenharmony_ci 1896e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1897e41f4b71Sopenharmony_ci if (error) { 1898e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1899e41f4b71Sopenharmony_ci } else { 1900e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1901e41f4b71Sopenharmony_ci try { 1902e41f4b71Sopenharmony_ci let extKeyUsage = x509Cert.getExtKeyUsage(); 1903e41f4b71Sopenharmony_ci } catch (err) { 1904e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 1905e41f4b71Sopenharmony_ci console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 1906e41f4b71Sopenharmony_ci } 1907e41f4b71Sopenharmony_ci } 1908e41f4b71Sopenharmony_ci}); 1909e41f4b71Sopenharmony_ci``` 1910e41f4b71Sopenharmony_ci 1911e41f4b71Sopenharmony_ci### getBasicConstraints 1912e41f4b71Sopenharmony_ci 1913e41f4b71Sopenharmony_cigetBasicConstraints() : number 1914e41f4b71Sopenharmony_ci 1915e41f4b71Sopenharmony_ci表示获取X509证书基本约束。 1916e41f4b71Sopenharmony_ci 1917e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1918e41f4b71Sopenharmony_ci 1919e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1920e41f4b71Sopenharmony_ci 1921e41f4b71Sopenharmony_ci**返回值**: 1922e41f4b71Sopenharmony_ci 1923e41f4b71Sopenharmony_ci| 类型 | 说明 | 1924e41f4b71Sopenharmony_ci| ------ | -------------------- | 1925e41f4b71Sopenharmony_ci| number | 表示X509证书基本约束 | 1926e41f4b71Sopenharmony_ci 1927e41f4b71Sopenharmony_ci**示例:** 1928e41f4b71Sopenharmony_ci 1929e41f4b71Sopenharmony_ci```ts 1930e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1931e41f4b71Sopenharmony_ci 1932e41f4b71Sopenharmony_ci// string转Uint8Array 1933e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 1934e41f4b71Sopenharmony_ci let arr: Array<number> = []; 1935e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 1936e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 1937e41f4b71Sopenharmony_ci } 1938e41f4b71Sopenharmony_ci return new Uint8Array(arr); 1939e41f4b71Sopenharmony_ci} 1940e41f4b71Sopenharmony_ci 1941e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 1942e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 1943e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 1944e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 1945e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 1946e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 1947e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 1948e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 1949e41f4b71Sopenharmony_ci 'Qw==\n' + 1950e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 1951e41f4b71Sopenharmony_ci 1952e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 1953e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 1954e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 1955e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 1956e41f4b71Sopenharmony_ci}; 1957e41f4b71Sopenharmony_ci 1958e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 1959e41f4b71Sopenharmony_ci if (error) { 1960e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 1961e41f4b71Sopenharmony_ci } else { 1962e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 1963e41f4b71Sopenharmony_ci let basicConstraints = x509Cert.getBasicConstraints(); 1964e41f4b71Sopenharmony_ci } 1965e41f4b71Sopenharmony_ci}); 1966e41f4b71Sopenharmony_ci``` 1967e41f4b71Sopenharmony_ci 1968e41f4b71Sopenharmony_ci### getSubjectAltNames 1969e41f4b71Sopenharmony_ci 1970e41f4b71Sopenharmony_cigetSubjectAltNames() : DataArray 1971e41f4b71Sopenharmony_ci 1972e41f4b71Sopenharmony_ci表示获取X509证书主体可选名称。 1973e41f4b71Sopenharmony_ci 1974e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 1975e41f4b71Sopenharmony_ci 1976e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 1977e41f4b71Sopenharmony_ci 1978e41f4b71Sopenharmony_ci**返回值**: 1979e41f4b71Sopenharmony_ci 1980e41f4b71Sopenharmony_ci| 类型 | 说明 | 1981e41f4b71Sopenharmony_ci| ----------------------- | ------------------------ | 1982e41f4b71Sopenharmony_ci| [DataArray](#dataarray) | 表示X509证书主体可选名称 | 1983e41f4b71Sopenharmony_ci 1984e41f4b71Sopenharmony_ci**错误码:** 1985e41f4b71Sopenharmony_ci 1986e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 1987e41f4b71Sopenharmony_ci 1988e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 1989e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 1990e41f4b71Sopenharmony_ci| 19020001 | memory error. | 1991e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 1992e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 1993e41f4b71Sopenharmony_ci 1994e41f4b71Sopenharmony_ci**示例:** 1995e41f4b71Sopenharmony_ci 1996e41f4b71Sopenharmony_ci```ts 1997e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 1998e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 1999e41f4b71Sopenharmony_ci 2000e41f4b71Sopenharmony_ci// string转Uint8Array 2001e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2002e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2003e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2004e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2005e41f4b71Sopenharmony_ci } 2006e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2007e41f4b71Sopenharmony_ci} 2008e41f4b71Sopenharmony_ci 2009e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 2010e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 2011e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2012e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2013e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2014e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2015e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2016e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2017e41f4b71Sopenharmony_ci 'Qw==\n' + 2018e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 2019e41f4b71Sopenharmony_ci 2020e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2021e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2022e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2023e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2024e41f4b71Sopenharmony_ci}; 2025e41f4b71Sopenharmony_ci 2026e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 2027e41f4b71Sopenharmony_ci if (error) { 2028e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2029e41f4b71Sopenharmony_ci } else { 2030e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2031e41f4b71Sopenharmony_ci try { 2032e41f4b71Sopenharmony_ci let subjectAltNames = x509Cert.getSubjectAltNames(); 2033e41f4b71Sopenharmony_ci } catch (err) { 2034e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2035e41f4b71Sopenharmony_ci console.error('getSubjectAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2036e41f4b71Sopenharmony_ci } 2037e41f4b71Sopenharmony_ci } 2038e41f4b71Sopenharmony_ci}); 2039e41f4b71Sopenharmony_ci``` 2040e41f4b71Sopenharmony_ci 2041e41f4b71Sopenharmony_ci### getIssuerAltNames 2042e41f4b71Sopenharmony_ci 2043e41f4b71Sopenharmony_cigetIssuerAltNames() : DataArray 2044e41f4b71Sopenharmony_ci 2045e41f4b71Sopenharmony_ci表示获取X509证书颁发者可选名称。 2046e41f4b71Sopenharmony_ci 2047e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2048e41f4b71Sopenharmony_ci 2049e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2050e41f4b71Sopenharmony_ci 2051e41f4b71Sopenharmony_ci**返回值**: 2052e41f4b71Sopenharmony_ci 2053e41f4b71Sopenharmony_ci| 类型 | 说明 | 2054e41f4b71Sopenharmony_ci| ----------------------- | -------------------------- | 2055e41f4b71Sopenharmony_ci| [DataArray](#dataarray) | 表示X509证书颁发者可选名称 | 2056e41f4b71Sopenharmony_ci 2057e41f4b71Sopenharmony_ci**错误码:** 2058e41f4b71Sopenharmony_ci 2059e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2060e41f4b71Sopenharmony_ci 2061e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2062e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 2063e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2064e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2065e41f4b71Sopenharmony_ci| 19030001 | crypto operation error.| 2066e41f4b71Sopenharmony_ci 2067e41f4b71Sopenharmony_ci**示例:** 2068e41f4b71Sopenharmony_ci 2069e41f4b71Sopenharmony_ci```ts 2070e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2071e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2072e41f4b71Sopenharmony_ci 2073e41f4b71Sopenharmony_ci// string转Uint8Array 2074e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2075e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2076e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2077e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2078e41f4b71Sopenharmony_ci } 2079e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2080e41f4b71Sopenharmony_ci} 2081e41f4b71Sopenharmony_ci 2082e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 2083e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 2084e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2085e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2086e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2087e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2088e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2089e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2090e41f4b71Sopenharmony_ci 'Qw==\n' + 2091e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 2092e41f4b71Sopenharmony_ci 2093e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2094e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2095e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2096e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2097e41f4b71Sopenharmony_ci}; 2098e41f4b71Sopenharmony_ci 2099e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 2100e41f4b71Sopenharmony_ci if (error) { 2101e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2102e41f4b71Sopenharmony_ci } else { 2103e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2104e41f4b71Sopenharmony_ci try { 2105e41f4b71Sopenharmony_ci let issuerAltNames = x509Cert.getIssuerAltNames(); 2106e41f4b71Sopenharmony_ci } catch (err) { 2107e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2108e41f4b71Sopenharmony_ci console.error('getIssuerAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2109e41f4b71Sopenharmony_ci } 2110e41f4b71Sopenharmony_ci } 2111e41f4b71Sopenharmony_ci}); 2112e41f4b71Sopenharmony_ci``` 2113e41f4b71Sopenharmony_ci 2114e41f4b71Sopenharmony_ci### getItem<sup>10+</sup> 2115e41f4b71Sopenharmony_ci 2116e41f4b71Sopenharmony_cigetItem(itemType: CertItemType) : DataBlob 2117e41f4b71Sopenharmony_ci 2118e41f4b71Sopenharmony_ci表示获取X509证书对应的字段。 2119e41f4b71Sopenharmony_ci 2120e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2121e41f4b71Sopenharmony_ci 2122e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2123e41f4b71Sopenharmony_ci 2124e41f4b71Sopenharmony_ci**返回值**: 2125e41f4b71Sopenharmony_ci 2126e41f4b71Sopenharmony_ci| 类型 | 说明 | 2127e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2128e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书对应的字段,返回值为DER格式。 | 2129e41f4b71Sopenharmony_ci 2130e41f4b71Sopenharmony_ci**错误码:** 2131e41f4b71Sopenharmony_ci 2132e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2133e41f4b71Sopenharmony_ci 2134e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2135e41f4b71Sopenharmony_ci| -------- | ----------------------- | 2136e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2137e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2138e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2139e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2140e41f4b71Sopenharmony_ci 2141e41f4b71Sopenharmony_ci**示例:** 2142e41f4b71Sopenharmony_ci 2143e41f4b71Sopenharmony_ci```ts 2144e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2145e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2146e41f4b71Sopenharmony_ci 2147e41f4b71Sopenharmony_ci// string转Uint8Array 2148e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2149e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2150e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2151e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2152e41f4b71Sopenharmony_ci } 2153e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2154e41f4b71Sopenharmony_ci} 2155e41f4b71Sopenharmony_ci 2156e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 2157e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 2158e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 2159e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 2160e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 2161e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 2162e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 2163e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 2164e41f4b71Sopenharmony_ci 'Qw==\n' + 2165e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 2166e41f4b71Sopenharmony_ci 2167e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2168e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2169e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2170e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2171e41f4b71Sopenharmony_ci}; 2172e41f4b71Sopenharmony_ci 2173e41f4b71Sopenharmony_cicert.createX509Cert(encodingBlob, (error, x509Cert) => { 2174e41f4b71Sopenharmony_ci if (error) { 2175e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2176e41f4b71Sopenharmony_ci } else { 2177e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2178e41f4b71Sopenharmony_ci try { 2179e41f4b71Sopenharmony_ci let tbs = x509Cert.getItem(cert.CertItemType.CERT_ITEM_TYPE_TBS); 2180e41f4b71Sopenharmony_ci let pubKey = x509Cert.getItem(cert.CertItemType.CERT_ITEM_TYPE_PUBLIC_KEY); 2181e41f4b71Sopenharmony_ci } catch (err) { 2182e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2183e41f4b71Sopenharmony_ci console.error('getItem failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2184e41f4b71Sopenharmony_ci } 2185e41f4b71Sopenharmony_ci } 2186e41f4b71Sopenharmony_ci}); 2187e41f4b71Sopenharmony_ci``` 2188e41f4b71Sopenharmony_ci### match<sup>11+</sup> 2189e41f4b71Sopenharmony_ci 2190e41f4b71Sopenharmony_cimatch(param: X509CertMatchParameters): boolean 2191e41f4b71Sopenharmony_ci 2192e41f4b71Sopenharmony_ci判断证书是否与输入参数匹配。 2193e41f4b71Sopenharmony_ci 2194e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2195e41f4b71Sopenharmony_ci 2196e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2197e41f4b71Sopenharmony_ci 2198e41f4b71Sopenharmony_ci**参数**: 2199e41f4b71Sopenharmony_ci 2200e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2201e41f4b71Sopenharmony_ci| --------- | ------ | ---- | ------------------------------------------ | 2202e41f4b71Sopenharmony_ci| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示需要匹配的参数。 | 2203e41f4b71Sopenharmony_ci 2204e41f4b71Sopenharmony_ci**返回值**: 2205e41f4b71Sopenharmony_ci 2206e41f4b71Sopenharmony_ci| 类型 | 说明 | 2207e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2208e41f4b71Sopenharmony_ci| boolean | 当参数匹配时,该方法返回true,否则返回false。 | 2209e41f4b71Sopenharmony_ci 2210e41f4b71Sopenharmony_ci**错误码:** 2211e41f4b71Sopenharmony_ci 2212e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2213e41f4b71Sopenharmony_ci 2214e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2215e41f4b71Sopenharmony_ci| -------- | ------------- | 2216e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2217e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2218e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2219e41f4b71Sopenharmony_ci 2220e41f4b71Sopenharmony_ci**示例:** 2221e41f4b71Sopenharmony_ci 2222e41f4b71Sopenharmony_ci```ts 2223e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2224e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2225e41f4b71Sopenharmony_ci 2226e41f4b71Sopenharmony_ci// string转Uint8Array 2227e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2228e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2229e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2230e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2231e41f4b71Sopenharmony_ci } 2232e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2233e41f4b71Sopenharmony_ci} 2234e41f4b71Sopenharmony_ci 2235e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 2236e41f4b71Sopenharmony_ci let certData = '-----BEGIN CERTIFICATE-----\n' + 2237e41f4b71Sopenharmony_ci 'MIIDTTCCAjWgAwIBAgIBAzANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 2238e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDM1NFoXDTM0MDMxNzAyMDM1NFowETEPMA0GA1UEAwwG\n' + 2239e41f4b71Sopenharmony_ci 'ZGV2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoGk2J0aKWTP\n' + 2240e41f4b71Sopenharmony_ci 'J3D7lS3oFdME3MMA1z0Y0ftthrtUKybE2xh8P90ztMV73bewmgAPqiApqhaWEZM/\n' + 2241e41f4b71Sopenharmony_ci '6DSLc/MxbOeYjg6njveJIu721gchiuB2PFikDFSWlcLOJNw+CgBx77Ct3KllivHs\n' + 2242e41f4b71Sopenharmony_ci 'oi/gjuxrWiF/3VhbBErPNj/fw9se3pVrFRXIFdkcybtom2mUmkcxDfSg587SO14i\n' + 2243e41f4b71Sopenharmony_ci 'ZzXGM6nhMzYWXxLho6SJrsnzfs4pD6ifksWmY4089zitqsN+9jQXafY1+/sh1mgu\n' + 2244e41f4b71Sopenharmony_ci 'FvAwg9IbigGOBIiF8t5qdNGpqCHXbEHblNCWfT4fVNDV0Vc9pByjZaMYEGMhpz+6\n' + 2245e41f4b71Sopenharmony_ci 'lxlc2CqbNQIDAQABo4GuMIGrMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAEVpuP+pPpg\n' + 2246e41f4b71Sopenharmony_ci 'kr3dA3aV2XdFZ9rGMB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMB0G\n' + 2247e41f4b71Sopenharmony_ci 'A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwMgYIKwYB\n' + 2248e41f4b71Sopenharmony_ci 'BQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwczovLzEyNy4wLjAuMTo5OTk5MA0G\n' + 2249e41f4b71Sopenharmony_ci 'CSqGSIb3DQEBCwUAA4IBAQBjM1agcDcgVHsD0dS39gxtlyRbZRvDcW3YsdwgpN6S\n' + 2250e41f4b71Sopenharmony_ci 'e4wGzdZbhsiZv7y3+PSuozKwp5Yjn+UqnnEz7QuTGJRt/pzHDVY3QceNvlx2HPRe\n' + 2251e41f4b71Sopenharmony_ci 'fECS4bpGLcM5B17oZZjE4HenIrGmigXnnwYL5TjhC4ybtddXPYv/M6z2eFCnfQNa\n' + 2252e41f4b71Sopenharmony_ci 'zFwz8LJ7ukWvf5koBqcHq2zsuVByOIPXLIrAJPtMmBb/pHCFt8hxOxwqujdrxz16\n' + 2253e41f4b71Sopenharmony_ci 'pe5LQUYzvG1YCxw3Ye9OrM1yXJQr/4KYncQC1yQQo+UK7NsDRK30PsMEYxhierLA\n' + 2254e41f4b71Sopenharmony_ci 'JKyPn1xSlOJiGa2rRn/uevmEOhfagj5TtprU9Gu1+nZo\n' + 2255e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 2256e41f4b71Sopenharmony_ci 2257e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2258e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2259e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2260e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2261e41f4b71Sopenharmony_ci }; 2262e41f4b71Sopenharmony_ci 2263e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2264e41f4b71Sopenharmony_ci try { 2265e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2266e41f4b71Sopenharmony_ci } catch (err) { 2267e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2268e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2269e41f4b71Sopenharmony_ci } 2270e41f4b71Sopenharmony_ci return x509Cert; 2271e41f4b71Sopenharmony_ci} 2272e41f4b71Sopenharmony_ci 2273e41f4b71Sopenharmony_ciasync function matchX509Cert() { 2274e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 2275e41f4b71Sopenharmony_ci try { 2276e41f4b71Sopenharmony_ci // 需业务自行赋值 2277e41f4b71Sopenharmony_ci const param: cert.X509CertMatchParameters = { 2278e41f4b71Sopenharmony_ci x509Cert, 2279e41f4b71Sopenharmony_ci validDate: '20241121074700Z', 2280e41f4b71Sopenharmony_ci keyUsage: [true, false, false, false, false, false, false, false, false], 2281e41f4b71Sopenharmony_ci publicKeyAlgID: '1.2.840.113549.1.1.1' 2282e41f4b71Sopenharmony_ci }; 2283e41f4b71Sopenharmony_ci const result = x509Cert.match(param); 2284e41f4b71Sopenharmony_ci console.log('call x509Cert match success'); 2285e41f4b71Sopenharmony_ci } catch (err) { 2286e41f4b71Sopenharmony_ci console.error('call x509Cert match failed'); 2287e41f4b71Sopenharmony_ci } 2288e41f4b71Sopenharmony_ci} 2289e41f4b71Sopenharmony_ci``` 2290e41f4b71Sopenharmony_ci 2291e41f4b71Sopenharmony_ci### getCRLDistributionPoint<sup>12+</sup> 2292e41f4b71Sopenharmony_ci 2293e41f4b71Sopenharmony_cigetCRLDistributionPoint(): DataArray 2294e41f4b71Sopenharmony_ci 2295e41f4b71Sopenharmony_ci获取X509证书CRL的分发点统一资源标识符。 2296e41f4b71Sopenharmony_ci 2297e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2298e41f4b71Sopenharmony_ci 2299e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2300e41f4b71Sopenharmony_ci 2301e41f4b71Sopenharmony_ci**返回值**: 2302e41f4b71Sopenharmony_ci 2303e41f4b71Sopenharmony_ci| 类型 | 说明 | 2304e41f4b71Sopenharmony_ci| ----------------------- | -------------------------- | 2305e41f4b71Sopenharmony_ci| [DataArray](#dataarray) | 表示X509证书CRL的分发点统一资源标识符 | 2306e41f4b71Sopenharmony_ci 2307e41f4b71Sopenharmony_ci**错误码:** 2308e41f4b71Sopenharmony_ci 2309e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2310e41f4b71Sopenharmony_ci 2311e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2312e41f4b71Sopenharmony_ci| -------- | ------------- | 2313e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2314e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2315e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2316e41f4b71Sopenharmony_ci 2317e41f4b71Sopenharmony_ci**示例:** 2318e41f4b71Sopenharmony_ci 2319e41f4b71Sopenharmony_ci```ts 2320e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2321e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2322e41f4b71Sopenharmony_ci 2323e41f4b71Sopenharmony_ci// string转Uint8Array 2324e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2325e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2326e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2327e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2328e41f4b71Sopenharmony_ci } 2329e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2330e41f4b71Sopenharmony_ci} 2331e41f4b71Sopenharmony_ci 2332e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2333e41f4b71Sopenharmony_ci "MIIB/jCCAaSgAwIBAgICA+gwCgYIKoZIzj0EAwIwLDELMAkGA1UEBhMCQ04xDTAL\n" + 2334e41f4b71Sopenharmony_ci "BgNVBAoMBHRlc3QxDjAMBgNVBAMMBXN1YmNhMB4XDTIzMTAwNzA0MDEwOFoXDTMz\n" + 2335e41f4b71Sopenharmony_ci "MTAwNDA0MDEwOFowLDELMAkGA1UEBhMCQ04xDTALBgNVBAoMBHRlc3QxDjAMBgNV\n" + 2336e41f4b71Sopenharmony_ci "BAMMBWxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZDPvdlJI6Yv4fiaR\n" + 2337e41f4b71Sopenharmony_ci "nQHcusXVbukk90mQ0rBGOYRikFvgvm5cjTdaUGcQKEtwYIKDQl5n6Pf7ElCJ7GRz\n" + 2338e41f4b71Sopenharmony_ci "raWZ+qOBtTCBsjAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl\n" + 2339e41f4b71Sopenharmony_ci "bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU63Gbl8gIsUn0VyZ4rya3PCjm\n" + 2340e41f4b71Sopenharmony_ci "sfEwHwYDVR0jBBgwFoAU77mynM0rz1SD43DQjleWM7bF+MEwNwYDVR0fBDAwLjAs\n" + 2341e41f4b71Sopenharmony_ci "oCqgKIYmaHR0cDovL3Rlc3QudGVzdENSTGRwLmNvbS9DUkxfRFBfMS5jcmwwCgYI\n" + 2342e41f4b71Sopenharmony_ci "KoZIzj0EAwIDSAAwRQIhAISKHH9u221mBgdDWfll3loLvEHJ3or9NUO5Zn6SrX6L\n" + 2343e41f4b71Sopenharmony_ci "AiAtRlOa6/mTD68faQTdhsAaQP955QfW34B4yFqU2Bq72A==\n" + 2344e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 2345e41f4b71Sopenharmony_ci 2346e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2347e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2348e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2349e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2350e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2351e41f4b71Sopenharmony_ci}; 2352e41f4b71Sopenharmony_ci 2353e41f4b71Sopenharmony_ciasync function certGetCRLDistributionPoint() { 2354e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2355e41f4b71Sopenharmony_ci try { 2356e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2357e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2358e41f4b71Sopenharmony_ci let point = x509Cert.getCRLDistributionPoint(); 2359e41f4b71Sopenharmony_ci } catch (err) { 2360e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2361e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2362e41f4b71Sopenharmony_ci } 2363e41f4b71Sopenharmony_ci} 2364e41f4b71Sopenharmony_ci``` 2365e41f4b71Sopenharmony_ci 2366e41f4b71Sopenharmony_ci### getIssuerX500DistinguishedName<sup>12+</sup> 2367e41f4b71Sopenharmony_ci 2368e41f4b71Sopenharmony_cigetIssuerX500DistinguishedName(): X500DistinguishedName 2369e41f4b71Sopenharmony_ci 2370e41f4b71Sopenharmony_ci获取颁发者的X509可分辨名称。 2371e41f4b71Sopenharmony_ci 2372e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2373e41f4b71Sopenharmony_ci 2374e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2375e41f4b71Sopenharmony_ci 2376e41f4b71Sopenharmony_ci**返回值**: 2377e41f4b71Sopenharmony_ci 2378e41f4b71Sopenharmony_ci| 类型 | 说明 | 2379e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2380e41f4b71Sopenharmony_ci| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 2381e41f4b71Sopenharmony_ci 2382e41f4b71Sopenharmony_ci**错误码:** 2383e41f4b71Sopenharmony_ci 2384e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2385e41f4b71Sopenharmony_ci 2386e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2387e41f4b71Sopenharmony_ci| -------- | ------------- | 2388e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2389e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2390e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2391e41f4b71Sopenharmony_ci 2392e41f4b71Sopenharmony_ci**示例:** 2393e41f4b71Sopenharmony_ci 2394e41f4b71Sopenharmony_ci```ts 2395e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2396e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2397e41f4b71Sopenharmony_ci 2398e41f4b71Sopenharmony_ci// string转Uint8Array 2399e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2400e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2401e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2402e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2403e41f4b71Sopenharmony_ci } 2404e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2405e41f4b71Sopenharmony_ci} 2406e41f4b71Sopenharmony_ci 2407e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2408e41f4b71Sopenharmony_ci "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2409e41f4b71Sopenharmony_ci "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2410e41f4b71Sopenharmony_ci "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2411e41f4b71Sopenharmony_ci "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2412e41f4b71Sopenharmony_ci "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2413e41f4b71Sopenharmony_ci "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2414e41f4b71Sopenharmony_ci "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2415e41f4b71Sopenharmony_ci "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2416e41f4b71Sopenharmony_ci "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2417e41f4b71Sopenharmony_ci "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2418e41f4b71Sopenharmony_ci "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2419e41f4b71Sopenharmony_ci "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2420e41f4b71Sopenharmony_ci "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2421e41f4b71Sopenharmony_ci "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2422e41f4b71Sopenharmony_ci "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2423e41f4b71Sopenharmony_ci "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2424e41f4b71Sopenharmony_ci "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2425e41f4b71Sopenharmony_ci "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2426e41f4b71Sopenharmony_ci "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2427e41f4b71Sopenharmony_ci "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2428e41f4b71Sopenharmony_ci "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2429e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" 2430e41f4b71Sopenharmony_ci 2431e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2432e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2433e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2434e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2435e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2436e41f4b71Sopenharmony_ci }; 2437e41f4b71Sopenharmony_ci 2438e41f4b71Sopenharmony_ciasync function certGetIssuerX500DistinguishedName() { 2439e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2440e41f4b71Sopenharmony_ci try { 2441e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2442e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2443e41f4b71Sopenharmony_ci let name = x509Cert.getIssuerX500DistinguishedName(); 2444e41f4b71Sopenharmony_ci } catch (err) { 2445e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2446e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2447e41f4b71Sopenharmony_ci } 2448e41f4b71Sopenharmony_ci} 2449e41f4b71Sopenharmony_ci``` 2450e41f4b71Sopenharmony_ci 2451e41f4b71Sopenharmony_ci### getSubjectX500DistinguishedName<sup>12+</sup> 2452e41f4b71Sopenharmony_ci 2453e41f4b71Sopenharmony_cigetSubjectX500DistinguishedName(): X500DistinguishedName 2454e41f4b71Sopenharmony_ci 2455e41f4b71Sopenharmony_ci获取证书主题的X509可分辨名称。 2456e41f4b71Sopenharmony_ci 2457e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2458e41f4b71Sopenharmony_ci 2459e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2460e41f4b71Sopenharmony_ci 2461e41f4b71Sopenharmony_ci**返回值**: 2462e41f4b71Sopenharmony_ci 2463e41f4b71Sopenharmony_ci| 类型 | 说明 | 2464e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2465e41f4b71Sopenharmony_ci| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 2466e41f4b71Sopenharmony_ci 2467e41f4b71Sopenharmony_ci**错误码:** 2468e41f4b71Sopenharmony_ci 2469e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2470e41f4b71Sopenharmony_ci 2471e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2472e41f4b71Sopenharmony_ci| -------- | ------------- | 2473e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2474e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2475e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2476e41f4b71Sopenharmony_ci 2477e41f4b71Sopenharmony_ci**示例:** 2478e41f4b71Sopenharmony_ci 2479e41f4b71Sopenharmony_ci```ts 2480e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2481e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2482e41f4b71Sopenharmony_ci 2483e41f4b71Sopenharmony_ci// string转Uint8Array 2484e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2485e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2486e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2487e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2488e41f4b71Sopenharmony_ci } 2489e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2490e41f4b71Sopenharmony_ci} 2491e41f4b71Sopenharmony_ci 2492e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2493e41f4b71Sopenharmony_ci "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2494e41f4b71Sopenharmony_ci "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2495e41f4b71Sopenharmony_ci "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2496e41f4b71Sopenharmony_ci "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2497e41f4b71Sopenharmony_ci "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2498e41f4b71Sopenharmony_ci "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2499e41f4b71Sopenharmony_ci "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2500e41f4b71Sopenharmony_ci "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2501e41f4b71Sopenharmony_ci "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2502e41f4b71Sopenharmony_ci "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2503e41f4b71Sopenharmony_ci "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2504e41f4b71Sopenharmony_ci "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2505e41f4b71Sopenharmony_ci "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2506e41f4b71Sopenharmony_ci "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2507e41f4b71Sopenharmony_ci "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2508e41f4b71Sopenharmony_ci "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2509e41f4b71Sopenharmony_ci "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2510e41f4b71Sopenharmony_ci "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2511e41f4b71Sopenharmony_ci "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2512e41f4b71Sopenharmony_ci "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2513e41f4b71Sopenharmony_ci "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2514e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" 2515e41f4b71Sopenharmony_ci 2516e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2517e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2518e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2519e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2520e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2521e41f4b71Sopenharmony_ci }; 2522e41f4b71Sopenharmony_ci 2523e41f4b71Sopenharmony_ciasync function certGetSubjectX500DistinguishedName() { 2524e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2525e41f4b71Sopenharmony_ci try { 2526e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2527e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2528e41f4b71Sopenharmony_ci let name = x509Cert.getSubjectX500DistinguishedName(); 2529e41f4b71Sopenharmony_ci } catch (err) { 2530e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2531e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2532e41f4b71Sopenharmony_ci } 2533e41f4b71Sopenharmony_ci} 2534e41f4b71Sopenharmony_ci``` 2535e41f4b71Sopenharmony_ci 2536e41f4b71Sopenharmony_ci### toString<sup>12+</sup> 2537e41f4b71Sopenharmony_ci 2538e41f4b71Sopenharmony_citoString(): string 2539e41f4b71Sopenharmony_ci 2540e41f4b71Sopenharmony_ci获取对象的字符串类型数据。 2541e41f4b71Sopenharmony_ci 2542e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2543e41f4b71Sopenharmony_ci 2544e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2545e41f4b71Sopenharmony_ci 2546e41f4b71Sopenharmony_ci**返回值**: 2547e41f4b71Sopenharmony_ci 2548e41f4b71Sopenharmony_ci| 类型 | 说明 | 2549e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2550e41f4b71Sopenharmony_ci| string | 对象的字符串类型数据。| 2551e41f4b71Sopenharmony_ci 2552e41f4b71Sopenharmony_ci**错误码:** 2553e41f4b71Sopenharmony_ci 2554e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2555e41f4b71Sopenharmony_ci 2556e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2557e41f4b71Sopenharmony_ci| -------- | ------------- | 2558e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2559e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2560e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2561e41f4b71Sopenharmony_ci 2562e41f4b71Sopenharmony_ci**示例:** 2563e41f4b71Sopenharmony_ci 2564e41f4b71Sopenharmony_ci```ts 2565e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2566e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2567e41f4b71Sopenharmony_ci 2568e41f4b71Sopenharmony_ci// string转Uint8Array 2569e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2570e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2571e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2572e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2573e41f4b71Sopenharmony_ci } 2574e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2575e41f4b71Sopenharmony_ci} 2576e41f4b71Sopenharmony_ci 2577e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2578e41f4b71Sopenharmony_ci "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2579e41f4b71Sopenharmony_ci "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2580e41f4b71Sopenharmony_ci "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2581e41f4b71Sopenharmony_ci "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2582e41f4b71Sopenharmony_ci "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2583e41f4b71Sopenharmony_ci "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2584e41f4b71Sopenharmony_ci "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2585e41f4b71Sopenharmony_ci "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2586e41f4b71Sopenharmony_ci "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2587e41f4b71Sopenharmony_ci "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2588e41f4b71Sopenharmony_ci "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2589e41f4b71Sopenharmony_ci "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2590e41f4b71Sopenharmony_ci "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2591e41f4b71Sopenharmony_ci "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2592e41f4b71Sopenharmony_ci "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2593e41f4b71Sopenharmony_ci "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2594e41f4b71Sopenharmony_ci "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2595e41f4b71Sopenharmony_ci "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2596e41f4b71Sopenharmony_ci "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2597e41f4b71Sopenharmony_ci "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2598e41f4b71Sopenharmony_ci "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2599e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" 2600e41f4b71Sopenharmony_ci 2601e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2602e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2603e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2604e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2605e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2606e41f4b71Sopenharmony_ci }; 2607e41f4b71Sopenharmony_ci 2608e41f4b71Sopenharmony_ciasync function certToString() { 2609e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2610e41f4b71Sopenharmony_ci try { 2611e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2612e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2613e41f4b71Sopenharmony_ci console.info('certToString success: ' + JSON.stringify(x509Cert.toString())); 2614e41f4b71Sopenharmony_ci } catch (err) { 2615e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2616e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2617e41f4b71Sopenharmony_ci } 2618e41f4b71Sopenharmony_ci} 2619e41f4b71Sopenharmony_ci``` 2620e41f4b71Sopenharmony_ci 2621e41f4b71Sopenharmony_ci### hashCode<sup>12+</sup> 2622e41f4b71Sopenharmony_ci 2623e41f4b71Sopenharmony_cihashCode(): Uint8Array 2624e41f4b71Sopenharmony_ci 2625e41f4b71Sopenharmony_ci获取DER格式数据的哈希值。 2626e41f4b71Sopenharmony_ci 2627e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2628e41f4b71Sopenharmony_ci 2629e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2630e41f4b71Sopenharmony_ci 2631e41f4b71Sopenharmony_ci**返回值**: 2632e41f4b71Sopenharmony_ci 2633e41f4b71Sopenharmony_ci| 类型 | 说明 | 2634e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2635e41f4b71Sopenharmony_ci| Uint8Array | DER格式数据的哈希值。| 2636e41f4b71Sopenharmony_ci 2637e41f4b71Sopenharmony_ci**错误码:** 2638e41f4b71Sopenharmony_ci 2639e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2640e41f4b71Sopenharmony_ci 2641e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2642e41f4b71Sopenharmony_ci| -------- | ------------- | 2643e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2644e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2645e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2646e41f4b71Sopenharmony_ci 2647e41f4b71Sopenharmony_ci**示例:** 2648e41f4b71Sopenharmony_ci 2649e41f4b71Sopenharmony_ci```ts 2650e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2651e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2652e41f4b71Sopenharmony_ci 2653e41f4b71Sopenharmony_ci// string转Uint8Array 2654e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2655e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2656e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2657e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2658e41f4b71Sopenharmony_ci } 2659e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2660e41f4b71Sopenharmony_ci} 2661e41f4b71Sopenharmony_ci 2662e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2663e41f4b71Sopenharmony_ci "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2664e41f4b71Sopenharmony_ci "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2665e41f4b71Sopenharmony_ci "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2666e41f4b71Sopenharmony_ci "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2667e41f4b71Sopenharmony_ci "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2668e41f4b71Sopenharmony_ci "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2669e41f4b71Sopenharmony_ci "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2670e41f4b71Sopenharmony_ci "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2671e41f4b71Sopenharmony_ci "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2672e41f4b71Sopenharmony_ci "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2673e41f4b71Sopenharmony_ci "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2674e41f4b71Sopenharmony_ci "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2675e41f4b71Sopenharmony_ci "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2676e41f4b71Sopenharmony_ci "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2677e41f4b71Sopenharmony_ci "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2678e41f4b71Sopenharmony_ci "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2679e41f4b71Sopenharmony_ci "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2680e41f4b71Sopenharmony_ci "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2681e41f4b71Sopenharmony_ci "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2682e41f4b71Sopenharmony_ci "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2683e41f4b71Sopenharmony_ci "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2684e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" 2685e41f4b71Sopenharmony_ci 2686e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2687e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2688e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2689e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2690e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2691e41f4b71Sopenharmony_ci }; 2692e41f4b71Sopenharmony_ci 2693e41f4b71Sopenharmony_ciasync function certHashCode() { 2694e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2695e41f4b71Sopenharmony_ci try { 2696e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2697e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2698e41f4b71Sopenharmony_ci console.info('certHashCode success: ' + JSON.stringify(x509Cert.hashCode())); 2699e41f4b71Sopenharmony_ci } catch (err) { 2700e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2701e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2702e41f4b71Sopenharmony_ci } 2703e41f4b71Sopenharmony_ci} 2704e41f4b71Sopenharmony_ci``` 2705e41f4b71Sopenharmony_ci 2706e41f4b71Sopenharmony_ci### getExtensionsObject<sup>12+</sup> 2707e41f4b71Sopenharmony_ci 2708e41f4b71Sopenharmony_cigetExtensionsObject(): CertExtension 2709e41f4b71Sopenharmony_ci 2710e41f4b71Sopenharmony_ci获取对应实体的扩展域DER格式数据。 2711e41f4b71Sopenharmony_ci 2712e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2713e41f4b71Sopenharmony_ci 2714e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2715e41f4b71Sopenharmony_ci 2716e41f4b71Sopenharmony_ci**返回值**: 2717e41f4b71Sopenharmony_ci 2718e41f4b71Sopenharmony_ci| 类型 | 说明 | 2719e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 2720e41f4b71Sopenharmony_ci| [CertExtension](#certextension10) | 证书扩展域段类对象。| 2721e41f4b71Sopenharmony_ci 2722e41f4b71Sopenharmony_ci**错误码:** 2723e41f4b71Sopenharmony_ci 2724e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2725e41f4b71Sopenharmony_ci 2726e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2727e41f4b71Sopenharmony_ci| -------- | ------------- | 2728e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2729e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2730e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2731e41f4b71Sopenharmony_ci 2732e41f4b71Sopenharmony_ci**示例:** 2733e41f4b71Sopenharmony_ci 2734e41f4b71Sopenharmony_ci```ts 2735e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2736e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2737e41f4b71Sopenharmony_ci 2738e41f4b71Sopenharmony_ci// string转Uint8Array 2739e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 2740e41f4b71Sopenharmony_ci let arr: Array<number> = []; 2741e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 2742e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 2743e41f4b71Sopenharmony_ci } 2744e41f4b71Sopenharmony_ci return new Uint8Array(arr); 2745e41f4b71Sopenharmony_ci} 2746e41f4b71Sopenharmony_ci 2747e41f4b71Sopenharmony_cilet certData = "-----BEGIN CERTIFICATE-----\n" + 2748e41f4b71Sopenharmony_ci "MIID1TCCAr2gAwIBAgIITXr1++kFUU4wDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE\n" + 2749e41f4b71Sopenharmony_ci "BhMCQ04xEjAQBgNVBAgTCWd1YW5nZG9uZzERMA8GA1UEBxMIc2hlbnpoZW4xEjAQ\n" + 2750e41f4b71Sopenharmony_ci "BgNVBAoTCXRlc3RTZWNDYTESMBAGA1UECxMJdGVzdFNlY0NhMRIwEAYDVQQDEwl0\n" + 2751e41f4b71Sopenharmony_ci "ZXN0U2VjQ2EwHhcNMjMxMjIxMDAwMDAwWhcNMjcxMjIwMjM1OTU5WjBxMQswCQYD\n" + 2752e41f4b71Sopenharmony_ci "VQQGEwJDTjEOMAwGA1UECBMFZ2Fuc3UxEDAOBgNVBAcTB2xhbnpob3UxFDASBgNV\n" + 2753e41f4b71Sopenharmony_ci "BAoTC3Rlc3RUaGlyZENhMRQwEgYDVQQLEwt0ZXN0VGhpcmRDYTEUMBIGA1UEAxML\n" + 2754e41f4b71Sopenharmony_ci "dGVzdFRoaXJkQ2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJMKSq\n" + 2755e41f4b71Sopenharmony_ci "Fn4G4EJATauw+4s+n/JbINBAiuhzURzzdt2T8JJQLDV9RHj4mZt84yv6lqEpl2fm\n" + 2756e41f4b71Sopenharmony_ci "gIClfu173pEV51/PSq5IaV481u/Dz/OTy9TwfxmIXAWdNpyodDOg4I9K7LC01ge8\n" + 2757e41f4b71Sopenharmony_ci "xxyKFi7k7m2eTGA4dYQM0E0AEXzCpg2JN3IIIPhzHCIVJmYjcbVxiaFkvT4ZFFUk\n" + 2758e41f4b71Sopenharmony_ci "4rDSbAQdn6dJ29msrFm8iGhMGC/bzq9Bii38Qg4y4o89QYiboRWCxv3XfuibT+jw\n" + 2759e41f4b71Sopenharmony_ci "O3pmfsFuT8/bKOWVm94FmRxiKuj6iE8UVewxtByzDgAsBtJKDjaCv3IkqfbIu+sq\n" + 2760e41f4b71Sopenharmony_ci "/eeJkVJRJXAP3ZpLAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\n" + 2761e41f4b71Sopenharmony_ci "FIxvPSwEmjOMW10H+gn2gy5HvMmMMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEE\n" + 2762e41f4b71Sopenharmony_ci "BAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0B\n" + 2763e41f4b71Sopenharmony_ci "AQsFAAOCAQEAWu0u72g5y1weexPoJQnUgcwVtuC+/tTS9YvyCtKYE91gn97LSWn9\n" + 2764e41f4b71Sopenharmony_ci "mXXGmLceU27B8JwhER9JeiQO1SUdDcvlfb5vt6eB+5cbZcgeERUBP8t0znh7DbMg\n" + 2765e41f4b71Sopenharmony_ci "4TFjt9gZ970PZ1OlTBNPoZNRBKIox61KVUhiVKTVSbXlVP1yUF1uSlSq+0NYayHw\n" + 2766e41f4b71Sopenharmony_ci "MnX1BeLxbAcAsTPYHjoeFJIrGkKlydLyt/8hDQzpLRW5uEUTjjqLh7vef0OaOP80\n" + 2767e41f4b71Sopenharmony_ci "MmADt6ojRYvwdMDHF0ASJyupLQ+hiRLVadciK8Z5W34JGN2jwEw5X3nXyAgErIJZ\n" + 2768e41f4b71Sopenharmony_ci "pqdTflnFLnSwy5M3QHB+xjYAcS9l1br2LA==\n" + 2769e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" 2770e41f4b71Sopenharmony_ci 2771e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 2772e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 2773e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 2774e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 2775e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 2776e41f4b71Sopenharmony_ci }; 2777e41f4b71Sopenharmony_ci 2778e41f4b71Sopenharmony_ciasync function certGetExtensionsObject() { 2779e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 2780e41f4b71Sopenharmony_ci try { 2781e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 2782e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 2783e41f4b71Sopenharmony_ci let object = x509Cert.getExtensionsObject(); 2784e41f4b71Sopenharmony_ci } catch (err) { 2785e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2786e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2787e41f4b71Sopenharmony_ci } 2788e41f4b71Sopenharmony_ci} 2789e41f4b71Sopenharmony_ci``` 2790e41f4b71Sopenharmony_ci 2791e41f4b71Sopenharmony_ci## cert.createCertExtension<sup>10+</sup> 2792e41f4b71Sopenharmony_ci 2793e41f4b71Sopenharmony_cicreateCertExtension(inStream : EncodingBlob, callback : AsyncCallback\<CertExtension>) : void 2794e41f4b71Sopenharmony_ci 2795e41f4b71Sopenharmony_ci表示创建证书扩展域段的对象,使用Callback回调异步返回结果。 2796e41f4b71Sopenharmony_ci 2797e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2798e41f4b71Sopenharmony_ci 2799e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2800e41f4b71Sopenharmony_ci 2801e41f4b71Sopenharmony_ci**参数**: 2802e41f4b71Sopenharmony_ci 2803e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2804e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | ---- | -------------------------- | 2805e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据 | 2806e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[CertExtension](#certextension10)> | 是 | 回调函数。表示扩展域段对象 | 2807e41f4b71Sopenharmony_ci 2808e41f4b71Sopenharmony_ci**错误码:** 2809e41f4b71Sopenharmony_ci 2810e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2811e41f4b71Sopenharmony_ci 2812e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2813e41f4b71Sopenharmony_ci| -------- | ------------- | 2814e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2815e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2816e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2817e41f4b71Sopenharmony_ci 2818e41f4b71Sopenharmony_ci**示例:** 2819e41f4b71Sopenharmony_ci 2820e41f4b71Sopenharmony_ci```ts 2821e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2822e41f4b71Sopenharmony_ci 2823e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 2824e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 2825e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2826e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2827e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2828e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2829e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2830e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2831e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2832e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2833e41f4b71Sopenharmony_ci 0xD9, 0xE4 2834e41f4b71Sopenharmony_ci]); 2835e41f4b71Sopenharmony_ci 2836e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2837e41f4b71Sopenharmony_ci data: extData, 2838e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2839e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 2840e41f4b71Sopenharmony_ci}; 2841e41f4b71Sopenharmony_ci 2842e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob, (error, certExt) => { 2843e41f4b71Sopenharmony_ci if (error) { 2844e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2845e41f4b71Sopenharmony_ci } else { 2846e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 2847e41f4b71Sopenharmony_ci } 2848e41f4b71Sopenharmony_ci}); 2849e41f4b71Sopenharmony_ci``` 2850e41f4b71Sopenharmony_ci 2851e41f4b71Sopenharmony_ci## cert.createCertExtension<sup>10+</sup> 2852e41f4b71Sopenharmony_ci 2853e41f4b71Sopenharmony_cicreateCertExtension(inStream : EncodingBlob) : Promise\<CertExtension> 2854e41f4b71Sopenharmony_ci 2855e41f4b71Sopenharmony_ci表示创建证书扩展域段的对象,使用Promise方式异步返回结果。 2856e41f4b71Sopenharmony_ci 2857e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2858e41f4b71Sopenharmony_ci 2859e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2860e41f4b71Sopenharmony_ci 2861e41f4b71Sopenharmony_ci**参数**: 2862e41f4b71Sopenharmony_ci 2863e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2864e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------------- | 2865e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书扩展域段序列化数据 | 2866e41f4b71Sopenharmony_ci 2867e41f4b71Sopenharmony_ci**返回值**: 2868e41f4b71Sopenharmony_ci 2869e41f4b71Sopenharmony_ci| 类型 | 说明 | 2870e41f4b71Sopenharmony_ci| ------------------------------------------- | -------------------- | 2871e41f4b71Sopenharmony_ci| Promise\<[CertExtension](#certextension10)> | 表示证书扩展域段对象 | 2872e41f4b71Sopenharmony_ci 2873e41f4b71Sopenharmony_ci**错误码:** 2874e41f4b71Sopenharmony_ci 2875e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2876e41f4b71Sopenharmony_ci 2877e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2878e41f4b71Sopenharmony_ci| -------- | ------------- | 2879e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 2880e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 2881e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2882e41f4b71Sopenharmony_ci 2883e41f4b71Sopenharmony_ci**示例:** 2884e41f4b71Sopenharmony_ci 2885e41f4b71Sopenharmony_ci```ts 2886e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2887e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2888e41f4b71Sopenharmony_ci 2889e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 2890e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 2891e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2892e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2893e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2894e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2895e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2896e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2897e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2898e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2899e41f4b71Sopenharmony_ci 0xD9, 0xE4 2900e41f4b71Sopenharmony_ci]); 2901e41f4b71Sopenharmony_ci 2902e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2903e41f4b71Sopenharmony_ci data: extData, 2904e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2905e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 2906e41f4b71Sopenharmony_ci}; 2907e41f4b71Sopenharmony_ci 2908e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob).then(certExt => { 2909e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 2910e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 2911e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2912e41f4b71Sopenharmony_ci}); 2913e41f4b71Sopenharmony_ci``` 2914e41f4b71Sopenharmony_ci 2915e41f4b71Sopenharmony_ci## CertExtension<sup>10+</sup> 2916e41f4b71Sopenharmony_ci 2917e41f4b71Sopenharmony_ci证书扩展域段类。 2918e41f4b71Sopenharmony_ci 2919e41f4b71Sopenharmony_ci### getEncoded<sup>10+</sup> 2920e41f4b71Sopenharmony_ci 2921e41f4b71Sopenharmony_cigetEncoded() : EncodingBlob 2922e41f4b71Sopenharmony_ci 2923e41f4b71Sopenharmony_ci表示获取证书扩展域段序列化数据。 2924e41f4b71Sopenharmony_ci 2925e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2926e41f4b71Sopenharmony_ci 2927e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2928e41f4b71Sopenharmony_ci 2929e41f4b71Sopenharmony_ci**返回值**: 2930e41f4b71Sopenharmony_ci 2931e41f4b71Sopenharmony_ci| 类型 | 说明 | 2932e41f4b71Sopenharmony_ci| ----------------------------- | ---------------------------- | 2933e41f4b71Sopenharmony_ci| [EncodingBlob](#encodingblob) | 表示证书扩展域段序列化数据。 | 2934e41f4b71Sopenharmony_ci 2935e41f4b71Sopenharmony_ci**错误码:** 2936e41f4b71Sopenharmony_ci 2937e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 2938e41f4b71Sopenharmony_ci 2939e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 2940e41f4b71Sopenharmony_ci| -------- | ----------------------- | 2941e41f4b71Sopenharmony_ci| 19020001 | memory error. | 2942e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 2943e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 2944e41f4b71Sopenharmony_ci 2945e41f4b71Sopenharmony_ci**示例:** 2946e41f4b71Sopenharmony_ci 2947e41f4b71Sopenharmony_ci```ts 2948e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 2949e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 2950e41f4b71Sopenharmony_ci 2951e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 2952e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 2953e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 2954e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 2955e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 2956e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 2957e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 2958e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 2959e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 2960e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 2961e41f4b71Sopenharmony_ci 0xD9, 0xE4 2962e41f4b71Sopenharmony_ci]); 2963e41f4b71Sopenharmony_ci 2964e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 2965e41f4b71Sopenharmony_ci data: extData, 2966e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 2967e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 2968e41f4b71Sopenharmony_ci}; 2969e41f4b71Sopenharmony_ci 2970e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob, (error, certExt) => { 2971e41f4b71Sopenharmony_ci if (error) { 2972e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 2973e41f4b71Sopenharmony_ci } else { 2974e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 2975e41f4b71Sopenharmony_ci try { 2976e41f4b71Sopenharmony_ci let extEncodedBlob = certExt.getEncoded(); 2977e41f4b71Sopenharmony_ci } catch (err) { 2978e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 2979e41f4b71Sopenharmony_ci console.error('ext getEncoded failed, errCode: ' + e.code + ', errMsg: ' + e.message); 2980e41f4b71Sopenharmony_ci } 2981e41f4b71Sopenharmony_ci } 2982e41f4b71Sopenharmony_ci}); 2983e41f4b71Sopenharmony_ci``` 2984e41f4b71Sopenharmony_ci 2985e41f4b71Sopenharmony_ci### getOidList<sup>10+</sup> 2986e41f4b71Sopenharmony_ci 2987e41f4b71Sopenharmony_cigetOidList(valueType : ExtensionOidType) : DataArray 2988e41f4b71Sopenharmony_ci 2989e41f4b71Sopenharmony_ci表示获取证书扩展域段对象标识符列表。 2990e41f4b71Sopenharmony_ci 2991e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 2992e41f4b71Sopenharmony_ci 2993e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 2994e41f4b71Sopenharmony_ci 2995e41f4b71Sopenharmony_ci**参数**: 2996e41f4b71Sopenharmony_ci 2997e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 2998e41f4b71Sopenharmony_ci| --------- | ------------------------------------- | ---- | ------------------------------ | 2999e41f4b71Sopenharmony_ci| valueType | [ExtensionOidType](#extensionoidtype10) | 是 | 表示证书扩展域段对象标识符类型 | 3000e41f4b71Sopenharmony_ci 3001e41f4b71Sopenharmony_ci**返回值**: 3002e41f4b71Sopenharmony_ci 3003e41f4b71Sopenharmony_ci| 类型 | 说明 | 3004e41f4b71Sopenharmony_ci| ----------------------- | -------------------------------- | 3005e41f4b71Sopenharmony_ci| [DataArray](#dataarray) | 表示证书扩展域段对象标识符列表。 | 3006e41f4b71Sopenharmony_ci 3007e41f4b71Sopenharmony_ci**错误码:** 3008e41f4b71Sopenharmony_ci 3009e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3010e41f4b71Sopenharmony_ci 3011e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3012e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3013e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3014e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3015e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3016e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3017e41f4b71Sopenharmony_ci 3018e41f4b71Sopenharmony_ci**示例:** 3019e41f4b71Sopenharmony_ci 3020e41f4b71Sopenharmony_ci```ts 3021e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3022e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3023e41f4b71Sopenharmony_ci 3024e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 3025e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 3026e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3027e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3028e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3029e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3030e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3031e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3032e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3033e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3034e41f4b71Sopenharmony_ci 0xD9, 0xE4 3035e41f4b71Sopenharmony_ci]); 3036e41f4b71Sopenharmony_ci 3037e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3038e41f4b71Sopenharmony_ci data: extData, 3039e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 3040e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 3041e41f4b71Sopenharmony_ci}; 3042e41f4b71Sopenharmony_ci 3043e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob, (error, certExt) => { 3044e41f4b71Sopenharmony_ci if (error) { 3045e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3046e41f4b71Sopenharmony_ci } else { 3047e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 3048e41f4b71Sopenharmony_ci try { 3049e41f4b71Sopenharmony_ci let oidList = certExt.getOidList(cert.ExtensionOidType.EXTENSION_OID_TYPE_ALL); 3050e41f4b71Sopenharmony_ci } catch (err) { 3051e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 3052e41f4b71Sopenharmony_ci console.error('ext getOidList failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3053e41f4b71Sopenharmony_ci } 3054e41f4b71Sopenharmony_ci } 3055e41f4b71Sopenharmony_ci}); 3056e41f4b71Sopenharmony_ci``` 3057e41f4b71Sopenharmony_ci 3058e41f4b71Sopenharmony_ci### getEntry<sup>10+</sup> 3059e41f4b71Sopenharmony_ci 3060e41f4b71Sopenharmony_cigetEntry(valueType: ExtensionEntryType, oid : DataBlob) : DataBlob 3061e41f4b71Sopenharmony_ci 3062e41f4b71Sopenharmony_ci表示获取证书扩展域段对象信息。 3063e41f4b71Sopenharmony_ci 3064e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3065e41f4b71Sopenharmony_ci 3066e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3067e41f4b71Sopenharmony_ci 3068e41f4b71Sopenharmony_ci**参数**: 3069e41f4b71Sopenharmony_ci 3070e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3071e41f4b71Sopenharmony_ci| --------- | ----------------------------------------- | ---- | -------------------------------- | 3072e41f4b71Sopenharmony_ci| valueType | [ExtensionEntryType](#extensionentrytype10) | 是 | 表示证书扩展域段获取的类型 | 3073e41f4b71Sopenharmony_ci| oid | [DataBlob](#datablob) | 是 | 表示证书扩展域段获取的对象标识符 | 3074e41f4b71Sopenharmony_ci 3075e41f4b71Sopenharmony_ci**返回值**: 3076e41f4b71Sopenharmony_ci 3077e41f4b71Sopenharmony_ci| 类型 | 说明 | 3078e41f4b71Sopenharmony_ci| --------------------- | ---------------------------- | 3079e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示证书扩展域段对象的数据。 | 3080e41f4b71Sopenharmony_ci 3081e41f4b71Sopenharmony_ci**错误码:** 3082e41f4b71Sopenharmony_ci 3083e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3084e41f4b71Sopenharmony_ci 3085e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3086e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3087e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3088e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3089e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3090e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3091e41f4b71Sopenharmony_ci 3092e41f4b71Sopenharmony_ci**示例:** 3093e41f4b71Sopenharmony_ci 3094e41f4b71Sopenharmony_ci```ts 3095e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3096e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3097e41f4b71Sopenharmony_ci 3098e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 3099e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 3100e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3101e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3102e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3103e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3104e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3105e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3106e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3107e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3108e41f4b71Sopenharmony_ci 0xD9, 0xE4 3109e41f4b71Sopenharmony_ci]); 3110e41f4b71Sopenharmony_ci 3111e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3112e41f4b71Sopenharmony_ci data: extData, 3113e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 3114e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 3115e41f4b71Sopenharmony_ci}; 3116e41f4b71Sopenharmony_ci 3117e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob, (error, certExt) => { 3118e41f4b71Sopenharmony_ci if (error) { 3119e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3120e41f4b71Sopenharmony_ci } else { 3121e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 3122e41f4b71Sopenharmony_ci let oid = new Uint8Array([0x32, 0x2e, 0x35, 0x2e, 0x32, 0x39, 0x2e, 0x31, 0x35]); 3123e41f4b71Sopenharmony_ci let oidBlob: cert.DataBlob = { 3124e41f4b71Sopenharmony_ci data: oid 3125e41f4b71Sopenharmony_ci } 3126e41f4b71Sopenharmony_ci try { 3127e41f4b71Sopenharmony_ci let entry = certExt.getEntry(cert.ExtensionEntryType.EXTENSION_ENTRY_TYPE_ENTRY, oidBlob); 3128e41f4b71Sopenharmony_ci } catch (err) { 3129e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 3130e41f4b71Sopenharmony_ci console.error('ext getEntry failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3131e41f4b71Sopenharmony_ci } 3132e41f4b71Sopenharmony_ci } 3133e41f4b71Sopenharmony_ci}); 3134e41f4b71Sopenharmony_ci``` 3135e41f4b71Sopenharmony_ci 3136e41f4b71Sopenharmony_ci 3137e41f4b71Sopenharmony_ci### checkCA<sup>10+</sup> 3138e41f4b71Sopenharmony_ci 3139e41f4b71Sopenharmony_cicheckCA() : number 3140e41f4b71Sopenharmony_ci 3141e41f4b71Sopenharmony_ci表示校验证书是否为CA证书。 3142e41f4b71Sopenharmony_ci 3143e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3144e41f4b71Sopenharmony_ci 3145e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3146e41f4b71Sopenharmony_ci 3147e41f4b71Sopenharmony_ci**返回值**: 3148e41f4b71Sopenharmony_ci 3149e41f4b71Sopenharmony_ci| 类型 | 说明 | 3150e41f4b71Sopenharmony_ci| ------ | ------------------------------------------------------------ | 3151e41f4b71Sopenharmony_ci| number | 当证书扩展域段中密钥用途包含签名用途,并且基本约束中cA字段为true时,表示证书为CA证书。如果不是CA,则返回-1;否则返回基本约束中的路径长度。如果证书是CA证书,但是基本约束中未给定路径长度,则返回-2,表示无路径长度限制。 | 3152e41f4b71Sopenharmony_ci 3153e41f4b71Sopenharmony_ci**错误码:** 3154e41f4b71Sopenharmony_ci 3155e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3156e41f4b71Sopenharmony_ci 3157e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3158e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3159e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3160e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3161e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3162e41f4b71Sopenharmony_ci 3163e41f4b71Sopenharmony_ci**示例:** 3164e41f4b71Sopenharmony_ci 3165e41f4b71Sopenharmony_ci```ts 3166e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3167e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3168e41f4b71Sopenharmony_ci 3169e41f4b71Sopenharmony_ci// 证书扩展域段二进制数据,需业务自行赋值 3170e41f4b71Sopenharmony_cilet extData = new Uint8Array([ 3171e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3172e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3173e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3174e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3175e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3176e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3177e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3178e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3179e41f4b71Sopenharmony_ci 0xD9, 0xE4 3180e41f4b71Sopenharmony_ci]); 3181e41f4b71Sopenharmony_ci 3182e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3183e41f4b71Sopenharmony_ci data: extData, 3184e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,仅支持FORMAT_DER 3185e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 3186e41f4b71Sopenharmony_ci}; 3187e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob, (error, certExt) => { 3188e41f4b71Sopenharmony_ci if (error) { 3189e41f4b71Sopenharmony_ci console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3190e41f4b71Sopenharmony_ci } else { 3191e41f4b71Sopenharmony_ci console.log('createCertExtension success'); 3192e41f4b71Sopenharmony_ci try { 3193e41f4b71Sopenharmony_ci let res = certExt.checkCA(); 3194e41f4b71Sopenharmony_ci } catch (err) { 3195e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 3196e41f4b71Sopenharmony_ci console.error('ext checkCA failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3197e41f4b71Sopenharmony_ci } 3198e41f4b71Sopenharmony_ci } 3199e41f4b71Sopenharmony_ci}); 3200e41f4b71Sopenharmony_ci``` 3201e41f4b71Sopenharmony_ci 3202e41f4b71Sopenharmony_ci### hasUnsupportedCriticalExtension<sup>11+</sup> 3203e41f4b71Sopenharmony_ci 3204e41f4b71Sopenharmony_cihasUnsupportedCriticalExtension(): boolean 3205e41f4b71Sopenharmony_ci 3206e41f4b71Sopenharmony_ci判断是否存在不支持的关键扩展。 3207e41f4b71Sopenharmony_ci 3208e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3209e41f4b71Sopenharmony_ci 3210e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3211e41f4b71Sopenharmony_ci 3212e41f4b71Sopenharmony_ci**返回值**: 3213e41f4b71Sopenharmony_ci 3214e41f4b71Sopenharmony_ci| 类型 | 说明 | 3215e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------------- | 3216e41f4b71Sopenharmony_ci| boolean | 当存在不支持的关键扩展时,该方法返回true,否则返回false。 | 3217e41f4b71Sopenharmony_ci 3218e41f4b71Sopenharmony_ci**错误码:** 3219e41f4b71Sopenharmony_ci 3220e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3221e41f4b71Sopenharmony_ci 3222e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3223e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3224e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3225e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3226e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3227e41f4b71Sopenharmony_ci 3228e41f4b71Sopenharmony_ci**示例:** 3229e41f4b71Sopenharmony_ci 3230e41f4b71Sopenharmony_ci```ts 3231e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3232e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3233e41f4b71Sopenharmony_ci 3234e41f4b71Sopenharmony_cilet encodingData = new Uint8Array([ 3235e41f4b71Sopenharmony_ci 0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 3236e41f4b71Sopenharmony_ci 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 3237e41f4b71Sopenharmony_ci 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 3238e41f4b71Sopenharmony_ci 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 3239e41f4b71Sopenharmony_ci 0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55, 3240e41f4b71Sopenharmony_ci 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C, 3241e41f4b71Sopenharmony_ci 0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86, 3242e41f4b71Sopenharmony_ci 0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0, 3243e41f4b71Sopenharmony_ci 0xD9, 0xE4 3244e41f4b71Sopenharmony_ci]); 3245e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3246e41f4b71Sopenharmony_ci data: new Uint8Array(encodingData), 3247e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_DER 3248e41f4b71Sopenharmony_ci}; 3249e41f4b71Sopenharmony_ci 3250e41f4b71Sopenharmony_cicert.createCertExtension(encodingBlob).then((extensionObj) => { 3251e41f4b71Sopenharmony_ci console.log('createCertExtension success!'); 3252e41f4b71Sopenharmony_ci const result = extensionObj.hasUnsupportedCriticalExtension() 3253e41f4b71Sopenharmony_ci console.log('has unsupported critical extension result is:' + result); 3254e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 3255e41f4b71Sopenharmony_ci console.error('createCertExtension failed'); 3256e41f4b71Sopenharmony_ci}); 3257e41f4b71Sopenharmony_ci``` 3258e41f4b71Sopenharmony_ci 3259e41f4b71Sopenharmony_ci## cert.createX509Crl<sup>(deprecated)</sup> 3260e41f4b71Sopenharmony_ci 3261e41f4b71Sopenharmony_cicreateX509Crl(inStream : EncodingBlob, callback : AsyncCallback\<X509Crl>) : void 3262e41f4b71Sopenharmony_ci 3263e41f4b71Sopenharmony_ci表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。 3264e41f4b71Sopenharmony_ci 3265e41f4b71Sopenharmony_ci> **说明:** 3266e41f4b71Sopenharmony_ci> 3267e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[cert.createX509CRL](#certcreatex509crl11)替代。 3268e41f4b71Sopenharmony_ci 3269e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3270e41f4b71Sopenharmony_ci 3271e41f4b71Sopenharmony_ci**参数**: 3272e41f4b71Sopenharmony_ci 3273e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3274e41f4b71Sopenharmony_ci| -------- | ----------------------------------- | ---- | ------------------------------ | 3275e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 3276e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[X509Crl](#x509crldeprecated)> | 是 | 回调函数。表示证书吊销列表对象 | 3277e41f4b71Sopenharmony_ci 3278e41f4b71Sopenharmony_ci**错误码:** 3279e41f4b71Sopenharmony_ci 3280e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3281e41f4b71Sopenharmony_ci 3282e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3283e41f4b71Sopenharmony_ci| -------- | ------------- | 3284e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3285e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3286e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3287e41f4b71Sopenharmony_ci 3288e41f4b71Sopenharmony_ci**示例:** 3289e41f4b71Sopenharmony_ci 3290e41f4b71Sopenharmony_ci```ts 3291e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3292e41f4b71Sopenharmony_ci 3293e41f4b71Sopenharmony_ci// string转Uint8Array 3294e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3295e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3296e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3297e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3298e41f4b71Sopenharmony_ci } 3299e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3300e41f4b71Sopenharmony_ci} 3301e41f4b71Sopenharmony_ci 3302e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3303e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3304e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3305e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3306e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3307e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3308e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3309e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3310e41f4b71Sopenharmony_ci 3311e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3312e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3313e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3314e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3315e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3316e41f4b71Sopenharmony_ci}; 3317e41f4b71Sopenharmony_ci 3318e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 3319e41f4b71Sopenharmony_ci if (error) { 3320e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3321e41f4b71Sopenharmony_ci } else { 3322e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3323e41f4b71Sopenharmony_ci } 3324e41f4b71Sopenharmony_ci}); 3325e41f4b71Sopenharmony_ci``` 3326e41f4b71Sopenharmony_ci 3327e41f4b71Sopenharmony_ci## cert.createX509Crl<sup>(deprecated)</sup> 3328e41f4b71Sopenharmony_ci 3329e41f4b71Sopenharmony_cicreateX509Crl(inStream : EncodingBlob) : Promise\<X509Crl> 3330e41f4b71Sopenharmony_ci 3331e41f4b71Sopenharmony_ci表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。 3332e41f4b71Sopenharmony_ci 3333e41f4b71Sopenharmony_ci> **说明:** 3334e41f4b71Sopenharmony_ci> 3335e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[cert.createX509CRL](#certcreatex509crl11-1)替代。 3336e41f4b71Sopenharmony_ci 3337e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3338e41f4b71Sopenharmony_ci 3339e41f4b71Sopenharmony_ci**参数**: 3340e41f4b71Sopenharmony_ci 3341e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3342e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------------- | 3343e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 3344e41f4b71Sopenharmony_ci 3345e41f4b71Sopenharmony_ci**返回值**: 3346e41f4b71Sopenharmony_ci 3347e41f4b71Sopenharmony_ci| 类型 | 说明 | 3348e41f4b71Sopenharmony_ci| ----------------------------- | -------------------- | 3349e41f4b71Sopenharmony_ci| Promise\<[X509Crl](#x509crldeprecated)> | 表示证书吊销列表对象 | 3350e41f4b71Sopenharmony_ci 3351e41f4b71Sopenharmony_ci**错误码:** 3352e41f4b71Sopenharmony_ci 3353e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3354e41f4b71Sopenharmony_ci 3355e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3356e41f4b71Sopenharmony_ci| -------- | ------------- | 3357e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3358e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3359e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3360e41f4b71Sopenharmony_ci 3361e41f4b71Sopenharmony_ci**示例:** 3362e41f4b71Sopenharmony_ci 3363e41f4b71Sopenharmony_ci```ts 3364e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3365e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3366e41f4b71Sopenharmony_ci 3367e41f4b71Sopenharmony_ci// string转Uint8Array 3368e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3369e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3370e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3371e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3372e41f4b71Sopenharmony_ci } 3373e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3374e41f4b71Sopenharmony_ci} 3375e41f4b71Sopenharmony_ci 3376e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3377e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3378e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3379e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3380e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3381e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3382e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3383e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3384e41f4b71Sopenharmony_ci 3385e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3386e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3387e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3388e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3389e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3390e41f4b71Sopenharmony_ci}; 3391e41f4b71Sopenharmony_ci 3392e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob).then(x509Crl => { 3393e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3394e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 3395e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3396e41f4b71Sopenharmony_ci}); 3397e41f4b71Sopenharmony_ci``` 3398e41f4b71Sopenharmony_ci 3399e41f4b71Sopenharmony_ci## cert.createX509CRL<sup>11+</sup> 3400e41f4b71Sopenharmony_ci 3401e41f4b71Sopenharmony_cicreateX509CRL(inStream : EncodingBlob, callback : AsyncCallback\<X509CRL>) : void 3402e41f4b71Sopenharmony_ci 3403e41f4b71Sopenharmony_ci表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。 3404e41f4b71Sopenharmony_ci 3405e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3406e41f4b71Sopenharmony_ci 3407e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3408e41f4b71Sopenharmony_ci 3409e41f4b71Sopenharmony_ci**参数**: 3410e41f4b71Sopenharmony_ci 3411e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3412e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | ------------------------------ | 3413e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 3414e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[X509CRL](#x509crl11)> | 是 | 回调函数。表示证书吊销列表对象 | 3415e41f4b71Sopenharmony_ci 3416e41f4b71Sopenharmony_ci**错误码:** 3417e41f4b71Sopenharmony_ci 3418e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3419e41f4b71Sopenharmony_ci 3420e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3421e41f4b71Sopenharmony_ci| -------- | ------------- | 3422e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3423e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3424e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3425e41f4b71Sopenharmony_ci 3426e41f4b71Sopenharmony_ci**示例:** 3427e41f4b71Sopenharmony_ci 3428e41f4b71Sopenharmony_ci```ts 3429e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3430e41f4b71Sopenharmony_ci 3431e41f4b71Sopenharmony_ci// string转Uint8Array 3432e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3433e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3434e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3435e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3436e41f4b71Sopenharmony_ci } 3437e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3438e41f4b71Sopenharmony_ci} 3439e41f4b71Sopenharmony_ci 3440e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3441e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3442e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3443e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3444e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3445e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3446e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3447e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3448e41f4b71Sopenharmony_ci 3449e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3450e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3451e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3452e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3453e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3454e41f4b71Sopenharmony_ci}; 3455e41f4b71Sopenharmony_ci 3456e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, X509CRL) => { 3457e41f4b71Sopenharmony_ci if (error) { 3458e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3459e41f4b71Sopenharmony_ci } else { 3460e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 3461e41f4b71Sopenharmony_ci } 3462e41f4b71Sopenharmony_ci}); 3463e41f4b71Sopenharmony_ci``` 3464e41f4b71Sopenharmony_ci 3465e41f4b71Sopenharmony_ci## cert.createX509CRL<sup>11+</sup> 3466e41f4b71Sopenharmony_ci 3467e41f4b71Sopenharmony_cicreateX509CRL(inStream : EncodingBlob) : Promise\<X509CRL> 3468e41f4b71Sopenharmony_ci 3469e41f4b71Sopenharmony_ci表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。 3470e41f4b71Sopenharmony_ci 3471e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 3472e41f4b71Sopenharmony_ci 3473e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3474e41f4b71Sopenharmony_ci 3475e41f4b71Sopenharmony_ci**参数**: 3476e41f4b71Sopenharmony_ci 3477e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3478e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------------- | 3479e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | 表示证书吊销列表序列化数据 | 3480e41f4b71Sopenharmony_ci 3481e41f4b71Sopenharmony_ci**返回值**: 3482e41f4b71Sopenharmony_ci 3483e41f4b71Sopenharmony_ci| 类型 | 说明 | 3484e41f4b71Sopenharmony_ci| ------------------------------- | -------------------- | 3485e41f4b71Sopenharmony_ci| Promise\<[X509CRL](#x509crl11)> | 表示证书吊销列表对象 | 3486e41f4b71Sopenharmony_ci 3487e41f4b71Sopenharmony_ci**错误码:** 3488e41f4b71Sopenharmony_ci 3489e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3490e41f4b71Sopenharmony_ci 3491e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3492e41f4b71Sopenharmony_ci| -------- | ------------- | 3493e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3494e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 3495e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3496e41f4b71Sopenharmony_ci 3497e41f4b71Sopenharmony_ci**示例:** 3498e41f4b71Sopenharmony_ci 3499e41f4b71Sopenharmony_ci```ts 3500e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3501e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3502e41f4b71Sopenharmony_ci 3503e41f4b71Sopenharmony_ci// string转Uint8Array 3504e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3505e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3506e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3507e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3508e41f4b71Sopenharmony_ci } 3509e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3510e41f4b71Sopenharmony_ci} 3511e41f4b71Sopenharmony_ci 3512e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3513e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3514e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3515e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3516e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3517e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3518e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3519e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3520e41f4b71Sopenharmony_ci 3521e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3522e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3523e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3524e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3525e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3526e41f4b71Sopenharmony_ci}; 3527e41f4b71Sopenharmony_ci 3528e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob).then(X509CRL => { 3529e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 3530e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 3531e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3532e41f4b71Sopenharmony_ci}); 3533e41f4b71Sopenharmony_ci``` 3534e41f4b71Sopenharmony_ci 3535e41f4b71Sopenharmony_ci## X509Crl<sup>(deprecated)</sup> 3536e41f4b71Sopenharmony_ci 3537e41f4b71Sopenharmony_ciX509证书吊销列表对象。 3538e41f4b71Sopenharmony_ci 3539e41f4b71Sopenharmony_ci> **说明:** 3540e41f4b71Sopenharmony_ci> 3541e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL](#x509crl11)替代。 3542e41f4b71Sopenharmony_ci 3543e41f4b71Sopenharmony_ci### isRevoked<sup>(deprecated)</sup> 3544e41f4b71Sopenharmony_ci 3545e41f4b71Sopenharmony_ciisRevoked(cert : X509Cert) : boolean 3546e41f4b71Sopenharmony_ci 3547e41f4b71Sopenharmony_ci表示检查证书是否吊销。 3548e41f4b71Sopenharmony_ci 3549e41f4b71Sopenharmony_ci> **说明:** 3550e41f4b71Sopenharmony_ci> 3551e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.isRevoked](#isrevoked11)替代。 3552e41f4b71Sopenharmony_ci 3553e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3554e41f4b71Sopenharmony_ci 3555e41f4b71Sopenharmony_ci**参数**: 3556e41f4b71Sopenharmony_ci 3557e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3558e41f4b71Sopenharmony_ci| ------ | -------- | ---- | -------------------- | 3559e41f4b71Sopenharmony_ci| cert | X509Cert | 是 | 表示被检查的证书对象 | 3560e41f4b71Sopenharmony_ci 3561e41f4b71Sopenharmony_ci**返回值**: 3562e41f4b71Sopenharmony_ci 3563e41f4b71Sopenharmony_ci| 类型 | 说明 | 3564e41f4b71Sopenharmony_ci| --------- | --------------------------------------------- | 3565e41f4b71Sopenharmony_ci| boolean | 表示证书吊销状态,true表示已吊销,false表示未吊销 | 3566e41f4b71Sopenharmony_ci 3567e41f4b71Sopenharmony_ci**错误码:** 3568e41f4b71Sopenharmony_ci 3569e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3570e41f4b71Sopenharmony_ci 3571e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3572e41f4b71Sopenharmony_ci| -------- | ------------- | 3573e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3574e41f4b71Sopenharmony_ci 3575e41f4b71Sopenharmony_ci**示例:** 3576e41f4b71Sopenharmony_ci 3577e41f4b71Sopenharmony_ci```ts 3578e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3579e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3580e41f4b71Sopenharmony_ci 3581e41f4b71Sopenharmony_ci// string转Uint8Array 3582e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3583e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3584e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3585e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3586e41f4b71Sopenharmony_ci } 3587e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3588e41f4b71Sopenharmony_ci} 3589e41f4b71Sopenharmony_ci 3590e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3591e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3592e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3593e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3594e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3595e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3596e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3597e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3598e41f4b71Sopenharmony_ci 3599e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 3600e41f4b71Sopenharmony_ci 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 3601e41f4b71Sopenharmony_ci 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 3602e41f4b71Sopenharmony_ci 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 3603e41f4b71Sopenharmony_ci 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 3604e41f4b71Sopenharmony_ci 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 3605e41f4b71Sopenharmony_ci '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 3606e41f4b71Sopenharmony_ci 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 3607e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 3608e41f4b71Sopenharmony_ci 3609e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3610e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3611e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3612e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3613e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3614e41f4b71Sopenharmony_ci}; 3615e41f4b71Sopenharmony_ci 3616e41f4b71Sopenharmony_cilet certEncodingBlob: cert.EncodingBlob = { 3617e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 3618e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3619e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3620e41f4b71Sopenharmony_ci}; 3621e41f4b71Sopenharmony_ci 3622e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 3623e41f4b71Sopenharmony_ci if (error) { 3624e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3625e41f4b71Sopenharmony_ci } else { 3626e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3627e41f4b71Sopenharmony_ci // Create an X509Cert instance. 3628e41f4b71Sopenharmony_ci cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 3629e41f4b71Sopenharmony_ci if (error) { 3630e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3631e41f4b71Sopenharmony_ci } else { 3632e41f4b71Sopenharmony_ci try { 3633e41f4b71Sopenharmony_ci let revokedFlag = x509Crl.isRevoked(x509Cert); 3634e41f4b71Sopenharmony_ci } catch (error) { 3635e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 3636e41f4b71Sopenharmony_ci console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3637e41f4b71Sopenharmony_ci } 3638e41f4b71Sopenharmony_ci } 3639e41f4b71Sopenharmony_ci }); 3640e41f4b71Sopenharmony_ci } 3641e41f4b71Sopenharmony_ci}); 3642e41f4b71Sopenharmony_ci``` 3643e41f4b71Sopenharmony_ci 3644e41f4b71Sopenharmony_ci### getType<sup>(deprecated)</sup> 3645e41f4b71Sopenharmony_ci 3646e41f4b71Sopenharmony_cigetType() : string 3647e41f4b71Sopenharmony_ci 3648e41f4b71Sopenharmony_ci表示获取证书吊销列表类型。 3649e41f4b71Sopenharmony_ci 3650e41f4b71Sopenharmony_ci> **说明:** 3651e41f4b71Sopenharmony_ci> 3652e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getType](#gettype11)替代。 3653e41f4b71Sopenharmony_ci 3654e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3655e41f4b71Sopenharmony_ci 3656e41f4b71Sopenharmony_ci**返回值**: 3657e41f4b71Sopenharmony_ci 3658e41f4b71Sopenharmony_ci| 类型 | 说明 | 3659e41f4b71Sopenharmony_ci| ------ | -------------------- | 3660e41f4b71Sopenharmony_ci| string | 表示证书吊销列表类型 | 3661e41f4b71Sopenharmony_ci 3662e41f4b71Sopenharmony_ci**示例:** 3663e41f4b71Sopenharmony_ci 3664e41f4b71Sopenharmony_ci```ts 3665e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3666e41f4b71Sopenharmony_ci 3667e41f4b71Sopenharmony_ci// string转Uint8Array 3668e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3669e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3670e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3671e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3672e41f4b71Sopenharmony_ci } 3673e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3674e41f4b71Sopenharmony_ci} 3675e41f4b71Sopenharmony_ci 3676e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3677e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3678e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3679e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3680e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3681e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3682e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3683e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3684e41f4b71Sopenharmony_ci 3685e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3686e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3687e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3688e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3689e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3690e41f4b71Sopenharmony_ci}; 3691e41f4b71Sopenharmony_ci 3692e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 3693e41f4b71Sopenharmony_ci if (error) { 3694e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3695e41f4b71Sopenharmony_ci } else { 3696e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3697e41f4b71Sopenharmony_ci let type = x509Crl.getType(); 3698e41f4b71Sopenharmony_ci } 3699e41f4b71Sopenharmony_ci}); 3700e41f4b71Sopenharmony_ci``` 3701e41f4b71Sopenharmony_ci 3702e41f4b71Sopenharmony_ci### getEncoded<sup>(deprecated)</sup> 3703e41f4b71Sopenharmony_ci 3704e41f4b71Sopenharmony_cigetEncoded(callback : AsyncCallback\<EncodingBlob>) : void 3705e41f4b71Sopenharmony_ci 3706e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。 3707e41f4b71Sopenharmony_ci 3708e41f4b71Sopenharmony_ci> **说明:** 3709e41f4b71Sopenharmony_ci> 3710e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getEncoded](#getencoded11)替代。 3711e41f4b71Sopenharmony_ci 3712e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3713e41f4b71Sopenharmony_ci 3714e41f4b71Sopenharmony_ci**参数**: 3715e41f4b71Sopenharmony_ci 3716e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3717e41f4b71Sopenharmony_ci| -------- | ---------------------------- | ---- | ------------------------------------------ | 3718e41f4b71Sopenharmony_ci| callback | AsyncCallback\<EncodingBlob> | 是 | 回调函数,表示X509证书吊销列表的序列化数据 | 3719e41f4b71Sopenharmony_ci 3720e41f4b71Sopenharmony_ci**错误码:** 3721e41f4b71Sopenharmony_ci 3722e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3723e41f4b71Sopenharmony_ci 3724e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3725e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3726e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 3727e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3728e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3729e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3730e41f4b71Sopenharmony_ci 3731e41f4b71Sopenharmony_ci**示例:** 3732e41f4b71Sopenharmony_ci 3733e41f4b71Sopenharmony_ci```ts 3734e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3735e41f4b71Sopenharmony_ci 3736e41f4b71Sopenharmony_ci// string转Uint8Array 3737e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3738e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3739e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3740e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3741e41f4b71Sopenharmony_ci } 3742e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3743e41f4b71Sopenharmony_ci} 3744e41f4b71Sopenharmony_ci 3745e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3746e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3747e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3748e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3749e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3750e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3751e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3752e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3753e41f4b71Sopenharmony_ci 3754e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3755e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3756e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3757e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3758e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3759e41f4b71Sopenharmony_ci}; 3760e41f4b71Sopenharmony_ci 3761e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 3762e41f4b71Sopenharmony_ci if (error) { 3763e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3764e41f4b71Sopenharmony_ci } else { 3765e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3766e41f4b71Sopenharmony_ci x509Crl.getEncoded((error, data) => { 3767e41f4b71Sopenharmony_ci if (error) { 3768e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3769e41f4b71Sopenharmony_ci } else { 3770e41f4b71Sopenharmony_ci console.log('getEncoded success'); 3771e41f4b71Sopenharmony_ci } 3772e41f4b71Sopenharmony_ci }); 3773e41f4b71Sopenharmony_ci } 3774e41f4b71Sopenharmony_ci}); 3775e41f4b71Sopenharmony_ci``` 3776e41f4b71Sopenharmony_ci 3777e41f4b71Sopenharmony_ci### getEncoded<sup>(deprecated)</sup> 3778e41f4b71Sopenharmony_ci 3779e41f4b71Sopenharmony_cigetEncoded() : Promise\<EncodingBlob> 3780e41f4b71Sopenharmony_ci 3781e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。 3782e41f4b71Sopenharmony_ci 3783e41f4b71Sopenharmony_ci> **说明:** 3784e41f4b71Sopenharmony_ci> 3785e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getEncoded](#getencoded11-1)替代。 3786e41f4b71Sopenharmony_ci 3787e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3788e41f4b71Sopenharmony_ci 3789e41f4b71Sopenharmony_ci**返回值**: 3790e41f4b71Sopenharmony_ci 3791e41f4b71Sopenharmony_ci| 类型 | 说明 | 3792e41f4b71Sopenharmony_ci| ---------------------- | -------------------------------- | 3793e41f4b71Sopenharmony_ci| Promise\<EncodingBlob> | 表示X509证书吊销列表的序列化数据 | 3794e41f4b71Sopenharmony_ci 3795e41f4b71Sopenharmony_ci**错误码:** 3796e41f4b71Sopenharmony_ci 3797e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3798e41f4b71Sopenharmony_ci 3799e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3800e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3801e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 3802e41f4b71Sopenharmony_ci| 19020001 | memory error. | 3803e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 3804e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3805e41f4b71Sopenharmony_ci 3806e41f4b71Sopenharmony_ci**示例:** 3807e41f4b71Sopenharmony_ci 3808e41f4b71Sopenharmony_ci```ts 3809e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3810e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3811e41f4b71Sopenharmony_ci 3812e41f4b71Sopenharmony_ci// string转Uint8Array 3813e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3814e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3815e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3816e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3817e41f4b71Sopenharmony_ci } 3818e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3819e41f4b71Sopenharmony_ci} 3820e41f4b71Sopenharmony_ci 3821e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3822e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3823e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3824e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3825e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3826e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3827e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3828e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3829e41f4b71Sopenharmony_ci 3830e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3831e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3832e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3833e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3834e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3835e41f4b71Sopenharmony_ci}; 3836e41f4b71Sopenharmony_ci 3837e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob).then(x509Crl => { 3838e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3839e41f4b71Sopenharmony_ci x509Crl.getEncoded().then(result => { 3840e41f4b71Sopenharmony_ci console.log('getEncoded success'); 3841e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 3842e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3843e41f4b71Sopenharmony_ci }); 3844e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 3845e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3846e41f4b71Sopenharmony_ci}); 3847e41f4b71Sopenharmony_ci``` 3848e41f4b71Sopenharmony_ci 3849e41f4b71Sopenharmony_ci### verify<sup>(deprecated)</sup> 3850e41f4b71Sopenharmony_ci 3851e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 3852e41f4b71Sopenharmony_ci 3853e41f4b71Sopenharmony_ci表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。 3854e41f4b71Sopenharmony_ci 3855e41f4b71Sopenharmony_ci> **说明:** 3856e41f4b71Sopenharmony_ci> 3857e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.verify](#verify11)替代。 3858e41f4b71Sopenharmony_ci 3859e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 3860e41f4b71Sopenharmony_ci 3861e41f4b71Sopenharmony_ci**参数**: 3862e41f4b71Sopenharmony_ci 3863e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 3864e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | ------------------------------------------------------------ | 3865e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象 | 3866e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。 | 3867e41f4b71Sopenharmony_ci 3868e41f4b71Sopenharmony_ci**错误码:** 3869e41f4b71Sopenharmony_ci 3870e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 3871e41f4b71Sopenharmony_ci 3872e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 3873e41f4b71Sopenharmony_ci| -------- | ----------------------- | 3874e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 3875e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 3876e41f4b71Sopenharmony_ci 3877e41f4b71Sopenharmony_ci**示例:** 3878e41f4b71Sopenharmony_ci 3879e41f4b71Sopenharmony_ci```ts 3880e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 3881e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 3882e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 3883e41f4b71Sopenharmony_ci 3884e41f4b71Sopenharmony_ci// string转Uint8Array 3885e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 3886e41f4b71Sopenharmony_ci let arr: Array<number> = []; 3887e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 3888e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 3889e41f4b71Sopenharmony_ci } 3890e41f4b71Sopenharmony_ci return new Uint8Array(arr); 3891e41f4b71Sopenharmony_ci} 3892e41f4b71Sopenharmony_ci 3893e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 3894e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 3895e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 3896e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 3897e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 3898e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 3899e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 3900e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 3901e41f4b71Sopenharmony_ci 3902e41f4b71Sopenharmony_cilet pubKeyData = new Uint8Array([ 3903e41f4b71Sopenharmony_ci 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 3904e41f4b71Sopenharmony_ci 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 3905e41f4b71Sopenharmony_ci 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 3906e41f4b71Sopenharmony_ci 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 3907e41f4b71Sopenharmony_ci 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 3908e41f4b71Sopenharmony_ci 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 3909e41f4b71Sopenharmony_ci 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 3910e41f4b71Sopenharmony_ci 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 3911e41f4b71Sopenharmony_ci 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 3912e41f4b71Sopenharmony_ci 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 3913e41f4b71Sopenharmony_ci 0x00, 0x01 3914e41f4b71Sopenharmony_ci]); 3915e41f4b71Sopenharmony_ci 3916e41f4b71Sopenharmony_cilet priKeyData = new Uint8Array([ 3917e41f4b71Sopenharmony_ci 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 3918e41f4b71Sopenharmony_ci 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 3919e41f4b71Sopenharmony_ci 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 3920e41f4b71Sopenharmony_ci 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 3921e41f4b71Sopenharmony_ci 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 3922e41f4b71Sopenharmony_ci 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 3923e41f4b71Sopenharmony_ci 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 3924e41f4b71Sopenharmony_ci 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 3925e41f4b71Sopenharmony_ci 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 3926e41f4b71Sopenharmony_ci 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 3927e41f4b71Sopenharmony_ci 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 3928e41f4b71Sopenharmony_ci 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 3929e41f4b71Sopenharmony_ci 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 3930e41f4b71Sopenharmony_ci 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 3931e41f4b71Sopenharmony_ci 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 3932e41f4b71Sopenharmony_ci 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 3933e41f4b71Sopenharmony_ci 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 3934e41f4b71Sopenharmony_ci 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 3935e41f4b71Sopenharmony_ci 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 3936e41f4b71Sopenharmony_ci 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 3937e41f4b71Sopenharmony_ci 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 3938e41f4b71Sopenharmony_ci 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 3939e41f4b71Sopenharmony_ci 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 3940e41f4b71Sopenharmony_ci 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 3941e41f4b71Sopenharmony_ci 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 3942e41f4b71Sopenharmony_ci 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 3943e41f4b71Sopenharmony_ci 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 3944e41f4b71Sopenharmony_ci 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 3945e41f4b71Sopenharmony_ci 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 3946e41f4b71Sopenharmony_ci 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 3947e41f4b71Sopenharmony_ci 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 3948e41f4b71Sopenharmony_ci 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 3949e41f4b71Sopenharmony_ci 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 3950e41f4b71Sopenharmony_ci 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 3951e41f4b71Sopenharmony_ci 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 3952e41f4b71Sopenharmony_ci 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 3953e41f4b71Sopenharmony_ci 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 3954e41f4b71Sopenharmony_ci 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 3955e41f4b71Sopenharmony_ci 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 3956e41f4b71Sopenharmony_ci 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 3957e41f4b71Sopenharmony_ci]); 3958e41f4b71Sopenharmony_ci 3959e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 3960e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 3961e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 3962e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 3963e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 3964e41f4b71Sopenharmony_ci}; 3965e41f4b71Sopenharmony_ci 3966e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 3967e41f4b71Sopenharmony_ci if (error) { 3968e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 3969e41f4b71Sopenharmony_ci } else { 3970e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 3971e41f4b71Sopenharmony_ci try { 3972e41f4b71Sopenharmony_ci // Generate the public key by AsyKeyGenerator. 3973e41f4b71Sopenharmony_ci let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 3974e41f4b71Sopenharmony_ci console.log('createAsyKeyGenerator success'); 3975e41f4b71Sopenharmony_ci let priEncodingBlob: cryptoFramework.DataBlob = { 3976e41f4b71Sopenharmony_ci data: priKeyData, 3977e41f4b71Sopenharmony_ci }; 3978e41f4b71Sopenharmony_ci let pubEncodingBlob: cryptoFramework.DataBlob = { 3979e41f4b71Sopenharmony_ci data: pubKeyData, 3980e41f4b71Sopenharmony_ci }; 3981e41f4b71Sopenharmony_ci keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => { 3982e41f4b71Sopenharmony_ci if (e) { 3983e41f4b71Sopenharmony_ci console.error('convert key failed, message: ' + e.message + 'code: ' + e.code); 3984e41f4b71Sopenharmony_ci } else { 3985e41f4b71Sopenharmony_ci console.log('convert key success'); 3986e41f4b71Sopenharmony_ci x509Crl.verify(keyPair.pubKey, (err, data) => { 3987e41f4b71Sopenharmony_ci if (err) { 3988e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 3989e41f4b71Sopenharmony_ci } else { 3990e41f4b71Sopenharmony_ci console.log('verify success'); 3991e41f4b71Sopenharmony_ci } 3992e41f4b71Sopenharmony_ci }); 3993e41f4b71Sopenharmony_ci } 3994e41f4b71Sopenharmony_ci }) 3995e41f4b71Sopenharmony_ci } catch (error) { 3996e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 3997e41f4b71Sopenharmony_ci console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 3998e41f4b71Sopenharmony_ci } 3999e41f4b71Sopenharmony_ci } 4000e41f4b71Sopenharmony_ci}); 4001e41f4b71Sopenharmony_ci``` 4002e41f4b71Sopenharmony_ci 4003e41f4b71Sopenharmony_ci### verify<sup>(deprecated)</sup> 4004e41f4b71Sopenharmony_ci 4005e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey) : Promise\<void> 4006e41f4b71Sopenharmony_ci 4007e41f4b71Sopenharmony_ci表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。 4008e41f4b71Sopenharmony_ci 4009e41f4b71Sopenharmony_ci> **说明:** 4010e41f4b71Sopenharmony_ci> 4011e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.verify](#verify11-1)替代。 4012e41f4b71Sopenharmony_ci 4013e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4014e41f4b71Sopenharmony_ci 4015e41f4b71Sopenharmony_ci**参数**: 4016e41f4b71Sopenharmony_ci 4017e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4018e41f4b71Sopenharmony_ci| ------ | ------ | ---- | ---------------------- | 4019e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 4020e41f4b71Sopenharmony_ci 4021e41f4b71Sopenharmony_ci**返回值**: 4022e41f4b71Sopenharmony_ci 4023e41f4b71Sopenharmony_ci| 类型 | 说明 | 4024e41f4b71Sopenharmony_ci| ---- | ------------------------------------------------------------ | 4025e41f4b71Sopenharmony_ci| Promise\<void> | Promise对象 | 4026e41f4b71Sopenharmony_ci 4027e41f4b71Sopenharmony_ci**错误码:** 4028e41f4b71Sopenharmony_ci 4029e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4030e41f4b71Sopenharmony_ci 4031e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4032e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4033e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4034e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4035e41f4b71Sopenharmony_ci 4036e41f4b71Sopenharmony_ci**示例:** 4037e41f4b71Sopenharmony_ci 4038e41f4b71Sopenharmony_ci```ts 4039e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4040e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit' 4041e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4042e41f4b71Sopenharmony_ci 4043e41f4b71Sopenharmony_ci// string转Uint8Array 4044e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4045e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4046e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4047e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4048e41f4b71Sopenharmony_ci } 4049e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4050e41f4b71Sopenharmony_ci} 4051e41f4b71Sopenharmony_ci 4052e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4053e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4054e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4055e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4056e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4057e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4058e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4059e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4060e41f4b71Sopenharmony_ci 4061e41f4b71Sopenharmony_cilet pubKeyData = new Uint8Array([ 4062e41f4b71Sopenharmony_ci 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 4063e41f4b71Sopenharmony_ci 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 4064e41f4b71Sopenharmony_ci 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 4065e41f4b71Sopenharmony_ci 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 4066e41f4b71Sopenharmony_ci 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 4067e41f4b71Sopenharmony_ci 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 4068e41f4b71Sopenharmony_ci 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 4069e41f4b71Sopenharmony_ci 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 4070e41f4b71Sopenharmony_ci 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 4071e41f4b71Sopenharmony_ci 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 4072e41f4b71Sopenharmony_ci 0x00, 0x01 4073e41f4b71Sopenharmony_ci]); 4074e41f4b71Sopenharmony_ci 4075e41f4b71Sopenharmony_cilet priKeyData = new Uint8Array([ 4076e41f4b71Sopenharmony_ci 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 4077e41f4b71Sopenharmony_ci 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 4078e41f4b71Sopenharmony_ci 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 4079e41f4b71Sopenharmony_ci 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 4080e41f4b71Sopenharmony_ci 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 4081e41f4b71Sopenharmony_ci 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 4082e41f4b71Sopenharmony_ci 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 4083e41f4b71Sopenharmony_ci 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 4084e41f4b71Sopenharmony_ci 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 4085e41f4b71Sopenharmony_ci 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 4086e41f4b71Sopenharmony_ci 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 4087e41f4b71Sopenharmony_ci 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 4088e41f4b71Sopenharmony_ci 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 4089e41f4b71Sopenharmony_ci 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 4090e41f4b71Sopenharmony_ci 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 4091e41f4b71Sopenharmony_ci 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 4092e41f4b71Sopenharmony_ci 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 4093e41f4b71Sopenharmony_ci 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 4094e41f4b71Sopenharmony_ci 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 4095e41f4b71Sopenharmony_ci 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 4096e41f4b71Sopenharmony_ci 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 4097e41f4b71Sopenharmony_ci 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 4098e41f4b71Sopenharmony_ci 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 4099e41f4b71Sopenharmony_ci 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 4100e41f4b71Sopenharmony_ci 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 4101e41f4b71Sopenharmony_ci 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 4102e41f4b71Sopenharmony_ci 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 4103e41f4b71Sopenharmony_ci 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 4104e41f4b71Sopenharmony_ci 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 4105e41f4b71Sopenharmony_ci 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 4106e41f4b71Sopenharmony_ci 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 4107e41f4b71Sopenharmony_ci 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 4108e41f4b71Sopenharmony_ci 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 4109e41f4b71Sopenharmony_ci 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 4110e41f4b71Sopenharmony_ci 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 4111e41f4b71Sopenharmony_ci 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 4112e41f4b71Sopenharmony_ci 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 4113e41f4b71Sopenharmony_ci 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 4114e41f4b71Sopenharmony_ci 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 4115e41f4b71Sopenharmony_ci 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 4116e41f4b71Sopenharmony_ci]); 4117e41f4b71Sopenharmony_ci 4118e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4119e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4120e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4121e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4122e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4123e41f4b71Sopenharmony_ci}; 4124e41f4b71Sopenharmony_ci 4125e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob).then(x509Crl => { 4126e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4127e41f4b71Sopenharmony_ci 4128e41f4b71Sopenharmony_ci try { 4129e41f4b71Sopenharmony_ci // 生成公钥对象 4130e41f4b71Sopenharmony_ci let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 4131e41f4b71Sopenharmony_ci console.log('createAsyKeyGenerator success'); 4132e41f4b71Sopenharmony_ci let priEncodingBlob: cryptoFramework.DataBlob = { 4133e41f4b71Sopenharmony_ci data: priKeyData, 4134e41f4b71Sopenharmony_ci }; 4135e41f4b71Sopenharmony_ci let pubEncodingBlob: cryptoFramework.DataBlob = { 4136e41f4b71Sopenharmony_ci data: pubKeyData, 4137e41f4b71Sopenharmony_ci }; 4138e41f4b71Sopenharmony_ci keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => { 4139e41f4b71Sopenharmony_ci console.log('convert key success'); 4140e41f4b71Sopenharmony_ci x509Crl.verify(keyPair.pubKey).then(result => { 4141e41f4b71Sopenharmony_ci console.log('verify success'); 4142e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 4143e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4144e41f4b71Sopenharmony_ci }); 4145e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 4146e41f4b71Sopenharmony_ci console.error('convert key failed, message: ' + error.message + 'code: ' + error.code); 4147e41f4b71Sopenharmony_ci }); 4148e41f4b71Sopenharmony_ci } catch (error) { 4149e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4150e41f4b71Sopenharmony_ci console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4151e41f4b71Sopenharmony_ci } 4152e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 4153e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4154e41f4b71Sopenharmony_ci}); 4155e41f4b71Sopenharmony_ci``` 4156e41f4b71Sopenharmony_ci 4157e41f4b71Sopenharmony_ci### getVersion<sup>(deprecated)</sup> 4158e41f4b71Sopenharmony_ci 4159e41f4b71Sopenharmony_cigetVersion() : number 4160e41f4b71Sopenharmony_ci 4161e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的版本号。 4162e41f4b71Sopenharmony_ci 4163e41f4b71Sopenharmony_ci> **说明:** 4164e41f4b71Sopenharmony_ci> 4165e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getVersion](#getversion11)替代。 4166e41f4b71Sopenharmony_ci 4167e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4168e41f4b71Sopenharmony_ci 4169e41f4b71Sopenharmony_ci**返回值**: 4170e41f4b71Sopenharmony_ci 4171e41f4b71Sopenharmony_ci| 类型 | 说明 | 4172e41f4b71Sopenharmony_ci| ------ | -------------------------------- | 4173e41f4b71Sopenharmony_ci| number | 表示获取X509证书吊销列表的版本号 | 4174e41f4b71Sopenharmony_ci 4175e41f4b71Sopenharmony_ci**示例:** 4176e41f4b71Sopenharmony_ci 4177e41f4b71Sopenharmony_ci```ts 4178e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4179e41f4b71Sopenharmony_ci 4180e41f4b71Sopenharmony_ci// string转Uint8Array 4181e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4182e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4183e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4184e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4185e41f4b71Sopenharmony_ci } 4186e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4187e41f4b71Sopenharmony_ci} 4188e41f4b71Sopenharmony_ci 4189e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4190e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4191e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4192e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4193e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4194e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4195e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4196e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4197e41f4b71Sopenharmony_ci 4198e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4199e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4200e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4201e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4202e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4203e41f4b71Sopenharmony_ci}; 4204e41f4b71Sopenharmony_ci 4205e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4206e41f4b71Sopenharmony_ci if (error) { 4207e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4208e41f4b71Sopenharmony_ci } else { 4209e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4210e41f4b71Sopenharmony_ci let version = x509Crl.getVersion(); 4211e41f4b71Sopenharmony_ci } 4212e41f4b71Sopenharmony_ci}); 4213e41f4b71Sopenharmony_ci``` 4214e41f4b71Sopenharmony_ci 4215e41f4b71Sopenharmony_ci### getIssuerName<sup>(deprecated)</sup> 4216e41f4b71Sopenharmony_ci 4217e41f4b71Sopenharmony_cigetIssuerName() : DataBlob 4218e41f4b71Sopenharmony_ci 4219e41f4b71Sopenharmony_ci表示获取X509证书吊销列表颁发者名称。 4220e41f4b71Sopenharmony_ci 4221e41f4b71Sopenharmony_ci> **说明:** 4222e41f4b71Sopenharmony_ci> 4223e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getIssuerName](#getissuername11)替代。 4224e41f4b71Sopenharmony_ci 4225e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4226e41f4b71Sopenharmony_ci 4227e41f4b71Sopenharmony_ci**返回值**: 4228e41f4b71Sopenharmony_ci 4229e41f4b71Sopenharmony_ci| 类型 | 说明 | 4230e41f4b71Sopenharmony_ci| --------------------- | ------------------------------ | 4231e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表颁发者名称 | 4232e41f4b71Sopenharmony_ci 4233e41f4b71Sopenharmony_ci**错误码:** 4234e41f4b71Sopenharmony_ci 4235e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4236e41f4b71Sopenharmony_ci 4237e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4238e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4239e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4240e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4241e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4242e41f4b71Sopenharmony_ci 4243e41f4b71Sopenharmony_ci**示例:** 4244e41f4b71Sopenharmony_ci 4245e41f4b71Sopenharmony_ci```ts 4246e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4247e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4248e41f4b71Sopenharmony_ci 4249e41f4b71Sopenharmony_ci// string转Uint8Array 4250e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4251e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4252e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4253e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4254e41f4b71Sopenharmony_ci } 4255e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4256e41f4b71Sopenharmony_ci} 4257e41f4b71Sopenharmony_ci 4258e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4259e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4260e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4261e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4262e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4263e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4264e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4265e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4266e41f4b71Sopenharmony_ci 4267e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4268e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4269e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4270e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4271e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4272e41f4b71Sopenharmony_ci}; 4273e41f4b71Sopenharmony_ci 4274e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4275e41f4b71Sopenharmony_ci if (error) { 4276e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4277e41f4b71Sopenharmony_ci } else { 4278e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4279e41f4b71Sopenharmony_ci try { 4280e41f4b71Sopenharmony_ci let issuerName = x509Crl.getIssuerName(); 4281e41f4b71Sopenharmony_ci } catch (err) { 4282e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 4283e41f4b71Sopenharmony_ci console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4284e41f4b71Sopenharmony_ci } 4285e41f4b71Sopenharmony_ci } 4286e41f4b71Sopenharmony_ci}); 4287e41f4b71Sopenharmony_ci``` 4288e41f4b71Sopenharmony_ci 4289e41f4b71Sopenharmony_ci### getLastUpdate<sup>(deprecated)</sup> 4290e41f4b71Sopenharmony_ci 4291e41f4b71Sopenharmony_cigetLastUpdate() : string 4292e41f4b71Sopenharmony_ci 4293e41f4b71Sopenharmony_ci表示获取X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 4294e41f4b71Sopenharmony_ci 4295e41f4b71Sopenharmony_ci> **说明:** 4296e41f4b71Sopenharmony_ci> 4297e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getLastUpdate](#getlastupdate11)替代。 4298e41f4b71Sopenharmony_ci 4299e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4300e41f4b71Sopenharmony_ci 4301e41f4b71Sopenharmony_ci**返回值**: 4302e41f4b71Sopenharmony_ci 4303e41f4b71Sopenharmony_ci| 类型 | 说明 | 4304e41f4b71Sopenharmony_ci| ------ | ------------------------------------ | 4305e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 | 4306e41f4b71Sopenharmony_ci 4307e41f4b71Sopenharmony_ci**错误码:** 4308e41f4b71Sopenharmony_ci 4309e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4310e41f4b71Sopenharmony_ci 4311e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4312e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4313e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4314e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4315e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4316e41f4b71Sopenharmony_ci 4317e41f4b71Sopenharmony_ci**示例:** 4318e41f4b71Sopenharmony_ci 4319e41f4b71Sopenharmony_ci```ts 4320e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4321e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4322e41f4b71Sopenharmony_ci 4323e41f4b71Sopenharmony_ci// string转Uint8Array 4324e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4325e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4326e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4327e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4328e41f4b71Sopenharmony_ci } 4329e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4330e41f4b71Sopenharmony_ci} 4331e41f4b71Sopenharmony_ci 4332e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4333e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4334e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4335e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4336e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4337e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4338e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4339e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4340e41f4b71Sopenharmony_ci 4341e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4342e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4343e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4344e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4345e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4346e41f4b71Sopenharmony_ci}; 4347e41f4b71Sopenharmony_ci 4348e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4349e41f4b71Sopenharmony_ci if (error) { 4350e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4351e41f4b71Sopenharmony_ci } else { 4352e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4353e41f4b71Sopenharmony_ci try { 4354e41f4b71Sopenharmony_ci let lastUpdate = x509Crl.getLastUpdate(); 4355e41f4b71Sopenharmony_ci } catch (err) { 4356e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 4357e41f4b71Sopenharmony_ci console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4358e41f4b71Sopenharmony_ci } 4359e41f4b71Sopenharmony_ci } 4360e41f4b71Sopenharmony_ci}); 4361e41f4b71Sopenharmony_ci``` 4362e41f4b71Sopenharmony_ci 4363e41f4b71Sopenharmony_ci### getNextUpdate<sup>(deprecated)</sup> 4364e41f4b71Sopenharmony_ci 4365e41f4b71Sopenharmony_cigetNextUpdate() : string 4366e41f4b71Sopenharmony_ci 4367e41f4b71Sopenharmony_ci表示获取证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 4368e41f4b71Sopenharmony_ci 4369e41f4b71Sopenharmony_ci> **说明:** 4370e41f4b71Sopenharmony_ci> 4371e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getNextUpdate](#getnextupdate11)替代。 4372e41f4b71Sopenharmony_ci 4373e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4374e41f4b71Sopenharmony_ci 4375e41f4b71Sopenharmony_ci**返回值**: 4376e41f4b71Sopenharmony_ci 4377e41f4b71Sopenharmony_ci| 类型 | 说明 | 4378e41f4b71Sopenharmony_ci| ------ | ------------------------------------ | 4379e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 | 4380e41f4b71Sopenharmony_ci 4381e41f4b71Sopenharmony_ci**错误码:** 4382e41f4b71Sopenharmony_ci 4383e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4384e41f4b71Sopenharmony_ci 4385e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4386e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4387e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4388e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4389e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4390e41f4b71Sopenharmony_ci 4391e41f4b71Sopenharmony_ci**示例:** 4392e41f4b71Sopenharmony_ci 4393e41f4b71Sopenharmony_ci```ts 4394e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4395e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4396e41f4b71Sopenharmony_ci 4397e41f4b71Sopenharmony_ci// string转Uint8Array 4398e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4399e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4400e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4401e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4402e41f4b71Sopenharmony_ci } 4403e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4404e41f4b71Sopenharmony_ci} 4405e41f4b71Sopenharmony_ci 4406e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4407e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4408e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4409e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4410e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4411e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4412e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4413e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4414e41f4b71Sopenharmony_ci 4415e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4416e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4417e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4418e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4419e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4420e41f4b71Sopenharmony_ci}; 4421e41f4b71Sopenharmony_ci 4422e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4423e41f4b71Sopenharmony_ci if (error) { 4424e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4425e41f4b71Sopenharmony_ci } else { 4426e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4427e41f4b71Sopenharmony_ci try { 4428e41f4b71Sopenharmony_ci let nextUpdate = x509Crl.getNextUpdate(); 4429e41f4b71Sopenharmony_ci } catch (err) { 4430e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 4431e41f4b71Sopenharmony_ci console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4432e41f4b71Sopenharmony_ci } 4433e41f4b71Sopenharmony_ci } 4434e41f4b71Sopenharmony_ci}); 4435e41f4b71Sopenharmony_ci``` 4436e41f4b71Sopenharmony_ci 4437e41f4b71Sopenharmony_ci### getRevokedCert<sup>(deprecated)</sup> 4438e41f4b71Sopenharmony_ci 4439e41f4b71Sopenharmony_cigetRevokedCert(serialNumber : number) : X509CrlEntry 4440e41f4b71Sopenharmony_ci 4441e41f4b71Sopenharmony_ci表示通过指定证书序列号获取被吊销X509证书对象。 4442e41f4b71Sopenharmony_ci 4443e41f4b71Sopenharmony_ci> **说明:** 4444e41f4b71Sopenharmony_ci> 4445e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCert](#getrevokedcert11)替代。 4446e41f4b71Sopenharmony_ci 4447e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4448e41f4b71Sopenharmony_ci 4449e41f4b71Sopenharmony_ci**参数**: 4450e41f4b71Sopenharmony_ci 4451e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4452e41f4b71Sopenharmony_ci| ------------ | ------ | ---- | -------------- | 4453e41f4b71Sopenharmony_ci| serialNumber | number | 是 | 表示证书序列号 | 4454e41f4b71Sopenharmony_ci 4455e41f4b71Sopenharmony_ci**返回值**: 4456e41f4b71Sopenharmony_ci 4457e41f4b71Sopenharmony_ci| 类型 | 说明 | 4458e41f4b71Sopenharmony_ci| ---------------------- | --------------------- | 4459e41f4b71Sopenharmony_ci| [X509CrlEntry](#x509crlentrydeprecated) | 表示被吊销X509证书对象 | 4460e41f4b71Sopenharmony_ci 4461e41f4b71Sopenharmony_ci**错误码:** 4462e41f4b71Sopenharmony_ci 4463e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4464e41f4b71Sopenharmony_ci 4465e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4466e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4467e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4468e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4469e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4470e41f4b71Sopenharmony_ci 4471e41f4b71Sopenharmony_ci**示例:** 4472e41f4b71Sopenharmony_ci 4473e41f4b71Sopenharmony_ci```ts 4474e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4475e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4476e41f4b71Sopenharmony_ci 4477e41f4b71Sopenharmony_ci// string转Uint8Array 4478e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4479e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4480e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4481e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4482e41f4b71Sopenharmony_ci } 4483e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4484e41f4b71Sopenharmony_ci} 4485e41f4b71Sopenharmony_ci 4486e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4487e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4488e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4489e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4490e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4491e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4492e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4493e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4494e41f4b71Sopenharmony_ci 4495e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4496e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4497e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4498e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4499e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4500e41f4b71Sopenharmony_ci}; 4501e41f4b71Sopenharmony_ci 4502e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4503e41f4b71Sopenharmony_ci if (error) { 4504e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4505e41f4b71Sopenharmony_ci } else { 4506e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4507e41f4b71Sopenharmony_ci let serialNumber = 1000; 4508e41f4b71Sopenharmony_ci try { 4509e41f4b71Sopenharmony_ci let entry = x509Crl.getRevokedCert(serialNumber); 4510e41f4b71Sopenharmony_ci } catch (error) { 4511e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4512e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4513e41f4b71Sopenharmony_ci } 4514e41f4b71Sopenharmony_ci } 4515e41f4b71Sopenharmony_ci}); 4516e41f4b71Sopenharmony_ci``` 4517e41f4b71Sopenharmony_ci 4518e41f4b71Sopenharmony_ci### getRevokedCertWithCert<sup>(deprecated)</sup> 4519e41f4b71Sopenharmony_ci 4520e41f4b71Sopenharmony_cigetRevokedCertWithCert(cert : X509Cert) : X509CrlEntry 4521e41f4b71Sopenharmony_ci 4522e41f4b71Sopenharmony_ci表示通过指定证书对象获取被吊销X509证书对象。 4523e41f4b71Sopenharmony_ci 4524e41f4b71Sopenharmony_ci> **说明:** 4525e41f4b71Sopenharmony_ci> 4526e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCertWithCert](#getrevokedcertwithcert11)替代。 4527e41f4b71Sopenharmony_ci 4528e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4529e41f4b71Sopenharmony_ci 4530e41f4b71Sopenharmony_ci**参数**: 4531e41f4b71Sopenharmony_ci 4532e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4533e41f4b71Sopenharmony_ci| ------ | --------------------- | ---- | ------------ | 4534e41f4b71Sopenharmony_ci| cert | [X509Cert](#x509cert) | 是 | 表示证书对象 | 4535e41f4b71Sopenharmony_ci 4536e41f4b71Sopenharmony_ci**返回值**: 4537e41f4b71Sopenharmony_ci 4538e41f4b71Sopenharmony_ci| 类型 | 说明 | 4539e41f4b71Sopenharmony_ci| ------------ | -------------------- | 4540e41f4b71Sopenharmony_ci| [X509CrlEntry](#x509crlentrydeprecated) | 表示被吊销X509证书对象 | 4541e41f4b71Sopenharmony_ci 4542e41f4b71Sopenharmony_ci**错误码:** 4543e41f4b71Sopenharmony_ci 4544e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4545e41f4b71Sopenharmony_ci 4546e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4547e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4548e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 4549e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4550e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4551e41f4b71Sopenharmony_ci 4552e41f4b71Sopenharmony_ci**示例:** 4553e41f4b71Sopenharmony_ci 4554e41f4b71Sopenharmony_ci```ts 4555e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4556e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4557e41f4b71Sopenharmony_ci 4558e41f4b71Sopenharmony_ci// string转Uint8Array 4559e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4560e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4561e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4562e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4563e41f4b71Sopenharmony_ci } 4564e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4565e41f4b71Sopenharmony_ci} 4566e41f4b71Sopenharmony_ci 4567e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4568e41f4b71Sopenharmony_ci 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 4569e41f4b71Sopenharmony_ci 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 4570e41f4b71Sopenharmony_ci 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 4571e41f4b71Sopenharmony_ci 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 4572e41f4b71Sopenharmony_ci 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 4573e41f4b71Sopenharmony_ci 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 4574e41f4b71Sopenharmony_ci 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 4575e41f4b71Sopenharmony_ci 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 4576e41f4b71Sopenharmony_ci '+i2osvdPWRia0dJCL1PCA14k\n' + 4577e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4578e41f4b71Sopenharmony_ci 4579e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 4580e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 4581e41f4b71Sopenharmony_ci 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 4582e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 4583e41f4b71Sopenharmony_ci 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 4584e41f4b71Sopenharmony_ci 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 4585e41f4b71Sopenharmony_ci 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 4586e41f4b71Sopenharmony_ci 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 4587e41f4b71Sopenharmony_ci 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 4588e41f4b71Sopenharmony_ci '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 4589e41f4b71Sopenharmony_ci '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 4590e41f4b71Sopenharmony_ci 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 4591e41f4b71Sopenharmony_ci 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 4592e41f4b71Sopenharmony_ci 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 4593e41f4b71Sopenharmony_ci 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 4594e41f4b71Sopenharmony_ci '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 4595e41f4b71Sopenharmony_ci 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 4596e41f4b71Sopenharmony_ci 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 4597e41f4b71Sopenharmony_ci 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 4598e41f4b71Sopenharmony_ci 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 4599e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 4600e41f4b71Sopenharmony_ci 4601e41f4b71Sopenharmony_cilet certEncodingBlob: cert.EncodingBlob = { 4602e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 4603e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4604e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4605e41f4b71Sopenharmony_ci}; 4606e41f4b71Sopenharmony_ci 4607e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4608e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4609e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4610e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4611e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4612e41f4b71Sopenharmony_ci}; 4613e41f4b71Sopenharmony_ci 4614e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4615e41f4b71Sopenharmony_ci if (error) { 4616e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4617e41f4b71Sopenharmony_ci } else { 4618e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4619e41f4b71Sopenharmony_ci // 创建X509证书对象. 4620e41f4b71Sopenharmony_ci cert.createX509Cert(certEncodingBlob).then((x509Cert) => { 4621e41f4b71Sopenharmony_ci try { 4622e41f4b71Sopenharmony_ci let entry = x509Crl.getRevokedCertWithCert(x509Cert); 4623e41f4b71Sopenharmony_ci console.log('getRevokedCertWithCert success'); 4624e41f4b71Sopenharmony_ci } catch (error) { 4625e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4626e41f4b71Sopenharmony_ci console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4627e41f4b71Sopenharmony_ci } 4628e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 4629e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4630e41f4b71Sopenharmony_ci }) 4631e41f4b71Sopenharmony_ci } 4632e41f4b71Sopenharmony_ci}); 4633e41f4b71Sopenharmony_ci``` 4634e41f4b71Sopenharmony_ci 4635e41f4b71Sopenharmony_ci### getRevokedCerts<sup>(deprecated)</sup> 4636e41f4b71Sopenharmony_ci 4637e41f4b71Sopenharmony_cigetRevokedCerts(callback : AsyncCallback<Array\<X509CrlEntry>>) : void 4638e41f4b71Sopenharmony_ci 4639e41f4b71Sopenharmony_ci表示获取被吊销X509证书列表,使用Callback回调异步返回结果。 4640e41f4b71Sopenharmony_ci 4641e41f4b71Sopenharmony_ci> **说明:** 4642e41f4b71Sopenharmony_ci> 4643e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCerts](#getrevokedcerts11)替代。 4644e41f4b71Sopenharmony_ci 4645e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4646e41f4b71Sopenharmony_ci 4647e41f4b71Sopenharmony_ci**参数**: 4648e41f4b71Sopenharmony_ci 4649e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 4650e41f4b71Sopenharmony_ci| -------- | ---------------------------------------------------- | ---- | -------------------------------- | 4651e41f4b71Sopenharmony_ci| callback | AsyncCallback<Array\<[X509CrlEntry](#x509crlentrydeprecated)>> | 是 | 回调函数。表示被吊销X509证书列表 | 4652e41f4b71Sopenharmony_ci 4653e41f4b71Sopenharmony_ci**错误码:** 4654e41f4b71Sopenharmony_ci 4655e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4656e41f4b71Sopenharmony_ci 4657e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4658e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4659e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 4660e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4661e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4662e41f4b71Sopenharmony_ci 4663e41f4b71Sopenharmony_ci**示例:** 4664e41f4b71Sopenharmony_ci 4665e41f4b71Sopenharmony_ci```ts 4666e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4667e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4668e41f4b71Sopenharmony_ci 4669e41f4b71Sopenharmony_ci// string转Uint8Array 4670e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4671e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4672e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4673e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4674e41f4b71Sopenharmony_ci } 4675e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4676e41f4b71Sopenharmony_ci} 4677e41f4b71Sopenharmony_ci 4678e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4679e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4680e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4681e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4682e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4683e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4684e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4685e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4686e41f4b71Sopenharmony_ci 4687e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4688e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4689e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4690e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4691e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4692e41f4b71Sopenharmony_ci}; 4693e41f4b71Sopenharmony_ci 4694e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4695e41f4b71Sopenharmony_ci if (error) { 4696e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4697e41f4b71Sopenharmony_ci } else { 4698e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4699e41f4b71Sopenharmony_ci x509Crl.getRevokedCerts((error, array) => { 4700e41f4b71Sopenharmony_ci if (error) { 4701e41f4b71Sopenharmony_ci console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4702e41f4b71Sopenharmony_ci } else { 4703e41f4b71Sopenharmony_ci console.log('getRevokedCerts success'); 4704e41f4b71Sopenharmony_ci } 4705e41f4b71Sopenharmony_ci }); 4706e41f4b71Sopenharmony_ci } 4707e41f4b71Sopenharmony_ci}); 4708e41f4b71Sopenharmony_ci``` 4709e41f4b71Sopenharmony_ci 4710e41f4b71Sopenharmony_ci### getRevokedCerts<sup>(deprecated)</sup> 4711e41f4b71Sopenharmony_ci 4712e41f4b71Sopenharmony_cigetRevokedCerts() : Promise<Array\<X509CrlEntry>> 4713e41f4b71Sopenharmony_ci 4714e41f4b71Sopenharmony_ci表示获取被吊销X509证书列表,使用Promise方式异步返回结果。 4715e41f4b71Sopenharmony_ci 4716e41f4b71Sopenharmony_ci> **说明:** 4717e41f4b71Sopenharmony_ci> 4718e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getRevokedCerts](#getrevokedcerts11-1)替代。 4719e41f4b71Sopenharmony_ci 4720e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4721e41f4b71Sopenharmony_ci 4722e41f4b71Sopenharmony_ci**返回值**: 4723e41f4b71Sopenharmony_ci 4724e41f4b71Sopenharmony_ci| 类型 | 说明 | 4725e41f4b71Sopenharmony_ci| ---------------------------------------------- | ---------------------- | 4726e41f4b71Sopenharmony_ci| Promise<Array\<[X509CrlEntry](#x509crlentrydeprecated)>> | 表示被吊销X509证书列表 | 4727e41f4b71Sopenharmony_ci 4728e41f4b71Sopenharmony_ci**错误码:** 4729e41f4b71Sopenharmony_ci 4730e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4731e41f4b71Sopenharmony_ci 4732e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4733e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4734e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 4735e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4736e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4737e41f4b71Sopenharmony_ci 4738e41f4b71Sopenharmony_ci**示例:** 4739e41f4b71Sopenharmony_ci 4740e41f4b71Sopenharmony_ci```ts 4741e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4742e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4743e41f4b71Sopenharmony_ci 4744e41f4b71Sopenharmony_ci// string转Uint8Array 4745e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4746e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4747e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4748e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4749e41f4b71Sopenharmony_ci } 4750e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4751e41f4b71Sopenharmony_ci} 4752e41f4b71Sopenharmony_ci 4753e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4754e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4755e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4756e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4757e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4758e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4759e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4760e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4761e41f4b71Sopenharmony_ci 4762e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4763e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4764e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4765e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4766e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4767e41f4b71Sopenharmony_ci}; 4768e41f4b71Sopenharmony_ci 4769e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob).then(x509Crl => { 4770e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4771e41f4b71Sopenharmony_ci x509Crl.getRevokedCerts().then(array => { 4772e41f4b71Sopenharmony_ci console.log('getRevokedCerts success'); 4773e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 4774e41f4b71Sopenharmony_ci console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4775e41f4b71Sopenharmony_ci }); 4776e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 4777e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4778e41f4b71Sopenharmony_ci}); 4779e41f4b71Sopenharmony_ci``` 4780e41f4b71Sopenharmony_ci 4781e41f4b71Sopenharmony_ci### getTbsInfo<sup>(deprecated)</sup> 4782e41f4b71Sopenharmony_ci 4783e41f4b71Sopenharmony_cigetTbsInfo() : DataBlob 4784e41f4b71Sopenharmony_ci 4785e41f4b71Sopenharmony_ci表示获取证书吊销列表的tbsCertList信息。 4786e41f4b71Sopenharmony_ci 4787e41f4b71Sopenharmony_ci> **说明:** 4788e41f4b71Sopenharmony_ci> 4789e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getTBSInfo](#gettbsinfo11)替代。 4790e41f4b71Sopenharmony_ci 4791e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4792e41f4b71Sopenharmony_ci 4793e41f4b71Sopenharmony_ci**返回值**: 4794e41f4b71Sopenharmony_ci 4795e41f4b71Sopenharmony_ci| 类型 | 说明 | 4796e41f4b71Sopenharmony_ci| --------------------- | ------------------------------- | 4797e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示证书吊销列表的tbsCertList信息 | 4798e41f4b71Sopenharmony_ci 4799e41f4b71Sopenharmony_ci**错误码:** 4800e41f4b71Sopenharmony_ci 4801e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4802e41f4b71Sopenharmony_ci 4803e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4804e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4805e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4806e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4807e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4808e41f4b71Sopenharmony_ci 4809e41f4b71Sopenharmony_ci**示例:** 4810e41f4b71Sopenharmony_ci 4811e41f4b71Sopenharmony_ci```ts 4812e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4813e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4814e41f4b71Sopenharmony_ci 4815e41f4b71Sopenharmony_ci// string转Uint8Array 4816e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4817e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4818e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4819e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4820e41f4b71Sopenharmony_ci } 4821e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4822e41f4b71Sopenharmony_ci} 4823e41f4b71Sopenharmony_ci 4824e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4825e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4826e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4827e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4828e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4829e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4830e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4831e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4832e41f4b71Sopenharmony_ci 4833e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4834e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4835e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4836e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4837e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4838e41f4b71Sopenharmony_ci}; 4839e41f4b71Sopenharmony_ci 4840e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4841e41f4b71Sopenharmony_ci if (error) { 4842e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4843e41f4b71Sopenharmony_ci } else { 4844e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4845e41f4b71Sopenharmony_ci try { 4846e41f4b71Sopenharmony_ci let tbsInfo = x509Crl.getTbsInfo(); 4847e41f4b71Sopenharmony_ci } catch (error) { 4848e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 4849e41f4b71Sopenharmony_ci console.error('getTbsInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4850e41f4b71Sopenharmony_ci } 4851e41f4b71Sopenharmony_ci } 4852e41f4b71Sopenharmony_ci}); 4853e41f4b71Sopenharmony_ci``` 4854e41f4b71Sopenharmony_ci 4855e41f4b71Sopenharmony_ci### getSignature<sup>(deprecated)</sup> 4856e41f4b71Sopenharmony_ci 4857e41f4b71Sopenharmony_cigetSignature() : DataBlob 4858e41f4b71Sopenharmony_ci 4859e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的签名数据。 4860e41f4b71Sopenharmony_ci 4861e41f4b71Sopenharmony_ci> **说明:** 4862e41f4b71Sopenharmony_ci> 4863e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getSignature](#getsignature11)替代。 4864e41f4b71Sopenharmony_ci 4865e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4866e41f4b71Sopenharmony_ci 4867e41f4b71Sopenharmony_ci**返回值**: 4868e41f4b71Sopenharmony_ci 4869e41f4b71Sopenharmony_ci| 类型 | 说明 | 4870e41f4b71Sopenharmony_ci| --------------------- | ------------------------------ | 4871e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表的签名数据 | 4872e41f4b71Sopenharmony_ci 4873e41f4b71Sopenharmony_ci**错误码:** 4874e41f4b71Sopenharmony_ci 4875e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4876e41f4b71Sopenharmony_ci 4877e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4878e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4879e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4880e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4881e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4882e41f4b71Sopenharmony_ci 4883e41f4b71Sopenharmony_ci**示例:** 4884e41f4b71Sopenharmony_ci 4885e41f4b71Sopenharmony_ci```ts 4886e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4887e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4888e41f4b71Sopenharmony_ci 4889e41f4b71Sopenharmony_ci// string转Uint8Array 4890e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4891e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4892e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4893e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4894e41f4b71Sopenharmony_ci } 4895e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4896e41f4b71Sopenharmony_ci} 4897e41f4b71Sopenharmony_ci 4898e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4899e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4900e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4901e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4902e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4903e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4904e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4905e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4906e41f4b71Sopenharmony_ci 4907e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4908e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4909e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4910e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4911e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4912e41f4b71Sopenharmony_ci}; 4913e41f4b71Sopenharmony_ci 4914e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4915e41f4b71Sopenharmony_ci if (error) { 4916e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4917e41f4b71Sopenharmony_ci } else { 4918e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4919e41f4b71Sopenharmony_ci try { 4920e41f4b71Sopenharmony_ci let signature = x509Crl.getSignature(); 4921e41f4b71Sopenharmony_ci } catch (err) { 4922e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 4923e41f4b71Sopenharmony_ci console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4924e41f4b71Sopenharmony_ci } 4925e41f4b71Sopenharmony_ci } 4926e41f4b71Sopenharmony_ci}); 4927e41f4b71Sopenharmony_ci``` 4928e41f4b71Sopenharmony_ci 4929e41f4b71Sopenharmony_ci### getSignatureAlgName<sup>(deprecated)</sup> 4930e41f4b71Sopenharmony_ci 4931e41f4b71Sopenharmony_cigetSignatureAlgName() : string 4932e41f4b71Sopenharmony_ci 4933e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名的算法名称。 4934e41f4b71Sopenharmony_ci 4935e41f4b71Sopenharmony_ci> **说明:** 4936e41f4b71Sopenharmony_ci> 4937e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgName](#getsignaturealgname11)替代。 4938e41f4b71Sopenharmony_ci 4939e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 4940e41f4b71Sopenharmony_ci 4941e41f4b71Sopenharmony_ci**返回值**: 4942e41f4b71Sopenharmony_ci 4943e41f4b71Sopenharmony_ci| 类型 | 说明 | 4944e41f4b71Sopenharmony_ci| ------ | -------------------------------- | 4945e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表签名的算法名 | 4946e41f4b71Sopenharmony_ci 4947e41f4b71Sopenharmony_ci**错误码:** 4948e41f4b71Sopenharmony_ci 4949e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 4950e41f4b71Sopenharmony_ci 4951e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 4952e41f4b71Sopenharmony_ci| -------- | ----------------------- | 4953e41f4b71Sopenharmony_ci| 19020001 | memory error. | 4954e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 4955e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 4956e41f4b71Sopenharmony_ci 4957e41f4b71Sopenharmony_ci**示例:** 4958e41f4b71Sopenharmony_ci 4959e41f4b71Sopenharmony_ci```ts 4960e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 4961e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 4962e41f4b71Sopenharmony_ci 4963e41f4b71Sopenharmony_ci// string转Uint8Array 4964e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 4965e41f4b71Sopenharmony_ci let arr: Array<number> = []; 4966e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 4967e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 4968e41f4b71Sopenharmony_ci } 4969e41f4b71Sopenharmony_ci return new Uint8Array(arr); 4970e41f4b71Sopenharmony_ci} 4971e41f4b71Sopenharmony_ci 4972e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 4973e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 4974e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 4975e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 4976e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 4977e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 4978e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 4979e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 4980e41f4b71Sopenharmony_ci 4981e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 4982e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 4983e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 4984e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 4985e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 4986e41f4b71Sopenharmony_ci}; 4987e41f4b71Sopenharmony_ci 4988e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 4989e41f4b71Sopenharmony_ci if (error) { 4990e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 4991e41f4b71Sopenharmony_ci } else { 4992e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 4993e41f4b71Sopenharmony_ci try { 4994e41f4b71Sopenharmony_ci let sigAlgName = x509Crl.getSignatureAlgName(); 4995e41f4b71Sopenharmony_ci } catch (err) { 4996e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 4997e41f4b71Sopenharmony_ci console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 4998e41f4b71Sopenharmony_ci } 4999e41f4b71Sopenharmony_ci } 5000e41f4b71Sopenharmony_ci}); 5001e41f4b71Sopenharmony_ci``` 5002e41f4b71Sopenharmony_ci 5003e41f4b71Sopenharmony_ci### getSignatureAlgOid<sup>(deprecated)</sup> 5004e41f4b71Sopenharmony_ci 5005e41f4b71Sopenharmony_cigetSignatureAlgOid() : string 5006e41f4b71Sopenharmony_ci 5007e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 5008e41f4b71Sopenharmony_ci 5009e41f4b71Sopenharmony_ci> **说明:** 5010e41f4b71Sopenharmony_ci> 5011e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgOid](#getsignaturealgoid11)替代。 5012e41f4b71Sopenharmony_ci 5013e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5014e41f4b71Sopenharmony_ci 5015e41f4b71Sopenharmony_ci**返回值**: 5016e41f4b71Sopenharmony_ci 5017e41f4b71Sopenharmony_ci| 类型 | 说明 | 5018e41f4b71Sopenharmony_ci| ------ | --------------------------------------------- | 5019e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表签名算法的对象标志符OID。 | 5020e41f4b71Sopenharmony_ci 5021e41f4b71Sopenharmony_ci**错误码:** 5022e41f4b71Sopenharmony_ci 5023e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5024e41f4b71Sopenharmony_ci 5025e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5026e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5027e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5028e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5029e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5030e41f4b71Sopenharmony_ci 5031e41f4b71Sopenharmony_ci**示例:** 5032e41f4b71Sopenharmony_ci 5033e41f4b71Sopenharmony_ci```ts 5034e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5035e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5036e41f4b71Sopenharmony_ci 5037e41f4b71Sopenharmony_ci// string转Uint8Array 5038e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5039e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5040e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5041e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5042e41f4b71Sopenharmony_ci } 5043e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5044e41f4b71Sopenharmony_ci} 5045e41f4b71Sopenharmony_ci 5046e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5047e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5048e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5049e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5050e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5051e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5052e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5053e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5054e41f4b71Sopenharmony_ci 5055e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5056e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5057e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5058e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5059e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5060e41f4b71Sopenharmony_ci}; 5061e41f4b71Sopenharmony_ci 5062e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 5063e41f4b71Sopenharmony_ci if (error) { 5064e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5065e41f4b71Sopenharmony_ci } else { 5066e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 5067e41f4b71Sopenharmony_ci try { 5068e41f4b71Sopenharmony_ci let sigAlgOid = x509Crl.getSignatureAlgOid(); 5069e41f4b71Sopenharmony_ci } catch (err) { 5070e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 5071e41f4b71Sopenharmony_ci console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5072e41f4b71Sopenharmony_ci } 5073e41f4b71Sopenharmony_ci } 5074e41f4b71Sopenharmony_ci}); 5075e41f4b71Sopenharmony_ci``` 5076e41f4b71Sopenharmony_ci 5077e41f4b71Sopenharmony_ci### getSignatureAlgParams<sup>(deprecated)</sup> 5078e41f4b71Sopenharmony_ci 5079e41f4b71Sopenharmony_cigetSignatureAlgParams() : DataBlob 5080e41f4b71Sopenharmony_ci 5081e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名的算法参数。 5082e41f4b71Sopenharmony_ci 5083e41f4b71Sopenharmony_ci> **说明:** 5084e41f4b71Sopenharmony_ci> 5085e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRL.getSignatureAlgParams](#getsignaturealgparams11)替代。 5086e41f4b71Sopenharmony_ci 5087e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5088e41f4b71Sopenharmony_ci 5089e41f4b71Sopenharmony_ci**返回值**: 5090e41f4b71Sopenharmony_ci 5091e41f4b71Sopenharmony_ci| 类型 | 说明 | 5092e41f4b71Sopenharmony_ci| --------------------- | ---------------------------------- | 5093e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表签名的算法参数 | 5094e41f4b71Sopenharmony_ci 5095e41f4b71Sopenharmony_ci**错误码:** 5096e41f4b71Sopenharmony_ci 5097e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5098e41f4b71Sopenharmony_ci 5099e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5100e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5101e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 5102e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5103e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5104e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5105e41f4b71Sopenharmony_ci 5106e41f4b71Sopenharmony_ci**示例:** 5107e41f4b71Sopenharmony_ci 5108e41f4b71Sopenharmony_ci```ts 5109e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5110e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5111e41f4b71Sopenharmony_ci 5112e41f4b71Sopenharmony_ci// string转Uint8Array 5113e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5114e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5115e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5116e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5117e41f4b71Sopenharmony_ci } 5118e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5119e41f4b71Sopenharmony_ci} 5120e41f4b71Sopenharmony_ci 5121e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5122e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5123e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5124e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5125e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5126e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5127e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5128e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5129e41f4b71Sopenharmony_ci 5130e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5131e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5132e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5133e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5134e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5135e41f4b71Sopenharmony_ci}; 5136e41f4b71Sopenharmony_ci 5137e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (error, x509Crl) => { 5138e41f4b71Sopenharmony_ci if (error) { 5139e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5140e41f4b71Sopenharmony_ci } else { 5141e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 5142e41f4b71Sopenharmony_ci try { 5143e41f4b71Sopenharmony_ci let sigAlgParams = x509Crl.getSignatureAlgParams(); 5144e41f4b71Sopenharmony_ci } catch (err) { 5145e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 5146e41f4b71Sopenharmony_ci console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5147e41f4b71Sopenharmony_ci } 5148e41f4b71Sopenharmony_ci } 5149e41f4b71Sopenharmony_ci}); 5150e41f4b71Sopenharmony_ci``` 5151e41f4b71Sopenharmony_ci## X509CRL<sup>11+</sup> 5152e41f4b71Sopenharmony_ci 5153e41f4b71Sopenharmony_ci被吊销证书列表对象。 5154e41f4b71Sopenharmony_ci 5155e41f4b71Sopenharmony_ci### isRevoked<sup>11+</sup> 5156e41f4b71Sopenharmony_ci 5157e41f4b71Sopenharmony_ciisRevoked(cert : X509Cert) : boolean 5158e41f4b71Sopenharmony_ci 5159e41f4b71Sopenharmony_ci表示检查证书是否吊销。 5160e41f4b71Sopenharmony_ci 5161e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5162e41f4b71Sopenharmony_ci 5163e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5164e41f4b71Sopenharmony_ci 5165e41f4b71Sopenharmony_ci**参数**: 5166e41f4b71Sopenharmony_ci 5167e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5168e41f4b71Sopenharmony_ci| ------ | -------- | ---- | -------------------- | 5169e41f4b71Sopenharmony_ci| cert | [X509Cert](#x509cert) | 是 | 表示被检查的证书对象 | 5170e41f4b71Sopenharmony_ci 5171e41f4b71Sopenharmony_ci**返回值**: 5172e41f4b71Sopenharmony_ci 5173e41f4b71Sopenharmony_ci| 类型 | 说明 | 5174e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------- | 5175e41f4b71Sopenharmony_ci| boolean | 表示证书吊销状态,true表示已吊销,false表示未吊销 | 5176e41f4b71Sopenharmony_ci 5177e41f4b71Sopenharmony_ci**错误码:** 5178e41f4b71Sopenharmony_ci 5179e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5180e41f4b71Sopenharmony_ci 5181e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5182e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5183e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5184e41f4b71Sopenharmony_ci 5185e41f4b71Sopenharmony_ci**示例:** 5186e41f4b71Sopenharmony_ci 5187e41f4b71Sopenharmony_ci```ts 5188e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5189e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5190e41f4b71Sopenharmony_ci 5191e41f4b71Sopenharmony_ci// string转Uint8Array 5192e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5193e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5194e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5195e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5196e41f4b71Sopenharmony_ci } 5197e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5198e41f4b71Sopenharmony_ci} 5199e41f4b71Sopenharmony_ci 5200e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5201e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5202e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5203e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5204e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5205e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5206e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5207e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5208e41f4b71Sopenharmony_ci 5209e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 5210e41f4b71Sopenharmony_ci 'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' + 5211e41f4b71Sopenharmony_ci 'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' + 5212e41f4b71Sopenharmony_ci 'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' + 5213e41f4b71Sopenharmony_ci 'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' + 5214e41f4b71Sopenharmony_ci 'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' + 5215e41f4b71Sopenharmony_ci '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' + 5216e41f4b71Sopenharmony_ci 'BetUokslUfjT6+s/X4ByaxycAA==\n' + 5217e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 5218e41f4b71Sopenharmony_ci 5219e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5220e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5221e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5222e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5223e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5224e41f4b71Sopenharmony_ci}; 5225e41f4b71Sopenharmony_ci 5226e41f4b71Sopenharmony_cilet certEncodingBlob: cert.EncodingBlob = { 5227e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 5228e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5229e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5230e41f4b71Sopenharmony_ci}; 5231e41f4b71Sopenharmony_ci 5232e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5233e41f4b71Sopenharmony_ci if (error) { 5234e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5235e41f4b71Sopenharmony_ci } else { 5236e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5237e41f4b71Sopenharmony_ci // Create an X509Cert instance. 5238e41f4b71Sopenharmony_ci cert.createX509Cert(certEncodingBlob, (error, x509Cert) => { 5239e41f4b71Sopenharmony_ci if (error) { 5240e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5241e41f4b71Sopenharmony_ci } else { 5242e41f4b71Sopenharmony_ci try { 5243e41f4b71Sopenharmony_ci let revokedFlag = x509CRL.isRevoked(x509Cert); 5244e41f4b71Sopenharmony_ci } catch (error) { 5245e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5246e41f4b71Sopenharmony_ci console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5247e41f4b71Sopenharmony_ci } 5248e41f4b71Sopenharmony_ci } 5249e41f4b71Sopenharmony_ci }); 5250e41f4b71Sopenharmony_ci } 5251e41f4b71Sopenharmony_ci}); 5252e41f4b71Sopenharmony_ci``` 5253e41f4b71Sopenharmony_ci 5254e41f4b71Sopenharmony_ci### getType<sup>11+</sup> 5255e41f4b71Sopenharmony_ci 5256e41f4b71Sopenharmony_cigetType() : string 5257e41f4b71Sopenharmony_ci 5258e41f4b71Sopenharmony_ci表示获取证书吊销列表类型。 5259e41f4b71Sopenharmony_ci 5260e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5261e41f4b71Sopenharmony_ci 5262e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5263e41f4b71Sopenharmony_ci 5264e41f4b71Sopenharmony_ci**返回值**: 5265e41f4b71Sopenharmony_ci 5266e41f4b71Sopenharmony_ci| 类型 | 说明 | 5267e41f4b71Sopenharmony_ci| ------ | -------------------- | 5268e41f4b71Sopenharmony_ci| string | 表示证书吊销列表类型 | 5269e41f4b71Sopenharmony_ci 5270e41f4b71Sopenharmony_ci**示例:** 5271e41f4b71Sopenharmony_ci 5272e41f4b71Sopenharmony_ci```ts 5273e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5274e41f4b71Sopenharmony_ci 5275e41f4b71Sopenharmony_ci// string转Uint8Array 5276e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5277e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5278e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5279e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5280e41f4b71Sopenharmony_ci } 5281e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5282e41f4b71Sopenharmony_ci} 5283e41f4b71Sopenharmony_ci 5284e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5285e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5286e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5287e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5288e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5289e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5290e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5291e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5292e41f4b71Sopenharmony_ci 5293e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5294e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5295e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5296e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5297e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5298e41f4b71Sopenharmony_ci}; 5299e41f4b71Sopenharmony_ci 5300e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5301e41f4b71Sopenharmony_ci if (error) { 5302e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5303e41f4b71Sopenharmony_ci } else { 5304e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5305e41f4b71Sopenharmony_ci let type = x509CRL.getType(); 5306e41f4b71Sopenharmony_ci } 5307e41f4b71Sopenharmony_ci}); 5308e41f4b71Sopenharmony_ci``` 5309e41f4b71Sopenharmony_ci 5310e41f4b71Sopenharmony_ci### getEncoded<sup>11+</sup> 5311e41f4b71Sopenharmony_ci 5312e41f4b71Sopenharmony_cigetEncoded(callback : AsyncCallback\<EncodingBlob>) : void 5313e41f4b71Sopenharmony_ci 5314e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。 5315e41f4b71Sopenharmony_ci 5316e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5317e41f4b71Sopenharmony_ci 5318e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5319e41f4b71Sopenharmony_ci 5320e41f4b71Sopenharmony_ci**参数**: 5321e41f4b71Sopenharmony_ci 5322e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5323e41f4b71Sopenharmony_ci| -------- | --------------------------------------------- | ---- | ------------------------------------------ | 5324e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数,表示X509证书吊销列表的序列化数据 | 5325e41f4b71Sopenharmony_ci 5326e41f4b71Sopenharmony_ci**错误码:** 5327e41f4b71Sopenharmony_ci 5328e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5329e41f4b71Sopenharmony_ci 5330e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5331e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5332e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5333e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5334e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5335e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5336e41f4b71Sopenharmony_ci 5337e41f4b71Sopenharmony_ci**示例:** 5338e41f4b71Sopenharmony_ci 5339e41f4b71Sopenharmony_ci```ts 5340e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5341e41f4b71Sopenharmony_ci 5342e41f4b71Sopenharmony_ci// string转Uint8Array 5343e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5344e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5345e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5346e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5347e41f4b71Sopenharmony_ci } 5348e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5349e41f4b71Sopenharmony_ci} 5350e41f4b71Sopenharmony_ci 5351e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5352e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5353e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5354e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5355e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5356e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5357e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5358e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5359e41f4b71Sopenharmony_ci 5360e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5361e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5362e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5363e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5364e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5365e41f4b71Sopenharmony_ci}; 5366e41f4b71Sopenharmony_ci 5367e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5368e41f4b71Sopenharmony_ci if (error) { 5369e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5370e41f4b71Sopenharmony_ci } else { 5371e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5372e41f4b71Sopenharmony_ci x509CRL.getEncoded((error, data) => { 5373e41f4b71Sopenharmony_ci if (error) { 5374e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5375e41f4b71Sopenharmony_ci } else { 5376e41f4b71Sopenharmony_ci console.log('getEncoded success'); 5377e41f4b71Sopenharmony_ci } 5378e41f4b71Sopenharmony_ci }); 5379e41f4b71Sopenharmony_ci } 5380e41f4b71Sopenharmony_ci}); 5381e41f4b71Sopenharmony_ci``` 5382e41f4b71Sopenharmony_ci 5383e41f4b71Sopenharmony_ci### getEncoded<sup>11+</sup> 5384e41f4b71Sopenharmony_ci 5385e41f4b71Sopenharmony_cigetEncoded() : Promise\<EncodingBlob> 5386e41f4b71Sopenharmony_ci 5387e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。 5388e41f4b71Sopenharmony_ci 5389e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5390e41f4b71Sopenharmony_ci 5391e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5392e41f4b71Sopenharmony_ci 5393e41f4b71Sopenharmony_ci**返回值**: 5394e41f4b71Sopenharmony_ci 5395e41f4b71Sopenharmony_ci| 类型 | 说明 | 5396e41f4b71Sopenharmony_ci| --------------------------------------- | -------------------------------- | 5397e41f4b71Sopenharmony_ci| Promise\<[EncodingBlob](#encodingblob)> | 表示X509证书吊销列表的序列化数据 | 5398e41f4b71Sopenharmony_ci**错误码:** 5399e41f4b71Sopenharmony_ci 5400e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5401e41f4b71Sopenharmony_ci 5402e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5403e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5404e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 5405e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5406e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5407e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5408e41f4b71Sopenharmony_ci 5409e41f4b71Sopenharmony_ci**示例:** 5410e41f4b71Sopenharmony_ci 5411e41f4b71Sopenharmony_ci```ts 5412e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5413e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5414e41f4b71Sopenharmony_ci 5415e41f4b71Sopenharmony_ci// string转Uint8Array 5416e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5417e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5418e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5419e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5420e41f4b71Sopenharmony_ci } 5421e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5422e41f4b71Sopenharmony_ci} 5423e41f4b71Sopenharmony_ci 5424e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5425e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5426e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5427e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5428e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5429e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5430e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5431e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5432e41f4b71Sopenharmony_ci 5433e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5434e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5435e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5436e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5437e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5438e41f4b71Sopenharmony_ci}; 5439e41f4b71Sopenharmony_ci 5440e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob).then(x509CRL => { 5441e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5442e41f4b71Sopenharmony_ci x509CRL.getEncoded().then(result => { 5443e41f4b71Sopenharmony_ci console.log('getEncoded success'); 5444e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 5445e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5446e41f4b71Sopenharmony_ci }); 5447e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 5448e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5449e41f4b71Sopenharmony_ci}); 5450e41f4b71Sopenharmony_ci``` 5451e41f4b71Sopenharmony_ci 5452e41f4b71Sopenharmony_ci### verify<sup>11+</sup> 5453e41f4b71Sopenharmony_ci 5454e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey, callback : AsyncCallback\<void>) : void 5455e41f4b71Sopenharmony_ci 5456e41f4b71Sopenharmony_ci表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。 5457e41f4b71Sopenharmony_ci 5458e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5459e41f4b71Sopenharmony_ci 5460e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5461e41f4b71Sopenharmony_ci 5462e41f4b71Sopenharmony_ci**参数**: 5463e41f4b71Sopenharmony_ci 5464e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5465e41f4b71Sopenharmony_ci| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------------ | 5466e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象 | 5467e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。 | 5468e41f4b71Sopenharmony_ci 5469e41f4b71Sopenharmony_ci**错误码:** 5470e41f4b71Sopenharmony_ci 5471e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5472e41f4b71Sopenharmony_ci 5473e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5474e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5475e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5476e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5477e41f4b71Sopenharmony_ci 5478e41f4b71Sopenharmony_ci**示例:** 5479e41f4b71Sopenharmony_ci 5480e41f4b71Sopenharmony_ci```ts 5481e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5482e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit'; 5483e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5484e41f4b71Sopenharmony_ci 5485e41f4b71Sopenharmony_ci// string转Uint8Array 5486e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5487e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5488e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5489e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5490e41f4b71Sopenharmony_ci } 5491e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5492e41f4b71Sopenharmony_ci} 5493e41f4b71Sopenharmony_ci 5494e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5495e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5496e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5497e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5498e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5499e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5500e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5501e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5502e41f4b71Sopenharmony_ci 5503e41f4b71Sopenharmony_cilet pubKeyData = new Uint8Array([ 5504e41f4b71Sopenharmony_ci 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 5505e41f4b71Sopenharmony_ci 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 5506e41f4b71Sopenharmony_ci 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 5507e41f4b71Sopenharmony_ci 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 5508e41f4b71Sopenharmony_ci 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 5509e41f4b71Sopenharmony_ci 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 5510e41f4b71Sopenharmony_ci 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 5511e41f4b71Sopenharmony_ci 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 5512e41f4b71Sopenharmony_ci 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 5513e41f4b71Sopenharmony_ci 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 5514e41f4b71Sopenharmony_ci 0x00, 0x01 5515e41f4b71Sopenharmony_ci]); 5516e41f4b71Sopenharmony_ci 5517e41f4b71Sopenharmony_cilet priKeyData = new Uint8Array([ 5518e41f4b71Sopenharmony_ci 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 5519e41f4b71Sopenharmony_ci 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 5520e41f4b71Sopenharmony_ci 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 5521e41f4b71Sopenharmony_ci 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 5522e41f4b71Sopenharmony_ci 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 5523e41f4b71Sopenharmony_ci 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 5524e41f4b71Sopenharmony_ci 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 5525e41f4b71Sopenharmony_ci 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 5526e41f4b71Sopenharmony_ci 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 5527e41f4b71Sopenharmony_ci 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 5528e41f4b71Sopenharmony_ci 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 5529e41f4b71Sopenharmony_ci 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 5530e41f4b71Sopenharmony_ci 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 5531e41f4b71Sopenharmony_ci 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 5532e41f4b71Sopenharmony_ci 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 5533e41f4b71Sopenharmony_ci 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 5534e41f4b71Sopenharmony_ci 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 5535e41f4b71Sopenharmony_ci 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 5536e41f4b71Sopenharmony_ci 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 5537e41f4b71Sopenharmony_ci 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 5538e41f4b71Sopenharmony_ci 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 5539e41f4b71Sopenharmony_ci 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 5540e41f4b71Sopenharmony_ci 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 5541e41f4b71Sopenharmony_ci 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 5542e41f4b71Sopenharmony_ci 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 5543e41f4b71Sopenharmony_ci 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 5544e41f4b71Sopenharmony_ci 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 5545e41f4b71Sopenharmony_ci 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 5546e41f4b71Sopenharmony_ci 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 5547e41f4b71Sopenharmony_ci 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 5548e41f4b71Sopenharmony_ci 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 5549e41f4b71Sopenharmony_ci 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 5550e41f4b71Sopenharmony_ci 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 5551e41f4b71Sopenharmony_ci 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 5552e41f4b71Sopenharmony_ci 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 5553e41f4b71Sopenharmony_ci 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 5554e41f4b71Sopenharmony_ci 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 5555e41f4b71Sopenharmony_ci 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 5556e41f4b71Sopenharmony_ci 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 5557e41f4b71Sopenharmony_ci 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 5558e41f4b71Sopenharmony_ci]); 5559e41f4b71Sopenharmony_ci 5560e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5561e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5562e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5563e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5564e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5565e41f4b71Sopenharmony_ci}; 5566e41f4b71Sopenharmony_ci 5567e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5568e41f4b71Sopenharmony_ci if (error) { 5569e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5570e41f4b71Sopenharmony_ci } else { 5571e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 5572e41f4b71Sopenharmony_ci try { 5573e41f4b71Sopenharmony_ci // Generate the public key by AsyKeyGenerator. 5574e41f4b71Sopenharmony_ci let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 5575e41f4b71Sopenharmony_ci console.log('createAsyKeyGenerator success'); 5576e41f4b71Sopenharmony_ci let priEncodingBlob: cryptoFramework.DataBlob = { 5577e41f4b71Sopenharmony_ci data: priKeyData, 5578e41f4b71Sopenharmony_ci }; 5579e41f4b71Sopenharmony_ci let pubEncodingBlob: cryptoFramework.DataBlob = { 5580e41f4b71Sopenharmony_ci data: pubKeyData, 5581e41f4b71Sopenharmony_ci }; 5582e41f4b71Sopenharmony_ci keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => { 5583e41f4b71Sopenharmony_ci if (e) { 5584e41f4b71Sopenharmony_ci console.error('convert key failed, message: ' + e.message + 'code: ' + e.code); 5585e41f4b71Sopenharmony_ci } else { 5586e41f4b71Sopenharmony_ci console.log('convert key success'); 5587e41f4b71Sopenharmony_ci x509CRL.verify(keyPair.pubKey, (err, data) => { 5588e41f4b71Sopenharmony_ci if (err) { 5589e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message); 5590e41f4b71Sopenharmony_ci } else { 5591e41f4b71Sopenharmony_ci console.log('verify success'); 5592e41f4b71Sopenharmony_ci } 5593e41f4b71Sopenharmony_ci }); 5594e41f4b71Sopenharmony_ci } 5595e41f4b71Sopenharmony_ci }) 5596e41f4b71Sopenharmony_ci } catch (error) { 5597e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5598e41f4b71Sopenharmony_ci console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5599e41f4b71Sopenharmony_ci } 5600e41f4b71Sopenharmony_ci } 5601e41f4b71Sopenharmony_ci}); 5602e41f4b71Sopenharmony_ci``` 5603e41f4b71Sopenharmony_ci 5604e41f4b71Sopenharmony_ci### verify<sup>11+</sup> 5605e41f4b71Sopenharmony_ci 5606e41f4b71Sopenharmony_civerify(key : cryptoFramework.PubKey) : Promise\<void> 5607e41f4b71Sopenharmony_ci 5608e41f4b71Sopenharmony_ci表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。 5609e41f4b71Sopenharmony_ci 5610e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5611e41f4b71Sopenharmony_ci 5612e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5613e41f4b71Sopenharmony_ci 5614e41f4b71Sopenharmony_ci**参数**: 5615e41f4b71Sopenharmony_ci 5616e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 5617e41f4b71Sopenharmony_ci| ------ | ----------------------------------------------------------- | ---- | ------------------------ | 5618e41f4b71Sopenharmony_ci| key | [cryptoFramework.PubKey](../apis-crypto-architecture-kit/js-apis-cryptoFramework.md#pubkey) | 是 | 表示用于验签的公钥对象。 | 5619e41f4b71Sopenharmony_ci 5620e41f4b71Sopenharmony_ci**返回值**: 5621e41f4b71Sopenharmony_ci 5622e41f4b71Sopenharmony_ci| 类型 | 说明 | 5623e41f4b71Sopenharmony_ci| -------------- | ----------- | 5624e41f4b71Sopenharmony_ci| Promise\<void> | Promise对象 | 5625e41f4b71Sopenharmony_ci 5626e41f4b71Sopenharmony_ci**错误码:** 5627e41f4b71Sopenharmony_ci 5628e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5629e41f4b71Sopenharmony_ci 5630e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5631e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5632e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 5633e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5634e41f4b71Sopenharmony_ci 5635e41f4b71Sopenharmony_ci**示例:** 5636e41f4b71Sopenharmony_ci 5637e41f4b71Sopenharmony_ci```ts 5638e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5639e41f4b71Sopenharmony_ciimport { cryptoFramework } from '@kit.CryptoArchitectureKit' 5640e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5641e41f4b71Sopenharmony_ci 5642e41f4b71Sopenharmony_ci// string转Uint8Array 5643e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5644e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5645e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5646e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5647e41f4b71Sopenharmony_ci } 5648e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5649e41f4b71Sopenharmony_ci} 5650e41f4b71Sopenharmony_ci 5651e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5652e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5653e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5654e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5655e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5656e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5657e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5658e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5659e41f4b71Sopenharmony_ci 5660e41f4b71Sopenharmony_cilet pubKeyData = new Uint8Array([ 5661e41f4b71Sopenharmony_ci 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 5662e41f4b71Sopenharmony_ci 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 5663e41f4b71Sopenharmony_ci 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 5664e41f4b71Sopenharmony_ci 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 5665e41f4b71Sopenharmony_ci 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 5666e41f4b71Sopenharmony_ci 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 5667e41f4b71Sopenharmony_ci 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 5668e41f4b71Sopenharmony_ci 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 5669e41f4b71Sopenharmony_ci 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 5670e41f4b71Sopenharmony_ci 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 5671e41f4b71Sopenharmony_ci 0x00, 0x01 5672e41f4b71Sopenharmony_ci]); 5673e41f4b71Sopenharmony_ci 5674e41f4b71Sopenharmony_cilet priKeyData = new Uint8Array([ 5675e41f4b71Sopenharmony_ci 0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 5676e41f4b71Sopenharmony_ci 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 5677e41f4b71Sopenharmony_ci 0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 5678e41f4b71Sopenharmony_ci 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 5679e41f4b71Sopenharmony_ci 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 5680e41f4b71Sopenharmony_ci 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 5681e41f4b71Sopenharmony_ci 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 5682e41f4b71Sopenharmony_ci 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 5683e41f4b71Sopenharmony_ci 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 5684e41f4b71Sopenharmony_ci 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 5685e41f4b71Sopenharmony_ci 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F, 5686e41f4b71Sopenharmony_ci 0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE, 5687e41f4b71Sopenharmony_ci 0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9, 5688e41f4b71Sopenharmony_ci 0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D, 5689e41f4b71Sopenharmony_ci 0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53, 5690e41f4b71Sopenharmony_ci 0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D, 5691e41f4b71Sopenharmony_ci 0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3, 5692e41f4b71Sopenharmony_ci 0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67, 5693e41f4b71Sopenharmony_ci 0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00, 5694e41f4b71Sopenharmony_ci 0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE, 5695e41f4b71Sopenharmony_ci 0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54, 5696e41f4b71Sopenharmony_ci 0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A, 5697e41f4b71Sopenharmony_ci 0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D, 5698e41f4b71Sopenharmony_ci 0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17, 5699e41f4b71Sopenharmony_ci 0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB, 5700e41f4b71Sopenharmony_ci 0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB, 5701e41f4b71Sopenharmony_ci 0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6, 5702e41f4b71Sopenharmony_ci 0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4, 5703e41f4b71Sopenharmony_ci 0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20, 5704e41f4b71Sopenharmony_ci 0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6, 5705e41f4b71Sopenharmony_ci 0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29, 5706e41f4b71Sopenharmony_ci 0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91, 5707e41f4b71Sopenharmony_ci 0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2, 5708e41f4b71Sopenharmony_ci 0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7, 5709e41f4b71Sopenharmony_ci 0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92, 5710e41f4b71Sopenharmony_ci 0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C, 5711e41f4b71Sopenharmony_ci 0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1, 5712e41f4b71Sopenharmony_ci 0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05, 5713e41f4b71Sopenharmony_ci 0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0, 5714e41f4b71Sopenharmony_ci 0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D 5715e41f4b71Sopenharmony_ci]); 5716e41f4b71Sopenharmony_ci 5717e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5718e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5719e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5720e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5721e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5722e41f4b71Sopenharmony_ci}; 5723e41f4b71Sopenharmony_ci 5724e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob).then(x509CRL => { 5725e41f4b71Sopenharmony_ci console.log('createX509Crl success'); 5726e41f4b71Sopenharmony_ci 5727e41f4b71Sopenharmony_ci try { 5728e41f4b71Sopenharmony_ci // 生成公钥对象 5729e41f4b71Sopenharmony_ci let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3'); 5730e41f4b71Sopenharmony_ci console.log('createAsyKeyGenerator success'); 5731e41f4b71Sopenharmony_ci let priEncodingBlob: cryptoFramework.DataBlob = { 5732e41f4b71Sopenharmony_ci data: priKeyData, 5733e41f4b71Sopenharmony_ci }; 5734e41f4b71Sopenharmony_ci let pubEncodingBlob: cryptoFramework.DataBlob = { 5735e41f4b71Sopenharmony_ci data: pubKeyData, 5736e41f4b71Sopenharmony_ci }; 5737e41f4b71Sopenharmony_ci keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => { 5738e41f4b71Sopenharmony_ci console.log('convert key success'); 5739e41f4b71Sopenharmony_ci x509CRL.verify(keyPair.pubKey).then(result => { 5740e41f4b71Sopenharmony_ci console.log('verify success'); 5741e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 5742e41f4b71Sopenharmony_ci console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5743e41f4b71Sopenharmony_ci }); 5744e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 5745e41f4b71Sopenharmony_ci console.error('convert key failed, message: ' + error.message + 'code: ' + error.code); 5746e41f4b71Sopenharmony_ci }); 5747e41f4b71Sopenharmony_ci } catch (error) { 5748e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 5749e41f4b71Sopenharmony_ci console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5750e41f4b71Sopenharmony_ci } 5751e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 5752e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5753e41f4b71Sopenharmony_ci}); 5754e41f4b71Sopenharmony_ci``` 5755e41f4b71Sopenharmony_ci 5756e41f4b71Sopenharmony_ci### getVersion<sup>11+</sup> 5757e41f4b71Sopenharmony_ci 5758e41f4b71Sopenharmony_cigetVersion() : number 5759e41f4b71Sopenharmony_ci 5760e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的版本号。 5761e41f4b71Sopenharmony_ci 5762e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5763e41f4b71Sopenharmony_ci 5764e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5765e41f4b71Sopenharmony_ci 5766e41f4b71Sopenharmony_ci**返回值**: 5767e41f4b71Sopenharmony_ci 5768e41f4b71Sopenharmony_ci| 类型 | 说明 | 5769e41f4b71Sopenharmony_ci| ------ | -------------------------------- | 5770e41f4b71Sopenharmony_ci| number | 表示获取X509证书吊销列表的版本号 | 5771e41f4b71Sopenharmony_ci 5772e41f4b71Sopenharmony_ci**示例:** 5773e41f4b71Sopenharmony_ci 5774e41f4b71Sopenharmony_ci```ts 5775e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5776e41f4b71Sopenharmony_ci 5777e41f4b71Sopenharmony_ci// string转Uint8Array 5778e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5779e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5780e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5781e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5782e41f4b71Sopenharmony_ci } 5783e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5784e41f4b71Sopenharmony_ci} 5785e41f4b71Sopenharmony_ci 5786e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5787e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5788e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5789e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5790e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5791e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5792e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5793e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5794e41f4b71Sopenharmony_ci 5795e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5796e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5797e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5798e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5799e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5800e41f4b71Sopenharmony_ci}; 5801e41f4b71Sopenharmony_ci 5802e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5803e41f4b71Sopenharmony_ci if (error) { 5804e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5805e41f4b71Sopenharmony_ci } else { 5806e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5807e41f4b71Sopenharmony_ci let version = x509CRL.getVersion(); 5808e41f4b71Sopenharmony_ci } 5809e41f4b71Sopenharmony_ci}); 5810e41f4b71Sopenharmony_ci``` 5811e41f4b71Sopenharmony_ci 5812e41f4b71Sopenharmony_ci### getIssuerName<sup>11+</sup> 5813e41f4b71Sopenharmony_ci 5814e41f4b71Sopenharmony_cigetIssuerName() : DataBlob 5815e41f4b71Sopenharmony_ci 5816e41f4b71Sopenharmony_ci表示获取X509证书吊销列表颁发者名称。 5817e41f4b71Sopenharmony_ci 5818e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5819e41f4b71Sopenharmony_ci 5820e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5821e41f4b71Sopenharmony_ci 5822e41f4b71Sopenharmony_ci**返回值**: 5823e41f4b71Sopenharmony_ci 5824e41f4b71Sopenharmony_ci| 类型 | 说明 | 5825e41f4b71Sopenharmony_ci| --------------------- | ------------------------------ | 5826e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表颁发者名称 | 5827e41f4b71Sopenharmony_ci 5828e41f4b71Sopenharmony_ci**错误码:** 5829e41f4b71Sopenharmony_ci 5830e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5831e41f4b71Sopenharmony_ci 5832e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5833e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5834e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5835e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5836e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5837e41f4b71Sopenharmony_ci 5838e41f4b71Sopenharmony_ci**示例:** 5839e41f4b71Sopenharmony_ci 5840e41f4b71Sopenharmony_ci```ts 5841e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5842e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5843e41f4b71Sopenharmony_ci 5844e41f4b71Sopenharmony_ci// string转Uint8Array 5845e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5846e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5847e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5848e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5849e41f4b71Sopenharmony_ci } 5850e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5851e41f4b71Sopenharmony_ci} 5852e41f4b71Sopenharmony_ci 5853e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5854e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5855e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5856e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5857e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5858e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5859e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5860e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5861e41f4b71Sopenharmony_ci 5862e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5863e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5864e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5865e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5866e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5867e41f4b71Sopenharmony_ci}; 5868e41f4b71Sopenharmony_ci 5869e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5870e41f4b71Sopenharmony_ci if (error) { 5871e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5872e41f4b71Sopenharmony_ci } else { 5873e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5874e41f4b71Sopenharmony_ci try { 5875e41f4b71Sopenharmony_ci let issuerName = x509CRL.getIssuerName(); 5876e41f4b71Sopenharmony_ci } catch (err) { 5877e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 5878e41f4b71Sopenharmony_ci console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5879e41f4b71Sopenharmony_ci } 5880e41f4b71Sopenharmony_ci } 5881e41f4b71Sopenharmony_ci}); 5882e41f4b71Sopenharmony_ci``` 5883e41f4b71Sopenharmony_ci 5884e41f4b71Sopenharmony_ci### getLastUpdate<sup>11+</sup> 5885e41f4b71Sopenharmony_ci 5886e41f4b71Sopenharmony_cigetLastUpdate() : string 5887e41f4b71Sopenharmony_ci 5888e41f4b71Sopenharmony_ci表示获取X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 5889e41f4b71Sopenharmony_ci 5890e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5891e41f4b71Sopenharmony_ci 5892e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5893e41f4b71Sopenharmony_ci 5894e41f4b71Sopenharmony_ci**返回值**: 5895e41f4b71Sopenharmony_ci 5896e41f4b71Sopenharmony_ci| 类型 | 说明 | 5897e41f4b71Sopenharmony_ci| ------ | ------------------------------------ | 5898e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表最后一次更新日期,日期为ASN.1时间格式。 | 5899e41f4b71Sopenharmony_ci 5900e41f4b71Sopenharmony_ci**错误码:** 5901e41f4b71Sopenharmony_ci 5902e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5903e41f4b71Sopenharmony_ci 5904e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5905e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5906e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5907e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5908e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5909e41f4b71Sopenharmony_ci 5910e41f4b71Sopenharmony_ci**示例:** 5911e41f4b71Sopenharmony_ci 5912e41f4b71Sopenharmony_ci```ts 5913e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5914e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5915e41f4b71Sopenharmony_ci 5916e41f4b71Sopenharmony_ci// string转Uint8Array 5917e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5918e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5919e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5920e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5921e41f4b71Sopenharmony_ci } 5922e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5923e41f4b71Sopenharmony_ci} 5924e41f4b71Sopenharmony_ci 5925e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5926e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5927e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 5928e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 5929e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 5930e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 5931e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 5932e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 5933e41f4b71Sopenharmony_ci 5934e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 5935e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 5936e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 5937e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 5938e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 5939e41f4b71Sopenharmony_ci}; 5940e41f4b71Sopenharmony_ci 5941e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 5942e41f4b71Sopenharmony_ci if (error) { 5943e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 5944e41f4b71Sopenharmony_ci } else { 5945e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 5946e41f4b71Sopenharmony_ci try { 5947e41f4b71Sopenharmony_ci let lastUpdate = x509CRL.getLastUpdate(); 5948e41f4b71Sopenharmony_ci } catch (err) { 5949e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 5950e41f4b71Sopenharmony_ci console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 5951e41f4b71Sopenharmony_ci } 5952e41f4b71Sopenharmony_ci } 5953e41f4b71Sopenharmony_ci}); 5954e41f4b71Sopenharmony_ci``` 5955e41f4b71Sopenharmony_ci 5956e41f4b71Sopenharmony_ci### getNextUpdate<sup>11+</sup> 5957e41f4b71Sopenharmony_ci 5958e41f4b71Sopenharmony_cigetNextUpdate() : string 5959e41f4b71Sopenharmony_ci 5960e41f4b71Sopenharmony_ci表示获取证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 5961e41f4b71Sopenharmony_ci 5962e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 5963e41f4b71Sopenharmony_ci 5964e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 5965e41f4b71Sopenharmony_ci 5966e41f4b71Sopenharmony_ci**返回值**: 5967e41f4b71Sopenharmony_ci 5968e41f4b71Sopenharmony_ci| 类型 | 说明 | 5969e41f4b71Sopenharmony_ci| ------ | ------------------------------------ | 5970e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表下一次更新的日期,日期为ASN.1时间格式。 | 5971e41f4b71Sopenharmony_ci 5972e41f4b71Sopenharmony_ci**错误码:** 5973e41f4b71Sopenharmony_ci 5974e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 5975e41f4b71Sopenharmony_ci 5976e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 5977e41f4b71Sopenharmony_ci| -------- | ----------------------- | 5978e41f4b71Sopenharmony_ci| 19020001 | memory error. | 5979e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 5980e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 5981e41f4b71Sopenharmony_ci 5982e41f4b71Sopenharmony_ci**示例:** 5983e41f4b71Sopenharmony_ci 5984e41f4b71Sopenharmony_ci```ts 5985e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 5986e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 5987e41f4b71Sopenharmony_ci 5988e41f4b71Sopenharmony_ci// string转Uint8Array 5989e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 5990e41f4b71Sopenharmony_ci let arr: Array<number> = []; 5991e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 5992e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 5993e41f4b71Sopenharmony_ci } 5994e41f4b71Sopenharmony_ci return new Uint8Array(arr); 5995e41f4b71Sopenharmony_ci} 5996e41f4b71Sopenharmony_ci 5997e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 5998e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 5999e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6000e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6001e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6002e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6003e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6004e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6005e41f4b71Sopenharmony_ci 6006e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6007e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6008e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6009e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6010e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6011e41f4b71Sopenharmony_ci}; 6012e41f4b71Sopenharmony_ci 6013e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6014e41f4b71Sopenharmony_ci if (error) { 6015e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6016e41f4b71Sopenharmony_ci } else { 6017e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6018e41f4b71Sopenharmony_ci try { 6019e41f4b71Sopenharmony_ci let nextUpdate = x509CRL.getNextUpdate(); 6020e41f4b71Sopenharmony_ci } catch (err) { 6021e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6022e41f4b71Sopenharmony_ci console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6023e41f4b71Sopenharmony_ci } 6024e41f4b71Sopenharmony_ci } 6025e41f4b71Sopenharmony_ci}); 6026e41f4b71Sopenharmony_ci``` 6027e41f4b71Sopenharmony_ci 6028e41f4b71Sopenharmony_ci### getRevokedCert<sup>11+</sup> 6029e41f4b71Sopenharmony_ci 6030e41f4b71Sopenharmony_cigetRevokedCert(serialNumber : bigint) : X509CRLEntry 6031e41f4b71Sopenharmony_ci 6032e41f4b71Sopenharmony_ci表示通过指定证书序列号获取被吊销X509证书对象。 6033e41f4b71Sopenharmony_ci 6034e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6035e41f4b71Sopenharmony_ci 6036e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6037e41f4b71Sopenharmony_ci 6038e41f4b71Sopenharmony_ci**参数**: 6039e41f4b71Sopenharmony_ci 6040e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6041e41f4b71Sopenharmony_ci| ------------ | ------ | ---- | -------------- | 6042e41f4b71Sopenharmony_ci| serialNumber | bigint | 是 | 表示证书序列号 | 6043e41f4b71Sopenharmony_ci 6044e41f4b71Sopenharmony_ci**返回值**: 6045e41f4b71Sopenharmony_ci 6046e41f4b71Sopenharmony_ci| 类型 | 说明 | 6047e41f4b71Sopenharmony_ci| ------------------------------- | ---------------------- | 6048e41f4b71Sopenharmony_ci| [X509CRLEntry](#x509crlentry11) | 表示被吊销X509证书对象 | 6049e41f4b71Sopenharmony_ci 6050e41f4b71Sopenharmony_ci**错误码:** 6051e41f4b71Sopenharmony_ci 6052e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6053e41f4b71Sopenharmony_ci 6054e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6055e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6056e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6057e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6058e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6059e41f4b71Sopenharmony_ci 6060e41f4b71Sopenharmony_ci**示例:** 6061e41f4b71Sopenharmony_ci 6062e41f4b71Sopenharmony_ci```ts 6063e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6064e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6065e41f4b71Sopenharmony_ci 6066e41f4b71Sopenharmony_ci// string转Uint8Array 6067e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6068e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6069e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6070e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6071e41f4b71Sopenharmony_ci } 6072e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6073e41f4b71Sopenharmony_ci} 6074e41f4b71Sopenharmony_ci 6075e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6076e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6077e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6078e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6079e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6080e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6081e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6082e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6083e41f4b71Sopenharmony_ci 6084e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6085e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6086e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6087e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6088e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6089e41f4b71Sopenharmony_ci}; 6090e41f4b71Sopenharmony_ci 6091e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6092e41f4b71Sopenharmony_ci if (error) { 6093e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6094e41f4b71Sopenharmony_ci } else { 6095e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6096e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 6097e41f4b71Sopenharmony_ci try { 6098e41f4b71Sopenharmony_ci let entry = x509CRL.getRevokedCert(serialNumber); 6099e41f4b71Sopenharmony_ci } catch (error) { 6100e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 6101e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6102e41f4b71Sopenharmony_ci } 6103e41f4b71Sopenharmony_ci } 6104e41f4b71Sopenharmony_ci}); 6105e41f4b71Sopenharmony_ci``` 6106e41f4b71Sopenharmony_ci 6107e41f4b71Sopenharmony_ci### getRevokedCertWithCert<sup>11+</sup> 6108e41f4b71Sopenharmony_ci 6109e41f4b71Sopenharmony_cigetRevokedCertWithCert(cert : X509Cert) : X509CRLEntry 6110e41f4b71Sopenharmony_ci 6111e41f4b71Sopenharmony_ci表示通过指定证书对象获取被吊销X509证书对象。 6112e41f4b71Sopenharmony_ci 6113e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6114e41f4b71Sopenharmony_ci 6115e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6116e41f4b71Sopenharmony_ci 6117e41f4b71Sopenharmony_ci**参数**: 6118e41f4b71Sopenharmony_ci 6119e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6120e41f4b71Sopenharmony_ci| ------ | --------------------- | ---- | ------------ | 6121e41f4b71Sopenharmony_ci| cert | [X509Cert](#x509cert) | 是 | 表示证书对象 | 6122e41f4b71Sopenharmony_ci 6123e41f4b71Sopenharmony_ci**返回值**: 6124e41f4b71Sopenharmony_ci 6125e41f4b71Sopenharmony_ci| 类型 | 说明 | 6126e41f4b71Sopenharmony_ci| ------------------------------- | ---------------------- | 6127e41f4b71Sopenharmony_ci| [X509CRLEntry](#x509crlentry11) | 表示被吊销X509证书对象 | 6128e41f4b71Sopenharmony_ci 6129e41f4b71Sopenharmony_ci**错误码:** 6130e41f4b71Sopenharmony_ci 6131e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6132e41f4b71Sopenharmony_ci 6133e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6134e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6135e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6136e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6137e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6138e41f4b71Sopenharmony_ci 6139e41f4b71Sopenharmony_ci**示例:** 6140e41f4b71Sopenharmony_ci 6141e41f4b71Sopenharmony_ci```ts 6142e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6143e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6144e41f4b71Sopenharmony_ci 6145e41f4b71Sopenharmony_ci// string转Uint8Array 6146e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6147e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6148e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6149e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6150e41f4b71Sopenharmony_ci } 6151e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6152e41f4b71Sopenharmony_ci} 6153e41f4b71Sopenharmony_ci 6154e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6155e41f4b71Sopenharmony_ci 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 6156e41f4b71Sopenharmony_ci 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 6157e41f4b71Sopenharmony_ci 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 6158e41f4b71Sopenharmony_ci 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 6159e41f4b71Sopenharmony_ci 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 6160e41f4b71Sopenharmony_ci 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 6161e41f4b71Sopenharmony_ci 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 6162e41f4b71Sopenharmony_ci 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 6163e41f4b71Sopenharmony_ci '+i2osvdPWRia0dJCL1PCA14k\n' + 6164e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6165e41f4b71Sopenharmony_ci 6166e41f4b71Sopenharmony_ci// 证书二进制数据,需业务自行赋值 6167e41f4b71Sopenharmony_cilet certData = '-----BEGIN CERTIFICATE-----\n' + 6168e41f4b71Sopenharmony_ci 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 6169e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 6170e41f4b71Sopenharmony_ci 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 6171e41f4b71Sopenharmony_ci 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 6172e41f4b71Sopenharmony_ci 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 6173e41f4b71Sopenharmony_ci 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 6174e41f4b71Sopenharmony_ci 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 6175e41f4b71Sopenharmony_ci '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 6176e41f4b71Sopenharmony_ci '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 6177e41f4b71Sopenharmony_ci 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 6178e41f4b71Sopenharmony_ci 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 6179e41f4b71Sopenharmony_ci 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 6180e41f4b71Sopenharmony_ci 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 6181e41f4b71Sopenharmony_ci '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 6182e41f4b71Sopenharmony_ci 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 6183e41f4b71Sopenharmony_ci 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 6184e41f4b71Sopenharmony_ci 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 6185e41f4b71Sopenharmony_ci 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 6186e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 6187e41f4b71Sopenharmony_ci 6188e41f4b71Sopenharmony_cilet certEncodingBlob: cert.EncodingBlob = { 6189e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 6190e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6191e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6192e41f4b71Sopenharmony_ci}; 6193e41f4b71Sopenharmony_ci 6194e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6195e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6196e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6197e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6198e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6199e41f4b71Sopenharmony_ci}; 6200e41f4b71Sopenharmony_ci 6201e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6202e41f4b71Sopenharmony_ci if (error) { 6203e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6204e41f4b71Sopenharmony_ci } else { 6205e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6206e41f4b71Sopenharmony_ci // 创建X509证书对象. 6207e41f4b71Sopenharmony_ci cert.createX509Cert(certEncodingBlob).then((x509Cert) => { 6208e41f4b71Sopenharmony_ci try { 6209e41f4b71Sopenharmony_ci let entry = x509CRL.getRevokedCertWithCert(x509Cert); 6210e41f4b71Sopenharmony_ci console.log('getRevokedCertWithCert success'); 6211e41f4b71Sopenharmony_ci } catch (error) { 6212e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 6213e41f4b71Sopenharmony_ci console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6214e41f4b71Sopenharmony_ci } 6215e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 6216e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6217e41f4b71Sopenharmony_ci }) 6218e41f4b71Sopenharmony_ci } 6219e41f4b71Sopenharmony_ci}); 6220e41f4b71Sopenharmony_ci``` 6221e41f4b71Sopenharmony_ci 6222e41f4b71Sopenharmony_ci### getRevokedCerts<sup>11+</sup> 6223e41f4b71Sopenharmony_ci 6224e41f4b71Sopenharmony_cigetRevokedCerts(callback : AsyncCallback<Array\<X509CRLEntry>>) : void 6225e41f4b71Sopenharmony_ci 6226e41f4b71Sopenharmony_ci表示获取被吊销X509证书列表,使用Callback回调异步返回结果。 6227e41f4b71Sopenharmony_ci 6228e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6229e41f4b71Sopenharmony_ci 6230e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6231e41f4b71Sopenharmony_ci 6232e41f4b71Sopenharmony_ci**参数**: 6233e41f4b71Sopenharmony_ci 6234e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6235e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------------ | ---- | -------------------------------- | 6236e41f4b71Sopenharmony_ci| callback | AsyncCallback<Array\<[X509CRLEntry](#x509crlentry11)>> | 是 | 回调函数。表示被吊销X509证书列表 | 6237e41f4b71Sopenharmony_ci 6238e41f4b71Sopenharmony_ci**错误码:** 6239e41f4b71Sopenharmony_ci 6240e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6241e41f4b71Sopenharmony_ci 6242e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6243e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6244e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 6245e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6246e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6247e41f4b71Sopenharmony_ci 6248e41f4b71Sopenharmony_ci**示例:** 6249e41f4b71Sopenharmony_ci 6250e41f4b71Sopenharmony_ci```ts 6251e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6252e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6253e41f4b71Sopenharmony_ci 6254e41f4b71Sopenharmony_ci// string转Uint8Array 6255e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6256e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6257e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6258e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6259e41f4b71Sopenharmony_ci } 6260e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6261e41f4b71Sopenharmony_ci} 6262e41f4b71Sopenharmony_ci 6263e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6264e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6265e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6266e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6267e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6268e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6269e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6270e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6271e41f4b71Sopenharmony_ci 6272e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6273e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6274e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6275e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6276e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6277e41f4b71Sopenharmony_ci}; 6278e41f4b71Sopenharmony_ci 6279e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6280e41f4b71Sopenharmony_ci if (error) { 6281e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6282e41f4b71Sopenharmony_ci } else { 6283e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6284e41f4b71Sopenharmony_ci x509CRL.getRevokedCerts((error, array) => { 6285e41f4b71Sopenharmony_ci if (error) { 6286e41f4b71Sopenharmony_ci console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6287e41f4b71Sopenharmony_ci } else { 6288e41f4b71Sopenharmony_ci console.log('getRevokedCerts success'); 6289e41f4b71Sopenharmony_ci } 6290e41f4b71Sopenharmony_ci }); 6291e41f4b71Sopenharmony_ci } 6292e41f4b71Sopenharmony_ci}); 6293e41f4b71Sopenharmony_ci``` 6294e41f4b71Sopenharmony_ci 6295e41f4b71Sopenharmony_ci### getRevokedCerts<sup>11+</sup> 6296e41f4b71Sopenharmony_ci 6297e41f4b71Sopenharmony_cigetRevokedCerts() : Promise<Array\<X509CRLEntry>> 6298e41f4b71Sopenharmony_ci 6299e41f4b71Sopenharmony_ci表示获取被吊销X509证书列表,使用Promise方式异步返回结果。 6300e41f4b71Sopenharmony_ci 6301e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6302e41f4b71Sopenharmony_ci 6303e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6304e41f4b71Sopenharmony_ci 6305e41f4b71Sopenharmony_ci**返回值**: 6306e41f4b71Sopenharmony_ci 6307e41f4b71Sopenharmony_ci| 类型 | 说明 | 6308e41f4b71Sopenharmony_ci| ------------------------------------------------ | ---------------------- | 6309e41f4b71Sopenharmony_ci| Promise<Array\<[X509CRLEntry](#x509crlentry11)>> | 表示被吊销X509证书列表 | 6310e41f4b71Sopenharmony_ci 6311e41f4b71Sopenharmony_ci**错误码:** 6312e41f4b71Sopenharmony_ci 6313e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6314e41f4b71Sopenharmony_ci 6315e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6316e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6317e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 6318e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6319e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6320e41f4b71Sopenharmony_ci 6321e41f4b71Sopenharmony_ci**示例:** 6322e41f4b71Sopenharmony_ci 6323e41f4b71Sopenharmony_ci```ts 6324e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6325e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6326e41f4b71Sopenharmony_ci 6327e41f4b71Sopenharmony_ci// string转Uint8Array 6328e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6329e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6330e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6331e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6332e41f4b71Sopenharmony_ci } 6333e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6334e41f4b71Sopenharmony_ci} 6335e41f4b71Sopenharmony_ci 6336e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6337e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6338e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6339e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6340e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6341e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6342e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6343e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6344e41f4b71Sopenharmony_ci 6345e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6346e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6347e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6348e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6349e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6350e41f4b71Sopenharmony_ci}; 6351e41f4b71Sopenharmony_ci 6352e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob).then(x509CRL => { 6353e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6354e41f4b71Sopenharmony_ci x509CRL.getRevokedCerts().then(array => { 6355e41f4b71Sopenharmony_ci console.log('getRevokedCerts success'); 6356e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 6357e41f4b71Sopenharmony_ci console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6358e41f4b71Sopenharmony_ci }); 6359e41f4b71Sopenharmony_ci}).catch((error: BusinessError) => { 6360e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6361e41f4b71Sopenharmony_ci}); 6362e41f4b71Sopenharmony_ci``` 6363e41f4b71Sopenharmony_ci 6364e41f4b71Sopenharmony_ci### getSignature<sup>11+</sup> 6365e41f4b71Sopenharmony_ci 6366e41f4b71Sopenharmony_cigetSignature() : DataBlob 6367e41f4b71Sopenharmony_ci 6368e41f4b71Sopenharmony_ci表示获取X509证书吊销列表的签名数据。 6369e41f4b71Sopenharmony_ci 6370e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6371e41f4b71Sopenharmony_ci 6372e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6373e41f4b71Sopenharmony_ci 6374e41f4b71Sopenharmony_ci**返回值**: 6375e41f4b71Sopenharmony_ci 6376e41f4b71Sopenharmony_ci| 类型 | 说明 | 6377e41f4b71Sopenharmony_ci| --------------------- | ------------------------------ | 6378e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表的签名数据 | 6379e41f4b71Sopenharmony_ci 6380e41f4b71Sopenharmony_ci**错误码:** 6381e41f4b71Sopenharmony_ci 6382e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6383e41f4b71Sopenharmony_ci 6384e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6385e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6386e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6387e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6388e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6389e41f4b71Sopenharmony_ci 6390e41f4b71Sopenharmony_ci**示例:** 6391e41f4b71Sopenharmony_ci 6392e41f4b71Sopenharmony_ci```ts 6393e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6394e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6395e41f4b71Sopenharmony_ci 6396e41f4b71Sopenharmony_ci// string转Uint8Array 6397e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6398e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6399e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6400e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6401e41f4b71Sopenharmony_ci } 6402e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6403e41f4b71Sopenharmony_ci} 6404e41f4b71Sopenharmony_ci 6405e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6406e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6407e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6408e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6409e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6410e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6411e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6412e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6413e41f4b71Sopenharmony_ci 6414e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6415e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6416e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6417e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6418e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6419e41f4b71Sopenharmony_ci}; 6420e41f4b71Sopenharmony_ci 6421e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6422e41f4b71Sopenharmony_ci if (error) { 6423e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6424e41f4b71Sopenharmony_ci } else { 6425e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6426e41f4b71Sopenharmony_ci try { 6427e41f4b71Sopenharmony_ci let signature = x509CRL.getSignature(); 6428e41f4b71Sopenharmony_ci } catch (err) { 6429e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6430e41f4b71Sopenharmony_ci console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6431e41f4b71Sopenharmony_ci } 6432e41f4b71Sopenharmony_ci } 6433e41f4b71Sopenharmony_ci}); 6434e41f4b71Sopenharmony_ci``` 6435e41f4b71Sopenharmony_ci 6436e41f4b71Sopenharmony_ci### getSignatureAlgName<sup>11+</sup> 6437e41f4b71Sopenharmony_ci 6438e41f4b71Sopenharmony_cigetSignatureAlgName() : string 6439e41f4b71Sopenharmony_ci 6440e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名的算法名称。 6441e41f4b71Sopenharmony_ci 6442e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6443e41f4b71Sopenharmony_ci 6444e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6445e41f4b71Sopenharmony_ci 6446e41f4b71Sopenharmony_ci**返回值**: 6447e41f4b71Sopenharmony_ci 6448e41f4b71Sopenharmony_ci| 类型 | 说明 | 6449e41f4b71Sopenharmony_ci| ------ | -------------------------------- | 6450e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表签名的算法名 | 6451e41f4b71Sopenharmony_ci 6452e41f4b71Sopenharmony_ci**错误码:** 6453e41f4b71Sopenharmony_ci 6454e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6455e41f4b71Sopenharmony_ci 6456e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6457e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6458e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6459e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6460e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6461e41f4b71Sopenharmony_ci 6462e41f4b71Sopenharmony_ci**示例:** 6463e41f4b71Sopenharmony_ci 6464e41f4b71Sopenharmony_ci```ts 6465e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6466e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6467e41f4b71Sopenharmony_ci 6468e41f4b71Sopenharmony_ci// string转Uint8Array 6469e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6470e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6471e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6472e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6473e41f4b71Sopenharmony_ci } 6474e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6475e41f4b71Sopenharmony_ci} 6476e41f4b71Sopenharmony_ci 6477e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6478e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6479e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6480e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6481e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6482e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6483e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6484e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6485e41f4b71Sopenharmony_ci 6486e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6487e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6488e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6489e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6490e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6491e41f4b71Sopenharmony_ci}; 6492e41f4b71Sopenharmony_ci 6493e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6494e41f4b71Sopenharmony_ci if (error) { 6495e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6496e41f4b71Sopenharmony_ci } else { 6497e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6498e41f4b71Sopenharmony_ci try { 6499e41f4b71Sopenharmony_ci let sigAlgName = x509CRL.getSignatureAlgName(); 6500e41f4b71Sopenharmony_ci } catch (err) { 6501e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6502e41f4b71Sopenharmony_ci console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6503e41f4b71Sopenharmony_ci } 6504e41f4b71Sopenharmony_ci } 6505e41f4b71Sopenharmony_ci}); 6506e41f4b71Sopenharmony_ci``` 6507e41f4b71Sopenharmony_ci 6508e41f4b71Sopenharmony_ci### getSignatureAlgOid<sup>11+</sup> 6509e41f4b71Sopenharmony_ci 6510e41f4b71Sopenharmony_cigetSignatureAlgOid() : string 6511e41f4b71Sopenharmony_ci 6512e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。 6513e41f4b71Sopenharmony_ci 6514e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6515e41f4b71Sopenharmony_ci 6516e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6517e41f4b71Sopenharmony_ci 6518e41f4b71Sopenharmony_ci**返回值**: 6519e41f4b71Sopenharmony_ci 6520e41f4b71Sopenharmony_ci| 类型 | 说明 | 6521e41f4b71Sopenharmony_ci| ------ | --------------------------------------------- | 6522e41f4b71Sopenharmony_ci| string | 表示X509证书吊销列表签名算法的对象标志符OID。 | 6523e41f4b71Sopenharmony_ci 6524e41f4b71Sopenharmony_ci**错误码:** 6525e41f4b71Sopenharmony_ci 6526e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6527e41f4b71Sopenharmony_ci 6528e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6529e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6530e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6531e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6532e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6533e41f4b71Sopenharmony_ci 6534e41f4b71Sopenharmony_ci**示例:** 6535e41f4b71Sopenharmony_ci 6536e41f4b71Sopenharmony_ci```ts 6537e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6538e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6539e41f4b71Sopenharmony_ci 6540e41f4b71Sopenharmony_ci// string转Uint8Array 6541e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6542e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6543e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6544e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6545e41f4b71Sopenharmony_ci } 6546e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6547e41f4b71Sopenharmony_ci} 6548e41f4b71Sopenharmony_ci 6549e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6550e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6551e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6552e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6553e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6554e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6555e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6556e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6557e41f4b71Sopenharmony_ci 6558e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6559e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6560e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6561e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6562e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6563e41f4b71Sopenharmony_ci}; 6564e41f4b71Sopenharmony_ci 6565e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6566e41f4b71Sopenharmony_ci if (error) { 6567e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6568e41f4b71Sopenharmony_ci } else { 6569e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6570e41f4b71Sopenharmony_ci try { 6571e41f4b71Sopenharmony_ci let sigAlgOid = x509CRL.getSignatureAlgOid(); 6572e41f4b71Sopenharmony_ci } catch (err) { 6573e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6574e41f4b71Sopenharmony_ci console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6575e41f4b71Sopenharmony_ci } 6576e41f4b71Sopenharmony_ci } 6577e41f4b71Sopenharmony_ci}); 6578e41f4b71Sopenharmony_ci``` 6579e41f4b71Sopenharmony_ci 6580e41f4b71Sopenharmony_ci### getSignatureAlgParams<sup>11+</sup> 6581e41f4b71Sopenharmony_ci 6582e41f4b71Sopenharmony_cigetSignatureAlgParams() : DataBlob 6583e41f4b71Sopenharmony_ci 6584e41f4b71Sopenharmony_ci表示获取X509证书吊销列表签名的算法参数。 6585e41f4b71Sopenharmony_ci 6586e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6587e41f4b71Sopenharmony_ci 6588e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6589e41f4b71Sopenharmony_ci 6590e41f4b71Sopenharmony_ci**返回值**: 6591e41f4b71Sopenharmony_ci 6592e41f4b71Sopenharmony_ci| 类型 | 说明 | 6593e41f4b71Sopenharmony_ci| --------------------- | ---------------------------------- | 6594e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509证书吊销列表签名的算法参数 | 6595e41f4b71Sopenharmony_ci 6596e41f4b71Sopenharmony_ci**错误码:** 6597e41f4b71Sopenharmony_ci 6598e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6599e41f4b71Sopenharmony_ci 6600e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6601e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6602e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 6603e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6604e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6605e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6606e41f4b71Sopenharmony_ci 6607e41f4b71Sopenharmony_ci**示例:** 6608e41f4b71Sopenharmony_ci 6609e41f4b71Sopenharmony_ci```ts 6610e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6611e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6612e41f4b71Sopenharmony_ci 6613e41f4b71Sopenharmony_ci// string转Uint8Array 6614e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6615e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6616e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6617e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6618e41f4b71Sopenharmony_ci } 6619e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6620e41f4b71Sopenharmony_ci} 6621e41f4b71Sopenharmony_ci 6622e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6623e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6624e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6625e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6626e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6627e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6628e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6629e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6630e41f4b71Sopenharmony_ci 6631e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6632e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6633e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6634e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6635e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6636e41f4b71Sopenharmony_ci}; 6637e41f4b71Sopenharmony_ci 6638e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6639e41f4b71Sopenharmony_ci if (error) { 6640e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6641e41f4b71Sopenharmony_ci } else { 6642e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6643e41f4b71Sopenharmony_ci try { 6644e41f4b71Sopenharmony_ci let sigAlgParams = x509CRL.getSignatureAlgParams(); 6645e41f4b71Sopenharmony_ci } catch (err) { 6646e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6647e41f4b71Sopenharmony_ci console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6648e41f4b71Sopenharmony_ci } 6649e41f4b71Sopenharmony_ci } 6650e41f4b71Sopenharmony_ci}); 6651e41f4b71Sopenharmony_ci``` 6652e41f4b71Sopenharmony_ci 6653e41f4b71Sopenharmony_ci### getTBSInfo<sup>11+</sup> 6654e41f4b71Sopenharmony_ci 6655e41f4b71Sopenharmony_cigetTBSInfo() : DataBlob 6656e41f4b71Sopenharmony_ci 6657e41f4b71Sopenharmony_ci表示获取证书吊销列表的tbsCertList信息。 6658e41f4b71Sopenharmony_ci 6659e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6660e41f4b71Sopenharmony_ci 6661e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6662e41f4b71Sopenharmony_ci 6663e41f4b71Sopenharmony_ci**返回值**: 6664e41f4b71Sopenharmony_ci 6665e41f4b71Sopenharmony_ci| 类型 | 说明 | 6666e41f4b71Sopenharmony_ci| --------------------- | --------------------------------- | 6667e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示证书吊销列表的tbsCertList信息 | 6668e41f4b71Sopenharmony_ci 6669e41f4b71Sopenharmony_ci**错误码:** 6670e41f4b71Sopenharmony_ci 6671e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6672e41f4b71Sopenharmony_ci 6673e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6674e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6675e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6676e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6677e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6678e41f4b71Sopenharmony_ci 6679e41f4b71Sopenharmony_ci**示例:** 6680e41f4b71Sopenharmony_ci 6681e41f4b71Sopenharmony_ci```ts 6682e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6683e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6684e41f4b71Sopenharmony_ci 6685e41f4b71Sopenharmony_ci// string转Uint8Array 6686e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6687e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6688e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6689e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6690e41f4b71Sopenharmony_ci } 6691e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6692e41f4b71Sopenharmony_ci} 6693e41f4b71Sopenharmony_ci 6694e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6695e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6696e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6697e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6698e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6699e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6700e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6701e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6702e41f4b71Sopenharmony_ci 6703e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6704e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6705e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6706e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6707e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6708e41f4b71Sopenharmony_ci}; 6709e41f4b71Sopenharmony_ci 6710e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6711e41f4b71Sopenharmony_ci if (error) { 6712e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6713e41f4b71Sopenharmony_ci } else { 6714e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6715e41f4b71Sopenharmony_ci try { 6716e41f4b71Sopenharmony_ci let tbsInfo = x509CRL.getTBSInfo(); 6717e41f4b71Sopenharmony_ci } catch (error) { 6718e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 6719e41f4b71Sopenharmony_ci console.error('getTBSInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6720e41f4b71Sopenharmony_ci } 6721e41f4b71Sopenharmony_ci } 6722e41f4b71Sopenharmony_ci}); 6723e41f4b71Sopenharmony_ci``` 6724e41f4b71Sopenharmony_ci 6725e41f4b71Sopenharmony_ci### getExtensions<sup>11+</sup> 6726e41f4b71Sopenharmony_ci 6727e41f4b71Sopenharmony_cigetExtensions(): DataBlob 6728e41f4b71Sopenharmony_ci 6729e41f4b71Sopenharmony_ci表示获取CRL的扩展。 6730e41f4b71Sopenharmony_ci 6731e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6732e41f4b71Sopenharmony_ci 6733e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6734e41f4b71Sopenharmony_ci 6735e41f4b71Sopenharmony_ci**返回值**: 6736e41f4b71Sopenharmony_ci 6737e41f4b71Sopenharmony_ci| 类型 | 说明 | 6738e41f4b71Sopenharmony_ci| --------------------- | ------------------- | 6739e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509CRL扩展用途 | 6740e41f4b71Sopenharmony_ci 6741e41f4b71Sopenharmony_ci**错误码:** 6742e41f4b71Sopenharmony_ci 6743e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6744e41f4b71Sopenharmony_ci 6745e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6746e41f4b71Sopenharmony_ci| -------- | ----------------------- | 6747e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6748e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6749e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6750e41f4b71Sopenharmony_ci 6751e41f4b71Sopenharmony_ci**示例:** 6752e41f4b71Sopenharmony_ci 6753e41f4b71Sopenharmony_ci```ts 6754e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6755e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6756e41f4b71Sopenharmony_ci 6757e41f4b71Sopenharmony_ci// string转Uint8Array 6758e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6759e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6760e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6761e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6762e41f4b71Sopenharmony_ci } 6763e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6764e41f4b71Sopenharmony_ci} 6765e41f4b71Sopenharmony_ci 6766e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6767e41f4b71Sopenharmony_ci 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 6768e41f4b71Sopenharmony_ci 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 6769e41f4b71Sopenharmony_ci 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 6770e41f4b71Sopenharmony_ci 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 6771e41f4b71Sopenharmony_ci 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 6772e41f4b71Sopenharmony_ci 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 6773e41f4b71Sopenharmony_ci 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 6774e41f4b71Sopenharmony_ci 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 6775e41f4b71Sopenharmony_ci '+i2osvdPWRia0dJCL1PCA14k\n' + 6776e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6777e41f4b71Sopenharmony_ci 6778e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6779e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 6780e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6781e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6782e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6783e41f4b71Sopenharmony_ci}; 6784e41f4b71Sopenharmony_ci 6785e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (error, x509CRL) => { 6786e41f4b71Sopenharmony_ci if (error) { 6787e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6788e41f4b71Sopenharmony_ci } else { 6789e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6790e41f4b71Sopenharmony_ci try { 6791e41f4b71Sopenharmony_ci let extensions = x509CRL.getExtensions(); 6792e41f4b71Sopenharmony_ci } catch (error) { 6793e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 6794e41f4b71Sopenharmony_ci console.error('getExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6795e41f4b71Sopenharmony_ci } 6796e41f4b71Sopenharmony_ci } 6797e41f4b71Sopenharmony_ci}); 6798e41f4b71Sopenharmony_ci``` 6799e41f4b71Sopenharmony_ci 6800e41f4b71Sopenharmony_ci### match<sup>11+</sup> 6801e41f4b71Sopenharmony_ci 6802e41f4b71Sopenharmony_cimatch(param: X509CRLMatchParameters): boolean 6803e41f4b71Sopenharmony_ci 6804e41f4b71Sopenharmony_ci判断证书吊销列表是否与输入参数匹配。 6805e41f4b71Sopenharmony_ci 6806e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6807e41f4b71Sopenharmony_ci 6808e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6809e41f4b71Sopenharmony_ci 6810e41f4b71Sopenharmony_ci**参数**: 6811e41f4b71Sopenharmony_ci 6812e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 6813e41f4b71Sopenharmony_ci| --------- | ------ | ---- | ------------------------------------------ | 6814e41f4b71Sopenharmony_ci| param | [X509CRLMatchParameters](#x509crlmatchparameters11)| 是 | 表示需要匹配的参数。 | 6815e41f4b71Sopenharmony_ci 6816e41f4b71Sopenharmony_ci**返回值**: 6817e41f4b71Sopenharmony_ci 6818e41f4b71Sopenharmony_ci| 类型 | 说明 | 6819e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 6820e41f4b71Sopenharmony_ci| boolean | 当参数匹配时,该方法返回true,否则返回false。 | 6821e41f4b71Sopenharmony_ci 6822e41f4b71Sopenharmony_ci**错误码:** 6823e41f4b71Sopenharmony_ci 6824e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6825e41f4b71Sopenharmony_ci 6826e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6827e41f4b71Sopenharmony_ci| -------- | -------------- | 6828e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 6829e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6830e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6831e41f4b71Sopenharmony_ci 6832e41f4b71Sopenharmony_ci**示例:** 6833e41f4b71Sopenharmony_ci 6834e41f4b71Sopenharmony_ci```ts 6835e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6836e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6837e41f4b71Sopenharmony_ci 6838e41f4b71Sopenharmony_ci// string转Uint8Array 6839e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6840e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6841e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6842e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6843e41f4b71Sopenharmony_ci } 6844e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6845e41f4b71Sopenharmony_ci} 6846e41f4b71Sopenharmony_ci 6847e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6848e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6849e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6850e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6851e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6852e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6853e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6854e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6855e41f4b71Sopenharmony_ci 6856e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6857e41f4b71Sopenharmony_cilet crlEncodingBlob: cert.EncodingBlob = { 6858e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6859e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6860e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6861e41f4b71Sopenharmony_ci}; 6862e41f4b71Sopenharmony_ci 6863e41f4b71Sopenharmony_ciconst certData = "-----BEGIN CERTIFICATE-----\r\n" + 6864e41f4b71Sopenharmony_ci "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 6865e41f4b71Sopenharmony_ci "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 6866e41f4b71Sopenharmony_ci "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 6867e41f4b71Sopenharmony_ci "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 6868e41f4b71Sopenharmony_ci "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 6869e41f4b71Sopenharmony_ci "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 6870e41f4b71Sopenharmony_ci "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 6871e41f4b71Sopenharmony_ci "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 6872e41f4b71Sopenharmony_ci "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 6873e41f4b71Sopenharmony_ci "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 6874e41f4b71Sopenharmony_ci "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 6875e41f4b71Sopenharmony_ci "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 6876e41f4b71Sopenharmony_ci "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 6877e41f4b71Sopenharmony_ci "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 6878e41f4b71Sopenharmony_ci "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 6879e41f4b71Sopenharmony_ci "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 6880e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\r\n"; 6881e41f4b71Sopenharmony_ciconst certEncodingBlob: cert.EncodingBlob = { 6882e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 6883e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM, 6884e41f4b71Sopenharmony_ci}; 6885e41f4b71Sopenharmony_ci 6886e41f4b71Sopenharmony_ciasync function crlMatch() { 6887e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 6888e41f4b71Sopenharmony_ci try { 6889e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(certEncodingBlob); 6890e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 6891e41f4b71Sopenharmony_ci } catch (err) { 6892e41f4b71Sopenharmony_ci console.error('createX509Cert failed'); 6893e41f4b71Sopenharmony_ci } 6894e41f4b71Sopenharmony_ci 6895e41f4b71Sopenharmony_ci cert.createX509CRL(crlEncodingBlob, (error, x509CRL) => { 6896e41f4b71Sopenharmony_ci if (error) { 6897e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + error.code + ', errMsg: ' + error.message); 6898e41f4b71Sopenharmony_ci } else { 6899e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6900e41f4b71Sopenharmony_ci try { 6901e41f4b71Sopenharmony_ci const param: cert.X509CRLMatchParameters = { 6902e41f4b71Sopenharmony_ci issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 6903e41f4b71Sopenharmony_ci x509Cert: x509Cert 6904e41f4b71Sopenharmony_ci } 6905e41f4b71Sopenharmony_ci const result = x509CRL.match(param); 6906e41f4b71Sopenharmony_ci } catch (error) { 6907e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 6908e41f4b71Sopenharmony_ci console.error('x509CRL match failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6909e41f4b71Sopenharmony_ci } 6910e41f4b71Sopenharmony_ci } 6911e41f4b71Sopenharmony_ci }); 6912e41f4b71Sopenharmony_ci} 6913e41f4b71Sopenharmony_ci``` 6914e41f4b71Sopenharmony_ci 6915e41f4b71Sopenharmony_ci### getIssuerX500DistinguishedName<sup>12+</sup> 6916e41f4b71Sopenharmony_ci 6917e41f4b71Sopenharmony_cigetIssuerX500DistinguishedName(): X500DistinguishedName 6918e41f4b71Sopenharmony_ci 6919e41f4b71Sopenharmony_ci获取颁发者的X509可分辨名称。 6920e41f4b71Sopenharmony_ci 6921e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6922e41f4b71Sopenharmony_ci 6923e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6924e41f4b71Sopenharmony_ci 6925e41f4b71Sopenharmony_ci**返回值**: 6926e41f4b71Sopenharmony_ci 6927e41f4b71Sopenharmony_ci| 类型 | 说明 | 6928e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 6929e41f4b71Sopenharmony_ci| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。 | 6930e41f4b71Sopenharmony_ci 6931e41f4b71Sopenharmony_ci**错误码:** 6932e41f4b71Sopenharmony_ci 6933e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 6934e41f4b71Sopenharmony_ci 6935e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 6936e41f4b71Sopenharmony_ci| -------- | -------------- | 6937e41f4b71Sopenharmony_ci| 19020001 | memory error. | 6938e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 6939e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 6940e41f4b71Sopenharmony_ci 6941e41f4b71Sopenharmony_ci**示例:** 6942e41f4b71Sopenharmony_ci 6943e41f4b71Sopenharmony_ci```ts 6944e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 6945e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 6946e41f4b71Sopenharmony_ci 6947e41f4b71Sopenharmony_ci// string转Uint8Array 6948e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 6949e41f4b71Sopenharmony_ci let arr: Array<number> = []; 6950e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 6951e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 6952e41f4b71Sopenharmony_ci } 6953e41f4b71Sopenharmony_ci return new Uint8Array(arr); 6954e41f4b71Sopenharmony_ci} 6955e41f4b71Sopenharmony_ci 6956e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 6957e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 6958e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 6959e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 6960e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 6961e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 6962e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 6963e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 6964e41f4b71Sopenharmony_ci 6965e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 6966e41f4b71Sopenharmony_cilet crlEncodingBlob: cert.EncodingBlob = { 6967e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 6968e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 6969e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 6970e41f4b71Sopenharmony_ci}; 6971e41f4b71Sopenharmony_ci 6972e41f4b71Sopenharmony_ciasync function crlGetIssuerX500DistinguishedName() { 6973e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 6974e41f4b71Sopenharmony_ci try { 6975e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(crlEncodingBlob); 6976e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 6977e41f4b71Sopenharmony_ci let name = x509Crl.getIssuerX500DistinguishedName(); 6978e41f4b71Sopenharmony_ci } catch (err) { 6979e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 6980e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 6981e41f4b71Sopenharmony_ci } 6982e41f4b71Sopenharmony_ci} 6983e41f4b71Sopenharmony_ci``` 6984e41f4b71Sopenharmony_ci 6985e41f4b71Sopenharmony_ci### toString<sup>12+</sup> 6986e41f4b71Sopenharmony_ci 6987e41f4b71Sopenharmony_citoString(): string 6988e41f4b71Sopenharmony_ci 6989e41f4b71Sopenharmony_ci获取对象的字符串类型数据。 6990e41f4b71Sopenharmony_ci 6991e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 6992e41f4b71Sopenharmony_ci 6993e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 6994e41f4b71Sopenharmony_ci 6995e41f4b71Sopenharmony_ci**返回值**: 6996e41f4b71Sopenharmony_ci 6997e41f4b71Sopenharmony_ci| 类型 | 说明 | 6998e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 6999e41f4b71Sopenharmony_ci| string | 对象的字符串类型数据。 | 7000e41f4b71Sopenharmony_ci 7001e41f4b71Sopenharmony_ci**错误码:** 7002e41f4b71Sopenharmony_ci 7003e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7004e41f4b71Sopenharmony_ci 7005e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7006e41f4b71Sopenharmony_ci| -------- | -------------- | 7007e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7008e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7009e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7010e41f4b71Sopenharmony_ci 7011e41f4b71Sopenharmony_ci**示例:** 7012e41f4b71Sopenharmony_ci 7013e41f4b71Sopenharmony_ci```ts 7014e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7015e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7016e41f4b71Sopenharmony_ci 7017e41f4b71Sopenharmony_ci// string转Uint8Array 7018e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7019e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7020e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7021e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7022e41f4b71Sopenharmony_ci } 7023e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7024e41f4b71Sopenharmony_ci} 7025e41f4b71Sopenharmony_ci 7026e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7027e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7028e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7029e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7030e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7031e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7032e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7033e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 7034e41f4b71Sopenharmony_ci 7035e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 7036e41f4b71Sopenharmony_cilet crlEncodingBlob: cert.EncodingBlob = { 7037e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7038e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7039e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7040e41f4b71Sopenharmony_ci}; 7041e41f4b71Sopenharmony_ci 7042e41f4b71Sopenharmony_ciasync function crlToString() { 7043e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7044e41f4b71Sopenharmony_ci try { 7045e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(crlEncodingBlob); 7046e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 7047e41f4b71Sopenharmony_ci console.info('crlToString success: ' + JSON.stringify(x509Crl.toString())); 7048e41f4b71Sopenharmony_ci } catch (err) { 7049e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 7050e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7051e41f4b71Sopenharmony_ci } 7052e41f4b71Sopenharmony_ci} 7053e41f4b71Sopenharmony_ci``` 7054e41f4b71Sopenharmony_ci 7055e41f4b71Sopenharmony_ci### hashCode<sup>12+</sup> 7056e41f4b71Sopenharmony_ci 7057e41f4b71Sopenharmony_cihashCode(): Uint8Array 7058e41f4b71Sopenharmony_ci 7059e41f4b71Sopenharmony_ci获取DER格式数据的哈希值。 7060e41f4b71Sopenharmony_ci 7061e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7062e41f4b71Sopenharmony_ci 7063e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7064e41f4b71Sopenharmony_ci 7065e41f4b71Sopenharmony_ci**返回值**: 7066e41f4b71Sopenharmony_ci 7067e41f4b71Sopenharmony_ci| 类型 | 说明 | 7068e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 7069e41f4b71Sopenharmony_ci| Uint8Array | DER格式数据的哈希值。 | 7070e41f4b71Sopenharmony_ci 7071e41f4b71Sopenharmony_ci**错误码:** 7072e41f4b71Sopenharmony_ci 7073e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7074e41f4b71Sopenharmony_ci 7075e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7076e41f4b71Sopenharmony_ci| -------- | -------------- | 7077e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7078e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7079e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7080e41f4b71Sopenharmony_ci 7081e41f4b71Sopenharmony_ci**示例:** 7082e41f4b71Sopenharmony_ci 7083e41f4b71Sopenharmony_ci```ts 7084e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7085e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7086e41f4b71Sopenharmony_ci 7087e41f4b71Sopenharmony_ci// string转Uint8Array 7088e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7089e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7090e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7091e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7092e41f4b71Sopenharmony_ci } 7093e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7094e41f4b71Sopenharmony_ci} 7095e41f4b71Sopenharmony_ci 7096e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7097e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7098e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7099e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7100e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7101e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7102e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7103e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 7104e41f4b71Sopenharmony_ci 7105e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 7106e41f4b71Sopenharmony_cilet crlEncodingBlob: cert.EncodingBlob = { 7107e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7108e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7109e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7110e41f4b71Sopenharmony_ci}; 7111e41f4b71Sopenharmony_ci 7112e41f4b71Sopenharmony_ciasync function crlHashCode() { 7113e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7114e41f4b71Sopenharmony_ci try { 7115e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(crlEncodingBlob); 7116e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 7117e41f4b71Sopenharmony_ci console.info('crlHashCode success: ' + JSON.stringify(x509Crl.hashCode())); 7118e41f4b71Sopenharmony_ci } catch (err) { 7119e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 7120e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7121e41f4b71Sopenharmony_ci } 7122e41f4b71Sopenharmony_ci} 7123e41f4b71Sopenharmony_ci``` 7124e41f4b71Sopenharmony_ci 7125e41f4b71Sopenharmony_ci### getExtensionsObject<sup>12+</sup> 7126e41f4b71Sopenharmony_ci 7127e41f4b71Sopenharmony_cigetExtensionsObject(): CertExtension 7128e41f4b71Sopenharmony_ci 7129e41f4b71Sopenharmony_ci获取对应实体的扩展域DER格式数据。 7130e41f4b71Sopenharmony_ci 7131e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7132e41f4b71Sopenharmony_ci 7133e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7134e41f4b71Sopenharmony_ci 7135e41f4b71Sopenharmony_ci**返回值**: 7136e41f4b71Sopenharmony_ci 7137e41f4b71Sopenharmony_ci| 类型 | 说明 | 7138e41f4b71Sopenharmony_ci| --------------------- | ----------------------------------------- | 7139e41f4b71Sopenharmony_ci| [CertExtension](#certextension10) | 证书扩展域段类对象。| 7140e41f4b71Sopenharmony_ci 7141e41f4b71Sopenharmony_ci**错误码:** 7142e41f4b71Sopenharmony_ci 7143e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7144e41f4b71Sopenharmony_ci 7145e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7146e41f4b71Sopenharmony_ci| -------- | -------------- | 7147e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7148e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7149e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7150e41f4b71Sopenharmony_ci 7151e41f4b71Sopenharmony_ci**示例:** 7152e41f4b71Sopenharmony_ci 7153e41f4b71Sopenharmony_ci```ts 7154e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7155e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7156e41f4b71Sopenharmony_ci 7157e41f4b71Sopenharmony_ci// string转Uint8Array 7158e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7159e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7160e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7161e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7162e41f4b71Sopenharmony_ci } 7163e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7164e41f4b71Sopenharmony_ci} 7165e41f4b71Sopenharmony_ci 7166e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7167e41f4b71Sopenharmony_ci 'MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV\n' + 7168e41f4b71Sopenharmony_ci 'BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD\n' + 7169e41f4b71Sopenharmony_ci 'VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG\n' + 7170e41f4b71Sopenharmony_ci '9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy\n' + 7171e41f4b71Sopenharmony_ci 'NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+\n' + 7172e41f4b71Sopenharmony_ci '1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq\n' + 7173e41f4b71Sopenharmony_ci 'jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU\n' + 7174e41f4b71Sopenharmony_ci '+gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe\n' + 7175e41f4b71Sopenharmony_ci 'Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw\n' + 7176e41f4b71Sopenharmony_ci 'diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx\n' + 7177e41f4b71Sopenharmony_ci '+X48g7VE2o2X4cfy\n' + 7178e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 7179e41f4b71Sopenharmony_ci 7180e41f4b71Sopenharmony_ci// 证书吊销列表二进制数据,需业务自行赋值 7181e41f4b71Sopenharmony_cilet crlEncodingBlob: cert.EncodingBlob = { 7182e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7183e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7184e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7185e41f4b71Sopenharmony_ci}; 7186e41f4b71Sopenharmony_ci 7187e41f4b71Sopenharmony_ciasync function crlHashCode() { 7188e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 7189e41f4b71Sopenharmony_ci try { 7190e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(crlEncodingBlob); 7191e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 7192e41f4b71Sopenharmony_ci let object = x509Crl.getExtensionsObject(); 7193e41f4b71Sopenharmony_ci } catch (err) { 7194e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 7195e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7196e41f4b71Sopenharmony_ci } 7197e41f4b71Sopenharmony_ci} 7198e41f4b71Sopenharmony_ci``` 7199e41f4b71Sopenharmony_ci 7200e41f4b71Sopenharmony_ci## cert.createCertChainValidator 7201e41f4b71Sopenharmony_ci 7202e41f4b71Sopenharmony_cicreateCertChainValidator(algorithm :string) : CertChainValidator 7203e41f4b71Sopenharmony_ci 7204e41f4b71Sopenharmony_ci表示创建证书链校验器对象。 7205e41f4b71Sopenharmony_ci 7206e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7207e41f4b71Sopenharmony_ci 7208e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7209e41f4b71Sopenharmony_ci 7210e41f4b71Sopenharmony_ci**参数**: 7211e41f4b71Sopenharmony_ci 7212e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 7213e41f4b71Sopenharmony_ci| --------- | ------ | ---- | ------------------------------------------ | 7214e41f4b71Sopenharmony_ci| algorithm | string | 是 | 表示证书链校验器算法。当前仅支持输入“PKIX” | 7215e41f4b71Sopenharmony_ci 7216e41f4b71Sopenharmony_ci**返回值**: 7217e41f4b71Sopenharmony_ci 7218e41f4b71Sopenharmony_ci| 类型 | 说明 | 7219e41f4b71Sopenharmony_ci| ------------------ | -------------------- | 7220e41f4b71Sopenharmony_ci| [CertChainValidator](#certchainvalidator) | 表示证书链校验器对象 | 7221e41f4b71Sopenharmony_ci 7222e41f4b71Sopenharmony_ci**错误码:** 7223e41f4b71Sopenharmony_ci 7224e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7225e41f4b71Sopenharmony_ci 7226e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7227e41f4b71Sopenharmony_ci| -------- | ----------------------- | 7228e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7229e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 7230e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7231e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7232e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7233e41f4b71Sopenharmony_ci 7234e41f4b71Sopenharmony_ci**示例:** 7235e41f4b71Sopenharmony_ci 7236e41f4b71Sopenharmony_ci```ts 7237e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7238e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7239e41f4b71Sopenharmony_ci 7240e41f4b71Sopenharmony_citry { 7241e41f4b71Sopenharmony_ci let validator = cert.createCertChainValidator('PKIX'); 7242e41f4b71Sopenharmony_ci} catch (error) { 7243e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7244e41f4b71Sopenharmony_ci console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7245e41f4b71Sopenharmony_ci} 7246e41f4b71Sopenharmony_ci``` 7247e41f4b71Sopenharmony_ci 7248e41f4b71Sopenharmony_ci## CertChainValidator 7249e41f4b71Sopenharmony_ci 7250e41f4b71Sopenharmony_ci证书链校验器对象。 7251e41f4b71Sopenharmony_ci 7252e41f4b71Sopenharmony_ci 7253e41f4b71Sopenharmony_ci### 属性 7254e41f4b71Sopenharmony_ci 7255e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7256e41f4b71Sopenharmony_ci 7257e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7258e41f4b71Sopenharmony_ci 7259e41f4b71Sopenharmony_ci| 名称 | 类型 | 可读 | 可写 | 说明 | 7260e41f4b71Sopenharmony_ci| ------- | ------ | ---- | ---- | -------------------------- | 7261e41f4b71Sopenharmony_ci| algorithm | string | 是 | 否 | X509证书链校验器算法名称。 | 7262e41f4b71Sopenharmony_ci 7263e41f4b71Sopenharmony_ci 7264e41f4b71Sopenharmony_ci### validate 7265e41f4b71Sopenharmony_ci 7266e41f4b71Sopenharmony_civalidate(certChain : CertChainData, callback : AsyncCallback\<void>) : void 7267e41f4b71Sopenharmony_ci 7268e41f4b71Sopenharmony_ci表示校验X509证书链,使用Callback回调异步返回结果。 7269e41f4b71Sopenharmony_ci由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/DeviceCertificateKit/certificate-framework-overview.md#证书规格)。 7270e41f4b71Sopenharmony_ci 7271e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7272e41f4b71Sopenharmony_ci 7273e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7274e41f4b71Sopenharmony_ci 7275e41f4b71Sopenharmony_ci**参数**: 7276e41f4b71Sopenharmony_ci 7277e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 7278e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ------------------------------------------------------------ | 7279e41f4b71Sopenharmony_ci| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据 | 7280e41f4b71Sopenharmony_ci| callback | AsyncCallback\<void> | 是 | 回调函数。使用AsyncCallback的第一个error参数判断是否校验成功,error为null表示成功,error不为null表示失败 | 7281e41f4b71Sopenharmony_ci 7282e41f4b71Sopenharmony_ci**错误码:** 7283e41f4b71Sopenharmony_ci 7284e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7285e41f4b71Sopenharmony_ci 7286e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7287e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 7288e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7289e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7290e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7291e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7292e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 7293e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 7294e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 7295e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 7296e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 7297e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 7298e41f4b71Sopenharmony_ci 7299e41f4b71Sopenharmony_ci**示例:** 7300e41f4b71Sopenharmony_ci 7301e41f4b71Sopenharmony_ci```ts 7302e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7303e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7304e41f4b71Sopenharmony_ci 7305e41f4b71Sopenharmony_ci// string转Uint8Array 7306e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7307e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7308e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7309e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7310e41f4b71Sopenharmony_ci } 7311e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7312e41f4b71Sopenharmony_ci} 7313e41f4b71Sopenharmony_ci 7314e41f4b71Sopenharmony_ci// 证书链二进制数据 7315e41f4b71Sopenharmony_cilet certPem = '-----BEGIN CERTIFICATE-----\n' + 7316e41f4b71Sopenharmony_ci 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7317e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 7318e41f4b71Sopenharmony_ci 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 7319e41f4b71Sopenharmony_ci 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 7320e41f4b71Sopenharmony_ci 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 7321e41f4b71Sopenharmony_ci 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 7322e41f4b71Sopenharmony_ci 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 7323e41f4b71Sopenharmony_ci '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 7324e41f4b71Sopenharmony_ci '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 7325e41f4b71Sopenharmony_ci 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 7326e41f4b71Sopenharmony_ci 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 7327e41f4b71Sopenharmony_ci 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 7328e41f4b71Sopenharmony_ci 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 7329e41f4b71Sopenharmony_ci '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 7330e41f4b71Sopenharmony_ci 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 7331e41f4b71Sopenharmony_ci 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 7332e41f4b71Sopenharmony_ci 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 7333e41f4b71Sopenharmony_ci 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 7334e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----'; 7335e41f4b71Sopenharmony_ci 7336e41f4b71Sopenharmony_cilet caPem = '-----BEGIN CERTIFICATE-----\n' + 7337e41f4b71Sopenharmony_ci'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7338e41f4b71Sopenharmony_ci'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 7339e41f4b71Sopenharmony_ci'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 7340e41f4b71Sopenharmony_ci'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 7341e41f4b71Sopenharmony_ci'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 7342e41f4b71Sopenharmony_ci'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 7343e41f4b71Sopenharmony_ci'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 7344e41f4b71Sopenharmony_ci'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 7345e41f4b71Sopenharmony_ci'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 7346e41f4b71Sopenharmony_ci'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 7347e41f4b71Sopenharmony_ci'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 7348e41f4b71Sopenharmony_ci'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 7349e41f4b71Sopenharmony_ci'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 7350e41f4b71Sopenharmony_ci'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 7351e41f4b71Sopenharmony_ci'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 7352e41f4b71Sopenharmony_ci'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 7353e41f4b71Sopenharmony_ci'sSus\n' + 7354e41f4b71Sopenharmony_ci'-----END CERTIFICATE-----'; 7355e41f4b71Sopenharmony_ci 7356e41f4b71Sopenharmony_cilet certPemData = stringToUint8Array(certPem); 7357e41f4b71Sopenharmony_cilet caPemData = stringToUint8Array(caPem); 7358e41f4b71Sopenharmony_ci 7359e41f4b71Sopenharmony_cilet certPemDataLenData = new Uint8Array(new Uint16Array([certPemData.length]).buffer) 7360e41f4b71Sopenharmony_cilet caPemDataLenData = new Uint8Array(new Uint16Array([caPemData.length]).buffer) 7361e41f4b71Sopenharmony_ci 7362e41f4b71Sopenharmony_cilet certChainBuff = new Uint8Array(certPemDataLenData.length + certPemData.length + caPemDataLenData.length + caPemData.length) 7363e41f4b71Sopenharmony_cicertChainBuff.set(certPemDataLenData) 7364e41f4b71Sopenharmony_cicertChainBuff.set(certPemData, certPemDataLenData.length) 7365e41f4b71Sopenharmony_cicertChainBuff.set(caPemDataLenData, certPemDataLenData.length + certPemData.length) 7366e41f4b71Sopenharmony_cicertChainBuff.set(caPemData, certPemDataLenData.length + certPemData.length + caPemDataLenData.length) 7367e41f4b71Sopenharmony_ci 7368e41f4b71Sopenharmony_cilet certChainData: cert.CertChainData = { 7369e41f4b71Sopenharmony_ci data: certChainBuff, 7370e41f4b71Sopenharmony_ci // 证书链包含的证书个数,需业务自行赋值 7371e41f4b71Sopenharmony_ci count: 2, 7372e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7373e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7374e41f4b71Sopenharmony_ci}; 7375e41f4b71Sopenharmony_ci 7376e41f4b71Sopenharmony_citry { 7377e41f4b71Sopenharmony_ci let validator = cert.createCertChainValidator('PKIX'); 7378e41f4b71Sopenharmony_ci validator.validate(certChainData, (error, data) => { 7379e41f4b71Sopenharmony_ci if (error) { 7380e41f4b71Sopenharmony_ci console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7381e41f4b71Sopenharmony_ci } else { 7382e41f4b71Sopenharmony_ci console.log('validate success'); 7383e41f4b71Sopenharmony_ci } 7384e41f4b71Sopenharmony_ci }); 7385e41f4b71Sopenharmony_ci} catch (error) { 7386e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7387e41f4b71Sopenharmony_ci console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7388e41f4b71Sopenharmony_ci} 7389e41f4b71Sopenharmony_ci``` 7390e41f4b71Sopenharmony_ci 7391e41f4b71Sopenharmony_ci### validate 7392e41f4b71Sopenharmony_ci 7393e41f4b71Sopenharmony_civalidate(certChain : CertChainData) : Promise\<void> 7394e41f4b71Sopenharmony_ci 7395e41f4b71Sopenharmony_ci表示校验X509证书链,使用Promise方式异步返回结果。 7396e41f4b71Sopenharmony_ci由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的[checkValidityWithDate](#checkvaliditywithdate)方法进行检查。详见[证书规格](../../security/DeviceCertificateKit/certificate-framework-overview.md#证书规格)。 7397e41f4b71Sopenharmony_ci 7398e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7399e41f4b71Sopenharmony_ci 7400e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7401e41f4b71Sopenharmony_ci 7402e41f4b71Sopenharmony_ci**参数**: 7403e41f4b71Sopenharmony_ci 7404e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 7405e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | -------------------------- | 7406e41f4b71Sopenharmony_ci| certChain | [CertChainData](#certchaindata) | 是 | 表示X509证书链序列化数据。 | 7407e41f4b71Sopenharmony_ci 7408e41f4b71Sopenharmony_ci**返回值**: 7409e41f4b71Sopenharmony_ci 7410e41f4b71Sopenharmony_ci| 类型 | 说明 | 7411e41f4b71Sopenharmony_ci| -------------- | ----------- | 7412e41f4b71Sopenharmony_ci| Promise\<void> | Promise对象 | 7413e41f4b71Sopenharmony_ci 7414e41f4b71Sopenharmony_ci**错误码:** 7415e41f4b71Sopenharmony_ci 7416e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7417e41f4b71Sopenharmony_ci 7418e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7419e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 7420e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 7421e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7422e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7423e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7424e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 7425e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 7426e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 7427e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 7428e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 7429e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 7430e41f4b71Sopenharmony_ci 7431e41f4b71Sopenharmony_ci**示例:** 7432e41f4b71Sopenharmony_ci 7433e41f4b71Sopenharmony_ci```ts 7434e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7435e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7436e41f4b71Sopenharmony_ci 7437e41f4b71Sopenharmony_ci// string转Uint8Array 7438e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7439e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7440e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7441e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7442e41f4b71Sopenharmony_ci } 7443e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7444e41f4b71Sopenharmony_ci} 7445e41f4b71Sopenharmony_ci 7446e41f4b71Sopenharmony_ci// 证书链数据 7447e41f4b71Sopenharmony_cilet certPem = '-----BEGIN CERTIFICATE-----\n' + 7448e41f4b71Sopenharmony_ci 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7449e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 7450e41f4b71Sopenharmony_ci 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 7451e41f4b71Sopenharmony_ci 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 7452e41f4b71Sopenharmony_ci 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 7453e41f4b71Sopenharmony_ci 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 7454e41f4b71Sopenharmony_ci 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 7455e41f4b71Sopenharmony_ci '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 7456e41f4b71Sopenharmony_ci '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 7457e41f4b71Sopenharmony_ci 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 7458e41f4b71Sopenharmony_ci 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 7459e41f4b71Sopenharmony_ci 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 7460e41f4b71Sopenharmony_ci 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 7461e41f4b71Sopenharmony_ci '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 7462e41f4b71Sopenharmony_ci 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 7463e41f4b71Sopenharmony_ci 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 7464e41f4b71Sopenharmony_ci 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 7465e41f4b71Sopenharmony_ci 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 7466e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----'; 7467e41f4b71Sopenharmony_ci 7468e41f4b71Sopenharmony_cilet caPem = '-----BEGIN CERTIFICATE-----\n' + 7469e41f4b71Sopenharmony_ci'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 7470e41f4b71Sopenharmony_ci'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 7471e41f4b71Sopenharmony_ci'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 7472e41f4b71Sopenharmony_ci'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 7473e41f4b71Sopenharmony_ci'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 7474e41f4b71Sopenharmony_ci'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 7475e41f4b71Sopenharmony_ci'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 7476e41f4b71Sopenharmony_ci'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 7477e41f4b71Sopenharmony_ci'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 7478e41f4b71Sopenharmony_ci'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 7479e41f4b71Sopenharmony_ci'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 7480e41f4b71Sopenharmony_ci'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 7481e41f4b71Sopenharmony_ci'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 7482e41f4b71Sopenharmony_ci'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 7483e41f4b71Sopenharmony_ci'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 7484e41f4b71Sopenharmony_ci'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 7485e41f4b71Sopenharmony_ci'sSus\n' + 7486e41f4b71Sopenharmony_ci'-----END CERTIFICATE-----'; 7487e41f4b71Sopenharmony_ci 7488e41f4b71Sopenharmony_cilet certPemData = stringToUint8Array(certPem); 7489e41f4b71Sopenharmony_cilet caPemData = stringToUint8Array(caPem); 7490e41f4b71Sopenharmony_ci 7491e41f4b71Sopenharmony_cilet certPemDataLenData = new Uint8Array(new Uint16Array([certPemData.length]).buffer) 7492e41f4b71Sopenharmony_cilet caPemDataLenData = new Uint8Array(new Uint16Array([caPemData.length]).buffer) 7493e41f4b71Sopenharmony_ci 7494e41f4b71Sopenharmony_cilet certChainBuff = new Uint8Array(certPemDataLenData.length + certPemData.length + caPemDataLenData.length + caPemData.length) 7495e41f4b71Sopenharmony_cicertChainBuff.set(certPemDataLenData) 7496e41f4b71Sopenharmony_cicertChainBuff.set(certPemData, certPemDataLenData.length) 7497e41f4b71Sopenharmony_cicertChainBuff.set(caPemDataLenData, certPemDataLenData.length + certPemData.length) 7498e41f4b71Sopenharmony_cicertChainBuff.set(caPemData, certPemDataLenData.length + certPemData.length + caPemDataLenData.length) 7499e41f4b71Sopenharmony_ci 7500e41f4b71Sopenharmony_cilet certChainData: cert.CertChainData = { 7501e41f4b71Sopenharmony_ci data: certChainBuff, 7502e41f4b71Sopenharmony_ci // 证书链包含的证书个数,需业务自行赋值 7503e41f4b71Sopenharmony_ci count: 2, 7504e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7505e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7506e41f4b71Sopenharmony_ci}; 7507e41f4b71Sopenharmony_ci 7508e41f4b71Sopenharmony_citry { 7509e41f4b71Sopenharmony_ci let validator = cert.createCertChainValidator('PKIX'); 7510e41f4b71Sopenharmony_ci validator.validate(certChainData).then(result => { 7511e41f4b71Sopenharmony_ci console.log('validate success'); 7512e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 7513e41f4b71Sopenharmony_ci console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7514e41f4b71Sopenharmony_ci }); 7515e41f4b71Sopenharmony_ci} catch (error) { 7516e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7517e41f4b71Sopenharmony_ci console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7518e41f4b71Sopenharmony_ci} 7519e41f4b71Sopenharmony_ci``` 7520e41f4b71Sopenharmony_ci 7521e41f4b71Sopenharmony_ci## X509CrlEntry<sup>(deprecated)</sup> 7522e41f4b71Sopenharmony_ci 7523e41f4b71Sopenharmony_ci被吊销证书对象。 7524e41f4b71Sopenharmony_ci 7525e41f4b71Sopenharmony_ci> **说明:** 7526e41f4b71Sopenharmony_ci> 7527e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CrlEntry](#x509crlentry11)替代。 7528e41f4b71Sopenharmony_ci 7529e41f4b71Sopenharmony_ci### getEncoded<sup>(deprecated)</sup> 7530e41f4b71Sopenharmony_ci 7531e41f4b71Sopenharmony_cigetEncoded(callback : AsyncCallback\<EncodingBlob>) : void 7532e41f4b71Sopenharmony_ci 7533e41f4b71Sopenharmony_ci表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。 7534e41f4b71Sopenharmony_ci 7535e41f4b71Sopenharmony_ci> **说明:** 7536e41f4b71Sopenharmony_ci> 7537e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRLEntry.getEncoded](#getencoded11-2)替代。 7538e41f4b71Sopenharmony_ci 7539e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7540e41f4b71Sopenharmony_ci 7541e41f4b71Sopenharmony_ci**参数**: 7542e41f4b71Sopenharmony_ci 7543e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 7544e41f4b71Sopenharmony_ci| -------- | --------------------------------------------- | ---- | ------------------------------------ | 7545e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数。表示被吊销证书的序列化数据 | 7546e41f4b71Sopenharmony_ci 7547e41f4b71Sopenharmony_ci**错误码:** 7548e41f4b71Sopenharmony_ci 7549e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7550e41f4b71Sopenharmony_ci 7551e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7552e41f4b71Sopenharmony_ci| -------- | ----------------------- | 7553e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 7554e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7555e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7556e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7557e41f4b71Sopenharmony_ci 7558e41f4b71Sopenharmony_ci**示例:** 7559e41f4b71Sopenharmony_ci 7560e41f4b71Sopenharmony_ci```ts 7561e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7562e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7563e41f4b71Sopenharmony_ci 7564e41f4b71Sopenharmony_ci// string转Uint8Array 7565e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7566e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7567e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7568e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7569e41f4b71Sopenharmony_ci } 7570e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7571e41f4b71Sopenharmony_ci} 7572e41f4b71Sopenharmony_ci 7573e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7574e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7575e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7576e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7577e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7578e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7579e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7580e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7581e41f4b71Sopenharmony_ci 7582e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7583e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7584e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7585e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7586e41f4b71Sopenharmony_ci}; 7587e41f4b71Sopenharmony_ci 7588e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (err, x509Crl) => { 7589e41f4b71Sopenharmony_ci if (err) { 7590e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7591e41f4b71Sopenharmony_ci } else { 7592e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 7593e41f4b71Sopenharmony_ci 7594e41f4b71Sopenharmony_ci try { 7595e41f4b71Sopenharmony_ci let serialNumber = 1000; 7596e41f4b71Sopenharmony_ci let crlEntry = x509Crl.getRevokedCert(serialNumber); 7597e41f4b71Sopenharmony_ci crlEntry.getEncoded((error, data) => { 7598e41f4b71Sopenharmony_ci if (error) { 7599e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7600e41f4b71Sopenharmony_ci } else { 7601e41f4b71Sopenharmony_ci console.log('getEncoded success'); 7602e41f4b71Sopenharmony_ci } 7603e41f4b71Sopenharmony_ci }); 7604e41f4b71Sopenharmony_ci } catch (error) { 7605e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7606e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7607e41f4b71Sopenharmony_ci } 7608e41f4b71Sopenharmony_ci } 7609e41f4b71Sopenharmony_ci}) 7610e41f4b71Sopenharmony_ci``` 7611e41f4b71Sopenharmony_ci 7612e41f4b71Sopenharmony_ci### getEncoded<sup>(deprecated)</sup> 7613e41f4b71Sopenharmony_ci 7614e41f4b71Sopenharmony_cigetEncoded() : Promise\<EncodingBlob> 7615e41f4b71Sopenharmony_ci 7616e41f4b71Sopenharmony_ci表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。 7617e41f4b71Sopenharmony_ci 7618e41f4b71Sopenharmony_ci> **说明:** 7619e41f4b71Sopenharmony_ci> 7620e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRLEntry.getEncoded](#getencoded11-3)替代。 7621e41f4b71Sopenharmony_ci 7622e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7623e41f4b71Sopenharmony_ci 7624e41f4b71Sopenharmony_ci**返回值**: 7625e41f4b71Sopenharmony_ci 7626e41f4b71Sopenharmony_ci| 类型 | 说明 | 7627e41f4b71Sopenharmony_ci| --------------------------------------- | -------------------------- | 7628e41f4b71Sopenharmony_ci| Promise\<[EncodingBlob](#encodingblob)> | 表示被吊销证书的序列化数据 | 7629e41f4b71Sopenharmony_ci 7630e41f4b71Sopenharmony_ci**错误码:** 7631e41f4b71Sopenharmony_ci 7632e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7633e41f4b71Sopenharmony_ci 7634e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7635e41f4b71Sopenharmony_ci| -------- | ----------------------- | 7636e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 7637e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7638e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7639e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7640e41f4b71Sopenharmony_ci 7641e41f4b71Sopenharmony_ci**示例:** 7642e41f4b71Sopenharmony_ci 7643e41f4b71Sopenharmony_ci```ts 7644e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7645e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7646e41f4b71Sopenharmony_ci 7647e41f4b71Sopenharmony_ci// string转Uint8Array 7648e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7649e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7650e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7651e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7652e41f4b71Sopenharmony_ci } 7653e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7654e41f4b71Sopenharmony_ci} 7655e41f4b71Sopenharmony_ci 7656e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7657e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7658e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7659e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7660e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7661e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7662e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7663e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7664e41f4b71Sopenharmony_ci 7665e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7666e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7667e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7668e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7669e41f4b71Sopenharmony_ci}; 7670e41f4b71Sopenharmony_ci 7671e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (err, x509Crl) => { 7672e41f4b71Sopenharmony_ci if (err) { 7673e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7674e41f4b71Sopenharmony_ci } else { 7675e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 7676e41f4b71Sopenharmony_ci 7677e41f4b71Sopenharmony_ci try { 7678e41f4b71Sopenharmony_ci let serialNumber = 1000; 7679e41f4b71Sopenharmony_ci let crlEntry = x509Crl.getRevokedCert(serialNumber); 7680e41f4b71Sopenharmony_ci crlEntry.getEncoded().then(result => { 7681e41f4b71Sopenharmony_ci console.log('getEncoded success'); 7682e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 7683e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7684e41f4b71Sopenharmony_ci }); 7685e41f4b71Sopenharmony_ci } catch (error) { 7686e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7687e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7688e41f4b71Sopenharmony_ci } 7689e41f4b71Sopenharmony_ci } 7690e41f4b71Sopenharmony_ci}) 7691e41f4b71Sopenharmony_ci``` 7692e41f4b71Sopenharmony_ci 7693e41f4b71Sopenharmony_ci### getSerialNumber<sup>(deprecated)</sup> 7694e41f4b71Sopenharmony_ci 7695e41f4b71Sopenharmony_cigetSerialNumber() : number 7696e41f4b71Sopenharmony_ci 7697e41f4b71Sopenharmony_ci表示获取被吊销证书的序列号。 7698e41f4b71Sopenharmony_ci 7699e41f4b71Sopenharmony_ci> **说明:** 7700e41f4b71Sopenharmony_ci> 7701e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRLEntry.getSerialNumber](#getserialnumber11)替代。 7702e41f4b71Sopenharmony_ci 7703e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7704e41f4b71Sopenharmony_ci 7705e41f4b71Sopenharmony_ci**返回值**: 7706e41f4b71Sopenharmony_ci 7707e41f4b71Sopenharmony_ci| 类型 | 说明 | 7708e41f4b71Sopenharmony_ci| ------ | ---------------------- | 7709e41f4b71Sopenharmony_ci| number | 表示被吊销证书的序列号 | 7710e41f4b71Sopenharmony_ci 7711e41f4b71Sopenharmony_ci**示例:** 7712e41f4b71Sopenharmony_ci 7713e41f4b71Sopenharmony_ci```ts 7714e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7715e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7716e41f4b71Sopenharmony_ci 7717e41f4b71Sopenharmony_ci// string转Uint8Array 7718e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7719e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7720e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7721e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7722e41f4b71Sopenharmony_ci } 7723e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7724e41f4b71Sopenharmony_ci} 7725e41f4b71Sopenharmony_ci 7726e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7727e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7728e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7729e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7730e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7731e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7732e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7733e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7734e41f4b71Sopenharmony_ci 7735e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7736e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7737e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7738e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7739e41f4b71Sopenharmony_ci}; 7740e41f4b71Sopenharmony_ci 7741e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (err, x509Crl) => { 7742e41f4b71Sopenharmony_ci if (err) { 7743e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7744e41f4b71Sopenharmony_ci } else { 7745e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 7746e41f4b71Sopenharmony_ci 7747e41f4b71Sopenharmony_ci try { 7748e41f4b71Sopenharmony_ci let serialNumber = 1000; 7749e41f4b71Sopenharmony_ci let crlEntry = x509Crl.getRevokedCert(serialNumber); 7750e41f4b71Sopenharmony_ci serialNumber = crlEntry.getSerialNumber(); 7751e41f4b71Sopenharmony_ci } catch (error) { 7752e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7753e41f4b71Sopenharmony_ci console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7754e41f4b71Sopenharmony_ci } 7755e41f4b71Sopenharmony_ci } 7756e41f4b71Sopenharmony_ci}) 7757e41f4b71Sopenharmony_ci``` 7758e41f4b71Sopenharmony_ci 7759e41f4b71Sopenharmony_ci### getCertIssuer<sup>(deprecated)</sup> 7760e41f4b71Sopenharmony_ci 7761e41f4b71Sopenharmony_cigetCertIssuer() : DataBlob 7762e41f4b71Sopenharmony_ci 7763e41f4b71Sopenharmony_ci表示获取被吊销证书的颁发者信息。 7764e41f4b71Sopenharmony_ci 7765e41f4b71Sopenharmony_ci> **说明:** 7766e41f4b71Sopenharmony_ci> 7767e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRLEntry.getCertIssuer](#getcertissuer11)替代。 7768e41f4b71Sopenharmony_ci 7769e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7770e41f4b71Sopenharmony_ci 7771e41f4b71Sopenharmony_ci**返回值**: 7772e41f4b71Sopenharmony_ci 7773e41f4b71Sopenharmony_ci| 类型 | 说明 | 7774e41f4b71Sopenharmony_ci| --------------------- | ----------------------- | 7775e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示被吊销证书的颁发者信息 | 7776e41f4b71Sopenharmony_ci 7777e41f4b71Sopenharmony_ci**错误码:** 7778e41f4b71Sopenharmony_ci 7779e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7780e41f4b71Sopenharmony_ci 7781e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7782e41f4b71Sopenharmony_ci| -------- | -------------- | 7783e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 7784e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7785e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7786e41f4b71Sopenharmony_ci 7787e41f4b71Sopenharmony_ci**示例:** 7788e41f4b71Sopenharmony_ci 7789e41f4b71Sopenharmony_ci```ts 7790e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7791e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7792e41f4b71Sopenharmony_ci 7793e41f4b71Sopenharmony_ci// string转Uint8Array 7794e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7795e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7796e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7797e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7798e41f4b71Sopenharmony_ci } 7799e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7800e41f4b71Sopenharmony_ci} 7801e41f4b71Sopenharmony_ci 7802e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7803e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7804e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7805e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7806e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7807e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7808e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7809e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7810e41f4b71Sopenharmony_ci 7811e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7812e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7813e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7814e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7815e41f4b71Sopenharmony_ci}; 7816e41f4b71Sopenharmony_ci 7817e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (err, x509Crl) => { 7818e41f4b71Sopenharmony_ci if (err) { 7819e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7820e41f4b71Sopenharmony_ci } else { 7821e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 7822e41f4b71Sopenharmony_ci 7823e41f4b71Sopenharmony_ci try { 7824e41f4b71Sopenharmony_ci let serialNumber = 1000; 7825e41f4b71Sopenharmony_ci let crlEntry = x509Crl.getRevokedCert(serialNumber); 7826e41f4b71Sopenharmony_ci let issuer = crlEntry.getCertIssuer(); 7827e41f4b71Sopenharmony_ci } catch (error) { 7828e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7829e41f4b71Sopenharmony_ci console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7830e41f4b71Sopenharmony_ci } 7831e41f4b71Sopenharmony_ci } 7832e41f4b71Sopenharmony_ci}) 7833e41f4b71Sopenharmony_ci``` 7834e41f4b71Sopenharmony_ci 7835e41f4b71Sopenharmony_ci### getRevocationDate<sup>(deprecated)</sup> 7836e41f4b71Sopenharmony_ci 7837e41f4b71Sopenharmony_cigetRevocationDate() : string 7838e41f4b71Sopenharmony_ci 7839e41f4b71Sopenharmony_ci表示获取证书被吊销的日期,日期为ASN.1时间格式。 7840e41f4b71Sopenharmony_ci 7841e41f4b71Sopenharmony_ci> **说明:** 7842e41f4b71Sopenharmony_ci> 7843e41f4b71Sopenharmony_ci> 从API version 11开始废弃,建议使用[X509CRLEntry.getRevocationDate](#getrevocationdate11)替代。 7844e41f4b71Sopenharmony_ci 7845e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7846e41f4b71Sopenharmony_ci 7847e41f4b71Sopenharmony_ci**返回值**: 7848e41f4b71Sopenharmony_ci 7849e41f4b71Sopenharmony_ci| 类型 | 说明 | 7850e41f4b71Sopenharmony_ci| ------ | ------------------ | 7851e41f4b71Sopenharmony_ci| string | 表示证书被吊销的日期,日期为ASN.1时间格式。 | 7852e41f4b71Sopenharmony_ci 7853e41f4b71Sopenharmony_ci**错误码:** 7854e41f4b71Sopenharmony_ci 7855e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7856e41f4b71Sopenharmony_ci 7857e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7858e41f4b71Sopenharmony_ci| -------- | ----------------------- | 7859e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7860e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7861e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7862e41f4b71Sopenharmony_ci 7863e41f4b71Sopenharmony_ci**示例:** 7864e41f4b71Sopenharmony_ci 7865e41f4b71Sopenharmony_ci```ts 7866e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7867e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7868e41f4b71Sopenharmony_ci 7869e41f4b71Sopenharmony_ci// string转Uint8Array 7870e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7871e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7872e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7873e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7874e41f4b71Sopenharmony_ci } 7875e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7876e41f4b71Sopenharmony_ci} 7877e41f4b71Sopenharmony_ci 7878e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7879e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7880e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7881e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7882e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7883e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7884e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7885e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7886e41f4b71Sopenharmony_ci 7887e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7888e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7889e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7890e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7891e41f4b71Sopenharmony_ci}; 7892e41f4b71Sopenharmony_ci 7893e41f4b71Sopenharmony_cicert.createX509Crl(encodingBlob, (err, x509Crl) => { 7894e41f4b71Sopenharmony_ci if (err) { 7895e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7896e41f4b71Sopenharmony_ci } else { 7897e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 7898e41f4b71Sopenharmony_ci 7899e41f4b71Sopenharmony_ci try { 7900e41f4b71Sopenharmony_ci let serialNumber = 1000; 7901e41f4b71Sopenharmony_ci let crlEntry = x509Crl.getRevokedCert(serialNumber); 7902e41f4b71Sopenharmony_ci let date = crlEntry.getRevocationDate(); 7903e41f4b71Sopenharmony_ci } catch (error) { 7904e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7905e41f4b71Sopenharmony_ci console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7906e41f4b71Sopenharmony_ci } 7907e41f4b71Sopenharmony_ci } 7908e41f4b71Sopenharmony_ci}) 7909e41f4b71Sopenharmony_ci``` 7910e41f4b71Sopenharmony_ci 7911e41f4b71Sopenharmony_ci## X509CRLEntry<sup>11+</sup> 7912e41f4b71Sopenharmony_ci 7913e41f4b71Sopenharmony_ci被吊销证书对象。 7914e41f4b71Sopenharmony_ci 7915e41f4b71Sopenharmony_ci### getEncoded<sup>11+</sup> 7916e41f4b71Sopenharmony_ci 7917e41f4b71Sopenharmony_cigetEncoded(callback : AsyncCallback\<EncodingBlob>) : void 7918e41f4b71Sopenharmony_ci 7919e41f4b71Sopenharmony_ci表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。 7920e41f4b71Sopenharmony_ci 7921e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 7922e41f4b71Sopenharmony_ci 7923e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 7924e41f4b71Sopenharmony_ci 7925e41f4b71Sopenharmony_ci**参数**: 7926e41f4b71Sopenharmony_ci 7927e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 7928e41f4b71Sopenharmony_ci| -------- | --------------------------------------------- | ---- | ------------------------------------ | 7929e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[EncodingBlob](#encodingblob)> | 是 | 回调函数。表示被吊销证书的序列化数据 | 7930e41f4b71Sopenharmony_ci 7931e41f4b71Sopenharmony_ci**错误码:** 7932e41f4b71Sopenharmony_ci 7933e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 7934e41f4b71Sopenharmony_ci 7935e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 7936e41f4b71Sopenharmony_ci| -------- | ----------------------- | 7937e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 7938e41f4b71Sopenharmony_ci| 19020001 | memory error. | 7939e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 7940e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 7941e41f4b71Sopenharmony_ci 7942e41f4b71Sopenharmony_ci**示例:** 7943e41f4b71Sopenharmony_ci 7944e41f4b71Sopenharmony_ci```ts 7945e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 7946e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 7947e41f4b71Sopenharmony_ci 7948e41f4b71Sopenharmony_ci// string转Uint8Array 7949e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 7950e41f4b71Sopenharmony_ci let arr: Array<number> = []; 7951e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 7952e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 7953e41f4b71Sopenharmony_ci } 7954e41f4b71Sopenharmony_ci return new Uint8Array(arr); 7955e41f4b71Sopenharmony_ci} 7956e41f4b71Sopenharmony_ci 7957e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 7958e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 7959e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 7960e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 7961e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 7962e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 7963e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 7964e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 7965e41f4b71Sopenharmony_ci 7966e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 7967e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 7968e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 7969e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 7970e41f4b71Sopenharmony_ci}; 7971e41f4b71Sopenharmony_ci 7972e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 7973e41f4b71Sopenharmony_ci if (err) { 7974e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 7975e41f4b71Sopenharmony_ci } else { 7976e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 7977e41f4b71Sopenharmony_ci 7978e41f4b71Sopenharmony_ci try { 7979e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 7980e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 7981e41f4b71Sopenharmony_ci crlEntry.getEncoded((error, data) => { 7982e41f4b71Sopenharmony_ci if (error) { 7983e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 7984e41f4b71Sopenharmony_ci } else { 7985e41f4b71Sopenharmony_ci console.log('getEncoded success'); 7986e41f4b71Sopenharmony_ci } 7987e41f4b71Sopenharmony_ci }); 7988e41f4b71Sopenharmony_ci } catch (error) { 7989e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 7990e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 7991e41f4b71Sopenharmony_ci } 7992e41f4b71Sopenharmony_ci } 7993e41f4b71Sopenharmony_ci}) 7994e41f4b71Sopenharmony_ci``` 7995e41f4b71Sopenharmony_ci 7996e41f4b71Sopenharmony_ci### getEncoded<sup>11+</sup> 7997e41f4b71Sopenharmony_ci 7998e41f4b71Sopenharmony_cigetEncoded() : Promise\<EncodingBlob> 7999e41f4b71Sopenharmony_ci 8000e41f4b71Sopenharmony_ci表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。 8001e41f4b71Sopenharmony_ci 8002e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8003e41f4b71Sopenharmony_ci 8004e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8005e41f4b71Sopenharmony_ci 8006e41f4b71Sopenharmony_ci**返回值**: 8007e41f4b71Sopenharmony_ci 8008e41f4b71Sopenharmony_ci| 类型 | 说明 | 8009e41f4b71Sopenharmony_ci| --------------------------------------- | -------------------------- | 8010e41f4b71Sopenharmony_ci| Promise\<[EncodingBlob](#encodingblob)> | 表示被吊销证书的序列化数据 | 8011e41f4b71Sopenharmony_ci 8012e41f4b71Sopenharmony_ci**错误码:** 8013e41f4b71Sopenharmony_ci 8014e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8015e41f4b71Sopenharmony_ci 8016e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8017e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8018e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types.| 8019e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8020e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8021e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8022e41f4b71Sopenharmony_ci 8023e41f4b71Sopenharmony_ci**示例:** 8024e41f4b71Sopenharmony_ci 8025e41f4b71Sopenharmony_ci```ts 8026e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8027e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8028e41f4b71Sopenharmony_ci 8029e41f4b71Sopenharmony_ci// string转Uint8Array 8030e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8031e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8032e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8033e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8034e41f4b71Sopenharmony_ci } 8035e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8036e41f4b71Sopenharmony_ci} 8037e41f4b71Sopenharmony_ci 8038e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8039e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8040e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8041e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8042e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8043e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8044e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8045e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8046e41f4b71Sopenharmony_ci 8047e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8048e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8049e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8050e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8051e41f4b71Sopenharmony_ci}; 8052e41f4b71Sopenharmony_ci 8053e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8054e41f4b71Sopenharmony_ci if (err) { 8055e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8056e41f4b71Sopenharmony_ci } else { 8057e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 8058e41f4b71Sopenharmony_ci 8059e41f4b71Sopenharmony_ci try { 8060e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 8061e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8062e41f4b71Sopenharmony_ci crlEntry.getEncoded().then(result => { 8063e41f4b71Sopenharmony_ci console.log('getEncoded success'); 8064e41f4b71Sopenharmony_ci }).catch((error: BusinessError) => { 8065e41f4b71Sopenharmony_ci console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message); 8066e41f4b71Sopenharmony_ci }); 8067e41f4b71Sopenharmony_ci } catch (error) { 8068e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8069e41f4b71Sopenharmony_ci console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8070e41f4b71Sopenharmony_ci } 8071e41f4b71Sopenharmony_ci } 8072e41f4b71Sopenharmony_ci}) 8073e41f4b71Sopenharmony_ci``` 8074e41f4b71Sopenharmony_ci 8075e41f4b71Sopenharmony_ci### getSerialNumber<sup>11+</sup> 8076e41f4b71Sopenharmony_ci 8077e41f4b71Sopenharmony_cigetSerialNumber() : bigint 8078e41f4b71Sopenharmony_ci 8079e41f4b71Sopenharmony_ci表示获取被吊销证书的序列号。 8080e41f4b71Sopenharmony_ci 8081e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8082e41f4b71Sopenharmony_ci 8083e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8084e41f4b71Sopenharmony_ci 8085e41f4b71Sopenharmony_ci**返回值**: 8086e41f4b71Sopenharmony_ci 8087e41f4b71Sopenharmony_ci| 类型 | 说明 | 8088e41f4b71Sopenharmony_ci| ------ | ---------------------- | 8089e41f4b71Sopenharmony_ci| bigint | 表示被吊销证书的序列号 | 8090e41f4b71Sopenharmony_ci 8091e41f4b71Sopenharmony_ci**错误码:** 8092e41f4b71Sopenharmony_ci 8093e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8094e41f4b71Sopenharmony_ci 8095e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8096e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8097e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8098e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8099e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8100e41f4b71Sopenharmony_ci 8101e41f4b71Sopenharmony_ci**示例:** 8102e41f4b71Sopenharmony_ci 8103e41f4b71Sopenharmony_ci```ts 8104e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8105e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8106e41f4b71Sopenharmony_ci 8107e41f4b71Sopenharmony_ci// string转Uint8Array 8108e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8109e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8110e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8111e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8112e41f4b71Sopenharmony_ci } 8113e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8114e41f4b71Sopenharmony_ci} 8115e41f4b71Sopenharmony_ci 8116e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8117e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8118e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8119e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8120e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8121e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8122e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8123e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8124e41f4b71Sopenharmony_ci 8125e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8126e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8127e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8128e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8129e41f4b71Sopenharmony_ci}; 8130e41f4b71Sopenharmony_ci 8131e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8132e41f4b71Sopenharmony_ci if (err) { 8133e41f4b71Sopenharmony_ci console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8134e41f4b71Sopenharmony_ci } else { 8135e41f4b71Sopenharmony_ci console.log('create x509 crl success'); 8136e41f4b71Sopenharmony_ci 8137e41f4b71Sopenharmony_ci try { 8138e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 8139e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8140e41f4b71Sopenharmony_ci serialNumber = crlEntry.getSerialNumber(); 8141e41f4b71Sopenharmony_ci } catch (error) { 8142e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8143e41f4b71Sopenharmony_ci console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8144e41f4b71Sopenharmony_ci } 8145e41f4b71Sopenharmony_ci } 8146e41f4b71Sopenharmony_ci}) 8147e41f4b71Sopenharmony_ci``` 8148e41f4b71Sopenharmony_ci 8149e41f4b71Sopenharmony_ci### getCertIssuer<sup>11+</sup> 8150e41f4b71Sopenharmony_ci 8151e41f4b71Sopenharmony_cigetCertIssuer() : DataBlob 8152e41f4b71Sopenharmony_ci 8153e41f4b71Sopenharmony_ci表示获取被吊销证书的颁发者信息。 8154e41f4b71Sopenharmony_ci 8155e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8156e41f4b71Sopenharmony_ci 8157e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8158e41f4b71Sopenharmony_ci 8159e41f4b71Sopenharmony_ci**返回值**: 8160e41f4b71Sopenharmony_ci 8161e41f4b71Sopenharmony_ci| 类型 | 说明 | 8162e41f4b71Sopenharmony_ci| --------------------- | -------------------------- | 8163e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示被吊销证书的颁发者信息 | 8164e41f4b71Sopenharmony_ci 8165e41f4b71Sopenharmony_ci**错误码:** 8166e41f4b71Sopenharmony_ci 8167e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8168e41f4b71Sopenharmony_ci 8169e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8170e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8171e41f4b71Sopenharmony_ci| 801 | this operation is not supported. | 8172e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8173e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8174e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8175e41f4b71Sopenharmony_ci 8176e41f4b71Sopenharmony_ci**示例:** 8177e41f4b71Sopenharmony_ci 8178e41f4b71Sopenharmony_ci```ts 8179e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8180e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8181e41f4b71Sopenharmony_ci 8182e41f4b71Sopenharmony_ci// string转Uint8Array 8183e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8184e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8185e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8186e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8187e41f4b71Sopenharmony_ci } 8188e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8189e41f4b71Sopenharmony_ci} 8190e41f4b71Sopenharmony_ci 8191e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8192e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8193e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8194e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8195e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8196e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8197e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8198e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8199e41f4b71Sopenharmony_ci 8200e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8201e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8202e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8203e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8204e41f4b71Sopenharmony_ci}; 8205e41f4b71Sopenharmony_ci 8206e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8207e41f4b71Sopenharmony_ci if (err) { 8208e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8209e41f4b71Sopenharmony_ci } else { 8210e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 8211e41f4b71Sopenharmony_ci 8212e41f4b71Sopenharmony_ci try { 8213e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 8214e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8215e41f4b71Sopenharmony_ci let issuer = crlEntry.getCertIssuer(); 8216e41f4b71Sopenharmony_ci } catch (error) { 8217e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8218e41f4b71Sopenharmony_ci console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8219e41f4b71Sopenharmony_ci } 8220e41f4b71Sopenharmony_ci } 8221e41f4b71Sopenharmony_ci}) 8222e41f4b71Sopenharmony_ci``` 8223e41f4b71Sopenharmony_ci 8224e41f4b71Sopenharmony_ci### getRevocationDate<sup>11+</sup> 8225e41f4b71Sopenharmony_ci 8226e41f4b71Sopenharmony_cigetRevocationDate() : string 8227e41f4b71Sopenharmony_ci 8228e41f4b71Sopenharmony_ci表示获取证书被吊销的日期,日期为ASN.1时间格式。 8229e41f4b71Sopenharmony_ci 8230e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8231e41f4b71Sopenharmony_ci 8232e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8233e41f4b71Sopenharmony_ci 8234e41f4b71Sopenharmony_ci**返回值**: 8235e41f4b71Sopenharmony_ci 8236e41f4b71Sopenharmony_ci| 类型 | 说明 | 8237e41f4b71Sopenharmony_ci| ------ | -------------------- | 8238e41f4b71Sopenharmony_ci| string | 表示证书被吊销的日期,日期为ASN.1时间格式。 | 8239e41f4b71Sopenharmony_ci 8240e41f4b71Sopenharmony_ci**错误码:** 8241e41f4b71Sopenharmony_ci 8242e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8243e41f4b71Sopenharmony_ci 8244e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8245e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8246e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8247e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8248e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8249e41f4b71Sopenharmony_ci 8250e41f4b71Sopenharmony_ci**示例:** 8251e41f4b71Sopenharmony_ci 8252e41f4b71Sopenharmony_ci```ts 8253e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8254e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8255e41f4b71Sopenharmony_ci 8256e41f4b71Sopenharmony_ci// string转Uint8Array 8257e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8258e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8259e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8260e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8261e41f4b71Sopenharmony_ci } 8262e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8263e41f4b71Sopenharmony_ci} 8264e41f4b71Sopenharmony_ci 8265e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8266e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8267e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8268e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8269e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8270e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8271e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8272e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8273e41f4b71Sopenharmony_ci 8274e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8275e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8276e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8277e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8278e41f4b71Sopenharmony_ci}; 8279e41f4b71Sopenharmony_ci 8280e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8281e41f4b71Sopenharmony_ci if (err) { 8282e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8283e41f4b71Sopenharmony_ci } else { 8284e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 8285e41f4b71Sopenharmony_ci 8286e41f4b71Sopenharmony_ci try { 8287e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 8288e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8289e41f4b71Sopenharmony_ci let date = crlEntry.getRevocationDate(); 8290e41f4b71Sopenharmony_ci } catch (error) { 8291e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8292e41f4b71Sopenharmony_ci console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8293e41f4b71Sopenharmony_ci } 8294e41f4b71Sopenharmony_ci } 8295e41f4b71Sopenharmony_ci}) 8296e41f4b71Sopenharmony_ci``` 8297e41f4b71Sopenharmony_ci 8298e41f4b71Sopenharmony_ci### getExtensions<sup>11+</sup> 8299e41f4b71Sopenharmony_ci 8300e41f4b71Sopenharmony_cigetExtensions(): DataBlob 8301e41f4b71Sopenharmony_ci 8302e41f4b71Sopenharmony_ci表示获取CRL的扩展。 8303e41f4b71Sopenharmony_ci 8304e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8305e41f4b71Sopenharmony_ci 8306e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8307e41f4b71Sopenharmony_ci 8308e41f4b71Sopenharmony_ci**返回值**: 8309e41f4b71Sopenharmony_ci 8310e41f4b71Sopenharmony_ci| 类型 | 说明 | 8311e41f4b71Sopenharmony_ci| --------------------- | ------------------------ | 8312e41f4b71Sopenharmony_ci| [DataBlob](#datablob) | 表示X509CRLEntry扩展用途 | 8313e41f4b71Sopenharmony_ci 8314e41f4b71Sopenharmony_ci**错误码:** 8315e41f4b71Sopenharmony_ci 8316e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8317e41f4b71Sopenharmony_ci 8318e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8319e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8320e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8321e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8322e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8323e41f4b71Sopenharmony_ci 8324e41f4b71Sopenharmony_ci**示例:** 8325e41f4b71Sopenharmony_ci 8326e41f4b71Sopenharmony_ci```ts 8327e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8328e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8329e41f4b71Sopenharmony_ci 8330e41f4b71Sopenharmony_ci// string转Uint8Array 8331e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8332e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8333e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8334e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8335e41f4b71Sopenharmony_ci } 8336e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8337e41f4b71Sopenharmony_ci} 8338e41f4b71Sopenharmony_ci 8339e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8340e41f4b71Sopenharmony_ci 'MIIBjjB4AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTI0\n' + 8341e41f4b71Sopenharmony_ci 'MDMxOTAyMDQwN1oXDTI0MDQxODAyMDQwN1owIjAgAgEEFw0yNDAzMTkwMjA0MDZa\n' + 8342e41f4b71Sopenharmony_ci 'MAwwCgYDVR0VBAMKAQGgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4IB\n' + 8343e41f4b71Sopenharmony_ci 'AQCbjvmHxC8dW6WCS/ga73kx2b7f8I/2eVuDYyReuBiGWeJ9vDmGqimJ9VwOk+ph\n' + 8344e41f4b71Sopenharmony_ci 'LvG/2Zvh9I8qXxnOWeseA2C0bEshJGvXpquIjm00OUyLlK6jdfRbhXT8OyvDjqZs\n' + 8345e41f4b71Sopenharmony_ci 'e1IsMV7Zo11SUc8nR2d0QQ7EVDCN/XFKPsmoK7PhJnRh5gc8W3FKQ6b8H9kdjgTa\n' + 8346e41f4b71Sopenharmony_ci 'KQUap1OIDReVsjPBmRAbwMMLtbrAMllF7E6x7uHgHTGaK1ZPJDtsnCJ45ur3mk/o\n' + 8347e41f4b71Sopenharmony_ci 'HAJFwHNjNDltiEfvMSs76/X0cwitpeW4dFk6c3QtqhxJrHDD4gl8di+xHOyHXpzX\n' + 8348e41f4b71Sopenharmony_ci '+i2osvdPWRia0dJCL1PCA14k\n' + 8349e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 8350e41f4b71Sopenharmony_ci 8351e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8352e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8353e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8354e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8355e41f4b71Sopenharmony_ci}; 8356e41f4b71Sopenharmony_ci 8357e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8358e41f4b71Sopenharmony_ci if (err) { 8359e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8360e41f4b71Sopenharmony_ci } else { 8361e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 8362e41f4b71Sopenharmony_ci 8363e41f4b71Sopenharmony_ci try { 8364e41f4b71Sopenharmony_ci let serialNumber = BigInt(4); 8365e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8366e41f4b71Sopenharmony_ci let extensions = crlEntry.getExtensions(); 8367e41f4b71Sopenharmony_ci } catch (error) { 8368e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8369e41f4b71Sopenharmony_ci console.error('getRevokedCert or getExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8370e41f4b71Sopenharmony_ci } 8371e41f4b71Sopenharmony_ci } 8372e41f4b71Sopenharmony_ci}) 8373e41f4b71Sopenharmony_ci``` 8374e41f4b71Sopenharmony_ci 8375e41f4b71Sopenharmony_ci### hasExtensions<sup>11+</sup> 8376e41f4b71Sopenharmony_ci 8377e41f4b71Sopenharmony_cihasExtensions(): boolean 8378e41f4b71Sopenharmony_ci 8379e41f4b71Sopenharmony_ci表示判断CRL Entry是否有扩展。 8380e41f4b71Sopenharmony_ci 8381e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8382e41f4b71Sopenharmony_ci 8383e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8384e41f4b71Sopenharmony_ci 8385e41f4b71Sopenharmony_ci**返回值**: 8386e41f4b71Sopenharmony_ci 8387e41f4b71Sopenharmony_ci| 类型 | 说明 | 8388e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 8389e41f4b71Sopenharmony_ci| boolean | 返回true则表示CRL Entry有扩展,返回false则表示无扩展 | 8390e41f4b71Sopenharmony_ci 8391e41f4b71Sopenharmony_ci**错误码:** 8392e41f4b71Sopenharmony_ci 8393e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8394e41f4b71Sopenharmony_ci 8395e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8396e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8397e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8398e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8399e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8400e41f4b71Sopenharmony_ci 8401e41f4b71Sopenharmony_ci**示例:** 8402e41f4b71Sopenharmony_ci 8403e41f4b71Sopenharmony_ci```ts 8404e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8405e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8406e41f4b71Sopenharmony_ci 8407e41f4b71Sopenharmony_ci// string转Uint8Array 8408e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8409e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8410e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8411e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8412e41f4b71Sopenharmony_ci } 8413e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8414e41f4b71Sopenharmony_ci} 8415e41f4b71Sopenharmony_ci 8416e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8417e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8418e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8419e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8420e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8421e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8422e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8423e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8424e41f4b71Sopenharmony_ci 8425e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8426e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8427e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8428e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8429e41f4b71Sopenharmony_ci}; 8430e41f4b71Sopenharmony_ci 8431e41f4b71Sopenharmony_cicert.createX509CRL(encodingBlob, (err, x509CRL) => { 8432e41f4b71Sopenharmony_ci if (err) { 8433e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + err.code + ', errMsg: ' + err.message); 8434e41f4b71Sopenharmony_ci } else { 8435e41f4b71Sopenharmony_ci console.log('create x509 CRL success'); 8436e41f4b71Sopenharmony_ci 8437e41f4b71Sopenharmony_ci try { 8438e41f4b71Sopenharmony_ci let serialNumber = BigInt(1000); 8439e41f4b71Sopenharmony_ci let crlEntry = x509CRL.getRevokedCert(serialNumber); 8440e41f4b71Sopenharmony_ci let hasExtensions = crlEntry.hasExtensions(); 8441e41f4b71Sopenharmony_ci } catch (error) { 8442e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8443e41f4b71Sopenharmony_ci console.error('getRevokedCert or hasExtensions failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8444e41f4b71Sopenharmony_ci } 8445e41f4b71Sopenharmony_ci } 8446e41f4b71Sopenharmony_ci}) 8447e41f4b71Sopenharmony_ci``` 8448e41f4b71Sopenharmony_ci 8449e41f4b71Sopenharmony_ci### getCertIssuerX500DistinguishedName<sup>12+</sup> 8450e41f4b71Sopenharmony_ci 8451e41f4b71Sopenharmony_cigetCertIssuerX500DistinguishedName(): X500DistinguishedName 8452e41f4b71Sopenharmony_ci 8453e41f4b71Sopenharmony_ci获取证书颁发者的X509可分辨名称。 8454e41f4b71Sopenharmony_ci 8455e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8456e41f4b71Sopenharmony_ci 8457e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8458e41f4b71Sopenharmony_ci 8459e41f4b71Sopenharmony_ci**返回值**: 8460e41f4b71Sopenharmony_ci 8461e41f4b71Sopenharmony_ci| 类型 | 说明 | 8462e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 8463e41f4b71Sopenharmony_ci| [X500DistinguishedName](#x500distinguishedname12) | X509的可分辨对象。| 8464e41f4b71Sopenharmony_ci 8465e41f4b71Sopenharmony_ci**错误码:** 8466e41f4b71Sopenharmony_ci 8467e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8468e41f4b71Sopenharmony_ci 8469e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8470e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8471e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8472e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8473e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8474e41f4b71Sopenharmony_ci 8475e41f4b71Sopenharmony_ci**示例:** 8476e41f4b71Sopenharmony_ci 8477e41f4b71Sopenharmony_ci```ts 8478e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8479e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8480e41f4b71Sopenharmony_ci 8481e41f4b71Sopenharmony_ci// string转Uint8Array 8482e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8483e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8484e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8485e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8486e41f4b71Sopenharmony_ci } 8487e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8488e41f4b71Sopenharmony_ci} 8489e41f4b71Sopenharmony_ci 8490e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8491e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8492e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8493e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8494e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8495e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8496e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8497e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8498e41f4b71Sopenharmony_ci 8499e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8500e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8501e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8502e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8503e41f4b71Sopenharmony_ci}; 8504e41f4b71Sopenharmony_ci 8505e41f4b71Sopenharmony_ciasync function certGetCertIssuerX500DistinguishedName() { 8506e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 8507e41f4b71Sopenharmony_ci try { 8508e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(encodingBlob); 8509e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 8510e41f4b71Sopenharmony_ci let name = x509Crl.getRevokedCert(BigInt(1000)).getCertIssuerX500DistinguishedName(); 8511e41f4b71Sopenharmony_ci } catch (error) { 8512e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8513e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8514e41f4b71Sopenharmony_ci } 8515e41f4b71Sopenharmony_ci} 8516e41f4b71Sopenharmony_ci``` 8517e41f4b71Sopenharmony_ci 8518e41f4b71Sopenharmony_ci### toString<sup>12+</sup> 8519e41f4b71Sopenharmony_ci 8520e41f4b71Sopenharmony_citoString(): string 8521e41f4b71Sopenharmony_ci 8522e41f4b71Sopenharmony_ci获取对象的字符串类型数据。 8523e41f4b71Sopenharmony_ci 8524e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8525e41f4b71Sopenharmony_ci 8526e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8527e41f4b71Sopenharmony_ci 8528e41f4b71Sopenharmony_ci**返回值**: 8529e41f4b71Sopenharmony_ci 8530e41f4b71Sopenharmony_ci| 类型 | 说明 | 8531e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 8532e41f4b71Sopenharmony_ci| string | 对象的字符串类型数据。| 8533e41f4b71Sopenharmony_ci 8534e41f4b71Sopenharmony_ci**错误码:** 8535e41f4b71Sopenharmony_ci 8536e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8537e41f4b71Sopenharmony_ci 8538e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8539e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8540e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8541e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8542e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8543e41f4b71Sopenharmony_ci 8544e41f4b71Sopenharmony_ci**示例:** 8545e41f4b71Sopenharmony_ci 8546e41f4b71Sopenharmony_ci```ts 8547e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8548e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8549e41f4b71Sopenharmony_ci 8550e41f4b71Sopenharmony_ci// string转Uint8Array 8551e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8552e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8553e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8554e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8555e41f4b71Sopenharmony_ci } 8556e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8557e41f4b71Sopenharmony_ci} 8558e41f4b71Sopenharmony_ci 8559e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8560e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8561e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8562e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8563e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8564e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8565e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8566e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8567e41f4b71Sopenharmony_ci 8568e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8569e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8570e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8571e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8572e41f4b71Sopenharmony_ci}; 8573e41f4b71Sopenharmony_ci 8574e41f4b71Sopenharmony_ciasync function certToString() { 8575e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 8576e41f4b71Sopenharmony_ci try { 8577e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(encodingBlob); 8578e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 8579e41f4b71Sopenharmony_ci console.info('toString success: ' + JSON.stringify(x509Crl.getRevokedCert(BigInt(1000)).toString())); 8580e41f4b71Sopenharmony_ci } catch (error) { 8581e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8582e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8583e41f4b71Sopenharmony_ci } 8584e41f4b71Sopenharmony_ci} 8585e41f4b71Sopenharmony_ci``` 8586e41f4b71Sopenharmony_ci 8587e41f4b71Sopenharmony_ci### hashCode<sup>12+</sup> 8588e41f4b71Sopenharmony_ci 8589e41f4b71Sopenharmony_cihashCode(): Uint8Array 8590e41f4b71Sopenharmony_ci 8591e41f4b71Sopenharmony_ci获取DER格式数据的哈希值。 8592e41f4b71Sopenharmony_ci 8593e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8594e41f4b71Sopenharmony_ci 8595e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8596e41f4b71Sopenharmony_ci 8597e41f4b71Sopenharmony_ci**返回值**: 8598e41f4b71Sopenharmony_ci 8599e41f4b71Sopenharmony_ci| 类型 | 说明 | 8600e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 8601e41f4b71Sopenharmony_ci| Uint8Array | DER格式数据的哈希值。| 8602e41f4b71Sopenharmony_ci 8603e41f4b71Sopenharmony_ci**错误码:** 8604e41f4b71Sopenharmony_ci 8605e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8606e41f4b71Sopenharmony_ci 8607e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8608e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8609e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8610e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8611e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8612e41f4b71Sopenharmony_ci 8613e41f4b71Sopenharmony_ci**示例:** 8614e41f4b71Sopenharmony_ci 8615e41f4b71Sopenharmony_ci```ts 8616e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8617e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8618e41f4b71Sopenharmony_ci 8619e41f4b71Sopenharmony_ci// string转Uint8Array 8620e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8621e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8622e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8623e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8624e41f4b71Sopenharmony_ci } 8625e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8626e41f4b71Sopenharmony_ci} 8627e41f4b71Sopenharmony_ci 8628e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8629e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8630e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8631e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8632e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8633e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8634e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8635e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n' 8636e41f4b71Sopenharmony_ci 8637e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8638e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8639e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8640e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8641e41f4b71Sopenharmony_ci}; 8642e41f4b71Sopenharmony_ci 8643e41f4b71Sopenharmony_ciasync function certHashCode() { 8644e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 8645e41f4b71Sopenharmony_ci try { 8646e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(encodingBlob); 8647e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 8648e41f4b71Sopenharmony_ci console.info('hashCode success: ' + JSON.stringify(x509Crl.getRevokedCert(BigInt(1000)).hashCode())); 8649e41f4b71Sopenharmony_ci } catch (error) { 8650e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8651e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8652e41f4b71Sopenharmony_ci } 8653e41f4b71Sopenharmony_ci} 8654e41f4b71Sopenharmony_ci``` 8655e41f4b71Sopenharmony_ci 8656e41f4b71Sopenharmony_ci### getExtensionsObject<sup>12+</sup> 8657e41f4b71Sopenharmony_ci 8658e41f4b71Sopenharmony_cigetExtensionsObject(): CertExtension 8659e41f4b71Sopenharmony_ci 8660e41f4b71Sopenharmony_ci获取对应实体的扩展域DER格式数据。 8661e41f4b71Sopenharmony_ci 8662e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8663e41f4b71Sopenharmony_ci 8664e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8665e41f4b71Sopenharmony_ci 8666e41f4b71Sopenharmony_ci**返回值**: 8667e41f4b71Sopenharmony_ci 8668e41f4b71Sopenharmony_ci| 类型 | 说明 | 8669e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 8670e41f4b71Sopenharmony_ci| [CertExtension](#certextension10) | 证书扩展域段类对象。| 8671e41f4b71Sopenharmony_ci 8672e41f4b71Sopenharmony_ci**错误码:** 8673e41f4b71Sopenharmony_ci 8674e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8675e41f4b71Sopenharmony_ci 8676e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8677e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8678e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8679e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 8680e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8681e41f4b71Sopenharmony_ci 8682e41f4b71Sopenharmony_ci**示例:** 8683e41f4b71Sopenharmony_ci 8684e41f4b71Sopenharmony_ci```ts 8685e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8686e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8687e41f4b71Sopenharmony_ci 8688e41f4b71Sopenharmony_ci// string转Uint8Array 8689e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8690e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8691e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8692e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8693e41f4b71Sopenharmony_ci } 8694e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8695e41f4b71Sopenharmony_ci} 8696e41f4b71Sopenharmony_ci 8697e41f4b71Sopenharmony_cilet crlData = '-----BEGIN X509 CRL-----\n' + 8698e41f4b71Sopenharmony_ci 'MIINlTCCDH0CAQEwDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCVVMxFTATBgNV\n' + 8699e41f4b71Sopenharmony_ci 'BAoTDERpZ2lDZXJ0IEluYzEmMCQGA1UEAxMdRGlnaUNlcnQgU2VjdXJlIFNpdGUg\n' + 8700e41f4b71Sopenharmony_ci 'Q04gQ0EgRzMXDTI0MDMxMjE4NDQ0NVoXDTI0MDMxOTE4NDQ0NVowggvJMCECEAbk\n' + 8701e41f4b71Sopenharmony_ci 'wC/+N2YXfpw7vgDJ2xAXDTIzMDIwNzA1NTg1OFowIQIQDonqcHww7uhlmWH+OfIe\n' + 8702e41f4b71Sopenharmony_ci 'PhcNMjMwMzA5MDcwMzI1WjAvAhAM4CTrULrJUEinWgT9AFPvFw0yMzAzMjAxOTE4\n' + 8703e41f4b71Sopenharmony_ci 'NTRaMAwwCgYDVR0VBAMKAQQwIQIQBQP4xflKkcRehoJ2NaA/jhcNMjMwMzIyMDk0\n' + 8704e41f4b71Sopenharmony_ci 'NTI5WjAvAhAOmgzoiIqznAaFec53PVPUFw0yMzAzMjcyMDI4MDNaMAwwCgYDVR0V\n' + 8705e41f4b71Sopenharmony_ci 'BAMKAQQwLwIQBaC2Z3D4dcQ/O7HnzFU9KBcNMjMwMzI5MTc1OTQ1WjAMMAoGA1Ud\n' + 8706e41f4b71Sopenharmony_ci 'FQQDCgEFMCECEAlz9Rg1b+9La4oFqsHUc4AXDTIzMDMzMTAyMzk0MVowIQIQD9yW\n' + 8707e41f4b71Sopenharmony_ci '92pX6BinUKVBVSSTmBcNMjMwNDExMDExNjI5WjAvAhAIIarHUWWee4V9W/Yzm86k\n' + 8708e41f4b71Sopenharmony_ci 'Fw0yMzA0MTQyMDE5MTJaMAwwCgYDVR0VBAMKAQQwIQIQC2OiM3VIJX2dEe8/pf8f\n' + 8709e41f4b71Sopenharmony_ci 'hRcNMjMwNDIxMDMzMDIyWjAhAhAP0ueyg5n/7b2Hotml7f42Fw0yMzA0MjYwMjU3\n' + 8710e41f4b71Sopenharmony_ci 'NDJaMCECEAqMu61nkOEmTOdMbUZTMrkXDTIzMDUxNzAxMzI0NVowLwIQDYv1rt0K\n' + 8711e41f4b71Sopenharmony_ci 'olvP+nQoi5LeLRcNMjMwNTIzMTc0MDE4WjAMMAoGA1UdFQQDCgEEMC8CEA8WMKlw\n' + 8712e41f4b71Sopenharmony_ci 'iCK36PruJvup5bUXDTIzMDUyMzE3NDA1M1owDDAKBgNVHRUEAwoBBDAvAhAJ5uwT\n' + 8713e41f4b71Sopenharmony_ci 'aqwgLzNVpxh4u9EPFw0yMzA1MjUxNzEwNTBaMAwwCgYDVR0VBAMKAQQwIQIQCg0k\n' + 8714e41f4b71Sopenharmony_ci '5UadwDH5xm14yxcgLRcNMjMwNjA3MDcyNDAwWjAhAhAEByUhbBR6/pZRFUH2PTxE\n' + 8715e41f4b71Sopenharmony_ci 'Fw0yMzA2MDgwMjIwMzBaMCECEATquAQcy3W1kUOkb4VoOvEXDTIzMDYyNjA5MDIw\n' + 8716e41f4b71Sopenharmony_ci 'NlowIQIQBrF5sueIjk1snKdO0ISOXhcNMjMwNjMwMDI0MDA0WjAhAhAJEG72WQtV\n' + 8717e41f4b71Sopenharmony_ci 'lTOYiA0xjVk5Fw0yMzA3MDUwMjEyMzdaMCECEAmXIuCMJv9gllYuKfCHm5EXDTIz\n' + 8718e41f4b71Sopenharmony_ci 'MDcwNTAyMTIzN1owIQIQAotQots0ngzRwACzrS9mCBcNMjMwNzA2MDU0NDU3WjAh\n' + 8719e41f4b71Sopenharmony_ci 'AhAG2hyGc9SfXrLc0Uk2J1BeFw0yMzA3MjQwMTUwNDBaMCECEAJhm5FSlVyTG9UK\n' + 8720e41f4b71Sopenharmony_ci 'zS+ecUgXDTIzMDcyNjA2NDQzM1owIQIQC4mlxBQuFxWC4pF7/P8BDxcNMjMwNzMx\n' + 8721e41f4b71Sopenharmony_ci 'MTAzMjU0WjAhAhADCEp333/avF3m6HZtBImOFw0yMzA3MzExMDMzNTBaMCECEAKd\n' + 8722e41f4b71Sopenharmony_ci 'P7fydlXUcS4v/YnZMMwXDTIzMDczMTEwMzQzOFowIQIQC+m5EUcRd1E0lEIPj17Z\n' + 8723e41f4b71Sopenharmony_ci 'rRcNMjMwODAxMDYwNDE4WjAvAhAF4QcgQQlWpAi4FVflzbKxFw0yMzA4MDMxNjIz\n' + 8724e41f4b71Sopenharmony_ci 'MTdaMAwwCgYDVR0VBAMKAQQwIQIQAn01GEZ50Y5ugIcEuGfF9BcNMjMwODA4MDE1\n' + 8725e41f4b71Sopenharmony_ci 'NzM1WjAhAhAFHj3FDKeP9q9CM924d8RIFw0yMzA4MDgwMTU5NDhaMC8CEAnkNPSD\n' + 8726e41f4b71Sopenharmony_ci 'U5yiMsV3fU06a6oXDTIzMDgwODE5MjIwMlowDDAKBgNVHRUEAwoBBDAvAhAETU4z\n' + 8727e41f4b71Sopenharmony_ci '13iMKiwQujsxJDRhFw0yMzA4MTAyMDU4NDdaMAwwCgYDVR0VBAMKAQQwIQIQB1oD\n' + 8728e41f4b71Sopenharmony_ci 'M2mOYuse7e/nTqx+8xcNMjMwOTA0MDUwOTU3WjAhAhALf3Bp63so6O+R5QbWPWu6\n' + 8729e41f4b71Sopenharmony_ci 'Fw0yMzEwMDkwNjE5NTVaMCECEAKFHdXcy/zBXRtMj3BVhO0XDTIzMTAwOTA2MTk1\n' + 8730e41f4b71Sopenharmony_ci 'N1owIQIQDNNmVHN4tMu1xth6IAe4ZhcNMjMxMDEyMDc0MjQ1WjAhAhACNNJA2oMM\n' + 8731e41f4b71Sopenharmony_ci 'pr+giIgczvHOFw0yMzEwMTYwNTEyMzdaMCECEAoQun7uSHhvy6GBoxG7XOkXDTIz\n' + 8732e41f4b71Sopenharmony_ci 'MTExNjA3MDAzN1owLwIQA1NsI22PLvohCvKwdtAJwBcNMjMxMjA2MTgyNzUzWjAM\n' + 8733e41f4b71Sopenharmony_ci 'MAoGA1UdFQQDCgEEMCECEAWagozDt4jfBzi+aDGFr88XDTIzMTIxMTA3MjM1OFow\n' + 8734e41f4b71Sopenharmony_ci 'IQIQD1g7NdEk7t05zg6yweYc5hcNMjMxMjExMDcyNTM3WjAhAhAMJnRjUQAzFQFH\n' + 8735e41f4b71Sopenharmony_ci 'kwIguRz2Fw0yMzEyMTEwNzI2NDJaMCECEAT0bVxyPKkeTV8JQuPxfcwXDTIzMTIx\n' + 8736e41f4b71Sopenharmony_ci 'MTA3MjcyNlowIQIQA/5BlE0Ushtw24Ol9L2sexcNMjMxMjExMDcyODA2WjAhAhAL\n' + 8737e41f4b71Sopenharmony_ci 'Ij6FAKVJDnKAwwt19+/RFw0yMzEyMTEwNzI5MDJaMCECEAmPyfX3FuOHgryS2i8c\n' + 8738e41f4b71Sopenharmony_ci 'SrUXDTIzMTIxMTA3Mjk0M1owIQIQC+uGa6tmPRPCB0jW+6WWUhcNMjMxMjExMDcz\n' + 8739e41f4b71Sopenharmony_ci 'MDIzWjAhAhAJCq59mFZj6SWLH/m18Fq2Fw0yMzEyMTEwNzMwNTJaMCECEAp0Po24\n' + 8740e41f4b71Sopenharmony_ci 'WHmdEMTVyp9AMssXDTIzMTIxMTA3MzEyNlowIQIQAcf+793qPEHipkAhjf7MghcN\n' + 8741e41f4b71Sopenharmony_ci 'MjMxMjExMDczMTQ5WjAhAhAElLuCARMBoDIH0Y2D1DpSFw0yMzEyMTEwNzMyMTla\n' + 8742e41f4b71Sopenharmony_ci 'MCECEAWlgWhTXqKOB61zA7Ao8vQXDTIzMTIxMTA3MzI0OFowIQIQAeZqfkFYc/6t\n' + 8743e41f4b71Sopenharmony_ci 'zO7j/FVYwBcNMjMxMjExMDczMzM1WjAhAhAHzftyRhskxV6opTfHb59OFw0yMzEy\n' + 8744e41f4b71Sopenharmony_ci 'MTEwNzM0MDNaMCECEASXrBHdRYUm9VIZ1wN4qAsXDTIzMTIxMTA3MzQyN1owIQIQ\n' + 8745e41f4b71Sopenharmony_ci 'BDFb/OY65CZ1sTdMPAc+IhcNMjMxMjExMDczNTEzWjAhAhAFg7mRyWvWXc+KT014\n' + 8746e41f4b71Sopenharmony_ci 'Ro5AFw0yMzEyMTEwNzM1NDhaMCECEA+wAstqfBUEkSvinYlWeOwXDTIzMTIxMTA3\n' + 8747e41f4b71Sopenharmony_ci 'MzYyNVowIQIQB3Z75ksHGnvGmuHbvwbheRcNMjMxMjExMDczNjU5WjAhAhALfrIn\n' + 8748e41f4b71Sopenharmony_ci 'OGRVeePivKkJ+d1xFw0yMzEyMTEwNzM4MDFaMCECEAnm5NfU36m+FXNlJiUsXpMX\n' + 8749e41f4b71Sopenharmony_ci 'DTIzMTIxMTA3MzgzNVowIQIQCrBoHo4X2md3Amteqh7h3RcNMjMxMjExMDczOTA3\n' + 8750e41f4b71Sopenharmony_ci 'WjAhAhAGxHlqrHu66ifOwTTMhHHFFw0yMzEyMTEwNzM5NDNaMCECEA2BDG1SI7Se\n' + 8751e41f4b71Sopenharmony_ci '2GAt+b9UnF8XDTIzMTIxMTA3NDAyNFowLwIQDZvl5jkmAwjTweDCtrXbLRcNMjMx\n' + 8752e41f4b71Sopenharmony_ci 'MjExMjA0NDQ3WjAMMAoGA1UdFQQDCgEEMCECEAzgcwGVpyXXZSmLLF4MExQXDTIz\n' + 8753e41f4b71Sopenharmony_ci 'MTIxOTE3MjczMlowIQIQARB9nVoMuE5GSFeb3U553hcNMjMxMjE5MTcyODA1WjAh\n' + 8754e41f4b71Sopenharmony_ci 'AhAD+JIH7lFcX9UNqTogrMcPFw0yMzEyMTkxNzI5MDZaMCECEAux1kd8ugXs4mI+\n' + 8755e41f4b71Sopenharmony_ci 'xMfXgpsXDTIzMTIxOTE3MjkyOFowIQIQCUO5VqAmbxA8Jdly97msLhcNMjMxMjE5\n' + 8756e41f4b71Sopenharmony_ci 'MTcyOTU0WjAhAhAFyzrU1JtsiPNPeWrfdvGvFw0yMzEyMTkxNzMwNDlaMCECEAwT\n' + 8757e41f4b71Sopenharmony_ci 'tMq5EsBTUhQwm6nWhnAXDTIzMTIyMDE3NDc1NlowIQIQBx3qL8rMclE9gxamaa14\n' + 8758e41f4b71Sopenharmony_ci 'xBcNMjMxMjIwMTc0ODM2WjAhAhAOnKUlrCaxs+lRqLrBmk2PFw0yNDAxMzAxOTMw\n' + 8759e41f4b71Sopenharmony_ci 'MTVaMCECEAtYs/5ZRsrMAxQVDA44eWYXDTI0MDIwNjA2MjYwMFowIQIQDjrMV1d3\n' + 8760e41f4b71Sopenharmony_ci '0NhxngX5rqqxjBcNMjQwMjIxMDc0ODEwWjAhAhAPGohz3+JyS6H4JzHCjLrXFw0y\n' + 8761e41f4b71Sopenharmony_ci 'NDAyMjgyMDQxMjZaMC8CEAqZ2QktAMprzZmtolbOXlgXDTI0MDIyOTE4MDYzMVow\n' + 8762e41f4b71Sopenharmony_ci 'DDAKBgNVHRUEAwoBBDAhAhAMAHgNfiburtKDp8OJuzRCFw0yNDAzMDQwNjA3MzJa\n' + 8763e41f4b71Sopenharmony_ci 'MCECEA/HgrXcSBqkb2JdfrFDAfgXDTI0MDMwNDA2MDczMlqgMDAuMB8GA1UdIwQY\n' + 8764e41f4b71Sopenharmony_ci 'MBaAFETZyEozjtNSjaeSlGEfmsilt+zLMAsGA1UdFAQEAgIFrDANBgkqhkiG9w0B\n' + 8765e41f4b71Sopenharmony_ci 'AQsFAAOCAQEAJ5rSr0Av5sH59J2LXW5hZ8SJTzDbR8ADdi/CCLolbUUnE0oaAZ+2\n' + 8766e41f4b71Sopenharmony_ci '9z0niAD5m8HQikNz8K+FKAsQatN/CAj4bzRMeF37hQCiZpqNtxP69JDGeWpGPiH2\n' + 8767e41f4b71Sopenharmony_ci 'K/YfpzL9iSbBOxFmosxUX8J/iX36mCUl+3OUHh+qSYeElboxeAmTCnY5Pl5Bq9is\n' + 8768e41f4b71Sopenharmony_ci 'gp0MmzNYCo7GEFrtS03p2msK25uRqQl6Qn0NZS0yGjdUG7RTZe4xua5drjEkB1o/\n' + 8769e41f4b71Sopenharmony_ci '15f+mtYj6DtWM1twi1q3VYVxhRSsk6XmmS0BViTEl+MT0BRAPwBSdlyt++1Pnnrd\n' + 8770e41f4b71Sopenharmony_ci 'BsQoO8O2EVpJ54fxKMCSDOkJf1hNCxi3eQ==\n' + 8771e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 8772e41f4b71Sopenharmony_ci 8773e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 8774e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8775e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8776e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8777e41f4b71Sopenharmony_ci}; 8778e41f4b71Sopenharmony_ci 8779e41f4b71Sopenharmony_ciasync function certGetExtensionsObject() { 8780e41f4b71Sopenharmony_ci let x509Crl: cert.X509CRL = {} as cert.X509CRL; 8781e41f4b71Sopenharmony_ci try { 8782e41f4b71Sopenharmony_ci x509Crl = await cert.createX509CRL(encodingBlob); 8783e41f4b71Sopenharmony_ci console.log('createX509CRL success'); 8784e41f4b71Sopenharmony_ci let object = x509Crl.getRevokedCert(BigInt('14091103387070223745671018446433705560')).getExtensionsObject(); 8785e41f4b71Sopenharmony_ci } catch (error) { 8786e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 8787e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8788e41f4b71Sopenharmony_ci } 8789e41f4b71Sopenharmony_ci} 8790e41f4b71Sopenharmony_ci``` 8791e41f4b71Sopenharmony_ci 8792e41f4b71Sopenharmony_ci## cert.createCertCRLCollection<sup>11+</sup> 8793e41f4b71Sopenharmony_ci 8794e41f4b71Sopenharmony_cicreateCertCRLCollection(certs: Array\<X509Cert>, crls?: Array\<X509CRL>): CertCRLCollection 8795e41f4b71Sopenharmony_ci 8796e41f4b71Sopenharmony_ci表示创建证书和证书吊销列表集合对象,并返回相应的结果。 8797e41f4b71Sopenharmony_ci 8798e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8799e41f4b71Sopenharmony_ci 8800e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8801e41f4b71Sopenharmony_ci 8802e41f4b71Sopenharmony_ci**参数**: 8803e41f4b71Sopenharmony_ci 8804e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 8805e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | ------------------------------ | 8806e41f4b71Sopenharmony_ci| certs | Array\<[X509Cert](#x509cert)> | 是 | X509Cert数组。 | 8807e41f4b71Sopenharmony_ci| crls | Array\<[X509CRL](#x509crl11)> | 否 | X509CRL数组。 | 8808e41f4b71Sopenharmony_ci 8809e41f4b71Sopenharmony_ci**返回值**: 8810e41f4b71Sopenharmony_ci 8811e41f4b71Sopenharmony_ci| 类型 | 说明 | 8812e41f4b71Sopenharmony_ci| ------------------ | -------------------- | 8813e41f4b71Sopenharmony_ci| [CertCRLCollection](#certcrlcollection11) | 表示证书和证书吊销列表集合对象。 | 8814e41f4b71Sopenharmony_ci 8815e41f4b71Sopenharmony_ci**错误码:** 8816e41f4b71Sopenharmony_ci 8817e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8818e41f4b71Sopenharmony_ci 8819e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8820e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8821e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 8822e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8823e41f4b71Sopenharmony_ci 8824e41f4b71Sopenharmony_ci**示例:** 8825e41f4b71Sopenharmony_ci 8826e41f4b71Sopenharmony_ci```ts 8827e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8828e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8829e41f4b71Sopenharmony_ci 8830e41f4b71Sopenharmony_ci// string转Uint8Array 8831e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8832e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8833e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8834e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8835e41f4b71Sopenharmony_ci } 8836e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8837e41f4b71Sopenharmony_ci} 8838e41f4b71Sopenharmony_ci 8839e41f4b71Sopenharmony_ciasync function createX509CRL(): Promise<cert.X509CRL> { 8840e41f4b71Sopenharmony_ci let crlData = '-----BEGIN X509 CRL-----\n' + 8841e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 8842e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 8843e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 8844e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 8845e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 8846e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 8847e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 8848e41f4b71Sopenharmony_ci 8849e41f4b71Sopenharmony_ci // 证书吊销列表二进制数据,需业务自行赋值 8850e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 8851e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 8852e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8853e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8854e41f4b71Sopenharmony_ci }; 8855e41f4b71Sopenharmony_ci let x509CRL: cert.X509CRL = {} as cert.X509CRL; 8856e41f4b71Sopenharmony_ci try { 8857e41f4b71Sopenharmony_ci x509CRL = await cert.createX509CRL(encodingBlob); 8858e41f4b71Sopenharmony_ci } catch (err) { 8859e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 8860e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8861e41f4b71Sopenharmony_ci } 8862e41f4b71Sopenharmony_ci return x509CRL; 8863e41f4b71Sopenharmony_ci} 8864e41f4b71Sopenharmony_ci 8865e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 8866e41f4b71Sopenharmony_ci let certData = '-----BEGIN CERTIFICATE-----\n' + 8867e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 8868e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 8869e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 8870e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 8871e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 8872e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 8873e41f4b71Sopenharmony_ci 'Qw==\n' + 8874e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 8875e41f4b71Sopenharmony_ci 8876e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 8877e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 8878e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8879e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8880e41f4b71Sopenharmony_ci }; 8881e41f4b71Sopenharmony_ci 8882e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 8883e41f4b71Sopenharmony_ci try { 8884e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 8885e41f4b71Sopenharmony_ci } catch (err) { 8886e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 8887e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8888e41f4b71Sopenharmony_ci } 8889e41f4b71Sopenharmony_ci return x509Cert; 8890e41f4b71Sopenharmony_ci} 8891e41f4b71Sopenharmony_ci 8892e41f4b71Sopenharmony_ciasync function createCollection() { 8893e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 8894e41f4b71Sopenharmony_ci const x509CRL = await createX509CRL(); 8895e41f4b71Sopenharmony_ci try { 8896e41f4b71Sopenharmony_ci const collection: cert.CertCRLCollection = cert.createCertCRLCollection([x509Cert], [x509CRL]); 8897e41f4b71Sopenharmony_ci console.log('createCertCRLCollection success'); 8898e41f4b71Sopenharmony_ci } catch (err) { 8899e41f4b71Sopenharmony_ci console.error('createCertCRLCollection failed'); 8900e41f4b71Sopenharmony_ci } 8901e41f4b71Sopenharmony_ci} 8902e41f4b71Sopenharmony_ci``` 8903e41f4b71Sopenharmony_ci 8904e41f4b71Sopenharmony_ci## CertCRLCollection<sup>11+</sup> 8905e41f4b71Sopenharmony_ci 8906e41f4b71Sopenharmony_ci证书和证书吊销列表集合对象。 8907e41f4b71Sopenharmony_ci 8908e41f4b71Sopenharmony_ci### selectCerts<sup>11+</sup> 8909e41f4b71Sopenharmony_ci 8910e41f4b71Sopenharmony_ciselectCerts(param: X509CertMatchParameters): Promise\<Array\<X509Cert>> 8911e41f4b71Sopenharmony_ci 8912e41f4b71Sopenharmony_ci查找证书和证书吊销列表集合中所有与参数匹配的证书对象,使用Promise方式异步返回结果。 8913e41f4b71Sopenharmony_ci 8914e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 8915e41f4b71Sopenharmony_ci 8916e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 8917e41f4b71Sopenharmony_ci 8918e41f4b71Sopenharmony_ci**参数**: 8919e41f4b71Sopenharmony_ci 8920e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 8921e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ------------ | 8922e41f4b71Sopenharmony_ci| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示证书需匹配的参数。 | 8923e41f4b71Sopenharmony_ci 8924e41f4b71Sopenharmony_ci**返回值**: 8925e41f4b71Sopenharmony_ci 8926e41f4b71Sopenharmony_ci| 类型 | 说明 | 8927e41f4b71Sopenharmony_ci| --------------------------------------- | --------------------------------------- | 8928e41f4b71Sopenharmony_ci| Promise\<Array\<[X509Cert](#x509cert)>> | Promise对象。表示匹配到的证书对象数组。 | 8929e41f4b71Sopenharmony_ci 8930e41f4b71Sopenharmony_ci**错误码:** 8931e41f4b71Sopenharmony_ci 8932e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 8933e41f4b71Sopenharmony_ci 8934e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 8935e41f4b71Sopenharmony_ci| -------- | ----------------------- | 8936e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 8937e41f4b71Sopenharmony_ci| 19020001 | memory error. | 8938e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 8939e41f4b71Sopenharmony_ci 8940e41f4b71Sopenharmony_ci**示例:** 8941e41f4b71Sopenharmony_ci 8942e41f4b71Sopenharmony_ci```ts 8943e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 8944e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 8945e41f4b71Sopenharmony_ci 8946e41f4b71Sopenharmony_ci// string转Uint8Array 8947e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 8948e41f4b71Sopenharmony_ci let arr: Array<number> = []; 8949e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 8950e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 8951e41f4b71Sopenharmony_ci } 8952e41f4b71Sopenharmony_ci return new Uint8Array(arr); 8953e41f4b71Sopenharmony_ci} 8954e41f4b71Sopenharmony_ci 8955e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 8956e41f4b71Sopenharmony_ci let certData = '-----BEGIN CERTIFICATE-----\n' + 8957e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 8958e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 8959e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 8960e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 8961e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 8962e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 8963e41f4b71Sopenharmony_ci 'Qw==\n' + 8964e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 8965e41f4b71Sopenharmony_ci 8966e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 8967e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 8968e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 8969e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 8970e41f4b71Sopenharmony_ci }; 8971e41f4b71Sopenharmony_ci 8972e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 8973e41f4b71Sopenharmony_ci try { 8974e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 8975e41f4b71Sopenharmony_ci } catch (err) { 8976e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 8977e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 8978e41f4b71Sopenharmony_ci } 8979e41f4b71Sopenharmony_ci return x509Cert; 8980e41f4b71Sopenharmony_ci} 8981e41f4b71Sopenharmony_ci 8982e41f4b71Sopenharmony_ciasync function selectCerts() { 8983e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 8984e41f4b71Sopenharmony_ci const collection = cert.createCertCRLCollection([x509Cert]); 8985e41f4b71Sopenharmony_ci 8986e41f4b71Sopenharmony_ci try { 8987e41f4b71Sopenharmony_ci const param: cert.X509CertMatchParameters = { 8988e41f4b71Sopenharmony_ci x509Cert, 8989e41f4b71Sopenharmony_ci validDate: '20231121074700Z', 8990e41f4b71Sopenharmony_ci issuer: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 8991e41f4b71Sopenharmony_ci subject: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 8992e41f4b71Sopenharmony_ci publicKeyAlgID: '1.2.840.10045.2.1' 8993e41f4b71Sopenharmony_ci }; 8994e41f4b71Sopenharmony_ci const certs = await collection.selectCerts(param); 8995e41f4b71Sopenharmony_ci console.log('call selectCerts success'); 8996e41f4b71Sopenharmony_ci } catch (err) { 8997e41f4b71Sopenharmony_ci console.error('call selectCerts failed'); 8998e41f4b71Sopenharmony_ci } 8999e41f4b71Sopenharmony_ci} 9000e41f4b71Sopenharmony_ci``` 9001e41f4b71Sopenharmony_ci 9002e41f4b71Sopenharmony_ci### selectCerts<sup>11+</sup> 9003e41f4b71Sopenharmony_ci 9004e41f4b71Sopenharmony_ciselectCerts(param: X509CertMatchParameters, callback: AsyncCallback\<Array\<X509Cert>>): void 9005e41f4b71Sopenharmony_ci 9006e41f4b71Sopenharmony_ci查找证书和证书吊销列表集合中所有与参数匹配的证书对象, 使用Callback回调异步返回结果。 9007e41f4b71Sopenharmony_ci 9008e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9009e41f4b71Sopenharmony_ci 9010e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9011e41f4b71Sopenharmony_ci 9012e41f4b71Sopenharmony_ci**参数**: 9013e41f4b71Sopenharmony_ci 9014e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9015e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ----------------- | 9016e41f4b71Sopenharmony_ci| param | [X509CertMatchParameters](#x509certmatchparameters11) | 是 | 表示证书需匹配的参数。 | 9017e41f4b71Sopenharmony_ci| callback | AsyncCallback\<Array\<[X509Cert](#x509cert)>> | 是 | 回调函数。表示匹配到的证书对象数组。 | 9018e41f4b71Sopenharmony_ci 9019e41f4b71Sopenharmony_ci**错误码:** 9020e41f4b71Sopenharmony_ci 9021e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9022e41f4b71Sopenharmony_ci 9023e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9024e41f4b71Sopenharmony_ci| -------- | ----------------------- | 9025e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9026e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9027e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9028e41f4b71Sopenharmony_ci 9029e41f4b71Sopenharmony_ci**示例:** 9030e41f4b71Sopenharmony_ci 9031e41f4b71Sopenharmony_ci```ts 9032e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9033e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9034e41f4b71Sopenharmony_ci 9035e41f4b71Sopenharmony_ci// string转Uint8Array 9036e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9037e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9038e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9039e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9040e41f4b71Sopenharmony_ci } 9041e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9042e41f4b71Sopenharmony_ci} 9043e41f4b71Sopenharmony_ci 9044e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 9045e41f4b71Sopenharmony_ci let certData = '-----BEGIN CERTIFICATE-----\n' + 9046e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 9047e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 9048e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 9049e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 9050e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 9051e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 9052e41f4b71Sopenharmony_ci 'Qw==\n' + 9053e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 9054e41f4b71Sopenharmony_ci 9055e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9056e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 9057e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 9058e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9059e41f4b71Sopenharmony_ci }; 9060e41f4b71Sopenharmony_ci 9061e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9062e41f4b71Sopenharmony_ci try { 9063e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 9064e41f4b71Sopenharmony_ci } catch (err) { 9065e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 9066e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9067e41f4b71Sopenharmony_ci } 9068e41f4b71Sopenharmony_ci return x509Cert; 9069e41f4b71Sopenharmony_ci} 9070e41f4b71Sopenharmony_ci 9071e41f4b71Sopenharmony_ciasync function selectCerts() { 9072e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 9073e41f4b71Sopenharmony_ci const collection = cert.createCertCRLCollection([x509Cert]); 9074e41f4b71Sopenharmony_ci // 需业务自行赋值 9075e41f4b71Sopenharmony_ci const param: cert.X509CertMatchParameters = { 9076e41f4b71Sopenharmony_ci x509Cert, 9077e41f4b71Sopenharmony_ci validDate: '20231121074700Z', 9078e41f4b71Sopenharmony_ci issuer: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9079e41f4b71Sopenharmony_ci subject: new Uint8Array([0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41]), 9080e41f4b71Sopenharmony_ci publicKeyAlgID: '1.2.840.10045.2.1' 9081e41f4b71Sopenharmony_ci }; 9082e41f4b71Sopenharmony_ci collection.selectCerts(param, (err, certs) => { 9083e41f4b71Sopenharmony_ci if (err) { 9084e41f4b71Sopenharmony_ci console.error('selectCerts failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9085e41f4b71Sopenharmony_ci } else { 9086e41f4b71Sopenharmony_ci console.log('selectCerts success'); 9087e41f4b71Sopenharmony_ci } 9088e41f4b71Sopenharmony_ci }); 9089e41f4b71Sopenharmony_ci} 9090e41f4b71Sopenharmony_ci``` 9091e41f4b71Sopenharmony_ci 9092e41f4b71Sopenharmony_ci### selectCRLs<sup>11+</sup> 9093e41f4b71Sopenharmony_ci 9094e41f4b71Sopenharmony_ciselectCRLs(param: X509CRLMatchParameters): Promise\<Array\<X509CRL>> 9095e41f4b71Sopenharmony_ci 9096e41f4b71Sopenharmony_ci查找证书和证书吊销列表集合中所有与参数匹配的证书吊销列表对象, 使用Promise方式异步返回结果。 9097e41f4b71Sopenharmony_ci 9098e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9099e41f4b71Sopenharmony_ci 9100e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9101e41f4b71Sopenharmony_ci 9102e41f4b71Sopenharmony_ci**参数**: 9103e41f4b71Sopenharmony_ci 9104e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9105e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ------------ | 9106e41f4b71Sopenharmony_ci| param | [X509CRLMatchParameters](#x509crlmatchparameters11) | 是 | 表示证书吊销列表需匹配的参数。 | 9107e41f4b71Sopenharmony_ci 9108e41f4b71Sopenharmony_ci**返回值**: 9109e41f4b71Sopenharmony_ci 9110e41f4b71Sopenharmony_ci| 类型 | 说明 | 9111e41f4b71Sopenharmony_ci| -------------- | ----------- | 9112e41f4b71Sopenharmony_ci| Promise\<Array\<[X509CRL](#x509crl11)>> | Promise对象。表示匹配到的证书吊销列表对象数组。 | 9113e41f4b71Sopenharmony_ci 9114e41f4b71Sopenharmony_ci**错误码:** 9115e41f4b71Sopenharmony_ci 9116e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9117e41f4b71Sopenharmony_ci 9118e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9119e41f4b71Sopenharmony_ci| -------- | ----------------------- | 9120e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9121e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9122e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9123e41f4b71Sopenharmony_ci 9124e41f4b71Sopenharmony_ci**示例:** 9125e41f4b71Sopenharmony_ci 9126e41f4b71Sopenharmony_ci```ts 9127e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9128e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9129e41f4b71Sopenharmony_ci 9130e41f4b71Sopenharmony_ci// string转Uint8Array 9131e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9132e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9133e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9134e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9135e41f4b71Sopenharmony_ci } 9136e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9137e41f4b71Sopenharmony_ci} 9138e41f4b71Sopenharmony_ci 9139e41f4b71Sopenharmony_ciasync function createX509CRL(): Promise<cert.X509CRL> { 9140e41f4b71Sopenharmony_ci let crlData = '-----BEGIN X509 CRL-----\n' + 9141e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9142e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9143e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9144e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9145e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9146e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 9147e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 9148e41f4b71Sopenharmony_ci 9149e41f4b71Sopenharmony_ci // 证书吊销列表二进制数据,需业务自行赋值 9150e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9151e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 9152e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 9153e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9154e41f4b71Sopenharmony_ci }; 9155e41f4b71Sopenharmony_ci let x509CRL: cert.X509CRL = {} as cert.X509CRL; 9156e41f4b71Sopenharmony_ci try { 9157e41f4b71Sopenharmony_ci x509CRL = await cert.createX509CRL(encodingBlob); 9158e41f4b71Sopenharmony_ci } catch (err) { 9159e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 9160e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9161e41f4b71Sopenharmony_ci } 9162e41f4b71Sopenharmony_ci return x509CRL; 9163e41f4b71Sopenharmony_ci} 9164e41f4b71Sopenharmony_ci 9165e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 9166e41f4b71Sopenharmony_ci const certData = "-----BEGIN CERTIFICATE-----\r\n" + 9167e41f4b71Sopenharmony_ci "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 9168e41f4b71Sopenharmony_ci "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 9169e41f4b71Sopenharmony_ci "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 9170e41f4b71Sopenharmony_ci "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 9171e41f4b71Sopenharmony_ci "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 9172e41f4b71Sopenharmony_ci "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 9173e41f4b71Sopenharmony_ci "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 9174e41f4b71Sopenharmony_ci "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 9175e41f4b71Sopenharmony_ci "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 9176e41f4b71Sopenharmony_ci "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 9177e41f4b71Sopenharmony_ci "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 9178e41f4b71Sopenharmony_ci "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 9179e41f4b71Sopenharmony_ci "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 9180e41f4b71Sopenharmony_ci "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 9181e41f4b71Sopenharmony_ci "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 9182e41f4b71Sopenharmony_ci "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 9183e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\r\n"; 9184e41f4b71Sopenharmony_ci const certEncodingBlob: cert.EncodingBlob = { 9185e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 9186e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM, 9187e41f4b71Sopenharmony_ci }; 9188e41f4b71Sopenharmony_ci 9189e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9190e41f4b71Sopenharmony_ci try { 9191e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(certEncodingBlob); 9192e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 9193e41f4b71Sopenharmony_ci } catch (err) { 9194e41f4b71Sopenharmony_ci console.error('createX509Cert failed'); 9195e41f4b71Sopenharmony_ci } 9196e41f4b71Sopenharmony_ci return x509Cert; 9197e41f4b71Sopenharmony_ci} 9198e41f4b71Sopenharmony_ci 9199e41f4b71Sopenharmony_ciasync function selectCRLs() { 9200e41f4b71Sopenharmony_ci const x509CRL = await createX509CRL(); 9201e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 9202e41f4b71Sopenharmony_ci const collection = cert.createCertCRLCollection([], [x509CRL]); 9203e41f4b71Sopenharmony_ci 9204e41f4b71Sopenharmony_ci const param: cert.X509CRLMatchParameters = { 9205e41f4b71Sopenharmony_ci issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 9206e41f4b71Sopenharmony_ci x509Cert: x509Cert 9207e41f4b71Sopenharmony_ci } 9208e41f4b71Sopenharmony_ci try { 9209e41f4b71Sopenharmony_ci const crls = await collection.selectCRLs(param); 9210e41f4b71Sopenharmony_ci console.log('selectCRLs success'); 9211e41f4b71Sopenharmony_ci } catch (err) { 9212e41f4b71Sopenharmony_ci console.error('selectCRLs failed'); 9213e41f4b71Sopenharmony_ci } 9214e41f4b71Sopenharmony_ci} 9215e41f4b71Sopenharmony_ci``` 9216e41f4b71Sopenharmony_ci 9217e41f4b71Sopenharmony_ci### selectCRLs<sup>11+</sup> 9218e41f4b71Sopenharmony_ci 9219e41f4b71Sopenharmony_ciselectCRLs(param: X509CRLMatchParameters, callback: AsyncCallback\<Array\<X509CRL>>): void 9220e41f4b71Sopenharmony_ci 9221e41f4b71Sopenharmony_ci查找证书和证书吊销列表集合中所有与参数匹配的证书吊销列表对象, 使用Callback回调异步返回结果。 9222e41f4b71Sopenharmony_ci 9223e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9224e41f4b71Sopenharmony_ci 9225e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9226e41f4b71Sopenharmony_ci 9227e41f4b71Sopenharmony_ci**参数**: 9228e41f4b71Sopenharmony_ci 9229e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9230e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ----------------- | 9231e41f4b71Sopenharmony_ci| param | [X509CRLMatchParameters](#x509crlmatchparameters11) | 是 | 表示证书吊销列表需匹配的参数对象。 | 9232e41f4b71Sopenharmony_ci| callback | AsyncCallback\<Array\<[X509CRL](#x509crl11)>> | 是 | 回调函数。表示匹配到的证书吊销列表对象数组。 | 9233e41f4b71Sopenharmony_ci 9234e41f4b71Sopenharmony_ci**错误码:** 9235e41f4b71Sopenharmony_ci 9236e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9237e41f4b71Sopenharmony_ci 9238e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9239e41f4b71Sopenharmony_ci| -------- | ----------------------- | 9240e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9241e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9242e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9243e41f4b71Sopenharmony_ci 9244e41f4b71Sopenharmony_ci**示例:** 9245e41f4b71Sopenharmony_ci 9246e41f4b71Sopenharmony_ci```ts 9247e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9248e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9249e41f4b71Sopenharmony_ci 9250e41f4b71Sopenharmony_ci// string转Uint8Array 9251e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9252e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9253e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9254e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9255e41f4b71Sopenharmony_ci } 9256e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9257e41f4b71Sopenharmony_ci} 9258e41f4b71Sopenharmony_ci 9259e41f4b71Sopenharmony_ciasync function createX509CRL(): Promise<cert.X509CRL> { 9260e41f4b71Sopenharmony_ci let crlData = '-----BEGIN X509 CRL-----\n' + 9261e41f4b71Sopenharmony_ci 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 9262e41f4b71Sopenharmony_ci 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 9263e41f4b71Sopenharmony_ci 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 9264e41f4b71Sopenharmony_ci 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 9265e41f4b71Sopenharmony_ci '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 9266e41f4b71Sopenharmony_ci 'eavsH0Q3\n' + 9267e41f4b71Sopenharmony_ci '-----END X509 CRL-----\n'; 9268e41f4b71Sopenharmony_ci 9269e41f4b71Sopenharmony_ci // 证书吊销列表二进制数据,需业务自行赋值 9270e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9271e41f4b71Sopenharmony_ci data: stringToUint8Array(crlData), 9272e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 9273e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9274e41f4b71Sopenharmony_ci }; 9275e41f4b71Sopenharmony_ci let x509CRL: cert.X509CRL = {} as cert.X509CRL; 9276e41f4b71Sopenharmony_ci try { 9277e41f4b71Sopenharmony_ci x509CRL = await cert.createX509CRL(encodingBlob); 9278e41f4b71Sopenharmony_ci } catch (err) { 9279e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 9280e41f4b71Sopenharmony_ci console.error('createX509CRL failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9281e41f4b71Sopenharmony_ci } 9282e41f4b71Sopenharmony_ci return x509CRL; 9283e41f4b71Sopenharmony_ci} 9284e41f4b71Sopenharmony_ci 9285e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 9286e41f4b71Sopenharmony_ci const certData = "-----BEGIN CERTIFICATE-----\r\n" + 9287e41f4b71Sopenharmony_ci "MIIC8TCCAdmgAwIBAgIIFB75m06RTHwwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UE\r\n" + 9288e41f4b71Sopenharmony_ci "BhMCQ04xEDAOBgNVBAgTB0ppYW5nc3UxEDAOBgNVBAcTB05hbmppbmcxCzAJBgNV\r\n" + 9289e41f4b71Sopenharmony_ci "BAoTAnRzMQswCQYDVQQLEwJ0czELMAkGA1UEAxMCdHMwHhcNMjMxMTIzMDMzMjAw\r\n" + 9290e41f4b71Sopenharmony_ci "WhcNMjQxMTIzMDMzMjAwWjBhMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHSmlhbmdz\r\n" + 9291e41f4b71Sopenharmony_ci "dTEQMA4GA1UEBxMHTmFuamluZzEMMAoGA1UEChMDdHMxMQwwCgYDVQQLEwN0czEx\r\n" + 9292e41f4b71Sopenharmony_ci "EjAQBgNVBAMTCTEyNy4wLjAuMTAqMAUGAytlcAMhALsWnY9cMNC6jzduM69vI3Ej\r\n" + 9293e41f4b71Sopenharmony_ci "pUlgHtEHS8kRfmYBupJSo4GvMIGsMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNSg\r\n" + 9294e41f4b71Sopenharmony_ci "poQvfxR8A1Y4St8NjOHkRpm4MAsGA1UdDwQEAwID+DAnBgNVHSUEIDAeBggrBgEF\r\n" + 9295e41f4b71Sopenharmony_ci "BQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEyNy4wLjAuMTAR\r\n" + 9296e41f4b71Sopenharmony_ci "BglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0\r\n" + 9297e41f4b71Sopenharmony_ci "ZTANBgkqhkiG9w0BAQsFAAOCAQEAfnLmPF6BtAUCZ9pjt1ITdXc5M4LJfMw5IPcv\r\n" + 9298e41f4b71Sopenharmony_ci "fUAvhdaUXtqBQcjGCWtDdhyb1n5Xp+N7oKz/Cnn0NGFTwVArtFiQ5NEP2CmrckLh\r\n" + 9299e41f4b71Sopenharmony_ci "Da4VnsDFU+zx2Bbfwo5Ms7iArxyx0fArbMZzN9D1lZcVjiIxp1+3k1/0sdCemcY/\r\n" + 9300e41f4b71Sopenharmony_ci "y7mw5NwkcczLWLBZl1/Ho8b4dlo1wTA7TZk9uu8UwYBwXDrQe6S9rMcvMcRKiJ9e\r\n" + 9301e41f4b71Sopenharmony_ci "V4SYZIO7ihr8+n4LQDQP+spvX4cf925a3kyZrftfvGCJ2ZNwvsPhyumYhaBqAgSy\r\n" + 9302e41f4b71Sopenharmony_ci "Up2BImymAqPi157q9EeYcQz170TtDZHGmjYzdQxhOAHRb6/IdQ==\r\n" + 9303e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\r\n"; 9304e41f4b71Sopenharmony_ci const certEncodingBlob: cert.EncodingBlob = { 9305e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 9306e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM, 9307e41f4b71Sopenharmony_ci }; 9308e41f4b71Sopenharmony_ci 9309e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9310e41f4b71Sopenharmony_ci try { 9311e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(certEncodingBlob); 9312e41f4b71Sopenharmony_ci console.log('createX509Cert success'); 9313e41f4b71Sopenharmony_ci } catch (err) { 9314e41f4b71Sopenharmony_ci console.error('createX509Cert failed'); 9315e41f4b71Sopenharmony_ci } 9316e41f4b71Sopenharmony_ci return x509Cert; 9317e41f4b71Sopenharmony_ci} 9318e41f4b71Sopenharmony_ci 9319e41f4b71Sopenharmony_ciasync function selectCRLs() { 9320e41f4b71Sopenharmony_ci const x509CRL = await createX509CRL(); 9321e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 9322e41f4b71Sopenharmony_ci const collection = cert.createCertCRLCollection([], [x509CRL]); 9323e41f4b71Sopenharmony_ci 9324e41f4b71Sopenharmony_ci const param: cert.X509CRLMatchParameters = { 9325e41f4b71Sopenharmony_ci issuer: [new Uint8Array([0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x4A, 0x69, 0x61, 0x6E, 0x67, 0x73, 0x75, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x4E, 0x61, 0x6E, 0x6A, 0x69, 0x6E, 0x67, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x02, 0x74, 0x73, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x74, 0x73])], 9326e41f4b71Sopenharmony_ci x509Cert: x509Cert 9327e41f4b71Sopenharmony_ci } 9328e41f4b71Sopenharmony_ci collection.selectCRLs(param, (err, crls) => { 9329e41f4b71Sopenharmony_ci if (err) { 9330e41f4b71Sopenharmony_ci console.error('selectCRLs failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9331e41f4b71Sopenharmony_ci } else { 9332e41f4b71Sopenharmony_ci console.log('selectCRLs success'); 9333e41f4b71Sopenharmony_ci } 9334e41f4b71Sopenharmony_ci }); 9335e41f4b71Sopenharmony_ci} 9336e41f4b71Sopenharmony_ci``` 9337e41f4b71Sopenharmony_ci 9338e41f4b71Sopenharmony_ci## cert.createX509CertChain<sup>11+</sup> 9339e41f4b71Sopenharmony_ci 9340e41f4b71Sopenharmony_cicreateX509CertChain(inStream: EncodingBlob): Promise\<X509CertChain> 9341e41f4b71Sopenharmony_ci 9342e41f4b71Sopenharmony_ci表示创建X509证书链对象,使用Promise方式异步返回结果。 9343e41f4b71Sopenharmony_ci 9344e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9345e41f4b71Sopenharmony_ci 9346e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9347e41f4b71Sopenharmony_ci 9348e41f4b71Sopenharmony_ci**参数:** 9349e41f4b71Sopenharmony_ci 9350e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9351e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------- | 9352e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 9353e41f4b71Sopenharmony_ci 9354e41f4b71Sopenharmony_ci**返回值:** 9355e41f4b71Sopenharmony_ci 9356e41f4b71Sopenharmony_ci| 类型 | 说明 | 9357e41f4b71Sopenharmony_ci| ------------------------------- | ---------------- | 9358e41f4b71Sopenharmony_ci| Promise\<[X509CertChain](#x509certchain11)> | 表示X509证书链对象。 | 9359e41f4b71Sopenharmony_ci 9360e41f4b71Sopenharmony_ci**错误码:** 9361e41f4b71Sopenharmony_ci 9362e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9363e41f4b71Sopenharmony_ci 9364e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9365e41f4b71Sopenharmony_ci| -------- | ------------- | 9366e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9367e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9368e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9369e41f4b71Sopenharmony_ci 9370e41f4b71Sopenharmony_ci**示例:** 9371e41f4b71Sopenharmony_ci 9372e41f4b71Sopenharmony_ci```ts 9373e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9374e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9375e41f4b71Sopenharmony_ci 9376e41f4b71Sopenharmony_ci// string转Uint8Array 9377e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9378e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9379e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9380e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9381e41f4b71Sopenharmony_ci } 9382e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9383e41f4b71Sopenharmony_ci} 9384e41f4b71Sopenharmony_ci 9385e41f4b71Sopenharmony_ciasync function createX509CertChain(): Promise<cert.X509CertChain> { 9386e41f4b71Sopenharmony_ci let certChainData = "-----BEGIN CERTIFICATE-----\n" + 9387e41f4b71Sopenharmony_ci "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 9388e41f4b71Sopenharmony_ci "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 9389e41f4b71Sopenharmony_ci "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 9390e41f4b71Sopenharmony_ci "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 9391e41f4b71Sopenharmony_ci "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 9392e41f4b71Sopenharmony_ci "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 9393e41f4b71Sopenharmony_ci "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 9394e41f4b71Sopenharmony_ci "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 9395e41f4b71Sopenharmony_ci "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 9396e41f4b71Sopenharmony_ci "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 9397e41f4b71Sopenharmony_ci "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 9398e41f4b71Sopenharmony_ci "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 9399e41f4b71Sopenharmony_ci "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 9400e41f4b71Sopenharmony_ci "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 9401e41f4b71Sopenharmony_ci "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 9402e41f4b71Sopenharmony_ci "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 9403e41f4b71Sopenharmony_ci "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 9404e41f4b71Sopenharmony_ci "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 9405e41f4b71Sopenharmony_ci "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 9406e41f4b71Sopenharmony_ci "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 9407e41f4b71Sopenharmony_ci "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 9408e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9409e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9410e41f4b71Sopenharmony_ci "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9411e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9412e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 9413e41f4b71Sopenharmony_ci "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9414e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 9415e41f4b71Sopenharmony_ci "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 9416e41f4b71Sopenharmony_ci "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 9417e41f4b71Sopenharmony_ci "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 9418e41f4b71Sopenharmony_ci "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 9419e41f4b71Sopenharmony_ci "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 9420e41f4b71Sopenharmony_ci "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 9421e41f4b71Sopenharmony_ci "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 9422e41f4b71Sopenharmony_ci "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 9423e41f4b71Sopenharmony_ci "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 9424e41f4b71Sopenharmony_ci "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 9425e41f4b71Sopenharmony_ci "uKPWR9dKBA==\n" + 9426e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9427e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9428e41f4b71Sopenharmony_ci "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9429e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9430e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 9431e41f4b71Sopenharmony_ci "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9432e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 9433e41f4b71Sopenharmony_ci "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 9434e41f4b71Sopenharmony_ci "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 9435e41f4b71Sopenharmony_ci "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 9436e41f4b71Sopenharmony_ci "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 9437e41f4b71Sopenharmony_ci "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 9438e41f4b71Sopenharmony_ci "xjoE\n" + 9439e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 9440e41f4b71Sopenharmony_ci 9441e41f4b71Sopenharmony_ci // 证书链二进制数据,需业务自行赋值 9442e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9443e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 9444e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 9445e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9446e41f4b71Sopenharmony_ci }; 9447e41f4b71Sopenharmony_ci let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 9448e41f4b71Sopenharmony_ci try { 9449e41f4b71Sopenharmony_ci x509CertChain = await cert.createX509CertChain(encodingBlob); 9450e41f4b71Sopenharmony_ci } catch (error) { 9451e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 9452e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9453e41f4b71Sopenharmony_ci } 9454e41f4b71Sopenharmony_ci return x509CertChain; 9455e41f4b71Sopenharmony_ci} 9456e41f4b71Sopenharmony_ci 9457e41f4b71Sopenharmony_cicreateX509CertChain(); 9458e41f4b71Sopenharmony_ci``` 9459e41f4b71Sopenharmony_ci 9460e41f4b71Sopenharmony_ci## cert.createX509CertChain<sup>11+</sup> 9461e41f4b71Sopenharmony_ci 9462e41f4b71Sopenharmony_cicreateX509CertChain(inStream: EncodingBlob, callback: AsyncCallback\<X509CertChain>): void 9463e41f4b71Sopenharmony_ci 9464e41f4b71Sopenharmony_ci表示创建X509证书链对象,使用Callback回调异步返回结果。 9465e41f4b71Sopenharmony_ci 9466e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9467e41f4b71Sopenharmony_ci 9468e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9469e41f4b71Sopenharmony_ci 9470e41f4b71Sopenharmony_ci**参数:** 9471e41f4b71Sopenharmony_ci 9472e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9473e41f4b71Sopenharmony_ci| -------- | ------------------------------------- | ---- | -------------------------- | 9474e41f4b71Sopenharmony_ci| inStream | [EncodingBlob](#encodingblob) | 是 | X509证书序列化数据。 | 9475e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[X509CertChain](#x509certchain11)> | 是 | 回调函数。表示X509证书链对象。 | 9476e41f4b71Sopenharmony_ci 9477e41f4b71Sopenharmony_ci**错误码:** 9478e41f4b71Sopenharmony_ci 9479e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9480e41f4b71Sopenharmony_ci 9481e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9482e41f4b71Sopenharmony_ci| -------- | ------------- | 9483e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9484e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9485e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9486e41f4b71Sopenharmony_ci 9487e41f4b71Sopenharmony_ci**示例:** 9488e41f4b71Sopenharmony_ci 9489e41f4b71Sopenharmony_ci```ts 9490e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9491e41f4b71Sopenharmony_ci 9492e41f4b71Sopenharmony_ci// string转Uint8Array 9493e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9494e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9495e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9496e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9497e41f4b71Sopenharmony_ci } 9498e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9499e41f4b71Sopenharmony_ci} 9500e41f4b71Sopenharmony_ci 9501e41f4b71Sopenharmony_cilet certChainData = "-----BEGIN CERTIFICATE-----\n" + 9502e41f4b71Sopenharmony_ci "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 9503e41f4b71Sopenharmony_ci "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 9504e41f4b71Sopenharmony_ci "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 9505e41f4b71Sopenharmony_ci "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 9506e41f4b71Sopenharmony_ci "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 9507e41f4b71Sopenharmony_ci "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 9508e41f4b71Sopenharmony_ci "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 9509e41f4b71Sopenharmony_ci "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 9510e41f4b71Sopenharmony_ci "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 9511e41f4b71Sopenharmony_ci "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 9512e41f4b71Sopenharmony_ci "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 9513e41f4b71Sopenharmony_ci "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 9514e41f4b71Sopenharmony_ci "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 9515e41f4b71Sopenharmony_ci "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 9516e41f4b71Sopenharmony_ci "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 9517e41f4b71Sopenharmony_ci "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 9518e41f4b71Sopenharmony_ci "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 9519e41f4b71Sopenharmony_ci "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 9520e41f4b71Sopenharmony_ci "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 9521e41f4b71Sopenharmony_ci "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 9522e41f4b71Sopenharmony_ci "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 9523e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9524e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9525e41f4b71Sopenharmony_ci "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9526e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9527e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 9528e41f4b71Sopenharmony_ci "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9529e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 9530e41f4b71Sopenharmony_ci "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 9531e41f4b71Sopenharmony_ci "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 9532e41f4b71Sopenharmony_ci "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 9533e41f4b71Sopenharmony_ci "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 9534e41f4b71Sopenharmony_ci "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 9535e41f4b71Sopenharmony_ci "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 9536e41f4b71Sopenharmony_ci "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 9537e41f4b71Sopenharmony_ci "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 9538e41f4b71Sopenharmony_ci "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 9539e41f4b71Sopenharmony_ci "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 9540e41f4b71Sopenharmony_ci "uKPWR9dKBA==\n" + 9541e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9542e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9543e41f4b71Sopenharmony_ci "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9544e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9545e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 9546e41f4b71Sopenharmony_ci "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9547e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 9548e41f4b71Sopenharmony_ci "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 9549e41f4b71Sopenharmony_ci "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 9550e41f4b71Sopenharmony_ci "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 9551e41f4b71Sopenharmony_ci "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 9552e41f4b71Sopenharmony_ci "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 9553e41f4b71Sopenharmony_ci "xjoE\n" + 9554e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 9555e41f4b71Sopenharmony_ci 9556e41f4b71Sopenharmony_ci// 证书链二进制数据,需业务自行赋值 9557e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 9558e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 9559e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 9560e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9561e41f4b71Sopenharmony_ci}; 9562e41f4b71Sopenharmony_ci 9563e41f4b71Sopenharmony_cicert.createX509CertChain(encodingBlob, (err, certChain) => { 9564e41f4b71Sopenharmony_ci if (err) { 9565e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9566e41f4b71Sopenharmony_ci } else { 9567e41f4b71Sopenharmony_ci console.log('createX509CertChain success'); 9568e41f4b71Sopenharmony_ci } 9569e41f4b71Sopenharmony_ci}); 9570e41f4b71Sopenharmony_ci``` 9571e41f4b71Sopenharmony_ci 9572e41f4b71Sopenharmony_ci## cert.createX509CertChain<sup>11+</sup> 9573e41f4b71Sopenharmony_ci 9574e41f4b71Sopenharmony_cicreateX509CertChain(certs: Array\<X509Cert>): X509CertChain 9575e41f4b71Sopenharmony_ci 9576e41f4b71Sopenharmony_ci表示使用X509Cert数组方式创建X509证书链对象,并同步返回结果。 9577e41f4b71Sopenharmony_ci 9578e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9579e41f4b71Sopenharmony_ci 9580e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9581e41f4b71Sopenharmony_ci 9582e41f4b71Sopenharmony_ci**参数:** 9583e41f4b71Sopenharmony_ci 9584e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9585e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | -------------------------- | 9586e41f4b71Sopenharmony_ci| certs | Array\<[X509Cert](#x509cert)> | 是 | X509证书对象数组。 | 9587e41f4b71Sopenharmony_ci 9588e41f4b71Sopenharmony_ci**返回值:** 9589e41f4b71Sopenharmony_ci 9590e41f4b71Sopenharmony_ci| 类型 | 说明 | 9591e41f4b71Sopenharmony_ci| --------------------------------- | -------------------- | 9592e41f4b71Sopenharmony_ci| [X509CertChain](#x509certchain11) | 表示X509证书链对象。 | 9593e41f4b71Sopenharmony_ci 9594e41f4b71Sopenharmony_ci**错误码:** 9595e41f4b71Sopenharmony_ci 9596e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9597e41f4b71Sopenharmony_ci 9598e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9599e41f4b71Sopenharmony_ci| -------- | ------------- | 9600e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9601e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9602e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9603e41f4b71Sopenharmony_ci 9604e41f4b71Sopenharmony_ci**示例:** 9605e41f4b71Sopenharmony_ci 9606e41f4b71Sopenharmony_ci```ts 9607e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9608e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9609e41f4b71Sopenharmony_ci 9610e41f4b71Sopenharmony_ci// string转Uint8Array 9611e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9612e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9613e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9614e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9615e41f4b71Sopenharmony_ci } 9616e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9617e41f4b71Sopenharmony_ci} 9618e41f4b71Sopenharmony_ci 9619e41f4b71Sopenharmony_ciasync function createX509Cert(): Promise<cert.X509Cert> { 9620e41f4b71Sopenharmony_ci let certData = '-----BEGIN CERTIFICATE-----\n' + 9621e41f4b71Sopenharmony_ci 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 9622e41f4b71Sopenharmony_ci 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 9623e41f4b71Sopenharmony_ci 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 9624e41f4b71Sopenharmony_ci 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 9625e41f4b71Sopenharmony_ci 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 9626e41f4b71Sopenharmony_ci 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 9627e41f4b71Sopenharmony_ci 'Qw==\n' + 9628e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 9629e41f4b71Sopenharmony_ci 9630e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 9631e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9632e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 9633e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 9634e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9635e41f4b71Sopenharmony_ci }; 9636e41f4b71Sopenharmony_ci 9637e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9638e41f4b71Sopenharmony_ci try { 9639e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 9640e41f4b71Sopenharmony_ci } catch (error) { 9641e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 9642e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9643e41f4b71Sopenharmony_ci } 9644e41f4b71Sopenharmony_ci return x509Cert; 9645e41f4b71Sopenharmony_ci} 9646e41f4b71Sopenharmony_ci 9647e41f4b71Sopenharmony_ciasync function createX509CertChain(): Promise<cert.X509CertChain> { 9648e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(); 9649e41f4b71Sopenharmony_ci let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 9650e41f4b71Sopenharmony_ci try { 9651e41f4b71Sopenharmony_ci x509CertChain = cert.createX509CertChain([x509Cert]); 9652e41f4b71Sopenharmony_ci } catch (error) { 9653e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 9654e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9655e41f4b71Sopenharmony_ci } 9656e41f4b71Sopenharmony_ci return x509CertChain; 9657e41f4b71Sopenharmony_ci} 9658e41f4b71Sopenharmony_ci 9659e41f4b71Sopenharmony_cicreateX509CertChain(); 9660e41f4b71Sopenharmony_ci``` 9661e41f4b71Sopenharmony_ci 9662e41f4b71Sopenharmony_ci## cert.buildX509CertChain<sup>12+</sup> 9663e41f4b71Sopenharmony_ci 9664e41f4b71Sopenharmony_cibuildX509CertChain(param: [CertChainBuildParameters](#certchainbuildparameters12)): Promise\<CertChainBuildResult> 9665e41f4b71Sopenharmony_ci 9666e41f4b71Sopenharmony_ci表示使用CertChainBuildParameters对象方式创建X509证书链对象,并用Promise方式返回结果。 9667e41f4b71Sopenharmony_ci 9668e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9669e41f4b71Sopenharmony_ci 9670e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9671e41f4b71Sopenharmony_ci 9672e41f4b71Sopenharmony_ci**参数:** 9673e41f4b71Sopenharmony_ci 9674e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9675e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | -------------------------- | 9676e41f4b71Sopenharmony_ci| param | [CertChainBuildParameters](#certchainbuildparameters12) | 是 | 构建证书链的参数对象。 | 9677e41f4b71Sopenharmony_ci 9678e41f4b71Sopenharmony_ci**返回值:** 9679e41f4b71Sopenharmony_ci 9680e41f4b71Sopenharmony_ci| 类型 | 说明 | 9681e41f4b71Sopenharmony_ci| --------------------------------- | -------------------- | 9682e41f4b71Sopenharmony_ci| [CertChainBuildResult](#certchainbuildresult12) | 表示X509证书链对象。 | 9683e41f4b71Sopenharmony_ci 9684e41f4b71Sopenharmony_ci**错误码:** 9685e41f4b71Sopenharmony_ci 9686e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9687e41f4b71Sopenharmony_ci 9688e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9689e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 9690e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9691e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9692e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 9693e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9694e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 9695e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 9696e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 9697e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 9698e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 9699e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 9700e41f4b71Sopenharmony_ci 9701e41f4b71Sopenharmony_ci**示例:** 9702e41f4b71Sopenharmony_ci 9703e41f4b71Sopenharmony_ci```ts 9704e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9705e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9706e41f4b71Sopenharmony_ci 9707e41f4b71Sopenharmony_ci// string转Uint8Array 9708e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9709e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9710e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9711e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9712e41f4b71Sopenharmony_ci } 9713e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9714e41f4b71Sopenharmony_ci} 9715e41f4b71Sopenharmony_ci 9716e41f4b71Sopenharmony_ci// 证书链数据 9717e41f4b71Sopenharmony_cilet certPem = '-----BEGIN CERTIFICATE-----\n' + 9718e41f4b71Sopenharmony_ci 'MIIDTjCCAjagAwIBAgIBBDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 9719e41f4b71Sopenharmony_ci 'IENBMB4XDTI0MDMxOTAyMDQwMVoXDTM0MDMxNzAyMDQwMVowEjEQMA4GA1UEAwwH\n' + 9720e41f4b71Sopenharmony_ci 'ZGV2aWNlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIXL3e7UE/c\n' + 9721e41f4b71Sopenharmony_ci 'Z1dPVgRZ5L8gsQ/azuYVBvoFf7o8ksYrL7G1+qZIJjVRqZkuTirLW4GicbkIkPNW\n' + 9722e41f4b71Sopenharmony_ci 'eix5cDhkjkC+q5SBCOrSSTTlvX3xcOY1gMlA5MgeBfGixFusq4d5VPF2KceZ20/a\n' + 9723e41f4b71Sopenharmony_ci 'ygwGD0Uv0X81OERyPom/dYdJUvfaD9ifPFJ1fKIj/cPFG3yJK/ojpEfndZNdESQL\n' + 9724e41f4b71Sopenharmony_ci 'TkoDekilg2UGOLtY6fb9Ns37ncuIj33gCS/R9m1tgtmqCTcgOQ4hwKhjVF3InmPO\n' + 9725e41f4b71Sopenharmony_ci '2BbWKvD1RUX+rHC2a2HHDQILOOtDTy8dHvE+qZlK0efrpRgoFEERJAGPi1GDGWiA\n' + 9726e41f4b71Sopenharmony_ci '7UX1c4MCxIECAwEAAaOBrjCBqzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQbkAcMT7ND\n' + 9727e41f4b71Sopenharmony_ci 'fGp3VPFzYHppZ1zxLTAfBgNVHSMEGDAWgBR0W/koCbvDtFGHUQZLM3j6HKsW2DAd\n' + 9728e41f4b71Sopenharmony_ci 'BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMDIGCCsG\n' + 9729e41f4b71Sopenharmony_ci 'AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cHM6Ly8xMjcuMC4wLjE6OTk5OTAN\n' + 9730e41f4b71Sopenharmony_ci 'BgkqhkiG9w0BAQsFAAOCAQEAF1OTzTmbklFOdZCxrF3zg9owUPJR5RB+PbuBlUfI\n' + 9731e41f4b71Sopenharmony_ci '8tkGXkMltQ8PN1dv6Cq+d8BluiJdWEzqVoJa/e5SHHJyYQSOhlurRG0GBXllVQ1I\n' + 9732e41f4b71Sopenharmony_ci 'n1PFaI40+9X2X6wrEcdC5nbzogR1jSiksCiTcARMddj0Xrp5FMrFaaGY8M/xqzdW\n' + 9733e41f4b71Sopenharmony_ci 'LTDl4nfbuxtA71cIjnE4kOcaemly9/S2wYWdPktsPxQPY1nPUOeJFI7o0sH3rK0c\n' + 9734e41f4b71Sopenharmony_ci 'JSqtgAG8vnjK+jbx9RpkgqCsXgUbIahL573VTgxrNrsRjCuVal7XVxl/xOKXr6Er\n' + 9735e41f4b71Sopenharmony_ci 'Gpc+OCrXbHNZkUQE5fZH3yL2tXd7EASEb6J3aEWHfF8YBA==\n' + 9736e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----'; 9737e41f4b71Sopenharmony_ci 9738e41f4b71Sopenharmony_cilet caPem = '-----BEGIN CERTIFICATE-----\n' + 9739e41f4b71Sopenharmony_ci'MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290\n' + 9740e41f4b71Sopenharmony_ci'IENBMB4XDTI0MDMxOTAyMDIyNFoXDTM0MDMxNzAyMDIyNFowEjEQMA4GA1UEAwwH\n' + 9741e41f4b71Sopenharmony_ci'Um9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxI5SDvRfKU\n' + 9742e41f4b71Sopenharmony_ci'6XaTeyh2LHlUK0rVSeYfXkYf5Mc3Pgucg+ewzQjxkACMx5NYaW1zfGDNPG1i5IZl\n' + 9743e41f4b71Sopenharmony_ci'cPeWNz1Tm2g6wTd+LyNoNOOmwfLV8pLXSfAukgNrBREf3BzVrbu7hvPd2MmLH23H\n' + 9744e41f4b71Sopenharmony_ci'OBM9uDPTIqu3n2CDN2EzwULjaSk2g+jvhVKsDLInu5uKPmZBFhs1FWKgcnVnlbi1\n' + 9745e41f4b71Sopenharmony_ci'AyAx4efheits6EO70oV6UufCEtS1VsBXQHZRAG4ogshWldRBVNxkU6yHAfg0mM/5\n' + 9746e41f4b71Sopenharmony_ci'EhrZsfh51fWqlrhNWrInjgNV3xIt5ebTIgKZWUlSVHEA/UqDoGfY+CsAJdteZWOW\n' + 9747e41f4b71Sopenharmony_ci'KjsrC/DK2O0CAwEAAaNgMF4wHQYDVR0OBBYEFHRb+SgJu8O0UYdRBkszePocqxbY\n' + 9748e41f4b71Sopenharmony_ci'MB8GA1UdIwQYMBaAFHRb+SgJu8O0UYdRBkszePocqxbYMA8GA1UdEwEB/wQFMAMB\n' + 9749e41f4b71Sopenharmony_ci'Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAKOT1ObfQNMN2wdfHq\n' + 9750e41f4b71Sopenharmony_ci'PQgFDDp6rBMbZe70LswPirSXljo4S/vfbG+gBoWCdu/SfsV+lyP75kg1wX0IQvzW\n' + 9751e41f4b71Sopenharmony_ci'xYNh864dgqPmGd0v8TIfM0UT0PpnowUyBHQ+E7LNYIOh/kjHbl3oERdEFA2PUyE9\n' + 9752e41f4b71Sopenharmony_ci'j3GLdg8oe/LqhEQCSAlH+v2RQgBZ9eVN+mSdUxwywm9U3acb0uqVkGiWK/ywumpg\n' + 9753e41f4b71Sopenharmony_ci'AmIZLMJtMVvg8uDkfy16Z4lChTEdNaJVUqPczUNk2kHXIF4we4be9HoOuTVz/SD/\n' + 9754e41f4b71Sopenharmony_ci'IsOhXn/BjS3jnhyS9fxo+opJf9zVTWI02Hlh1WVVtH/m3nIZblyAJhcjCHA2wZSz\n' + 9755e41f4b71Sopenharmony_ci'sSus\n' + 9756e41f4b71Sopenharmony_ci'-----END CERTIFICATE-----'; 9757e41f4b71Sopenharmony_ci 9758e41f4b71Sopenharmony_ciasync function createX509Cert(certData: string): Promise<cert.X509Cert> { 9759e41f4b71Sopenharmony_ci // 证书二进制数据,需业务自行赋值 9760e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 9761e41f4b71Sopenharmony_ci data: stringToUint8Array(certData), 9762e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 9763e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9764e41f4b71Sopenharmony_ci }; 9765e41f4b71Sopenharmony_ci 9766e41f4b71Sopenharmony_ci let x509Cert: cert.X509Cert = {} as cert.X509Cert; 9767e41f4b71Sopenharmony_ci try { 9768e41f4b71Sopenharmony_ci x509Cert = await cert.createX509Cert(encodingBlob); 9769e41f4b71Sopenharmony_ci } catch (error) { 9770e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 9771e41f4b71Sopenharmony_ci console.error('createX509Cert failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9772e41f4b71Sopenharmony_ci } 9773e41f4b71Sopenharmony_ci return x509Cert; 9774e41f4b71Sopenharmony_ci} 9775e41f4b71Sopenharmony_ci 9776e41f4b71Sopenharmony_ciasync function buildX509CertChain() { 9777e41f4b71Sopenharmony_ci try { 9778e41f4b71Sopenharmony_ci const caCert = await createX509Cert(caPem); 9779e41f4b71Sopenharmony_ci const x509Cert = await createX509Cert(certPem); 9780e41f4b71Sopenharmony_ci let certCrlCollection = await cert.createCertCRLCollection([x509Cert]); 9781e41f4b71Sopenharmony_ci let param: cert.CertChainBuildParameters = { 9782e41f4b71Sopenharmony_ci certMatchParameters: {validDate:'20240812080000Z'}, 9783e41f4b71Sopenharmony_ci maxLength: 3, 9784e41f4b71Sopenharmony_ci validationParameters: { 9785e41f4b71Sopenharmony_ci date: '20240812080000Z', 9786e41f4b71Sopenharmony_ci certCRLs: [certCrlCollection], 9787e41f4b71Sopenharmony_ci trustAnchors: [{CACert:caCert}, {CACert:caCert}], 9788e41f4b71Sopenharmony_ci } 9789e41f4b71Sopenharmony_ci } 9790e41f4b71Sopenharmony_ci let certChainBuildResult = await cert.buildX509CertChain(param); 9791e41f4b71Sopenharmony_ci console.info("cert issuer name: " + certChainBuildResult.validationResult.entityCert.getIssuerName().data) 9792e41f4b71Sopenharmony_ci console.info("ca subject name: " + certChainBuildResult.validationResult.trustAnchor.CACert?.getSubjectName().data) 9793e41f4b71Sopenharmony_ci } catch (error) { 9794e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 9795e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9796e41f4b71Sopenharmony_ci } 9797e41f4b71Sopenharmony_ci} 9798e41f4b71Sopenharmony_ci 9799e41f4b71Sopenharmony_cibuildX509CertChain(); 9800e41f4b71Sopenharmony_ci``` 9801e41f4b71Sopenharmony_ci 9802e41f4b71Sopenharmony_ci## cert.createTrustAnchorsWithKeyStore<sup>12+</sup> 9803e41f4b71Sopenharmony_ci 9804e41f4b71Sopenharmony_cicreateTrustAnchorsWithKeyStore(keystore: Uint8Array, pwd: string): Promise<Array\<[X509TrustAnchor](#x509trustanchor11)>> 9805e41f4b71Sopenharmony_ci 9806e41f4b71Sopenharmony_ci表示从P12文件中读取ca证书来构造[TrustAnchor](#x509trustanchor11)对象数组,并用Promise方式返回结果。 9807e41f4b71Sopenharmony_ci 9808e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9809e41f4b71Sopenharmony_ci 9810e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9811e41f4b71Sopenharmony_ci 9812e41f4b71Sopenharmony_ci**参数:** 9813e41f4b71Sopenharmony_ci 9814e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9815e41f4b71Sopenharmony_ci| -------- | -------------------- | ---- | -------------------------- | 9816e41f4b71Sopenharmony_ci| keystore | Uint8Array | 是 | p12文件,DER格式。 | 9817e41f4b71Sopenharmony_ci| pwd | string | 是 | p12文件的密码。 | 9818e41f4b71Sopenharmony_ci 9819e41f4b71Sopenharmony_ci**返回值:** 9820e41f4b71Sopenharmony_ci 9821e41f4b71Sopenharmony_ci| 类型 | 说明 | 9822e41f4b71Sopenharmony_ci| --------------------------------- | -------------------- | 9823e41f4b71Sopenharmony_ci| Array\<[X509TrustAnchor](#x509trustanchor11)> | 表示X509TrustAnchor对象数组。 | 9824e41f4b71Sopenharmony_ci 9825e41f4b71Sopenharmony_ci**错误码:** 9826e41f4b71Sopenharmony_ci 9827e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9828e41f4b71Sopenharmony_ci 9829e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9830e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------- | 9831e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9832e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9833e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 9834e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9835e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 9836e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 9837e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 9838e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 9839e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 9840e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 9841e41f4b71Sopenharmony_ci 9842e41f4b71Sopenharmony_ci**示例:** 9843e41f4b71Sopenharmony_ci 9844e41f4b71Sopenharmony_ci```ts 9845e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9846e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9847e41f4b71Sopenharmony_ci 9848e41f4b71Sopenharmony_citry { 9849e41f4b71Sopenharmony_ci cert.createTrustAnchorsWithKeyStore( 9850e41f4b71Sopenharmony_ci new Uint8Array([0x30, 0x82, 0x07, 0x5C, 0x02, 0x01, 0x03, 0x30, 0x82, 0x07, 0x12, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0xA0, 0x82, 0x07, 0x03, 0x04, 0x82, 0x06, 0xFF, 0x30, 0x82, 0x06, 0xFB, 0x30, 0x82, 0x05, 0xB2, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06, 0xA0, 0x82, 0x05, 0xA3, 0x30, 0x82, 0x05, 0x9F, 0x02, 0x01, 0x00, 0x30, 0x82, 0x05, 0x98, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0x30, 0x57, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D, 0x30, 0x4A, 0x30, 0x29, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C, 0x30, 0x1C, 0x04, 0x08, 0xA9, 0x1C, 0x1B, 0x19, 0x36, 0xDE, 0xD4, 0x20, 0x02, 0x02, 0x08, 0x00, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x09, 0x05, 0x00, 0x30, 0x1D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2A, 0x04, 0x10, 0x7D, 0xE5, 0x23, 0x96, 0x18, 0x8B, 0xF4, 0xBC, 0x9F, 0x4E, 0xE8, 0xE9, 0xAA, 0x52, 0x18, 0x39, 0x80, 0x82, 0x05, 0x30, 0x02, 0x2D, 0x59, 0xA9, 0x96, 0x5A, 0xFE, 0x20, 0x18, 0xB2, 0x25, 0xEA, 0xFC, 0x86, 0x0F, 0xA8, 0x3C, 0x2B, 0x26, 0x2F, 0x44, 0x6E, 0xF3, 0x15, 0xB7, 0x94, 0xE4, 0x43, 0xEE, 0xE6, 0xC3, 0xBB, 0x3C, 0x9E, 0x60, 0x08, 0xF8, 0x15, 0x61, 0x44, 0xD0, 0xEA, 0xD5, 0x6D, 0x1A, 0x3B, 0x9F, 0x4E, 0x2A, 0x1E, 0xBB, 0xB9, 0x4E, 0x15, 0x43, 0xB8, 0x68, 0xDB, 0x1A, 0x4E, 0x41, 0xBA, 0x29, 0x8E, 0x75, 0xEB, 0x12, 0xC1, 0xF0, 0x4B, 0x0D, 0x13, 0xB2, 0xC2, 0x48, 0x6F, 0xC4, 0xC4, 0x82, 0xF2, 0x26, 0xD4, 0x3D, 0x1F, 0x42, 0x7D, 0x67, 0xB0, 0x37, 0x55, 0x9E, 0xD9, 0x46, 0x99, 0x98, 0xB4, 0xE7, 0x4B, 0x07, 0x08, 0x3F, 0xD3, 0x96, 0x9A, 0xC5, 0xDA, 0x37, 0x74, 0x08, 0x5D, 0x3B, 0x06, 0x8A, 0x16, 0x6D, 0x81, 0x63, 0x01, 0x83, 0x94, 0xDA, 0x1B, 0x0E, 0x04, 0xCE, 0x18, 0xF0, 0x51, 0x22, 0xD8, 0x2D, 0xF1, 0x69, 0x0C, 0xCB, 0xC9, 0x51, 0x17, 0x07, 0x1F, 0x2B, 0xCF, 0x74, 0x26, 0xD7, 0x73, 0xB3, 0x2D, 0xF2, 0x82, 0xF0, 0x38, 0x5B, 0x8A, 0x8F, 0xCD, 0x84, 0x69, 0x40, 0x59, 0xCE, 0xB3, 0x39, 0xFE, 0xF6, 0xB7, 0x24, 0x89, 0x34, 0xFF, 0xF4, 0x40, 0x50, 0x06, 0x4D, 0xC6, 0x13, 0x82, 0xAF, 0x7F, 0x84, 0xB1, 0x67, 0x3C, 0x89, 0xBB, 0x5D, 0x32, 0xC3, 0xA6, 0xF1, 0x7D, 0xF5, 0x72, 0x68, 0x75, 0xCE, 0x69, 0xAB, 0x6C, 0x32, 0xDA, 0x16, 0x3B, 0xC4, 0xCA, 0x47, 0x45, 0xE9, 0x59, 0x1E, 0xB1, 0x70, 0xDA, 0x8A, 0x00, 0x69, 0x80, 0x40, 0xCA, 0x60, 0xE6, 0x07, 0x16, 0xF0, 0xA2, 0xF9, 0x12, 0x7D, 0x09, 0x43, 0x66, 0x46, 0x78, 0x35, 0xA6, 0x94, 0x35, 0x60, 0x82, 0xFC, 0xB8, 0x5E, 0x39, 0xE7, 0xA1, 0x22, 0xAD, 0xCC, 0x6F, 0x5E, 0xCE, 0x01, 0x6B, 0xA1, 0xDD, 0xE5, 0xDD, 0x79, 0x9B, 0xA1, 0x28, 0xC4, 0x03, 0x84, 0x8D, 0x6C, 0x07, 0xD4, 0xFE, 0x57, 0xFB, 0x89, 0x3F, 0x43, 0x44, 0x69, 0xF1, 0x9E, 0x53, 0x6C, 0x11, 0x11, 0x96, 0x79, 0xE4, 0xB8, 0x3B, 0x49, 0x2E, 0xF6, 0x3B, 0xC5, 0x6C, 0x76, 0x21, 0x22, 0x15, 0x85, 0x77, 0x8A, 0xDD, 0xD2, 0x43, 0x85, 0x73, 0x39, 0x77, 0x9F, 0xFA, 0x8F, 0xCF, 0xCB, 0xEA, 0x62, 0xBD, 0x5C, 0x66, 0x45, 0xCD, 0xB0, 0xCA, 0x42, 0xCC, 0xB9, 0xCF, 0xE3, 0x84, 0x63, 0x9F, 0x63, 0xCE, 0x49, 0xE9, 0x74, 0x26, 0xCC, 0x26, 0x78, 0xCE, 0x9F, 0x4E, 0x38, 0xA2, 0x9C, 0xEB, 0x75, 0xC5, 0x33, 0x6B, 0x00, 0x83, 0x85, 0xA3, 0x0F, 0xE7, 0xE1, 0x11, 0xA6, 0x48, 0xDC, 0xEF, 0x0C, 0x05, 0xB3, 0xDE, 0x94, 0xB9, 0x69, 0xCB, 0x27, 0x09, 0xAB, 0x27, 0xD8, 0x06, 0xED, 0x25, 0xBC, 0xA6, 0x2E, 0xB7, 0xF9, 0x2E, 0xAD, 0x84, 0x1D, 0xDD, 0x73, 0xD8, 0xC0, 0x46, 0x8A, 0xFE, 0x9A, 0xDF, 0x07, 0xE1, 0x33, 0xE2, 0x1C, 0x37, 0x6A, 0x8E, 0xA2, 0x91, 0x0B, 0xD7, 0x76, 0xEF, 0x3C, 0x87, 0x4A, 0x53, 0x84, 0xFA, 0xFA, 0xC5, 0x71, 0x76, 0xC0, 0x75, 0x70, 0x67, 0x67, 0x71, 0x9D, 0x8B, 0x81, 0x6F, 0x68, 0xC5, 0xB1, 0xFC, 0xA3, 0x59, 0xB5, 0xD0, 0x03, 0x56, 0xE7, 0x89, 0x03, 0xD7, 0x99, 0xDE, 0x66, 0x33, 0xFA, 0x53, 0x50, 0x5F, 0xB4, 0x9D, 0xB3, 0x90, 0x8F, 0x57, 0x20, 0xF0, 0x8B, 0xDB, 0x73, 0xCA, 0xA4, 0x71, 0x61, 0x67, 0x6A, 0x6D, 0xA5, 0xCA, 0x88, 0xD4, 0xCC, 0x82, 0x34, 0xC9, 0x3E, 0x10, 0x10, 0x57, 0xD1, 0x08, 0x96, 0x80, 0x09, 0xA8, 0xBB, 0x6F, 0x53, 0x8F, 0xFD, 0x87, 0xCF, 0x73, 0xFC, 0xE1, 0x3A, 0x92, 0x2E, 0x78, 0x66, 0xFB, 0x86, 0x5D, 0x62, 0xE0, 0xC4, 0x58, 0x55, 0x3F, 0xA4, 0xEA, 0xA1, 0xBE, 0x5B, 0x5E, 0x8E, 0x46, 0x50, 0x5E, 0x7C, 0x01, 0xD6, 0x63, 0xAA, 0x6F, 0xD5, 0xFD, 0xAF, 0xC5, 0x1D, 0xB3, 0x90, 0x9C, 0xD8, 0x5F, 0x8D, 0xF2, 0x81, 0xEB, 0xBF, 0xA1, 0xDE, 0xB7, 0x9D, 0xCD, 0x24, 0x82, 0x06, 0x0B, 0x63, 0xE6, 0xBF, 0x57, 0x51, 0xF0, 0xB6, 0xE9, 0x7F, 0xAA, 0x7B, 0x10, 0xBD, 0xCD, 0x85, 0x41, 0xE0, 0xD7, 0xF1, 0x53, 0xB7, 0xF8, 0x46, 0x91, 0x9E, 0x8D, 0x4B, 0xCB, 0x28, 0x35, 0x40, 0x37, 0x1E, 0x83, 0x64, 0x6A, 0x70, 0x01, 0x9D, 0xBF, 0xF1, 0x0E, 0xB6, 0x2E, 0x7A, 0xB7, 0x8F, 0x0F, 0x8C, 0x69, 0xD6, 0xF2, 0xD1, 0xF6, 0x1E, 0xCD, 0x08, 0xA8, 0xD4, 0x1B, 0xCB, 0x38, 0xEA, 0x26, 0x37, 0x5C, 0x60, 0x3A, 0x38, 0x5B, 0x12, 0x1D, 0x00, 0x7B, 0xEC, 0xCE, 0xFB, 0x89, 0x23, 0x8A, 0x11, 0xE1, 0x1B, 0xDE, 0x54, 0x91, 0x6A, 0x26, 0x22, 0xD0, 0x1C, 0x2E, 0xBA, 0xD0, 0x92, 0x87, 0xDA, 0xF0, 0x93, 0xBB, 0x3A, 0x2C, 0x52, 0xFB, 0xB2, 0xA9, 0xA8, 0x92, 0x19, 0xE3, 0x19, 0xDC, 0xB0, 0x0E, 0xC5, 0xE7, 0x9D, 0xFB, 0xF9, 0xA3, 0x23, 0x32, 0xD0, 0x4E, 0x2C, 0x05, 0x2D, 0x76, 0xDB, 0x93, 0x53, 0x5B, 0x0E, 0x2A, 0xA3, 0xDD, 0x5F, 0xD3, 0x1A, 0x3B, 0x1E, 0x1F, 0x26, 0x88, 0x43, 0xAD, 0x10, 0x1F, 0xA9, 0xC4, 0xF9, 0x1F, 0xCD, 0xA5, 0xD2, 0xDC, 0x24, 0x95, 0x1D, 0xE7, 0x57, 0xE1, 0x02, 0x0A, 0x20, 0xEA, 0x6A, 0x78, 0x4E, 0x96, 0xE2, 0xE5, 0x6D, 0x6F, 0xFD, 0x81, 0x7B, 0x61, 0x85, 0xA3, 0x3D, 0xC5, 0x7B, 0xEF, 0xAE, 0x58, 0xA2, 0xDB, 0x91, 0x73, 0xDB, 0x47, 0x8E, 0xD1, 0x7D, 0xD7, 0x8F, 0x56, 0x06, 0x28, 0x8C, 0x78, 0x73, 0x02, 0x65, 0xB0, 0x16, 0x4B, 0xE6, 0xA3, 0xD7, 0x06, 0x7C, 0xEA, 0x7D, 0xE2, 0xAE, 0xBB, 0xE5, 0xD2, 0xEB, 0xF0, 0x91, 0x71, 0x7C, 0xBC, 0xA6, 0x1A, 0xE8, 0x9F, 0xD3, 0xA9, 0x3C, 0x5D, 0x60, 0xCF, 0x59, 0x26, 0x46, 0x45, 0xF2, 0x7F, 0x85, 0x6B, 0xE7, 0xC2, 0x58, 0x52, 0x90, 0x12, 0x07, 0xBA, 0xE6, 0xB8, 0xE5, 0xD7, 0x24, 0x93, 0xD5, 0x6E, 0xB1, 0x74, 0x6C, 0xAA, 0xA0, 0x60, 0xBF, 0xF3, 0x32, 0x41, 0x0B, 0xA2, 0x01, 0x84, 0x0D, 0x83, 0xE4, 0x43, 0xD1, 0xBA, 0xC1, 0x92, 0x84, 0x26, 0xF8, 0xF2, 0x77, 0x20, 0x1B, 0xF2, 0x8F, 0x00, 0x69, 0x18, 0x2F, 0x6C, 0xA8, 0x58, 0xB5, 0x5D, 0xFA, 0x27, 0xD2, 0x38, 0xD2, 0x49, 0x6E, 0xDF, 0x55, 0x79, 0xAF, 0x1C, 0x44, 0xDA, 0x5A, 0xD7, 0x44, 0x53, 0x50, 0x8B, 0x77, 0x70, 0x4D, 0x91, 0xEC, 0x07, 0xA5, 0x64, 0x21, 0x3C, 0x31, 0x09, 0x68, 0x65, 0xB4, 0xFA, 0xBE, 0x23, 0xF9, 0xDF, 0x77, 0x46, 0xA2, 0x9A, 0x5D, 0xE3, 0xBE, 0x1E, 0xE3, 0x84, 0xEF, 0xAE, 0x7D, 0xF8, 0x1C, 0x54, 0xE8, 0x4E, 0xAE, 0xB5, 0xBB, 0xD6, 0xC3, 0x8D, 0x56, 0x79, 0xE8, 0x7C, 0x43, 0xDC, 0xF3, 0xB3, 0x7A, 0x30, 0x22, 0x09, 0xBC, 0x10, 0xD6, 0x84, 0xC4, 0x0F, 0x4C, 0x0B, 0xA2, 0xD1, 0xCB, 0xCD, 0x1F, 0x50, 0x3D, 0xF7, 0x23, 0x45, 0x55, 0x18, 0x21, 0x3D, 0x64, 0x05, 0x2E, 0x52, 0x3A, 0x73, 0xFD, 0xF2, 0xA9, 0xCA, 0x3F, 0xF6, 0x7F, 0x87, 0xE8, 0x56, 0x9B, 0x68, 0x6B, 0x20, 0xB0, 0x1D, 0x83, 0x04, 0x2F, 0x59, 0xFD, 0x84, 0x57, 0x7D, 0x82, 0x97, 0x96, 0xE8, 0xFB, 0xDF, 0x71, 0x8C, 0x26, 0x47, 0x85, 0xA5, 0xBE, 0xFB, 0xF5, 0x05, 0x4C, 0xD3, 0x3D, 0x73, 0xF4, 0xA5, 0xF1, 0xA3, 0x99, 0x98, 0x1B, 0x84, 0x8B, 0xB3, 0x53, 0xCE, 0x4D, 0xEA, 0x5A, 0x48, 0xD2, 0xB9, 0x7E, 0xB6, 0xEB, 0x9B, 0x94, 0x6F, 0xDD, 0x44, 0x80, 0x89, 0xD2, 0x78, 0x6D, 0xB9, 0xDA, 0x8B, 0x83, 0x49, 0xE0, 0x4D, 0x49, 0xDF, 0x6B, 0xFF, 0xF7, 0x04, 0x00, 0x32, 0xAA, 0x1D, 0x4F, 0x8D, 0x4B, 0xDE, 0xB8, 0x0D, 0xC6, 0x54, 0x1C, 0xB2, 0xCD, 0x60, 0x29, 0x72, 0x0A, 0x7E, 0xE7, 0xEB, 0x7A, 0xF6, 0x5B, 0x04, 0x3F, 0x5B, 0x93, 0x12, 0x0D, 0xD5, 0xFF, 0x7A, 0x41, 0x44, 0x0B, 0x37, 0x12, 0x82, 0x3D, 0xDD, 0x1E, 0x59, 0xB9, 0xBE, 0x0F, 0x9E, 0xD6, 0xD0, 0x68, 0x69, 0x74, 0xF9, 0xB1, 0x21, 0xA3, 0x70, 0x4F, 0xDA, 0xF8, 0x9F, 0xB9, 0x49, 0x3F, 0xC6, 0xB2, 0x69, 0xC8, 0xD8, 0x60, 0xF1, 0x6A, 0x52, 0x07, 0xFA, 0x42, 0xFD, 0xA9, 0x06, 0xCF, 0x97, 0x4A, 0x0E, 0xC5, 0xFC, 0x63, 0x27, 0x54, 0xC8, 0xBE, 0x8B, 0x4F, 0xB6, 0x42, 0xBC, 0xA2, 0xCC, 0x70, 0x4A, 0x6B, 0x24, 0x5B, 0x68, 0x28, 0x47, 0xFA, 0x6B, 0x89, 0x28, 0x07, 0x5D, 0xE0, 0x2C, 0x4A, 0xD9, 0x22, 0xE3, 0xB3, 0x2F, 0xAA, 0xC2, 0xA0, 0x7C, 0x0F, 0x92, 0xC5, 0xDD, 0xB6, 0x23, 0x8F, 0x73, 0x73, 0x0F, 0xD7, 0x73, 0x71, 0x2F, 0x0A, 0x78, 0xE8, 0x5B, 0xDB, 0xC2, 0xE0, 0xDB, 0xC9, 0x3E, 0xC3, 0x72, 0x9C, 0x14, 0xD7, 0xD1, 0x28, 0xFD, 0xF4, 0xEE, 0xBC, 0x0E, 0x13, 0x37, 0xCA, 0x85, 0x9F, 0xB9, 0xA2, 0x0E, 0xF6, 0xE7, 0x49, 0xD1, 0xD0, 0x11, 0x76, 0x53, 0xA3, 0x73, 0x95, 0x2A, 0x23, 0xC8, 0x0E, 0x97, 0x83, 0x07, 0x64, 0xB2, 0x51, 0xB7, 0xC8, 0x51, 0x9F, 0xA4, 0x3E, 0x7B, 0xA4, 0x18, 0x6D, 0x99, 0xF0, 0x6E, 0xC3, 0x97, 0xAE, 0xF4, 0xB7, 0x66, 0x37, 0xFA, 0x65, 0xFC, 0x5E, 0xE2, 0x57, 0xFA, 0x8B, 0x4C, 0x86, 0x10, 0xB4, 0x5C, 0xA4, 0xD2, 0x60, 0x83, 0x69, 0x1E, 0xFF, 0x36, 0x9B, 0xF9, 0x84, 0xFB, 0xB8, 0x83, 0x64, 0xF1, 0x41, 0xA5, 0x25, 0x56, 0x21, 0xBA, 0x13, 0x98, 0x0C, 0x3B, 0x04, 0xAA, 0x6C, 0x9A, 0xD4, 0xE3, 0x13, 0x15, 0x54, 0x05, 0x4C, 0x5C, 0xE1, 0x7A, 0x31, 0x5E, 0x90, 0xCF, 0x48, 0x4E, 0x83, 0xD7, 0x7F, 0xED, 0x93, 0x22, 0xAB, 0x67, 0xE7, 0x76, 0x32, 0x64, 0xBA, 0x5A, 0x21, 0x3E, 0x30, 0x82, 0x01, 0x41, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0xA0, 0x82, 0x01, 0x32, 0x04, 0x82, 0x01, 0x2E, 0x30, 0x82, 0x01, 0x2A, 0x30, 0x82, 0x01, 0x26, 0x06, 0x0B, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x02, 0xA0, 0x81, 0xEF, 0x30, 0x81, 0xEC, 0x30, 0x57, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D, 0x30, 0x4A, 0x30, 0x29, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C, 0x30, 0x1C, 0x04, 0x08, 0xED, 0x3E, 0xED, 0x07, 0x5C, 0x1F, 0x71, 0xAD, 0x02, 0x02, 0x08, 0x00, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x09, 0x05, 0x00, 0x30, 0x1D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2A, 0x04, 0x10, 0xA7, 0x49, 0xA4, 0x6E, 0x00, 0x19, 0x75, 0x59, 0x75, 0x59, 0xBA, 0x4B, 0xC7, 0x24, 0x88, 0x34, 0x04, 0x81, 0x90, 0xCA, 0x23, 0x82, 0xAA, 0x16, 0x57, 0x99, 0xFA, 0x94, 0x9F, 0xAE, 0x32, 0x5C, 0x5B, 0xE7, 0x01, 0xD0, 0xED, 0xA7, 0x58, 0x57, 0x52, 0xBF, 0x57, 0x13, 0xD4, 0x15, 0xB0, 0x06, 0xF5, 0x38, 0xCC, 0x64, 0x23, 0x09, 0xD5, 0x8C, 0x0D, 0x64, 0x31, 0xFA, 0x74, 0xAA, 0x96, 0x7E, 0x9B, 0x16, 0xCA, 0x21, 0xFD, 0xC0, 0x54, 0x91, 0x40, 0x7F, 0xB3, 0xF2, 0xA3, 0xEC, 0xA1, 0x4A, 0x07, 0xF0, 0x87, 0x22, 0xDB, 0x8A, 0x49, 0x89, 0xF7, 0xF2, 0x6A, 0xFC, 0x8D, 0x03, 0x6E, 0x32, 0x4F, 0xD0, 0xD8, 0x93, 0x92, 0xA5, 0xF1, 0x41, 0xBD, 0xEA, 0xE1, 0x38, 0xA9, 0xD8, 0x9D, 0xAB, 0xB4, 0x8E, 0x4A, 0x40, 0x0E, 0xC7, 0xE3, 0xE9, 0xBF, 0x0E, 0xBA, 0x8D, 0xAA, 0x3E, 0x93, 0x53, 0x88, 0xEE, 0x0A, 0x2C, 0x71, 0xF1, 0x61, 0x44, 0xA5, 0xAD, 0xED, 0x3E, 0xAB, 0x32, 0x9A, 0x32, 0x85, 0x08, 0xF5, 0x8B, 0xCC, 0x15, 0x35, 0xEE, 0xFA, 0x17, 0x27, 0x97, 0x8D, 0xD9, 0x1C, 0x5E, 0x74, 0x9D, 0x7B, 0x31, 0x25, 0x30, 0x23, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x15, 0x31, 0x16, 0x04, 0x14, 0x5F, 0x8E, 0xAB, 0x9C, 0x5F, 0xE2, 0x3B, 0xB1, 0x5C, 0x1A, 0x36, 0x1D, 0x7D, 0xCB, 0x90, 0x45, 0x20, 0x3C, 0x3B, 0xAC, 0x30, 0x41, 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0x93, 0x25, 0xC4, 0x3E, 0x2A, 0x6D, 0x4C, 0x30, 0x87, 0x0F, 0xE3, 0x5A, 0x95, 0xB0, 0xF2, 0x6C, 0xBA, 0x07, 0x89, 0x7D, 0xFB, 0xCF, 0xCF, 0x1D, 0x54, 0xA3, 0x36, 0x24, 0x7B, 0x30, 0x97, 0xB5, 0x04, 0x08, 0xE7, 0x96, 0x59, 0xCC, 0x42, 0x9F, 0xEF, 0xFC, 0x02, 0x02, 0x08, 0x00]), 9851e41f4b71Sopenharmony_ci '123456').then((data) => { 9852e41f4b71Sopenharmony_ci console.log('createTrustAnchorsWithKeyStore sucess, number of the result is: ' + JSON.stringify(data.length)); 9853e41f4b71Sopenharmony_ci }).catch((err : BusinessError) => { 9854e41f4b71Sopenharmony_ci console.error('createTrustAnchorsWithKeyStore failed:' + JSON.stringify(err)); 9855e41f4b71Sopenharmony_ci }) 9856e41f4b71Sopenharmony_ci} catch (error) { 9857e41f4b71Sopenharmony_ci console.error('createTrustAnchorsWithKeyStore failed:' + JSON.stringify(error)); 9858e41f4b71Sopenharmony_ci} 9859e41f4b71Sopenharmony_ci``` 9860e41f4b71Sopenharmony_ci 9861e41f4b71Sopenharmony_ci## X509CertChain<sup>11+</sup> 9862e41f4b71Sopenharmony_ci 9863e41f4b71Sopenharmony_ciX509证书链对象。 9864e41f4b71Sopenharmony_ci 9865e41f4b71Sopenharmony_ci### getCertList<sup>11+</sup> 9866e41f4b71Sopenharmony_ci 9867e41f4b71Sopenharmony_cigetCertList(): Array\<X509Cert> 9868e41f4b71Sopenharmony_ci 9869e41f4b71Sopenharmony_ci获取X509证书列表。 9870e41f4b71Sopenharmony_ci 9871e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9872e41f4b71Sopenharmony_ci 9873e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9874e41f4b71Sopenharmony_ci 9875e41f4b71Sopenharmony_ci**返回值**: 9876e41f4b71Sopenharmony_ci 9877e41f4b71Sopenharmony_ci| 类型 | 说明 | 9878e41f4b71Sopenharmony_ci| -------------- | ----------- | 9879e41f4b71Sopenharmony_ci| Array\<[X509Cert](#x509cert)> | X509证书数组。 | 9880e41f4b71Sopenharmony_ci 9881e41f4b71Sopenharmony_ci**错误码:** 9882e41f4b71Sopenharmony_ci 9883e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 9884e41f4b71Sopenharmony_ci 9885e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 9886e41f4b71Sopenharmony_ci| -------- | ----------------------- | 9887e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 9888e41f4b71Sopenharmony_ci| 19020001 | memory error. | 9889e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 9890e41f4b71Sopenharmony_ci 9891e41f4b71Sopenharmony_ci**示例:** 9892e41f4b71Sopenharmony_ci 9893e41f4b71Sopenharmony_ci```ts 9894e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 9895e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 9896e41f4b71Sopenharmony_ci 9897e41f4b71Sopenharmony_ci// string转Uint8Array 9898e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 9899e41f4b71Sopenharmony_ci let arr: Array<number> = []; 9900e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 9901e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 9902e41f4b71Sopenharmony_ci } 9903e41f4b71Sopenharmony_ci return new Uint8Array(arr); 9904e41f4b71Sopenharmony_ci} 9905e41f4b71Sopenharmony_ci 9906e41f4b71Sopenharmony_cilet certChainData = "-----BEGIN CERTIFICATE-----\n" + 9907e41f4b71Sopenharmony_ci "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 9908e41f4b71Sopenharmony_ci "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 9909e41f4b71Sopenharmony_ci "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 9910e41f4b71Sopenharmony_ci "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 9911e41f4b71Sopenharmony_ci "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 9912e41f4b71Sopenharmony_ci "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 9913e41f4b71Sopenharmony_ci "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 9914e41f4b71Sopenharmony_ci "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 9915e41f4b71Sopenharmony_ci "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 9916e41f4b71Sopenharmony_ci "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 9917e41f4b71Sopenharmony_ci "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 9918e41f4b71Sopenharmony_ci "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 9919e41f4b71Sopenharmony_ci "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 9920e41f4b71Sopenharmony_ci "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 9921e41f4b71Sopenharmony_ci "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 9922e41f4b71Sopenharmony_ci "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 9923e41f4b71Sopenharmony_ci "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 9924e41f4b71Sopenharmony_ci "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 9925e41f4b71Sopenharmony_ci "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 9926e41f4b71Sopenharmony_ci "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 9927e41f4b71Sopenharmony_ci "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 9928e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9929e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9930e41f4b71Sopenharmony_ci "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9931e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9932e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 9933e41f4b71Sopenharmony_ci "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9934e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 9935e41f4b71Sopenharmony_ci "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 9936e41f4b71Sopenharmony_ci "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 9937e41f4b71Sopenharmony_ci "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 9938e41f4b71Sopenharmony_ci "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 9939e41f4b71Sopenharmony_ci "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 9940e41f4b71Sopenharmony_ci "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 9941e41f4b71Sopenharmony_ci "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 9942e41f4b71Sopenharmony_ci "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 9943e41f4b71Sopenharmony_ci "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 9944e41f4b71Sopenharmony_ci "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 9945e41f4b71Sopenharmony_ci "uKPWR9dKBA==\n" + 9946e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 9947e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 9948e41f4b71Sopenharmony_ci "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 9949e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 9950e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 9951e41f4b71Sopenharmony_ci "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 9952e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 9953e41f4b71Sopenharmony_ci "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 9954e41f4b71Sopenharmony_ci "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 9955e41f4b71Sopenharmony_ci "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 9956e41f4b71Sopenharmony_ci "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 9957e41f4b71Sopenharmony_ci "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 9958e41f4b71Sopenharmony_ci "xjoE\n" + 9959e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 9960e41f4b71Sopenharmony_ci 9961e41f4b71Sopenharmony_ci// 证书链二进制数据,需业务自行赋值 9962e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 9963e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 9964e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 9965e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 9966e41f4b71Sopenharmony_ci}; 9967e41f4b71Sopenharmony_ci 9968e41f4b71Sopenharmony_cicert.createX509CertChain(encodingBlob, (err, certChain) => { 9969e41f4b71Sopenharmony_ci if (err) { 9970e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 9971e41f4b71Sopenharmony_ci } else { 9972e41f4b71Sopenharmony_ci console.log('createX509CertChain success'); 9973e41f4b71Sopenharmony_ci try { 9974e41f4b71Sopenharmony_ci let certList = certChain.getCertList(); 9975e41f4b71Sopenharmony_ci } catch (err) { 9976e41f4b71Sopenharmony_ci let e: BusinessError = err as BusinessError; 9977e41f4b71Sopenharmony_ci console.error('X509CertChain getCertList failed, errCode: ' + e.code + ', errMsg: ' + e.message); 9978e41f4b71Sopenharmony_ci } 9979e41f4b71Sopenharmony_ci } 9980e41f4b71Sopenharmony_ci}); 9981e41f4b71Sopenharmony_ci``` 9982e41f4b71Sopenharmony_ci 9983e41f4b71Sopenharmony_ci### validate<sup>11+</sup> 9984e41f4b71Sopenharmony_ci 9985e41f4b71Sopenharmony_civalidate(param: CertChainValidationParameters): Promise\<CertChainValidationResult> 9986e41f4b71Sopenharmony_ci 9987e41f4b71Sopenharmony_ci校验证书链,并使用Promise方式异步返回结果。 9988e41f4b71Sopenharmony_ci 9989e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 9990e41f4b71Sopenharmony_ci 9991e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 9992e41f4b71Sopenharmony_ci 9993e41f4b71Sopenharmony_ci**参数**: 9994e41f4b71Sopenharmony_ci 9995e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 9996e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ----------------- | 9997e41f4b71Sopenharmony_ci| param | [CertChainValidationParameters](#certchainvalidationparameters11) | 是 | 表示校验X509证书链的参数。 | 9998e41f4b71Sopenharmony_ci 9999e41f4b71Sopenharmony_ci**返回值**: 10000e41f4b71Sopenharmony_ci 10001e41f4b71Sopenharmony_ci| 类型 | 说明 | 10002e41f4b71Sopenharmony_ci| ------------------------------------------------------------ | --------------------------------- | 10003e41f4b71Sopenharmony_ci| Promise\<[CertChainValidationResult](#certchainvalidationresult11)> | Promise对象,返回证书链校验结果。 | 10004e41f4b71Sopenharmony_ci 10005e41f4b71Sopenharmony_ci**错误码:** 10006e41f4b71Sopenharmony_ci 10007e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10008e41f4b71Sopenharmony_ci 10009e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10010e41f4b71Sopenharmony_ci| -------- | ----------------------- | 10011e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10012e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10013e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10014e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10015e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 10016e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 10017e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 10018e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 10019e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 10020e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 10021e41f4b71Sopenharmony_ci 10022e41f4b71Sopenharmony_ci**示例:** 10023e41f4b71Sopenharmony_ci 10024e41f4b71Sopenharmony_ci```ts 10025e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10026e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10027e41f4b71Sopenharmony_ci 10028e41f4b71Sopenharmony_ci// string转Uint8Array 10029e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 10030e41f4b71Sopenharmony_ci let arr: Array<number> = []; 10031e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 10032e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 10033e41f4b71Sopenharmony_ci } 10034e41f4b71Sopenharmony_ci return new Uint8Array(arr); 10035e41f4b71Sopenharmony_ci} 10036e41f4b71Sopenharmony_ci 10037e41f4b71Sopenharmony_ciasync function createX509CertChain(): Promise<cert.X509CertChain> { 10038e41f4b71Sopenharmony_ci let certChainData = "-----BEGIN CERTIFICATE-----\n" + 10039e41f4b71Sopenharmony_ci "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10040e41f4b71Sopenharmony_ci "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10041e41f4b71Sopenharmony_ci "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10042e41f4b71Sopenharmony_ci "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10043e41f4b71Sopenharmony_ci "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10044e41f4b71Sopenharmony_ci "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10045e41f4b71Sopenharmony_ci "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10046e41f4b71Sopenharmony_ci "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10047e41f4b71Sopenharmony_ci "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10048e41f4b71Sopenharmony_ci "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10049e41f4b71Sopenharmony_ci "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10050e41f4b71Sopenharmony_ci "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10051e41f4b71Sopenharmony_ci "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10052e41f4b71Sopenharmony_ci "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10053e41f4b71Sopenharmony_ci "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10054e41f4b71Sopenharmony_ci "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10055e41f4b71Sopenharmony_ci "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10056e41f4b71Sopenharmony_ci "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10057e41f4b71Sopenharmony_ci "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10058e41f4b71Sopenharmony_ci "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10059e41f4b71Sopenharmony_ci "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10060e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 10061e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 10062e41f4b71Sopenharmony_ci "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10063e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10064e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10065e41f4b71Sopenharmony_ci "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10066e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10067e41f4b71Sopenharmony_ci "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10068e41f4b71Sopenharmony_ci "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10069e41f4b71Sopenharmony_ci "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10070e41f4b71Sopenharmony_ci "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10071e41f4b71Sopenharmony_ci "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10072e41f4b71Sopenharmony_ci "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10073e41f4b71Sopenharmony_ci "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10074e41f4b71Sopenharmony_ci "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10075e41f4b71Sopenharmony_ci "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10076e41f4b71Sopenharmony_ci "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10077e41f4b71Sopenharmony_ci "uKPWR9dKBA==\n" + 10078e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 10079e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 10080e41f4b71Sopenharmony_ci "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10081e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10082e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10083e41f4b71Sopenharmony_ci "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10084e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10085e41f4b71Sopenharmony_ci "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10086e41f4b71Sopenharmony_ci "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10087e41f4b71Sopenharmony_ci "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10088e41f4b71Sopenharmony_ci "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10089e41f4b71Sopenharmony_ci "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10090e41f4b71Sopenharmony_ci "xjoE\n" + 10091e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 10092e41f4b71Sopenharmony_ci 10093e41f4b71Sopenharmony_ci // 证书链二进制数据,需业务自行赋值 10094e41f4b71Sopenharmony_ci let encodingBlob: cert.EncodingBlob = { 10095e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 10096e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 10097e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 10098e41f4b71Sopenharmony_ci }; 10099e41f4b71Sopenharmony_ci let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10100e41f4b71Sopenharmony_ci try { 10101e41f4b71Sopenharmony_ci x509CertChain = await cert.createX509CertChain(encodingBlob); 10102e41f4b71Sopenharmony_ci } 10103e41f4b71Sopenharmony_ci catch (error) { 10104e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10105e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10106e41f4b71Sopenharmony_ci } 10107e41f4b71Sopenharmony_ci return x509CertChain; 10108e41f4b71Sopenharmony_ci} 10109e41f4b71Sopenharmony_ci 10110e41f4b71Sopenharmony_ciasync function validate() { 10111e41f4b71Sopenharmony_ci const certChain = await createX509CertChain(); 10112e41f4b71Sopenharmony_ci // 证书链校验数据,需业务自行赋值 10113e41f4b71Sopenharmony_ci const param: cert.CertChainValidationParameters = { 10114e41f4b71Sopenharmony_ci date: '20231212080000Z', 10115e41f4b71Sopenharmony_ci trustAnchors: [{ 10116e41f4b71Sopenharmony_ci CAPubKey: new Uint8Array([0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0xbb, 0x16,0x9d, 0x8f, 0x5c, 0x30, 0xd0, 0xba, 0x8f, 0x37, 0x6e, 0x33, 0xaf, 0x6f, 0x23, 0x71, 0x23, 0xa5, 0x49, 0x60,0x1e, 0xd1, 0x07, 0x4b, 0xc9, 0x11, 0x7e, 0x66, 0x01, 0xba, 0x92, 0x52]), 10117e41f4b71Sopenharmony_ci CASubject: new Uint8Array([0x30, 0x5a, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x45,0x4e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x45, 0x6e, 0x67, 0x6c, 0x61, 0x6e,0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x06, 0x4c, 0x6f, 0x6e, 0x64, 0x6f, 0x6e,0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a,0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04,0x03, 0x13, 0x03, 0x74, 0x73, 0x31]), 10118e41f4b71Sopenharmony_ci }] 10119e41f4b71Sopenharmony_ci } 10120e41f4b71Sopenharmony_ci try { 10121e41f4b71Sopenharmony_ci const validationRes = await certChain.validate(param); 10122e41f4b71Sopenharmony_ci console.log('X509CertChain validate success'); 10123e41f4b71Sopenharmony_ci } 10124e41f4b71Sopenharmony_ci catch (err) { 10125e41f4b71Sopenharmony_ci console.error('X509CertChain validate failed'); 10126e41f4b71Sopenharmony_ci } 10127e41f4b71Sopenharmony_ci} 10128e41f4b71Sopenharmony_ci 10129e41f4b71Sopenharmony_civalidate(); 10130e41f4b71Sopenharmony_ci``` 10131e41f4b71Sopenharmony_ci 10132e41f4b71Sopenharmony_ci### validate<sup>11+</sup> 10133e41f4b71Sopenharmony_ci 10134e41f4b71Sopenharmony_civalidate(param: CertChainValidationParameters, callback: AsyncCallback\<CertChainValidationResult>): void 10135e41f4b71Sopenharmony_ci 10136e41f4b71Sopenharmony_ci使用校验参数校验证书链并使用callback方式异步返回结果。 10137e41f4b71Sopenharmony_ci 10138e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10139e41f4b71Sopenharmony_ci 10140e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10141e41f4b71Sopenharmony_ci 10142e41f4b71Sopenharmony_ci**参数**: 10143e41f4b71Sopenharmony_ci 10144e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 10145e41f4b71Sopenharmony_ci| --------- | ------------------------------- | ---- | ------------ | 10146e41f4b71Sopenharmony_ci| param | [CertChainValidationParameters](#certchainvalidationparameters11) | 是 | 表示校验X509证书链的参数。 | 10147e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[CertChainValidationResult](#certchainvalidationresult11)> | 是 | 回调函数。返回证书链校验结果。 | 10148e41f4b71Sopenharmony_ci 10149e41f4b71Sopenharmony_ci**错误码:** 10150e41f4b71Sopenharmony_ci 10151e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10152e41f4b71Sopenharmony_ci 10153e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10154e41f4b71Sopenharmony_ci| -------- | ----------------------- | 10155e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10156e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10157e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10158e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10159e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 10160e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 10161e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 10162e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 10163e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 10164e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 10165e41f4b71Sopenharmony_ci 10166e41f4b71Sopenharmony_ci**示例:** 10167e41f4b71Sopenharmony_ci 10168e41f4b71Sopenharmony_ci```ts 10169e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10170e41f4b71Sopenharmony_ci 10171e41f4b71Sopenharmony_ci// string转Uint8Array 10172e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 10173e41f4b71Sopenharmony_ci let arr: Array<number> = []; 10174e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 10175e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 10176e41f4b71Sopenharmony_ci } 10177e41f4b71Sopenharmony_ci return new Uint8Array(arr); 10178e41f4b71Sopenharmony_ci} 10179e41f4b71Sopenharmony_ci 10180e41f4b71Sopenharmony_cilet certChainData = "-----BEGIN CERTIFICATE-----\n" + 10181e41f4b71Sopenharmony_ci "MIID6jCCAtKgAwIBAgIIIM2q/TmRoLcwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE\n" + 10182e41f4b71Sopenharmony_ci "BhMCRU4xEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEMMAoGA1UE\n" + 10183e41f4b71Sopenharmony_ci "ChMDdHMyMQwwCgYDVQQLEwN0czIxDDAKBgNVBAMTA3RzMjAeFw0yMzEyMDUwNzM5\n" + 10184e41f4b71Sopenharmony_ci "MDBaFw0yNDEwMzEyMzU5MDBaMGExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdKaWFu\n" + 10185e41f4b71Sopenharmony_ci "Z3N1MRAwDgYDVQQHEwdOYW5qaW5nMQwwCgYDVQQKEwN0czMxDDAKBgNVBAsTA3Rz\n" + 10186e41f4b71Sopenharmony_ci "MzESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + 10187e41f4b71Sopenharmony_ci "CgKCAQEAtt+2QxUevbolYLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLR\n" + 10188e41f4b71Sopenharmony_ci "p26LFV/F8ebwPyo8YEBKSwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmc\n" + 10189e41f4b71Sopenharmony_ci "rVvLBNMeVnxY86xHpo0MTNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0j\n" + 10190e41f4b71Sopenharmony_ci "zT9GjeUP6JLdLFUZJKUPSTK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/U\n" + 10191e41f4b71Sopenharmony_ci "T+p5ThAMH593zszlz330nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI3\n" + 10192e41f4b71Sopenharmony_ci "8MFQFJKvRHfgTAvVsvAvpBUM2DuBKwIDAQABo4GsMIGpMAkGA1UdEwQCMAAwHQYD\n" + 10193e41f4b71Sopenharmony_ci "VR0OBBYEFDfsHTMZwoA6eaDFlBUyDpka+sYtMAsGA1UdDwQEAwID+DAnBgNVHSUE\n" + 10194e41f4b71Sopenharmony_ci "IDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMBQGA1UdEQQNMAuCCTEy\n" + 10195e41f4b71Sopenharmony_ci "Ny4wLjAuMTARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBj\n" + 10196e41f4b71Sopenharmony_ci "ZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAp5vTvXrt8ZpgRJVtzv9ss0lJ\n" + 10197e41f4b71Sopenharmony_ci "izp1fJf+ft5cDXrs7TSD5oHrSW2vk/ZieIMhexU4LFwhs4OE7jK6pgI48Dseqxx7\n" + 10198e41f4b71Sopenharmony_ci "B/KktxhVMJUmVXd9Ayjp6f+BtZlIk0cArPuoXToXjsV8caTGBXHRdzxpAk/w9syc\n" + 10199e41f4b71Sopenharmony_ci "GYrbH9TrdNMuTizOb+k268oKXUageZNxHmd7YvOXkcNgrd29jzwXKDYYiUa1DISz\n" + 10200e41f4b71Sopenharmony_ci "DnYaJOgPt0B/5izhoWNK7GhJDy9KEuLURcTSWFysbbnljwO9INPT9MmlS83PdAgN\n" + 10201e41f4b71Sopenharmony_ci "iS8VXF4pce1W9U5jH7d7k0JDVSXybebe1iPFphsZpYM/NE+jap+mPy1nTCbf9g==\n" + 10202e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 10203e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 10204e41f4b71Sopenharmony_ci "MIIC0zCCAoWgAwIBAgIIXpLoPpQVWnkwBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10205e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10206e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDczNzAwWhcNMjQw\n" + 10207e41f4b71Sopenharmony_ci "OTAxMjM1OTAwWjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10208e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czIxDDAKBgNVBAsTA3RzMjEMMAoGA1UE\n" + 10209e41f4b71Sopenharmony_ci "AxMDdHMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+2QxUevbol\n" + 10210e41f4b71Sopenharmony_ci "YLp51QGcUpageI4fwGLIqv4fj4aoVnHFOOBqVOVpfCLRp26LFV/F8ebwPyo8YEBK\n" + 10211e41f4b71Sopenharmony_ci "SwXzMD1573rMSbaH9BalscH5lZYAbetXoio6YRvzlcmcrVvLBNMeVnxY86xHpo0M\n" + 10212e41f4b71Sopenharmony_ci "TNyP7W024rZsxWO98xFQVdoiaBC+7+midlisx2Y+7u0jzT9GjeUP6JLdLFUZJKUP\n" + 10213e41f4b71Sopenharmony_ci "STK3jVzw9v1eZQZKYoNfU6vFMd6ndtwW6qEnwpzmmX/UT+p5ThAMH593zszlz330\n" + 10214e41f4b71Sopenharmony_ci "nTSXBjIsGkyvOz9gSB0Z0LAuJj06XUNhGL5xKJYKbdI38MFQFJKvRHfgTAvVsvAv\n" + 10215e41f4b71Sopenharmony_ci "pBUM2DuBKwIDAQABo28wbTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQ37B0zGcKA\n" + 10216e41f4b71Sopenharmony_ci "OnmgxZQVMg6ZGvrGLTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMB4G\n" + 10217e41f4b71Sopenharmony_ci "CWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwBQYDK2VwA0EAuasLBe55YgvF\n" + 10218e41f4b71Sopenharmony_ci "b4wmHeohylc9r8cFGS1LNQ5UcSn3sGqMYf6ehnef16NLuCW6upHCs8Sui4iAMvsP\n" + 10219e41f4b71Sopenharmony_ci "uKPWR9dKBA==\n" + 10220e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n" + 10221e41f4b71Sopenharmony_ci "-----BEGIN CERTIFICATE-----\n" + 10222e41f4b71Sopenharmony_ci "MIIB3zCCAZGgAwIBAgIIWQvOEDl+ya4wBQYDK2VwMFoxCzAJBgNVBAYTAkVOMRAw\n" + 10223e41f4b71Sopenharmony_ci "DgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25kb24xDDAKBgNVBAoTA3RzMTEM\n" + 10224e41f4b71Sopenharmony_ci "MAoGA1UECxMDdHMxMQwwCgYDVQQDEwN0czEwHhcNMjMxMjA1MDAwMDAwWhcNMjQx\n" + 10225e41f4b71Sopenharmony_ci "MjA0MjM1OTU5WjBaMQswCQYDVQQGEwJFTjEQMA4GA1UECBMHRW5nbGFuZDEPMA0G\n" + 10226e41f4b71Sopenharmony_ci "A1UEBxMGTG9uZG9uMQwwCgYDVQQKEwN0czExDDAKBgNVBAsTA3RzMTEMMAoGA1UE\n" + 10227e41f4b71Sopenharmony_ci "AxMDdHMxMCowBQYDK2VwAyEAuxadj1ww0LqPN24zr28jcSOlSWAe0QdLyRF+ZgG6\n" + 10228e41f4b71Sopenharmony_ci "klKjdTBzMBIGA1UdEwEB/wQIMAYBAf8CARQwHQYDVR0OBBYEFNSgpoQvfxR8A1Y4\n" + 10229e41f4b71Sopenharmony_ci "St8NjOHkRpm4MAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwHgYJYIZI\n" + 10230e41f4b71Sopenharmony_ci "AYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTAFBgMrZXADQQAblBgoa72X/K13WOvc\n" + 10231e41f4b71Sopenharmony_ci "KW0fqBgFKvLy85hWD6Ufi61k4ProQiZzMK+0+y9jReKelPx/zRdCCgSbQroAR2mV\n" + 10232e41f4b71Sopenharmony_ci "xjoE\n" + 10233e41f4b71Sopenharmony_ci "-----END CERTIFICATE-----\n"; 10234e41f4b71Sopenharmony_ci 10235e41f4b71Sopenharmony_ci// 证书链二进制数据,需业务自行赋值 10236e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 10237e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 10238e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 10239e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 10240e41f4b71Sopenharmony_ci}; 10241e41f4b71Sopenharmony_ci 10242e41f4b71Sopenharmony_ci// 证书链校验数据,需业务自行赋值 10243e41f4b71Sopenharmony_cilet param: cert.CertChainValidationParameters = { 10244e41f4b71Sopenharmony_ci date: '20231212080000Z', 10245e41f4b71Sopenharmony_ci trustAnchors: [{ 10246e41f4b71Sopenharmony_ci CAPubKey: new Uint8Array([0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0xbb, 0x16,0x9d, 0x8f, 0x5c, 0x30, 0xd0, 0xba, 0x8f, 0x37, 0x6e, 0x33, 0xaf, 0x6f, 0x23, 0x71, 0x23, 0xa5, 0x49, 0x60,0x1e, 0xd1, 0x07, 0x4b, 0xc9, 0x11, 0x7e, 0x66, 0x01, 0xba, 0x92, 0x52]), 10247e41f4b71Sopenharmony_ci CASubject: new Uint8Array([0x30, 0x5a, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x45,0x4e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x07, 0x45, 0x6e, 0x67, 0x6c, 0x61, 0x6e,0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x06, 0x4c, 0x6f, 0x6e, 0x64, 0x6f, 0x6e,0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a,0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x03, 0x74, 0x73, 0x31, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04,0x03, 0x13, 0x03, 0x74, 0x73, 0x31]), 10248e41f4b71Sopenharmony_ci }] 10249e41f4b71Sopenharmony_ci}; 10250e41f4b71Sopenharmony_ci 10251e41f4b71Sopenharmony_cicert.createX509CertChain(encodingBlob, (err, certChain) => { 10252e41f4b71Sopenharmony_ci if (err) { 10253e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + err.code + ', errMsg: ' + err.message); 10254e41f4b71Sopenharmony_ci } else { 10255e41f4b71Sopenharmony_ci console.log('createX509CertChain success'); 10256e41f4b71Sopenharmony_ci certChain.validate(param, (error, validationRes) => { 10257e41f4b71Sopenharmony_ci if (error) { 10258e41f4b71Sopenharmony_ci console.error('X509CertChain validate failed, errCode: ' + error.code + ', errMsg: ' + error.message); 10259e41f4b71Sopenharmony_ci } else { 10260e41f4b71Sopenharmony_ci console.log('X509CertChain validate success'); 10261e41f4b71Sopenharmony_ci } 10262e41f4b71Sopenharmony_ci }); 10263e41f4b71Sopenharmony_ci } 10264e41f4b71Sopenharmony_ci}); 10265e41f4b71Sopenharmony_ci``` 10266e41f4b71Sopenharmony_ci 10267e41f4b71Sopenharmony_ci### toString<sup>12+</sup> 10268e41f4b71Sopenharmony_ci 10269e41f4b71Sopenharmony_citoString(): string 10270e41f4b71Sopenharmony_ci 10271e41f4b71Sopenharmony_ci获取对象的字符串类型数据。 10272e41f4b71Sopenharmony_ci 10273e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10274e41f4b71Sopenharmony_ci 10275e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10276e41f4b71Sopenharmony_ci 10277e41f4b71Sopenharmony_ci**返回值**: 10278e41f4b71Sopenharmony_ci 10279e41f4b71Sopenharmony_ci| 类型 | 说明 | 10280e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 10281e41f4b71Sopenharmony_ci| string | 对象的字符串类型数据。| 10282e41f4b71Sopenharmony_ci 10283e41f4b71Sopenharmony_ci**错误码:** 10284e41f4b71Sopenharmony_ci 10285e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10286e41f4b71Sopenharmony_ci 10287e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10288e41f4b71Sopenharmony_ci| -------- | ----------------------- | 10289e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10290e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10291e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10292e41f4b71Sopenharmony_ci 10293e41f4b71Sopenharmony_ci**示例:** 10294e41f4b71Sopenharmony_ci 10295e41f4b71Sopenharmony_ci```ts 10296e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10297e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10298e41f4b71Sopenharmony_ci 10299e41f4b71Sopenharmony_ci// string转Uint8Array 10300e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 10301e41f4b71Sopenharmony_ci let arr: Array<number> = []; 10302e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 10303e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 10304e41f4b71Sopenharmony_ci } 10305e41f4b71Sopenharmony_ci return new Uint8Array(arr); 10306e41f4b71Sopenharmony_ci} 10307e41f4b71Sopenharmony_ci 10308e41f4b71Sopenharmony_cilet certChainData = '-----BEGIN CERTIFICATE-----\n' + 10309e41f4b71Sopenharmony_ci 'MIIGVjCCBT6gAwIBAgIQBMO0W3CU9LWVw1bE/jqYojANBgkqhkiG9w0BAQsFADBE\n' + 10310e41f4b71Sopenharmony_ci 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH\n' + 10311e41f4b71Sopenharmony_ci 'ZW9UcnVzdCBSU0EgQ04gQ0EgRzIwHhcNMjMwMzIzMDAwMDAwWhcNMjQwNDIyMjM1\n' + 10312e41f4b71Sopenharmony_ci 'OTU5WjB1MQswCQYDVQQGEwJDTjERMA8GA1UECBMIemhlamlhbmcxETAPBgNVBAcT\n' + 10313e41f4b71Sopenharmony_ci 'CGhhbmd6aG91MSwwKgYDVQQKEyNOZXRFYXNlIChIYW5nemhvdSkgTmV0d29yayBD\n' + 10314e41f4b71Sopenharmony_ci 'by4sIEx0ZDESMBAGA1UEAwwJKi4xNjMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n' + 10315e41f4b71Sopenharmony_ci 'AQ8AMIIBCgKCAQEAwELks0Q1Z81u1OpbGdEFE2Snm/WpLfmiC5YFj5nFrinSX+UZ\n' + 10316e41f4b71Sopenharmony_ci 'MIk42euBdjYSsWFxbljmWDdUCjstMhG8vRAjz3Nt1QniMCunHHFGujR5rSNLWYHE\n' + 10317e41f4b71Sopenharmony_ci 'vCPhfptIhqOaE/rvkWGZZr2KjTQQN0dRf8dm9Oewy8DHu95c9jW6c9AVgKWUVOni\n' + 10318e41f4b71Sopenharmony_ci 'tTOcJCnrndWjgCIPfKmKgrwaNaMnuQyy5nPIUHl/5EGzuGHrwjwlF+w+cT+Fwdix\n' + 10319e41f4b71Sopenharmony_ci 'C3msEOCwX6wzo6baDs4og2EzuPNyTp4n4UqH5aHhLePgBFboOAyJwWp3+XJNpNGw\n' + 10320e41f4b71Sopenharmony_ci 'GkU56cUUy7+AAn268EVvUNr7uQ65t2t+Ys32bQIDAQABo4IDETCCAw0wHwYDVR0j\n' + 10321e41f4b71Sopenharmony_ci 'BBgwFoAUJG+RP4mHhw4ywkAY38VM60/ISTIwHQYDVR0OBBYEFD1HyRYJ5jqkvYL7\n' + 10322e41f4b71Sopenharmony_ci 'C6TSt8/y3e7hMB0GA1UdEQQWMBSCCSouMTYzLmNvbYIHMTYzLmNvbTAOBgNVHQ8B\n' + 10323e41f4b71Sopenharmony_ci 'Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2\n' + 10324e41f4b71Sopenharmony_ci 'MDQwMqAwoC6GLGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vR2VvVHJ1c3RSU0FDTkNB\n' + 10325e41f4b71Sopenharmony_ci 'RzIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6\n' + 10326e41f4b71Sopenharmony_ci 'Ly93d3cuZGlnaWNlcnQuY29tL0NQUzBxBggrBgEFBQcBAQRlMGMwIwYIKwYBBQUH\n' + 10327e41f4b71Sopenharmony_ci 'MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMDwGCCsGAQUFBzAChjBodHRwOi8v\n' + 10328e41f4b71Sopenharmony_ci 'Y2FjZXJ0cy5kaWdpY2VydC5jbi9HZW9UcnVzdFJTQUNOQ0FHMi5jcnQwCQYDVR0T\n' + 10329e41f4b71Sopenharmony_ci 'BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7s3QZNXbGs7FXLedtM0T\n' + 10330e41f4b71Sopenharmony_ci 'ojKHRny87N7DUUhZRnEftZsAAAGHDSE15QAABAMARjBEAiBRpmsJ3F9AI8wFxqOQ\n' + 10331e41f4b71Sopenharmony_ci 'bHp+RL6F8cvNydajQ0Bqxjvd3AIgefAU/po3jBm+96dFVdbX+AG1uss67DL3VL5I\n' + 10332e41f4b71Sopenharmony_ci 'nUmVva8AdgBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYcNITZS\n' + 10333e41f4b71Sopenharmony_ci 'AAAEAwBHMEUCID/sUP12odF7uTTEyE0PjCpKo3nF7A3ba3b5wJJsZrDrAiEAxrat\n' + 10334e41f4b71Sopenharmony_ci 'W2eeZTD458LPSPrMMBb1/o6zibWXqJCQye+bVFwAdwBIsONr2qZHNA/lagL6nTDr\n' + 10335e41f4b71Sopenharmony_ci 'HFIBy1bdLIHZu7+rOdiEcwAAAYcNITYeAAAEAwBIMEYCIQCCJ2ktM1F+d1I5mQju\n' + 10336e41f4b71Sopenharmony_ci 'Tn7oDYxy3GCGyG3u/yhu8k7EaAIhANSP8cAaMQFV6y8B2tubKY5eSQtgkF3a6NNq\n' + 10337e41f4b71Sopenharmony_ci 'QJjtPnoHMA0GCSqGSIb3DQEBCwUAA4IBAQC8dK/G4nvs/SyQe/mnK+rUYIdSFs+4\n' + 10338e41f4b71Sopenharmony_ci 'lgzatmq8V/I1tBly+Sv/FPhnn4F3iCrqy9j8y202FP51ev95DGbjlJRTIFPqVAO8\n' + 10339e41f4b71Sopenharmony_ci 'ywYrLhvl1SJhV0b/8NF0Pr3dZVnK5Vfn11+LSBUg0cBB2hcVV30nv3IuVhz3d12n\n' + 10340e41f4b71Sopenharmony_ci 'P+VseYQgMpQf7ad+ttpZtA7yqHzrUm4fzr03G7q88GztACRSHoYiPbOlz99SeTgW\n' + 10341e41f4b71Sopenharmony_ci '7bzZl1I4taxy2Q3b0ZBGfUt/kPY05tpKzKwDTbbqSErYszCt5X1RfVvf3coxF8Mo\n' + 10342e41f4b71Sopenharmony_ci '9bHbs2wYIzQBdujDQ/hU0u6ItERer3SUItZoxaSIxdrZ9eXFwVvXsT/g\n' + 10343e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n' + 10344e41f4b71Sopenharmony_ci '-----BEGIN CERTIFICATE-----\n' + 10345e41f4b71Sopenharmony_ci 'MIIFDzCCA/egAwIBAgIQCxNitu5qnT6WiTDxbiB9OTANBgkqhkiG9w0BAQsFADBh\n' + 10346e41f4b71Sopenharmony_ci 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n' + 10347e41f4b71Sopenharmony_ci 'd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n' + 10348e41f4b71Sopenharmony_ci 'QTAeFw0yMDAzMDQxMjA0NDBaFw0zMDAzMDQxMjA0NDBaMEQxCzAJBgNVBAYTAlVT\n' + 10349e41f4b71Sopenharmony_ci 'MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD\n' + 10350e41f4b71Sopenharmony_ci 'TiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANA1OZJJtZUI\n' + 10351e41f4b71Sopenharmony_ci '7zj4qFHT79g+Otks4TEfmUEDhrNKBEEjb/i29GBfnpvFdT36azCg2VODJRSjIzFn\n' + 10352e41f4b71Sopenharmony_ci '4qADcc84EmfKiDEM97HFsQPp9RRkqxH5cB51EU2eBE9Ua95x+wQp/KSdCqITCQ/v\n' + 10353e41f4b71Sopenharmony_ci 'yvm3J4Upjl0wlW8wRCPCWcYw3pKClGRkNzVtI1KXnfpn7fG3N84n7wlBb9IGKJFa\n' + 10354e41f4b71Sopenharmony_ci 'c/6+hxvZx2qnfLsxdIKR0Q/biGoU6Z8Iy/R/p7GoPO8vamV090+QHEL5AdSzKtEh\n' + 10355e41f4b71Sopenharmony_ci 'U9vdvcuWjjLxVnaJLfj/6WoGZj8UWn3zFbEoTVaAfp2xqdzW7yRvi2r148m9ev7l\n' + 10356e41f4b71Sopenharmony_ci 'jDqHo8UX69sCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQkb5E/iYeHDjLCQBjfxUzr\n' + 10357e41f4b71Sopenharmony_ci 'T8hJMjAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E\n' + 10358e41f4b71Sopenharmony_ci 'BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI\n' + 10359e41f4b71Sopenharmony_ci 'MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz\n' + 10360e41f4b71Sopenharmony_ci 'cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj\n' + 10361e41f4b71Sopenharmony_ci 'ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHVMIHSMIHF\n' + 10362e41f4b71Sopenharmony_ci 'BglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0\n' + 10363e41f4b71Sopenharmony_ci 'LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZp\n' + 10364e41f4b71Sopenharmony_ci 'Y2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5\n' + 10365e41f4b71Sopenharmony_ci 'IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9y\n' + 10366e41f4b71Sopenharmony_ci 'cGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQCzkcXq0TN0oSn4UeXp\n' + 10367e41f4b71Sopenharmony_ci 'FBW7U8zrHBIhH9MXHNBp+Yy/yN19133UY05uuHXHaU2Uv0hxefckjPdkaX7ARso+\n' + 10368e41f4b71Sopenharmony_ci 'O3Ar6nf7YfBwCqSpqsNckKT7KKtf3Ot95wYFpKDa64jcRUfxzRWnmq12IVzczqHI\n' + 10369e41f4b71Sopenharmony_ci 'sIvUZQINw/UHSQcWekdUnMg58bQSHyTjwkj9jcX2RURxaVZkr15wxo/Z3Ydo2PVK\n' + 10370e41f4b71Sopenharmony_ci '3afEr0/vcuFvE7QeGXiI2DJdVt3JefatZ3rj4VTW2aUZwHGUiWWIUudBfQKR0JEp\n' + 10371e41f4b71Sopenharmony_ci 'lJ8MFaKDh4/A2VEJnXILu1iwvc1m3jCaPuzZKdoHM/1234bznJI2aAfhfIhoHw90\n' + 10372e41f4b71Sopenharmony_ci 'tPO+\n' + 10373e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 10374e41f4b71Sopenharmony_ci 10375e41f4b71Sopenharmony_ci// 证书链二进制数据,需业务自行赋值 10376e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 10377e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 10378e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 10379e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 10380e41f4b71Sopenharmony_ci}; 10381e41f4b71Sopenharmony_ci 10382e41f4b71Sopenharmony_ciasync function certChainToString() { 10383e41f4b71Sopenharmony_ci let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10384e41f4b71Sopenharmony_ci try { 10385e41f4b71Sopenharmony_ci x509CertChain = await cert.createX509CertChain(encodingBlob); 10386e41f4b71Sopenharmony_ci console.log('createX509CertChain success'); 10387e41f4b71Sopenharmony_ci console.info('toString success: ' + JSON.stringify(x509CertChain.toString())); 10388e41f4b71Sopenharmony_ci } catch (error) { 10389e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10390e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10391e41f4b71Sopenharmony_ci } 10392e41f4b71Sopenharmony_ci} 10393e41f4b71Sopenharmony_ci``` 10394e41f4b71Sopenharmony_ci### hashCode<sup>12+</sup> 10395e41f4b71Sopenharmony_ci 10396e41f4b71Sopenharmony_cihashCode(): Uint8Array 10397e41f4b71Sopenharmony_ci 10398e41f4b71Sopenharmony_ci获取DER格式数据的哈希值。 10399e41f4b71Sopenharmony_ci 10400e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10401e41f4b71Sopenharmony_ci 10402e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10403e41f4b71Sopenharmony_ci 10404e41f4b71Sopenharmony_ci**返回值**: 10405e41f4b71Sopenharmony_ci 10406e41f4b71Sopenharmony_ci| 类型 | 说明 | 10407e41f4b71Sopenharmony_ci| ------- | ---------------------------------------------------- | 10408e41f4b71Sopenharmony_ci| Uint8Array | DER格式数据的哈希值。| 10409e41f4b71Sopenharmony_ci 10410e41f4b71Sopenharmony_ci**错误码:** 10411e41f4b71Sopenharmony_ci 10412e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10413e41f4b71Sopenharmony_ci 10414e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10415e41f4b71Sopenharmony_ci| -------- | ----------------------- | 10416e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10417e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10418e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10419e41f4b71Sopenharmony_ci 10420e41f4b71Sopenharmony_ci**示例:** 10421e41f4b71Sopenharmony_ci 10422e41f4b71Sopenharmony_ci```ts 10423e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10424e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10425e41f4b71Sopenharmony_ci 10426e41f4b71Sopenharmony_ci// string转Uint8Array 10427e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 10428e41f4b71Sopenharmony_ci let arr: Array<number> = []; 10429e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 10430e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 10431e41f4b71Sopenharmony_ci } 10432e41f4b71Sopenharmony_ci return new Uint8Array(arr); 10433e41f4b71Sopenharmony_ci} 10434e41f4b71Sopenharmony_ci 10435e41f4b71Sopenharmony_cilet certChainData = '-----BEGIN CERTIFICATE-----\n' + 10436e41f4b71Sopenharmony_ci 'MIIGVjCCBT6gAwIBAgIQBMO0W3CU9LWVw1bE/jqYojANBgkqhkiG9w0BAQsFADBE\n' + 10437e41f4b71Sopenharmony_ci 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH\n' + 10438e41f4b71Sopenharmony_ci 'ZW9UcnVzdCBSU0EgQ04gQ0EgRzIwHhcNMjMwMzIzMDAwMDAwWhcNMjQwNDIyMjM1\n' + 10439e41f4b71Sopenharmony_ci 'OTU5WjB1MQswCQYDVQQGEwJDTjERMA8GA1UECBMIemhlamlhbmcxETAPBgNVBAcT\n' + 10440e41f4b71Sopenharmony_ci 'CGhhbmd6aG91MSwwKgYDVQQKEyNOZXRFYXNlIChIYW5nemhvdSkgTmV0d29yayBD\n' + 10441e41f4b71Sopenharmony_ci 'by4sIEx0ZDESMBAGA1UEAwwJKi4xNjMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC\n' + 10442e41f4b71Sopenharmony_ci 'AQ8AMIIBCgKCAQEAwELks0Q1Z81u1OpbGdEFE2Snm/WpLfmiC5YFj5nFrinSX+UZ\n' + 10443e41f4b71Sopenharmony_ci 'MIk42euBdjYSsWFxbljmWDdUCjstMhG8vRAjz3Nt1QniMCunHHFGujR5rSNLWYHE\n' + 10444e41f4b71Sopenharmony_ci 'vCPhfptIhqOaE/rvkWGZZr2KjTQQN0dRf8dm9Oewy8DHu95c9jW6c9AVgKWUVOni\n' + 10445e41f4b71Sopenharmony_ci 'tTOcJCnrndWjgCIPfKmKgrwaNaMnuQyy5nPIUHl/5EGzuGHrwjwlF+w+cT+Fwdix\n' + 10446e41f4b71Sopenharmony_ci 'C3msEOCwX6wzo6baDs4og2EzuPNyTp4n4UqH5aHhLePgBFboOAyJwWp3+XJNpNGw\n' + 10447e41f4b71Sopenharmony_ci 'GkU56cUUy7+AAn268EVvUNr7uQ65t2t+Ys32bQIDAQABo4IDETCCAw0wHwYDVR0j\n' + 10448e41f4b71Sopenharmony_ci 'BBgwFoAUJG+RP4mHhw4ywkAY38VM60/ISTIwHQYDVR0OBBYEFD1HyRYJ5jqkvYL7\n' + 10449e41f4b71Sopenharmony_ci 'C6TSt8/y3e7hMB0GA1UdEQQWMBSCCSouMTYzLmNvbYIHMTYzLmNvbTAOBgNVHQ8B\n' + 10450e41f4b71Sopenharmony_ci 'Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2\n' + 10451e41f4b71Sopenharmony_ci 'MDQwMqAwoC6GLGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vR2VvVHJ1c3RSU0FDTkNB\n' + 10452e41f4b71Sopenharmony_ci 'RzIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6\n' + 10453e41f4b71Sopenharmony_ci 'Ly93d3cuZGlnaWNlcnQuY29tL0NQUzBxBggrBgEFBQcBAQRlMGMwIwYIKwYBBQUH\n' + 10454e41f4b71Sopenharmony_ci 'MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMDwGCCsGAQUFBzAChjBodHRwOi8v\n' + 10455e41f4b71Sopenharmony_ci 'Y2FjZXJ0cy5kaWdpY2VydC5jbi9HZW9UcnVzdFJTQUNOQ0FHMi5jcnQwCQYDVR0T\n' + 10456e41f4b71Sopenharmony_ci 'BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7s3QZNXbGs7FXLedtM0T\n' + 10457e41f4b71Sopenharmony_ci 'ojKHRny87N7DUUhZRnEftZsAAAGHDSE15QAABAMARjBEAiBRpmsJ3F9AI8wFxqOQ\n' + 10458e41f4b71Sopenharmony_ci 'bHp+RL6F8cvNydajQ0Bqxjvd3AIgefAU/po3jBm+96dFVdbX+AG1uss67DL3VL5I\n' + 10459e41f4b71Sopenharmony_ci 'nUmVva8AdgBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYcNITZS\n' + 10460e41f4b71Sopenharmony_ci 'AAAEAwBHMEUCID/sUP12odF7uTTEyE0PjCpKo3nF7A3ba3b5wJJsZrDrAiEAxrat\n' + 10461e41f4b71Sopenharmony_ci 'W2eeZTD458LPSPrMMBb1/o6zibWXqJCQye+bVFwAdwBIsONr2qZHNA/lagL6nTDr\n' + 10462e41f4b71Sopenharmony_ci 'HFIBy1bdLIHZu7+rOdiEcwAAAYcNITYeAAAEAwBIMEYCIQCCJ2ktM1F+d1I5mQju\n' + 10463e41f4b71Sopenharmony_ci 'Tn7oDYxy3GCGyG3u/yhu8k7EaAIhANSP8cAaMQFV6y8B2tubKY5eSQtgkF3a6NNq\n' + 10464e41f4b71Sopenharmony_ci 'QJjtPnoHMA0GCSqGSIb3DQEBCwUAA4IBAQC8dK/G4nvs/SyQe/mnK+rUYIdSFs+4\n' + 10465e41f4b71Sopenharmony_ci 'lgzatmq8V/I1tBly+Sv/FPhnn4F3iCrqy9j8y202FP51ev95DGbjlJRTIFPqVAO8\n' + 10466e41f4b71Sopenharmony_ci 'ywYrLhvl1SJhV0b/8NF0Pr3dZVnK5Vfn11+LSBUg0cBB2hcVV30nv3IuVhz3d12n\n' + 10467e41f4b71Sopenharmony_ci 'P+VseYQgMpQf7ad+ttpZtA7yqHzrUm4fzr03G7q88GztACRSHoYiPbOlz99SeTgW\n' + 10468e41f4b71Sopenharmony_ci '7bzZl1I4taxy2Q3b0ZBGfUt/kPY05tpKzKwDTbbqSErYszCt5X1RfVvf3coxF8Mo\n' + 10469e41f4b71Sopenharmony_ci '9bHbs2wYIzQBdujDQ/hU0u6ItERer3SUItZoxaSIxdrZ9eXFwVvXsT/g\n' + 10470e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n' + 10471e41f4b71Sopenharmony_ci '-----BEGIN CERTIFICATE-----\n' + 10472e41f4b71Sopenharmony_ci 'MIIFDzCCA/egAwIBAgIQCxNitu5qnT6WiTDxbiB9OTANBgkqhkiG9w0BAQsFADBh\n' + 10473e41f4b71Sopenharmony_ci 'MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n' + 10474e41f4b71Sopenharmony_ci 'd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n' + 10475e41f4b71Sopenharmony_ci 'QTAeFw0yMDAzMDQxMjA0NDBaFw0zMDAzMDQxMjA0NDBaMEQxCzAJBgNVBAYTAlVT\n' + 10476e41f4b71Sopenharmony_ci 'MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD\n' + 10477e41f4b71Sopenharmony_ci 'TiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANA1OZJJtZUI\n' + 10478e41f4b71Sopenharmony_ci '7zj4qFHT79g+Otks4TEfmUEDhrNKBEEjb/i29GBfnpvFdT36azCg2VODJRSjIzFn\n' + 10479e41f4b71Sopenharmony_ci '4qADcc84EmfKiDEM97HFsQPp9RRkqxH5cB51EU2eBE9Ua95x+wQp/KSdCqITCQ/v\n' + 10480e41f4b71Sopenharmony_ci 'yvm3J4Upjl0wlW8wRCPCWcYw3pKClGRkNzVtI1KXnfpn7fG3N84n7wlBb9IGKJFa\n' + 10481e41f4b71Sopenharmony_ci 'c/6+hxvZx2qnfLsxdIKR0Q/biGoU6Z8Iy/R/p7GoPO8vamV090+QHEL5AdSzKtEh\n' + 10482e41f4b71Sopenharmony_ci 'U9vdvcuWjjLxVnaJLfj/6WoGZj8UWn3zFbEoTVaAfp2xqdzW7yRvi2r148m9ev7l\n' + 10483e41f4b71Sopenharmony_ci 'jDqHo8UX69sCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQkb5E/iYeHDjLCQBjfxUzr\n' + 10484e41f4b71Sopenharmony_ci 'T8hJMjAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E\n' + 10485e41f4b71Sopenharmony_ci 'BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI\n' + 10486e41f4b71Sopenharmony_ci 'MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz\n' + 10487e41f4b71Sopenharmony_ci 'cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj\n' + 10488e41f4b71Sopenharmony_ci 'ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHVMIHSMIHF\n' + 10489e41f4b71Sopenharmony_ci 'BglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0\n' + 10490e41f4b71Sopenharmony_ci 'LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZp\n' + 10491e41f4b71Sopenharmony_ci 'Y2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5\n' + 10492e41f4b71Sopenharmony_ci 'IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9y\n' + 10493e41f4b71Sopenharmony_ci 'cGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQCzkcXq0TN0oSn4UeXp\n' + 10494e41f4b71Sopenharmony_ci 'FBW7U8zrHBIhH9MXHNBp+Yy/yN19133UY05uuHXHaU2Uv0hxefckjPdkaX7ARso+\n' + 10495e41f4b71Sopenharmony_ci 'O3Ar6nf7YfBwCqSpqsNckKT7KKtf3Ot95wYFpKDa64jcRUfxzRWnmq12IVzczqHI\n' + 10496e41f4b71Sopenharmony_ci 'sIvUZQINw/UHSQcWekdUnMg58bQSHyTjwkj9jcX2RURxaVZkr15wxo/Z3Ydo2PVK\n' + 10497e41f4b71Sopenharmony_ci '3afEr0/vcuFvE7QeGXiI2DJdVt3JefatZ3rj4VTW2aUZwHGUiWWIUudBfQKR0JEp\n' + 10498e41f4b71Sopenharmony_ci 'lJ8MFaKDh4/A2VEJnXILu1iwvc1m3jCaPuzZKdoHM/1234bznJI2aAfhfIhoHw90\n' + 10499e41f4b71Sopenharmony_ci 'tPO+\n' + 10500e41f4b71Sopenharmony_ci '-----END CERTIFICATE-----\n'; 10501e41f4b71Sopenharmony_ci 10502e41f4b71Sopenharmony_ci// 证书链二进制数据,需业务自行赋值 10503e41f4b71Sopenharmony_cilet encodingBlob: cert.EncodingBlob = { 10504e41f4b71Sopenharmony_ci data: stringToUint8Array(certChainData), 10505e41f4b71Sopenharmony_ci // 根据encodingData的格式进行赋值,支持FORMAT_PEM、FORMAT_DER和FORMAT_PKCS7 10506e41f4b71Sopenharmony_ci encodingFormat: cert.EncodingFormat.FORMAT_PEM 10507e41f4b71Sopenharmony_ci}; 10508e41f4b71Sopenharmony_ci 10509e41f4b71Sopenharmony_ciasync function certChainHashCode() { 10510e41f4b71Sopenharmony_ci let x509CertChain: cert.X509CertChain = {} as cert.X509CertChain; 10511e41f4b71Sopenharmony_ci try { 10512e41f4b71Sopenharmony_ci x509CertChain = await cert.createX509CertChain(encodingBlob); 10513e41f4b71Sopenharmony_ci console.log('createX509CertChain success'); 10514e41f4b71Sopenharmony_ci console.info('hashCode success: ' + JSON.stringify(x509CertChain.hashCode())); 10515e41f4b71Sopenharmony_ci } catch (error) { 10516e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10517e41f4b71Sopenharmony_ci console.error('createX509CertChain failed, errCode: ' + e.code + ', errMsg: ' + e.message); 10518e41f4b71Sopenharmony_ci } 10519e41f4b71Sopenharmony_ci} 10520e41f4b71Sopenharmony_ci``` 10521e41f4b71Sopenharmony_ci## cert.createX500DistinguishedName<sup>12+</sup> 10522e41f4b71Sopenharmony_ci 10523e41f4b71Sopenharmony_cicreateX500DistinguishedName(nameStr: string): Promise\<X500DistinguishedName> 10524e41f4b71Sopenharmony_ci 10525e41f4b71Sopenharmony_ci表示使用字符串格式的名称创建X500DistinguishedName对象,使用Promise方式异步返回结果。 10526e41f4b71Sopenharmony_ci 10527e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10528e41f4b71Sopenharmony_ci 10529e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10530e41f4b71Sopenharmony_ci 10531e41f4b71Sopenharmony_ci**参数:** 10532e41f4b71Sopenharmony_ci 10533e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 10534e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------- | 10535e41f4b71Sopenharmony_ci| nameStr | string | 是 |X509定义的string类型的Name字符串格式数据。| 10536e41f4b71Sopenharmony_ci 10537e41f4b71Sopenharmony_ci**返回值:** 10538e41f4b71Sopenharmony_ci 10539e41f4b71Sopenharmony_ci| 类型 | 说明 | 10540e41f4b71Sopenharmony_ci| ------------------------------- | ---------------- | 10541e41f4b71Sopenharmony_ci| Promise\<[X500DistinguishedName](#x500distinguishedname12)> | 表示X509的可分辨对象。| 10542e41f4b71Sopenharmony_ci 10543e41f4b71Sopenharmony_ci**错误码:** 10544e41f4b71Sopenharmony_ci 10545e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10546e41f4b71Sopenharmony_ci 10547e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10548e41f4b71Sopenharmony_ci| -------- | ------------- | 10549e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10550e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10551e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10552e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10553e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 10554e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 10555e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 10556e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 10557e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 10558e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 10559e41f4b71Sopenharmony_ci 10560e41f4b71Sopenharmony_ci**示例:** 10561e41f4b71Sopenharmony_ci 10562e41f4b71Sopenharmony_ci```ts 10563e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10564e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10565e41f4b71Sopenharmony_ci 10566e41f4b71Sopenharmony_ci// string转Uint8Array 10567e41f4b71Sopenharmony_cifunction stringToUint8Array(str: string): Uint8Array { 10568e41f4b71Sopenharmony_ci let arr: Array<number> = []; 10569e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; i++) { 10570e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 10571e41f4b71Sopenharmony_ci } 10572e41f4b71Sopenharmony_ci return new Uint8Array(arr); 10573e41f4b71Sopenharmony_ci} 10574e41f4b71Sopenharmony_ci 10575e41f4b71Sopenharmony_cilet nameStr = '/CN=John Doe/OU=IT Department/O=ACME Inc./L=San Francisco/ST=California/C=US/CN=ALN C/CN=XTS'; 10576e41f4b71Sopenharmony_ciasync function createX500DistinguishedName() { 10577e41f4b71Sopenharmony_ci try { 10578e41f4b71Sopenharmony_ci cert.createX500DistinguishedName(nameStr) 10579e41f4b71Sopenharmony_ci .then((data) => { 10580e41f4b71Sopenharmony_ci console.log('createX500DistinguishedName success'); 10581e41f4b71Sopenharmony_ci }) 10582e41f4b71Sopenharmony_ci .catch((err: BusinessError) => { 10583e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 10584e41f4b71Sopenharmony_ci }) 10585e41f4b71Sopenharmony_ci } catch (error) { 10586e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10587e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 10588e41f4b71Sopenharmony_ci } 10589e41f4b71Sopenharmony_ci} 10590e41f4b71Sopenharmony_ci``` 10591e41f4b71Sopenharmony_ci 10592e41f4b71Sopenharmony_ci## cert.createX500DistinguishedName<sup>12+</sup> 10593e41f4b71Sopenharmony_ci 10594e41f4b71Sopenharmony_cicreateX500DistinguishedName(nameDer: Uint8Array): Promise\<X500DistinguishedName> 10595e41f4b71Sopenharmony_ci 10596e41f4b71Sopenharmony_ci表示使用DER格式的名称创建X500DistinguishedName对象,使用Promise方式异步返回结果。 10597e41f4b71Sopenharmony_ci 10598e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10599e41f4b71Sopenharmony_ci 10600e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10601e41f4b71Sopenharmony_ci 10602e41f4b71Sopenharmony_ci**参数:** 10603e41f4b71Sopenharmony_ci 10604e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 10605e41f4b71Sopenharmony_ci| -------- | ----------------------------- | ---- | -------------------- | 10606e41f4b71Sopenharmony_ci| nameDer | Uint8Array | 是 |X509定义的Uint8Array类型的DER格式数据。| 10607e41f4b71Sopenharmony_ci 10608e41f4b71Sopenharmony_ci**返回值:** 10609e41f4b71Sopenharmony_ci 10610e41f4b71Sopenharmony_ci| 类型 | 说明 | 10611e41f4b71Sopenharmony_ci| ------------------------------- | ---------------- | 10612e41f4b71Sopenharmony_ci| Promise\<[X500DistinguishedName](#x500distinguishedname12)> | 表示X509的可分辨对象。| 10613e41f4b71Sopenharmony_ci 10614e41f4b71Sopenharmony_ci**错误码:** 10615e41f4b71Sopenharmony_ci 10616e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10617e41f4b71Sopenharmony_ci 10618e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10619e41f4b71Sopenharmony_ci| -------- | ------------- | 10620e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10621e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10622e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10623e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10624e41f4b71Sopenharmony_ci| 19030002 | the certificate signature verification failed. | 10625e41f4b71Sopenharmony_ci| 19030003 | the certificate has not taken effect. | 10626e41f4b71Sopenharmony_ci| 19030004 | the certificate has expired. | 10627e41f4b71Sopenharmony_ci| 19030005 | failed to obtain the certificate issuer. | 10628e41f4b71Sopenharmony_ci| 19030006 | the key cannot be used for signing a certificate. | 10629e41f4b71Sopenharmony_ci| 19030007 | the key cannot be used for digital signature. | 10630e41f4b71Sopenharmony_ci 10631e41f4b71Sopenharmony_ci**示例:** 10632e41f4b71Sopenharmony_ci 10633e41f4b71Sopenharmony_ci```ts 10634e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10635e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10636e41f4b71Sopenharmony_ci 10637e41f4b71Sopenharmony_cilet nameDer = new Uint8Array([48,41,49,11,48,9,6,3,85,4,3,12,2,67,65,49,13,48,11,6,3,85,4,10,12,4,116,101,115,116,49,11,48,9,6,3,85,4,6,19,2,67,78]); 10638e41f4b71Sopenharmony_ciasync function createX500DistinguishedName() { 10639e41f4b71Sopenharmony_ci try { 10640e41f4b71Sopenharmony_ci cert.createX500DistinguishedName(nameDer) 10641e41f4b71Sopenharmony_ci .then((data) => { 10642e41f4b71Sopenharmony_ci console.log('createX500DistinguishedName success'); 10643e41f4b71Sopenharmony_ci }) 10644e41f4b71Sopenharmony_ci .catch((err: BusinessError) => { 10645e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 10646e41f4b71Sopenharmony_ci }) 10647e41f4b71Sopenharmony_ci } catch (error) { 10648e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10649e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 10650e41f4b71Sopenharmony_ci } 10651e41f4b71Sopenharmony_ci} 10652e41f4b71Sopenharmony_ci``` 10653e41f4b71Sopenharmony_ci## X500DistinguishedName<sup>12+</sup> 10654e41f4b71Sopenharmony_ci 10655e41f4b71Sopenharmony_ciX509定义的Name类型的对象。 10656e41f4b71Sopenharmony_ci 10657e41f4b71Sopenharmony_ci### getName<sup>12+</sup> 10658e41f4b71Sopenharmony_ci 10659e41f4b71Sopenharmony_cigetName(): string 10660e41f4b71Sopenharmony_ci 10661e41f4b71Sopenharmony_ci获取可分辨名的字符串。 10662e41f4b71Sopenharmony_ci 10663e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10664e41f4b71Sopenharmony_ci 10665e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10666e41f4b71Sopenharmony_ci 10667e41f4b71Sopenharmony_ci**返回值**: 10668e41f4b71Sopenharmony_ci 10669e41f4b71Sopenharmony_ci| 类型 | 说明 | 10670e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------- | 10671e41f4b71Sopenharmony_ci| string | 可分辨名的字符串。| 10672e41f4b71Sopenharmony_ci 10673e41f4b71Sopenharmony_ci**错误码:** 10674e41f4b71Sopenharmony_ci 10675e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10676e41f4b71Sopenharmony_ci 10677e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10678e41f4b71Sopenharmony_ci| -------- | ------------- | 10679e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10680e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10681e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10682e41f4b71Sopenharmony_ci 10683e41f4b71Sopenharmony_ci**示例:** 10684e41f4b71Sopenharmony_ci 10685e41f4b71Sopenharmony_ci```ts 10686e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10687e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10688e41f4b71Sopenharmony_ci 10689e41f4b71Sopenharmony_cilet nameDer = new Uint8Array([48,41,49,11,48,9,6,3,85,4,3,12,2,67,65,49,13,48,11,6,3,85,4,10,12,4,116,101,115,116,49,11,48,9,6,3,85,4,6,19,2,67,78]); 10690e41f4b71Sopenharmony_ciasync function getName() { 10691e41f4b71Sopenharmony_ci try { 10692e41f4b71Sopenharmony_ci cert.createX500DistinguishedName(nameDer) 10693e41f4b71Sopenharmony_ci .then((data) => { 10694e41f4b71Sopenharmony_ci console.log('createX500DistinguishedName success'); 10695e41f4b71Sopenharmony_ci console.info('createX500DistinguishedName getName: ' + JSON.stringify(data.getName())) 10696e41f4b71Sopenharmony_ci }) 10697e41f4b71Sopenharmony_ci .catch((err: BusinessError) => { 10698e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 10699e41f4b71Sopenharmony_ci }) 10700e41f4b71Sopenharmony_ci } catch (error) { 10701e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10702e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 10703e41f4b71Sopenharmony_ci } 10704e41f4b71Sopenharmony_ci} 10705e41f4b71Sopenharmony_ci``` 10706e41f4b71Sopenharmony_ci 10707e41f4b71Sopenharmony_ci### getName<sup>12+</sup> 10708e41f4b71Sopenharmony_ci 10709e41f4b71Sopenharmony_cigetName(type: string): Array\<string> 10710e41f4b71Sopenharmony_ci 10711e41f4b71Sopenharmony_ci按类型获取可分辨名的字符串。 10712e41f4b71Sopenharmony_ci 10713e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10714e41f4b71Sopenharmony_ci 10715e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10716e41f4b71Sopenharmony_ci 10717e41f4b71Sopenharmony_ci**参数**: 10718e41f4b71Sopenharmony_ci 10719e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 10720e41f4b71Sopenharmony_ci| ------------ | ------ | ---- | -------------- | 10721e41f4b71Sopenharmony_ci| type | string | 是 | 指定类型的名称。| 10722e41f4b71Sopenharmony_ci 10723e41f4b71Sopenharmony_ci**返回值**: 10724e41f4b71Sopenharmony_ci 10725e41f4b71Sopenharmony_ci| 类型 | 说明 | 10726e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------- | 10727e41f4b71Sopenharmony_ci| Array\<string> | 可分辨名的字符串数组。| 10728e41f4b71Sopenharmony_ci 10729e41f4b71Sopenharmony_ci**错误码:** 10730e41f4b71Sopenharmony_ci 10731e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10732e41f4b71Sopenharmony_ci 10733e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10734e41f4b71Sopenharmony_ci| -------- | ------------- | 10735e41f4b71Sopenharmony_ci| 401 | invalid parameters. Possible causes: <br>1. Mandatory parameters are left unspecified;<br>2. Incorrect parameter types;<br>3. Parameter verification failed.| 10736e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10737e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10738e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10739e41f4b71Sopenharmony_ci 10740e41f4b71Sopenharmony_ci**示例:** 10741e41f4b71Sopenharmony_ci 10742e41f4b71Sopenharmony_ci```ts 10743e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10744e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10745e41f4b71Sopenharmony_ci 10746e41f4b71Sopenharmony_cilet nameStr = '/CN=Example CA/OU=test cert/O=test/L=XA/ST=SX/C=CN/CN=RSA CA/CN=XTS'; 10747e41f4b71Sopenharmony_ciasync function getName() { 10748e41f4b71Sopenharmony_ci try { 10749e41f4b71Sopenharmony_ci cert.createX500DistinguishedName(nameStr) 10750e41f4b71Sopenharmony_ci .then((data) => { 10751e41f4b71Sopenharmony_ci console.log('createX500DistinguishedName success'); 10752e41f4b71Sopenharmony_ci console.info('createX500DistinguishedName getName: ' + JSON.stringify(data.getName("CN"))) 10753e41f4b71Sopenharmony_ci }) 10754e41f4b71Sopenharmony_ci .catch((err: BusinessError) => { 10755e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 10756e41f4b71Sopenharmony_ci }) 10757e41f4b71Sopenharmony_ci } catch (error) { 10758e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10759e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 10760e41f4b71Sopenharmony_ci } 10761e41f4b71Sopenharmony_ci} 10762e41f4b71Sopenharmony_ci``` 10763e41f4b71Sopenharmony_ci 10764e41f4b71Sopenharmony_ci### getEncoded<sup>12+</sup> 10765e41f4b71Sopenharmony_ci 10766e41f4b71Sopenharmony_cigetEncoded(): EncodingBlob 10767e41f4b71Sopenharmony_ci 10768e41f4b71Sopenharmony_ci获取X509证书扩展域的数据。 10769e41f4b71Sopenharmony_ci 10770e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 10771e41f4b71Sopenharmony_ci 10772e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.Cert 10773e41f4b71Sopenharmony_ci 10774e41f4b71Sopenharmony_ci**返回值**: 10775e41f4b71Sopenharmony_ci 10776e41f4b71Sopenharmony_ci| 类型 | 说明 | 10777e41f4b71Sopenharmony_ci| ------- | ------------------------------------------------- | 10778e41f4b71Sopenharmony_ci| [EncodingBlob](#encodingblob) | X509证书序列化数据。| 10779e41f4b71Sopenharmony_ci 10780e41f4b71Sopenharmony_ci**错误码:** 10781e41f4b71Sopenharmony_ci 10782e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[证书错误码](errorcode-cert.md)。 10783e41f4b71Sopenharmony_ci 10784e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 10785e41f4b71Sopenharmony_ci| -------- | ------------- | 10786e41f4b71Sopenharmony_ci| 19020001 | memory error. | 10787e41f4b71Sopenharmony_ci| 19020002 | runtime error. | 10788e41f4b71Sopenharmony_ci| 19030001 | crypto operation error. | 10789e41f4b71Sopenharmony_ci 10790e41f4b71Sopenharmony_ci**示例:** 10791e41f4b71Sopenharmony_ci 10792e41f4b71Sopenharmony_ci```ts 10793e41f4b71Sopenharmony_ciimport { cert } from '@kit.DeviceCertificateKit'; 10794e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 10795e41f4b71Sopenharmony_ci 10796e41f4b71Sopenharmony_cilet nameStr = '/CN=Example CA/OU=test cert/O=test/L=XA/ST=SX/C=CN/CN=RSA CA/CN=XTS'; 10797e41f4b71Sopenharmony_ciasync function getEncoded() { 10798e41f4b71Sopenharmony_ci try { 10799e41f4b71Sopenharmony_ci cert.createX500DistinguishedName(nameStr) 10800e41f4b71Sopenharmony_ci .then((data) => { 10801e41f4b71Sopenharmony_ci console.log('createX500DistinguishedName success'); 10802e41f4b71Sopenharmony_ci let encodingBlobData = data.getEncoded(); 10803e41f4b71Sopenharmony_ci }) 10804e41f4b71Sopenharmony_ci .catch((err: BusinessError) => { 10805e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + err.code + ', errMsg: ' + err.message); 10806e41f4b71Sopenharmony_ci }) 10807e41f4b71Sopenharmony_ci } catch (error) { 10808e41f4b71Sopenharmony_ci let e: BusinessError = error as BusinessError; 10809e41f4b71Sopenharmony_ci console.error('createX500DistinguishedName catch, errCode: ' + e.code + ', errMsg: ' + e.message); 10810e41f4b71Sopenharmony_ci } 10811e41f4b71Sopenharmony_ci} 10812e41f4b71Sopenharmony_ci```