1/* 2 * Copyright (c) 2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit AssetStoreKit 19 */ 20 21/** 22 * This module provides the capabilities for life cycle management of sensitive user data (Asset) such as passwords 23 * and tokens, including adding, removing, updating, and querying. 24 * 25 * @namespace asset 26 * @syscap SystemCapability.Security.Asset 27 * @since 11 28 */ 29declare namespace asset { 30 /** 31 * Add an Asset. 32 * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently 33 * by setting {@link Tag.IS_PERSISTENT} tag. 34 * 35 * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. 36 * @returns { Promise<void> } the promise object returned by the function. 37 * @throws { BusinessError } 201 - The caller doesn't have the permission. 38 * @throws { BusinessError } 401 - Parameter error. Possible causes: 39 * 1. Mandatory parameters are left unspecified. 40 * 2. Incorrect parameter types. 41 * 3. Parameter verification failed. 42 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 43 * @throws { BusinessError } 24000003 - The asset already exists. 44 * @throws { BusinessError } 24000005 - The screen lock status does not match. 45 * @throws { BusinessError } 24000006 - Insufficient memory. 46 * @throws { BusinessError } 24000007 - The asset is corrupted. 47 * @throws { BusinessError } 24000008 - The database operation failed. 48 * @throws { BusinessError } 24000009 - The cryptography operation failed. 49 * @throws { BusinessError } 24000010 - IPC failed. 50 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 51 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 52 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 53 * @throws { BusinessError } 24000014 - The file operation failed. 54 * @throws { BusinessError } 24000015 - Getting the system time failed. 55 * @syscap SystemCapability.Security.Asset 56 * @since 11 57 */ 58 function add(attributes: AssetMap): Promise<void>; 59 60 /** 61 * Add an Asset to a specific user space. 62 * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently 63 * by setting {@link Tag.IS_PERSISTENT} tag. 64 * 65 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 66 * @param { number } userId - the user identifier to add an Asset. The user identifier cannot be lower than 100. 67 * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. 68 * @returns { Promise<void> } the promise object returned by the function. 69 * @throws { BusinessError } 201 - The caller doesn't have the permission. 70 * @throws { BusinessError } 202 - Non-system applications use system APIs. 71 * @throws { BusinessError } 401 - Parameter error. Possible causes: 72 * 1. Mandatory parameters are left unspecified. 73 * 2. Incorrect parameter types. 74 * 3. Parameter verification failed. 75 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 76 * @throws { BusinessError } 24000003 - The asset already exists. 77 * @throws { BusinessError } 24000005 - The screen lock status does not match. 78 * @throws { BusinessError } 24000006 - Insufficient memory. 79 * @throws { BusinessError } 24000007 - The asset is corrupted. 80 * @throws { BusinessError } 24000008 - The database operation failed. 81 * @throws { BusinessError } 24000009 - The cryptography operation failed. 82 * @throws { BusinessError } 24000010 - IPC failed. 83 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 84 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 85 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 86 * @throws { BusinessError } 24000014 - The file operation failed. 87 * @throws { BusinessError } 24000015 - Getting the system time failed. 88 * @syscap SystemCapability.Security.Asset 89 * @systemapi 90 * @since 12 91 */ 92 function addAsUser(userId: number, attributes: AssetMap): Promise<void>; 93 94 /** 95 * Add an Asset. 96 * Permission ohos.permission.STORE_PERSISTENT_DATA is required when the Asset needs to be stored persistently 97 * by setting {@link Tag.IS_PERSISTENT} tag. 98 * 99 * @param { AssetMap } attributes - a map object containing attributes of the Asset to be added. 100 * @throws { BusinessError } 201 - The caller doesn't have the permission. 101 * @throws { BusinessError } 401 - Parameter error. Possible causes: 102 * 1. Mandatory parameters are left unspecified. 103 * 2. Incorrect parameter types. 104 * 3. Parameter verification failed. 105 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 106 * @throws { BusinessError } 24000003 - The asset already exists. 107 * @throws { BusinessError } 24000005 - The screen lock status does not match. 108 * @throws { BusinessError } 24000006 - Insufficient memory. 109 * @throws { BusinessError } 24000007 - The asset is corrupted. 110 * @throws { BusinessError } 24000008 - The database operation failed. 111 * @throws { BusinessError } 24000009 - The cryptography operation failed. 112 * @throws { BusinessError } 24000010 - IPC failed. 113 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 114 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 115 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 116 * @throws { BusinessError } 24000014 - The file operation failed. 117 * @throws { BusinessError } 24000015 - Getting the system time failed. 118 * @syscap SystemCapability.Security.Asset 119 * @since 12 120 */ 121 function addSync(attributes: AssetMap): void; 122 123 /** 124 * Remove one or more Assets that match a search query. 125 * 126 * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. 127 * @returns { Promise<void> } the promise object returned by the function. 128 * @throws { BusinessError } 401 - Parameter error. Possible causes: 129 * 1. Incorrect parameter types. 130 * 2. Parameter verification failed. 131 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 132 * @throws { BusinessError } 24000002 - The asset is not found. 133 * @throws { BusinessError } 24000006 - Insufficient memory. 134 * @throws { BusinessError } 24000007 - The asset is corrupted. 135 * @throws { BusinessError } 24000008 - The database operation failed. 136 * @throws { BusinessError } 24000010 - IPC failed. 137 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 138 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 139 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 140 * @throws { BusinessError } 24000015 - Getting the system time failed. 141 * @syscap SystemCapability.Security.Asset 142 * @since 11 143 */ 144 function remove(query: AssetMap): Promise<void>; 145 146 /** 147 * Remove one or more Assets that match a search query from a specific user space. 148 * 149 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 150 * @param { number } userId - the user identifier to remove one or more Assets. The user identifier cannot be lower 151 * than 100. 152 * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. 153 * @returns { Promise<void> } the promise object returned by the function. 154 * @throws { BusinessError } 201 - The caller doesn't have the permission. 155 * @throws { BusinessError } 202 - Non-system applications use system APIs. 156 * @throws { BusinessError } 401 - Parameter error. Possible causes: 157 * 1. Incorrect parameter types. 158 * 2. Parameter verification failed. 159 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 160 * @throws { BusinessError } 24000002 - The asset is not found. 161 * @throws { BusinessError } 24000006 - Insufficient memory. 162 * @throws { BusinessError } 24000007 - The asset is corrupted. 163 * @throws { BusinessError } 24000008 - The database operation failed. 164 * @throws { BusinessError } 24000010 - IPC failed. 165 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 166 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 167 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 168 * @throws { BusinessError } 24000015 - Getting the system time failed. 169 * @syscap SystemCapability.Security.Asset 170 * @systemapi 171 * @since 12 172 */ 173 function removeAsUser(userId: number, query: AssetMap): Promise<void>; 174 175 /** 176 * Remove one or more Assets that match a search query. 177 * 178 * @param { AssetMap } query - a map object containing attributes of the Asset to be removed. 179 * @throws { BusinessError } 401 - Parameter error. Possible causes: 180 * 1. Incorrect parameter types. 181 * 2. Parameter verification failed. 182 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 183 * @throws { BusinessError } 24000002 - The asset is not found. 184 * @throws { BusinessError } 24000006 - Insufficient memory. 185 * @throws { BusinessError } 24000007 - The asset is corrupted. 186 * @throws { BusinessError } 24000008 - The database operation failed. 187 * @throws { BusinessError } 24000010 - IPC failed. 188 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 189 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 190 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 191 * @throws { BusinessError } 24000015 - Getting the system time failed. 192 * @syscap SystemCapability.Security.Asset 193 * @since 12 194 */ 195 function removeSync(query: AssetMap): void; 196 197 /** 198 * Update an Asset that matches a search query. 199 * 200 * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. 201 * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. 202 * @returns { Promise<void> } the promise object returned by the function. 203 * @throws { BusinessError } 401 - Parameter error. Possible causes: 204 * 1. Mandatory parameters are left unspecified. 205 * 2. Incorrect parameter types. 206 * 3. Parameter verification failed. 207 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 208 * @throws { BusinessError } 24000002 - The asset is not found. 209 * @throws { BusinessError } 24000005 - The screen lock status does not match. 210 * @throws { BusinessError } 24000006 - Insufficient memory. 211 * @throws { BusinessError } 24000007 - The asset is corrupted. 212 * @throws { BusinessError } 24000008 - The database operation failed. 213 * @throws { BusinessError } 24000009 - The cryptography operation failed. 214 * @throws { BusinessError } 24000010 - IPC failed. 215 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 216 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 217 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 218 * @throws { BusinessError } 24000015 - Getting the system time failed. 219 * @syscap SystemCapability.Security.Asset 220 * @since 11 221 */ 222 function update(query: AssetMap, attributesToUpdate: AssetMap): Promise<void>; 223 224 /** 225 * Update an Asset that matches a search query in a specific user space. 226 * 227 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 228 * @param { number } userId - the user identifier to update an Asset. The user identifier cannot be lower than 100. 229 * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. 230 * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. 231 * @returns { Promise<void> } the promise object returned by the function. 232 * @throws { BusinessError } 201 - The caller doesn't have the permission. 233 * @throws { BusinessError } 202 - Non-system applications use system APIs. 234 * @throws { BusinessError } 401 - Parameter error. Possible causes: 235 * 1. Mandatory parameters are left unspecified. 236 * 2. Incorrect parameter types. 237 * 3. Parameter verification failed. 238 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 239 * @throws { BusinessError } 24000002 - The asset is not found. 240 * @throws { BusinessError } 24000005 - The screen lock status does not match. 241 * @throws { BusinessError } 24000006 - Insufficient memory. 242 * @throws { BusinessError } 24000007 - The asset is corrupted. 243 * @throws { BusinessError } 24000008 - The database operation failed. 244 * @throws { BusinessError } 24000009 - The cryptography operation failed. 245 * @throws { BusinessError } 24000010 - IPC failed. 246 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 247 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 248 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 249 * @throws { BusinessError } 24000015 - Getting the system time failed. 250 * @syscap SystemCapability.Security.Asset 251 * @systemapi 252 * @since 12 253 */ 254 function updateAsUser(userId: number, query: AssetMap, attributesToUpdate: AssetMap): Promise<void>; 255 256 /** 257 * Update an Asset that matches a search query. 258 * 259 * @param { AssetMap } query - a map object containing attributes of the Asset to be updated. 260 * @param { AssetMap } attributesToUpdate - a map object containing attributes with new values. 261 * @throws { BusinessError } 401 - Parameter error. Possible causes: 262 * 1. Mandatory parameters are left unspecified. 263 * 2. Incorrect parameter types. 264 * 3. Parameter verification failed. 265 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 266 * @throws { BusinessError } 24000002 - The asset is not found. 267 * @throws { BusinessError } 24000005 - The screen lock status does not match. 268 * @throws { BusinessError } 24000006 - Insufficient memory. 269 * @throws { BusinessError } 24000007 - The asset is corrupted. 270 * @throws { BusinessError } 24000008 - The database operation failed. 271 * @throws { BusinessError } 24000009 - The cryptography operation failed. 272 * @throws { BusinessError } 24000010 - IPC failed. 273 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 274 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 275 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 276 * @throws { BusinessError } 24000015 - Getting the system time failed. 277 * @syscap SystemCapability.Security.Asset 278 * @since 12 279 */ 280 function updateSync(query: AssetMap, attributesToUpdate: AssetMap): void; 281 282 /** 283 * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. 284 * 285 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 286 * @returns { Promise<Uint8Array> } the promise object returned by the function. 287 * @throws { BusinessError } 401 - Parameter error. Possible causes: 288 * 1. Incorrect parameter types. 289 * 2. Parameter verification failed. 290 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 291 * @throws { BusinessError } 24000002 - The asset is not found. 292 * @throws { BusinessError } 24000005 - The screen lock status does not match. 293 * @throws { BusinessError } 24000006 - Insufficient memory. 294 * @throws { BusinessError } 24000007 - The asset is corrupted. 295 * @throws { BusinessError } 24000008 - The database operation failed. 296 * @throws { BusinessError } 24000009 - The cryptography operation failed. 297 * @throws { BusinessError } 24000010 - IPC failed. 298 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 299 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 300 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 301 * @throws { BusinessError } 24000016 - The cache exceeds the limit. 302 * @throws { BusinessError } 24000017 - The capability is not supported. 303 * @syscap SystemCapability.Security.Asset 304 * @since 11 305 */ 306 function preQuery(query: AssetMap): Promise<Uint8Array>; 307 308 /** 309 * Preprocessing (e.g. get challenge) for querying one or more Assets 310 * that require user authentication in a specific user space. 311 * 312 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 313 * @param { number } userId - the user identifier to pre-query one or more Assets. The user identifier cannot be 314 * lower than 100. 315 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 316 * @returns { Promise<Uint8Array> } the promise object returned by the function. 317 * @throws { BusinessError } 201 - The caller doesn't have the permission. 318 * @throws { BusinessError } 202 - Non-system applications use system APIs. 319 * @throws { BusinessError } 401 - Parameter error. Possible causes: 320 * 1. Incorrect parameter types. 321 * 2. Parameter verification failed. 322 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 323 * @throws { BusinessError } 24000002 - The asset is not found. 324 * @throws { BusinessError } 24000005 - The screen lock status does not match. 325 * @throws { BusinessError } 24000006 - Insufficient memory. 326 * @throws { BusinessError } 24000007 - The asset is corrupted. 327 * @throws { BusinessError } 24000008 - The database operation failed. 328 * @throws { BusinessError } 24000009 - The cryptography operation failed. 329 * @throws { BusinessError } 24000010 - IPC failed. 330 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 331 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 332 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 333 * @throws { BusinessError } 24000016 - The cache exceeds the limit. 334 * @throws { BusinessError } 24000017 - The capability is not supported. 335 * @syscap SystemCapability.Security.Asset 336 * @systemapi 337 * @since 12 338 */ 339 function preQueryAsUser(userId: number, query: AssetMap): Promise<Uint8Array>; 340 341 /** 342 * Preprocessing (e.g. get challenge) for querying one or more Assets that require user authentication. 343 * 344 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 345 * @returns { Uint8Array } the challenge value to be used when {@link querySync} is called. 346 * @throws { BusinessError } 401 - Parameter error. Possible causes: 347 * 1. Incorrect parameter types. 348 * 2. Parameter verification failed. 349 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 350 * @throws { BusinessError } 24000002 - The asset is not found. 351 * @throws { BusinessError } 24000005 - The screen lock status does not match. 352 * @throws { BusinessError } 24000006 - Insufficient memory. 353 * @throws { BusinessError } 24000007 - The asset is corrupted. 354 * @throws { BusinessError } 24000008 - The database operation failed. 355 * @throws { BusinessError } 24000009 - The cryptography operation failed. 356 * @throws { BusinessError } 24000010 - IPC failed. 357 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 358 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 359 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 360 * @throws { BusinessError } 24000016 - The cache exceeds the limit. 361 * @throws { BusinessError } 24000017 - The capability is not supported. 362 * @syscap SystemCapability.Security.Asset 363 * @since 12 364 */ 365 function preQuerySync(query: AssetMap): Uint8Array; 366 367 /** 368 * Query one or more Assets that match a search query. 369 * 370 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 371 * @returns { Promise<Array<AssetMap>> } the promise object returned by the function. 372 * @throws { BusinessError } 401 - Parameter error. Possible causes: 373 * 1. Incorrect parameter types. 374 * 2. Parameter verification failed. 375 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 376 * @throws { BusinessError } 24000002 - The asset is not found. 377 * @throws { BusinessError } 24000004 - Access denied. 378 * @throws { BusinessError } 24000005 - The screen lock status does not match. 379 * @throws { BusinessError } 24000006 - Insufficient memory. 380 * @throws { BusinessError } 24000007 - The asset is corrupted. 381 * @throws { BusinessError } 24000008 - The database operation failed. 382 * @throws { BusinessError } 24000009 - The cryptography operation failed. 383 * @throws { BusinessError } 24000010 - IPC failed. 384 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 385 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 386 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 387 * @throws { BusinessError } 24000017 - The capability is not supported. 388 * @syscap SystemCapability.Security.Asset 389 * @since 11 390 */ 391 function query(query: AssetMap): Promise<Array<AssetMap>>; 392 393 /** 394 * Query one or more Assets that match a search query in a specific user space. 395 * 396 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 397 * @param { number } userId - the user identifier to query one or more Assets. The user identifier cannot be lower 398 * than 100. 399 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 400 * @returns { Promise<Array<AssetMap>> } the promise object returned by the function. 401 * @throws { BusinessError } 201 - The caller doesn't have the permission. 402 * @throws { BusinessError } 202 - Non-system applications use system APIs. 403 * @throws { BusinessError } 401 - Parameter error. Possible causes: 404 * 1. Incorrect parameter types. 405 * 2. Parameter verification failed. 406 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 407 * @throws { BusinessError } 24000002 - The asset is not found. 408 * @throws { BusinessError } 24000004 - Access denied. 409 * @throws { BusinessError } 24000005 - The screen lock status does not match. 410 * @throws { BusinessError } 24000006 - Insufficient memory. 411 * @throws { BusinessError } 24000007 - The asset is corrupted. 412 * @throws { BusinessError } 24000008 - The database operation failed. 413 * @throws { BusinessError } 24000009 - The cryptography operation failed. 414 * @throws { BusinessError } 24000010 - IPC failed. 415 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 416 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 417 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 418 * @throws { BusinessError } 24000017 - The capability is not supported. 419 * @syscap SystemCapability.Security.Asset 420 * @systemapi 421 * @since 12 422 */ 423 function queryAsUser(userId: number, query: AssetMap): Promise<Array<AssetMap>>; 424 425 /** 426 * Query one or more Assets that match a search query. 427 * 428 * @param { AssetMap } query - a map object containing attributes of the Asset to be queried. 429 * @returns { Array<AssetMap> } the query result. 430 * @throws { BusinessError } 401 - Parameter error. Possible causes: 431 * 1. Incorrect parameter types. 432 * 2. Parameter verification failed. 433 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 434 * @throws { BusinessError } 24000002 - The asset is not found. 435 * @throws { BusinessError } 24000004 - Access denied. 436 * @throws { BusinessError } 24000005 - The screen lock status does not match. 437 * @throws { BusinessError } 24000006 - Insufficient memory. 438 * @throws { BusinessError } 24000007 - The asset is corrupted. 439 * @throws { BusinessError } 24000008 - The database operation failed. 440 * @throws { BusinessError } 24000009 - The cryptography operation failed. 441 * @throws { BusinessError } 24000010 - IPC failed. 442 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 443 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 444 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 445 * @throws { BusinessError } 24000017 - The capability is not supported. 446 * @syscap SystemCapability.Security.Asset 447 * @since 12 448 */ 449 function querySync(query: AssetMap): Array<AssetMap>; 450 451 /** 452 * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. 453 * 454 * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuery}. 455 * @returns { Promise<void> } the promise object returned by the function. 456 * @throws { BusinessError } 401 - Parameter error. Possible causes: 457 * 1. Mandatory parameters are left unspecified. 458 * 2. Incorrect parameter types. 459 * 3. Parameter verification failed. 460 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 461 * @throws { BusinessError } 24000006 - Insufficient memory. 462 * @throws { BusinessError } 24000010 - IPC failed. 463 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 464 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 465 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 466 * @syscap SystemCapability.Security.Asset 467 * @since 11 468 */ 469 function postQuery(handle: AssetMap): Promise<void>; 470 471 /** 472 * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication in a 473 * specific user space. 474 * 475 * @permission ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 476 * @param { number } userId - the user identifier to post-query one or more Assets. The user identifier cannot be 477 * lower than 100. 478 * @param { AssetMap } handle - a map object containing the handle returned by {@link preQueryAsUser}. 479 * @returns { Promise<void> } the promise object returned by the function. 480 * @throws { BusinessError } 201 - The caller doesn't have the permission. 481 * @throws { BusinessError } 202 - Non-system applications use system APIs. 482 * @throws { BusinessError } 401 - Parameter error. Possible causes: 483 * 1. Mandatory parameters are left unspecified. 484 * 2. Incorrect parameter types. 485 * 3. Parameter verification failed. 486 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 487 * @throws { BusinessError } 24000006 - Insufficient memory. 488 * @throws { BusinessError } 24000010 - IPC failed. 489 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 490 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 491 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 492 * @syscap SystemCapability.Security.Asset 493 * @systemapi 494 * @since 12 495 */ 496 function postQueryAsUser(userId:number, handle: AssetMap): Promise<void>; 497 498 /** 499 * Post-processing (e.g. release cached resource) for querying multiple Assets that require user authentication. 500 * 501 * @param { AssetMap } handle - a map object containing the handle returned by {@link preQuerySync}. 502 * @throws { BusinessError } 401 - Parameter error. Possible causes: 503 * 1. Mandatory parameters are left unspecified. 504 * 2. Incorrect parameter types. 505 * 3. Parameter verification failed. 506 * @throws { BusinessError } 24000001 - The ASSET service is unavailable. 507 * @throws { BusinessError } 24000006 - Insufficient memory. 508 * @throws { BusinessError } 24000010 - IPC failed. 509 * @throws { BusinessError } 24000011 - Calling the Bundle Manager service failed. 510 * @throws { BusinessError } 24000012 - Calling the OS Account service failed. 511 * @throws { BusinessError } 24000013 - Calling the Access Token service failed. 512 * @syscap SystemCapability.Security.Asset 513 * @since 12 514 */ 515 function postQuerySync(handle: AssetMap): void; 516 517 /** 518 * A Map type containing tag-value pairs that describe the attributes of an Asset. 519 * 520 * @typedef { Map<Tag, Value> } 521 * @syscap SystemCapability.Security.Asset 522 * @since 11 523 */ 524 type AssetMap = Map<Tag, Value>; 525 526 /** 527 * A type that indicates the secret or attribute value of an Asset tag. 528 * 529 * @typedef { boolean | number | Uint8Array } 530 * @syscap SystemCapability.Security.Asset 531 * @since 11 532 */ 533 type Value = boolean | number | Uint8Array; 534 535 /** 536 * An enum type indicates when the Asset is accessible. 537 * 538 * @enum { number } 539 * @syscap SystemCapability.Security.Asset 540 * @since 11 541 */ 542 enum Accessibility { 543 /** 544 * The secret value in the Asset can only be accessed after the device is powered on. 545 * 546 * @syscap SystemCapability.Security.Asset 547 * @since 11 548 */ 549 DEVICE_POWERED_ON = 0, 550 /** 551 * The secret value in the Asset can only be accessed after the device is first unlocked. 552 * 553 * @syscap SystemCapability.Security.Asset 554 * @since 11 555 */ 556 DEVICE_FIRST_UNLOCKED = 1, 557 /** 558 * The secret value in the Asset can only be accessed while the device is unlocked. 559 * 560 * @syscap SystemCapability.Security.Asset 561 * @since 11 562 */ 563 DEVICE_UNLOCKED = 2, 564 } 565 566 /** 567 * An enum type indicates the user authentication type for Asset access control. 568 * 569 * @enum { number } 570 * @syscap SystemCapability.Security.Asset 571 * @since 11 572 */ 573 enum AuthType { 574 /** 575 * The access to an Asset doesn't require user authentication. 576 * 577 * @syscap SystemCapability.Security.Asset 578 * @since 11 579 */ 580 NONE = 0x00, 581 /** 582 * The access to an Asset requires user authentication using either PIN/pattern/password or biometric traits. 583 * 584 * @syscap SystemCapability.Security.Asset 585 * @since 11 586 */ 587 ANY = 0xFF, 588 } 589 590 /** 591 * An enum type indicates the type of Asset synchronization. 592 * 593 * @enum { number } 594 * @syscap SystemCapability.Security.Asset 595 * @since 11 596 */ 597 enum SyncType { 598 /** 599 * An Asset with this attribute value is never allowed to be transferred out. 600 * 601 * @syscap SystemCapability.Security.Asset 602 * @since 11 603 */ 604 NEVER = 0, 605 /** 606 * An Asset with this attribute value can only be restored to the device from which it was transferred out. 607 * 608 * @syscap SystemCapability.Security.Asset 609 * @since 11 610 */ 611 THIS_DEVICE = 1 << 0, 612 /** 613 * An Asset with this attribute value can only be transferred out to a trusted device (user authorized). 614 * 615 * @syscap SystemCapability.Security.Asset 616 * @since 11 617 */ 618 TRUSTED_DEVICE = 1 << 1, 619 /** 620 * An Asset with this attribute value can only be transferred out to devices logged in with trusted accounts. 621 * 622 * @syscap SystemCapability.Security.Asset 623 * @since 12 624 */ 625 TRUSTED_ACCOUNT = 1 << 2, 626 } 627 628 /** 629 * An enum type indicates the strategy for conflict resolution when handling duplicated Asset alias. 630 * 631 * @enum { number } 632 * @syscap SystemCapability.Security.Asset 633 * @since 11 634 */ 635 enum ConflictResolution { 636 /** 637 * Directly overwrite an Asset with duplicated alias when a conflict is detected. 638 * 639 * @syscap SystemCapability.Security.Asset 640 * @since 11 641 */ 642 OVERWRITE = 0, 643 /** 644 * Throw an error so that the caller can take measures when a conflict is detected. 645 * 646 * @syscap SystemCapability.Security.Asset 647 * @since 11 648 */ 649 THROW_ERROR = 1, 650 } 651 652 /** 653 * An enum type indicates the return type of the queried Asset. 654 * 655 * @enum { number } 656 * @syscap SystemCapability.Security.Asset 657 * @since 11 658 */ 659 enum ReturnType { 660 /** 661 * Specify that the return data should contain both secret value and attributes. 662 * 663 * @syscap SystemCapability.Security.Asset 664 * @since 11 665 */ 666 ALL = 0, 667 /** 668 * Specify that the return data contains only attributes. 669 * 670 * @syscap SystemCapability.Security.Asset 671 * @since 11 672 */ 673 ATTRIBUTES = 1, 674 } 675 676 /** 677 * An enum type indicates the additional action to be performed during operation. 678 * 679 * @enum { number } 680 * @syscap SystemCapability.Security.Asset 681 * @since 12 682 */ 683 enum OperationType { 684 /** 685 * Synchronization is required during operation. 686 * 687 * @syscap SystemCapability.Security.Asset 688 * @since 12 689 */ 690 NEED_SYNC = 0, 691 /** 692 * Logout is required during operation. 693 * 694 * @syscap SystemCapability.Security.Asset 695 * @since 12 696 */ 697 NEED_LOGOUT = 1, 698 } 699 700 /** 701 * An enum type containing the data type definitions for Asset attribute value. 702 * 703 * @enum { number } 704 * @syscap SystemCapability.Security.Asset 705 * @since 11 706 */ 707 enum TagType { 708 /** 709 * The data type of Asset attribute value is bool. 710 * 711 * @syscap SystemCapability.Security.Asset 712 * @since 11 713 */ 714 BOOL = 0x01 << 28, 715 /** 716 * The data type of Asset attribute value is uint32. 717 * 718 * @syscap SystemCapability.Security.Asset 719 * @since 11 720 */ 721 NUMBER = 0x02 << 28, 722 /** 723 * The data type of Asset attribute value is byte array. 724 * 725 * @syscap SystemCapability.Security.Asset 726 * @since 11 727 */ 728 BYTES = 0x03 << 28, 729 } 730 731 /** 732 * An enum type containing the Asset attribute tags. 733 * 734 * @enum { number } 735 * @syscap SystemCapability.Security.Asset 736 * @since 11 737 */ 738 enum Tag { 739 /** 740 * A tag whose value is a byte array indicating the sensitive user data such as passwords and tokens. 741 * 742 * @syscap SystemCapability.Security.Asset 743 * @since 11 744 */ 745 SECRET = TagType.BYTES | 0x01, 746 /** 747 * A tag whose value is a byte array identifying an Asset. 748 * 749 * @syscap SystemCapability.Security.Asset 750 * @since 11 751 */ 752 ALIAS = TagType.BYTES | 0x02, 753 /** 754 * A tag whose value is a 32-bit unsigned integer indicating when the Asset can be accessed. 755 * 756 * @syscap SystemCapability.Security.Asset 757 * @since 11 758 */ 759 ACCESSIBILITY = TagType.NUMBER | 0x03, 760 /** 761 * A tag whose value is a bool indicating whether a screen lock password is required for the device. 762 * 763 * @syscap SystemCapability.Security.Asset 764 * @since 11 765 */ 766 REQUIRE_PASSWORD_SET = TagType.BOOL | 0x04, 767 /** 768 * A tag whose value is a 32-bit unsigned integer indicating the user authentication type for Asset access control. 769 * 770 * @syscap SystemCapability.Security.Asset 771 * @since 11 772 */ 773 AUTH_TYPE = TagType.NUMBER | 0x05, 774 /** 775 * A tag whose value is a 32-bit unsigned integer indicating the validity period in seconds of user authentication. 776 * 777 * @syscap SystemCapability.Security.Asset 778 * @since 11 779 */ 780 AUTH_VALIDITY_PERIOD = TagType.NUMBER | 0x06, 781 /** 782 * A tag whose value is a byte array indicating the authentication challenge for anti-replay protection. 783 * 784 * @syscap SystemCapability.Security.Asset 785 * @since 11 786 */ 787 AUTH_CHALLENGE = TagType.BYTES | 0x07, 788 /** 789 * A tag whose value is a byte array indicating the authentication token after a user is verified. 790 * 791 * @syscap SystemCapability.Security.Asset 792 * @since 11 793 */ 794 AUTH_TOKEN = TagType.BYTES | 0x08, 795 /** 796 * A tag whose value is a 32-bit unsigned integer indicating the type of Asset synchronization. 797 * 798 * @syscap SystemCapability.Security.Asset 799 * @since 11 800 */ 801 SYNC_TYPE = TagType.NUMBER | 0x10, 802 /** 803 * A tag whose value is a bool indicating whether Asset is stored persistently. 804 * 805 * @syscap SystemCapability.Security.Asset 806 * @since 11 807 */ 808 IS_PERSISTENT = TagType.BOOL | 0x11, 809 /** 810 * A tag whose value is a byte array indicating the first user-defined Asset data label (not allow to update). 811 * 812 * @syscap SystemCapability.Security.Asset 813 * @since 11 814 */ 815 DATA_LABEL_CRITICAL_1 = TagType.BYTES | 0x20, 816 /** 817 * A tag whose value is a byte array indicating the second user-defined Asset data label (not allow to update). 818 * 819 * @syscap SystemCapability.Security.Asset 820 * @since 11 821 */ 822 DATA_LABEL_CRITICAL_2 = TagType.BYTES | 0x21, 823 /** 824 * A tag whose value is a byte array indicating the third user-defined Asset data label (not allow to update). 825 * 826 * @syscap SystemCapability.Security.Asset 827 * @since 11 828 */ 829 DATA_LABEL_CRITICAL_3 = TagType.BYTES | 0x22, 830 /** 831 * A tag whose value is a byte array indicating the fourth user-defined Asset data label (not allow to update). 832 * 833 * @syscap SystemCapability.Security.Asset 834 * @since 11 835 */ 836 DATA_LABEL_CRITICAL_4 = TagType.BYTES | 0x23, 837 /** 838 * A tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). 839 * 840 * @syscap SystemCapability.Security.Asset 841 * @since 11 842 */ 843 DATA_LABEL_NORMAL_1 = TagType.BYTES | 0x30, 844 /** 845 * A tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). 846 * 847 * @syscap SystemCapability.Security.Asset 848 * @since 11 849 */ 850 DATA_LABEL_NORMAL_2 = TagType.BYTES | 0x31, 851 /** 852 * A tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). 853 * 854 * @syscap SystemCapability.Security.Asset 855 * @since 11 856 */ 857 DATA_LABEL_NORMAL_3 = TagType.BYTES | 0x32, 858 /** 859 * A tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). 860 * 861 * @syscap SystemCapability.Security.Asset 862 * @since 11 863 */ 864 DATA_LABEL_NORMAL_4 = TagType.BYTES | 0x33, 865 /** 866 * A local tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). 867 * The information of a local tag will not be synchronized. 868 * 869 * @syscap SystemCapability.Security.Asset 870 * @since 12 871 */ 872 DATA_LABEL_NORMAL_LOCAL_1 = TagType.BYTES | 0x34, 873 /** 874 * A local tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). 875 * The information of a local tag will not be synchronized. 876 * 877 * @syscap SystemCapability.Security.Asset 878 * @since 12 879 */ 880 DATA_LABEL_NORMAL_LOCAL_2 = TagType.BYTES | 0x35, 881 /** 882 * A local tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). 883 * The information of a local tag will not be synchronized. 884 * 885 * @syscap SystemCapability.Security.Asset 886 * @since 12 887 */ 888 DATA_LABEL_NORMAL_LOCAL_3 = TagType.BYTES | 0x36, 889 /** 890 * A local tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). 891 * The information of a local tag will not be synchronized. 892 * 893 * @syscap SystemCapability.Security.Asset 894 * @since 12 895 */ 896 DATA_LABEL_NORMAL_LOCAL_4 = TagType.BYTES | 0x37, 897 /** 898 * A tag whose value is a 32-bit unsigned integer indicating the return type of the queried Asset. 899 * 900 * @syscap SystemCapability.Security.Asset 901 * @since 11 902 */ 903 RETURN_TYPE = TagType.NUMBER | 0x40, 904 /** 905 * A tag whose value is a 32-bit unsigned integer indicating the maximum number of returned Assets in one query. 906 * 907 * @syscap SystemCapability.Security.Asset 908 * @since 11 909 */ 910 RETURN_LIMIT = TagType.NUMBER | 0x41, 911 /** 912 * A tag whose value is a 32-bit unsigned integer indicating the offset of return data in batch query. 913 * 914 * @syscap SystemCapability.Security.Asset 915 * @since 11 916 */ 917 RETURN_OFFSET = TagType.NUMBER | 0x42, 918 /** 919 * A tag whose value is a 32-bit unsigned integer indicating how the query results are sorted. 920 * 921 * @syscap SystemCapability.Security.Asset 922 * @since 11 923 */ 924 RETURN_ORDERED_BY = TagType.NUMBER | 0x43, 925 /** 926 * A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts. 927 * 928 * @syscap SystemCapability.Security.Asset 929 * @since 11 930 */ 931 CONFLICT_RESOLUTION = TagType.NUMBER | 0x44, 932 /** 933 * A tag whose value is a byte array indicating the update time of an Asset. 934 * 935 * @syscap SystemCapability.Security.Asset 936 * @since 12 937 */ 938 UPDATE_TIME = TagType.BYTES | 0x45, 939 /** 940 * A tag whose value is a 32-bit unsigned integer indicating the additional action to be performed during operation. 941 * 942 * @syscap SystemCapability.Security.Asset 943 * @since 12 944 */ 945 OPERATION_TYPE = TagType.NUMBER | 0x46, 946 /** 947 * A tag whose value is a bool indicating whether the attributes of an asset are required to be encrypted. 948 * 949 * @syscap SystemCapability.Security.Asset 950 * @since 13 951 */ 952 REQUIRE_ATTR_ENCRYPTED = TagType.BOOL | 0x47, 953 } 954 955 /** 956 * An enum type containing the Asset error codes. 957 * 958 * @enum { number } 959 * @syscap SystemCapability.Security.Asset 960 * @since 11 961 */ 962 enum ErrorCode { 963 /** 964 * The error code indicates that the caller doesn't have the permission. 965 * 966 * @syscap SystemCapability.Security.Asset 967 * @since 11 968 */ 969 PERMISSION_DENIED = 201, 970 /** 971 * The error code indicates that the caller is not a system application. 972 * 973 * @syscap SystemCapability.Security.Asset 974 * @since 12 975 */ 976 NOT_SYSTEM_APPLICATION = 202, 977 /** 978 * The error code indicates that the argument is invalid. 979 * 980 * @syscap SystemCapability.Security.Asset 981 * @since 11 982 */ 983 INVALID_ARGUMENT = 401, 984 /** 985 * The error code indicates that the ASSET service is unavailable. 986 * 987 * @syscap SystemCapability.Security.Asset 988 * @since 11 989 */ 990 SERVICE_UNAVAILABLE = 24000001, 991 /** 992 * The error code indicates that the asset is not found. 993 * 994 * @syscap SystemCapability.Security.Asset 995 * @since 11 996 */ 997 NOT_FOUND = 24000002, 998 /** 999 * The error code indicates that the asset already exists. 1000 * 1001 * @syscap SystemCapability.Security.Asset 1002 * @since 11 1003 */ 1004 DUPLICATED = 24000003, 1005 /** 1006 * The error code indicates that access to the asset is denied. 1007 * 1008 * @syscap SystemCapability.Security.Asset 1009 * @since 11 1010 */ 1011 ACCESS_DENIED = 24000004, 1012 /** 1013 * The error code indicates that the screen lock status does not match. 1014 * 1015 * @syscap SystemCapability.Security.Asset 1016 * @since 11 1017 */ 1018 STATUS_MISMATCH = 24000005, 1019 /** 1020 * The error code indicates insufficient memory. 1021 * 1022 * @syscap SystemCapability.Security.Asset 1023 * @since 11 1024 */ 1025 OUT_OF_MEMORY = 24000006, 1026 /** 1027 * The error code indicates that the asset is corrupted. 1028 * 1029 * @syscap SystemCapability.Security.Asset 1030 * @since 11 1031 */ 1032 DATA_CORRUPTED = 24000007, 1033 /** 1034 * The error code indicates that the database operation failed. 1035 * 1036 * @syscap SystemCapability.Security.Asset 1037 * @since 11 1038 */ 1039 DATABASE_ERROR = 24000008, 1040 /** 1041 * The error code indicates that the cryptography operation failed. 1042 * 1043 * @syscap SystemCapability.Security.Asset 1044 * @since 11 1045 */ 1046 CRYPTO_ERROR = 24000009, 1047 /** 1048 * The error code indicates that the ipc failed. 1049 * 1050 * @syscap SystemCapability.Security.Asset 1051 * @since 11 1052 */ 1053 IPC_ERROR = 24000010, 1054 /** 1055 * The error code indicates that calling the Bundle Manager service failed. 1056 * 1057 * @syscap SystemCapability.Security.Asset 1058 * @since 11 1059 */ 1060 BMS_ERROR = 24000011, 1061 /** 1062 * The error code indicates that calling the OS Account service failed. 1063 * 1064 * @syscap SystemCapability.Security.Asset 1065 * @since 11 1066 */ 1067 ACCOUNT_ERROR = 24000012, 1068 /** 1069 * The error code indicates that calling the Access Token service failed. 1070 * 1071 * @syscap SystemCapability.Security.Asset 1072 * @since 11 1073 */ 1074 ACCESS_TOKEN_ERROR = 24000013, 1075 /** 1076 * The error code indicates that the file operation failed. 1077 * 1078 * @syscap SystemCapability.Security.Asset 1079 * @since 11 1080 */ 1081 FILE_OPERATION_ERROR = 24000014, 1082 /** 1083 * The error code indicates that getting the system time failed. 1084 * 1085 * @syscap SystemCapability.Security.Asset 1086 * @since 11 1087 */ 1088 GET_SYSTEM_TIME_ERROR = 24000015, 1089 /** 1090 * The error code indicates that the cache exceeds the limit. 1091 * 1092 * @syscap SystemCapability.Security.Asset 1093 * @since 11 1094 */ 1095 LIMIT_EXCEEDED = 24000016, 1096 /** 1097 * The error code indicates that the capability is not supported. 1098 * 1099 * @syscap SystemCapability.Security.Asset 1100 * @since 11 1101 */ 1102 UNSUPPORTED = 24000017, 1103 } 1104} 1105 1106export default asset; 1107