1/*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16/**
17 * @file
18 * @kit DeviceCertificateKit
19 */
20
21import type { AsyncCallback } from './@ohos.base';
22
23/**
24 * OpenHarmony Universal CertificateManager
25 *
26 * @namespace certificateManager
27 * @syscap SystemCapability.Security.CertificateManager
28 * @since 11
29 */
30declare namespace certificateManager {
31  /**
32   * Enum for result code
33   *
34   * @enum { number }
35   * @syscap SystemCapability.Security.CertificateManager
36   * @since 11
37   */
38  export enum CMErrorCode {
39    /**
40     * Indicates that the application has no permission to call the API.
41     *
42     * @syscap SystemCapability.Security.CertificateManager
43     * @since 11
44     */
45    CM_ERROR_NO_PERMISSION = 201,
46
47    /**
48     * Indicates that the application is not a system application.
49     *
50     * @syscap SystemCapability.Security.CertificateManager
51     * @systemapi
52     * @since 11
53     */
54    CM_ERROR_NOT_SYSTEM_APP = 202,
55
56    /**
57     * Indicates that the input parameters are invalid.
58     *
59     * @syscap SystemCapability.Security.CertificateManager
60     * @since 11
61     */
62    CM_ERROR_INVALID_PARAMS = 401,
63
64    /**
65     * Indicates that internal error.
66     *
67     * @syscap SystemCapability.Security.CertificateManager
68     * @since 11
69     */
70    CM_ERROR_GENERIC = 17500001,
71
72    /**
73     * Indicates that the certificate does not exist.
74     *
75     * @syscap SystemCapability.Security.CertificateManager
76     * @since 11
77     */
78    CM_ERROR_NO_FOUND = 17500002,
79
80    /**
81     * Indicates that the keystore is in an invalid format or the keystore password is incorrect.
82     *
83     * @syscap SystemCapability.Security.CertificateManager
84     * @since 11
85     */
86    CM_ERROR_INCORRECT_FORMAT = 17500003,
87
88    /**
89     * Indicates that the number of certificates or credentials reaches the maximum allowed.
90     *
91     * @syscap SystemCapability.Security.CertificateManager
92     * @since 12
93     */
94    CM_ERROR_MAX_CERT_COUNT_REACHED = 17500004,
95
96    /**
97     * Indicates that the application is not authorized by the user.
98     *
99     * @syscap SystemCapability.Security.CertificateManager
100     * @since 12
101     */
102    CM_ERROR_NO_AUTHORIZATION = 17500005
103  }
104
105  /**
106   * Provides the CertInfo type.
107   *
108   * @typedef CertInfo
109   * @syscap SystemCapability.Security.CertificateManager
110   * @since 11
111   */
112  export interface CertInfo {
113    /**
114     * Indicates the uri of certificate.
115     *
116     * @type { string }
117     * @syscap SystemCapability.Security.CertificateManager
118     * @since 11
119     */
120    uri: string;
121
122    /**
123     * Indicates the alias of certificate.
124     *
125     * @type { string }
126     * @syscap SystemCapability.Security.CertificateManager
127     * @since 11
128     */
129    certAlias: string;
130
131    /**
132     * Indicates the state of certificate.
133     *
134     * @type { boolean }
135     * @syscap SystemCapability.Security.CertificateManager
136     * @since 11
137     */
138    state: boolean;
139
140    /**
141     * Indicates the issuer name of certificate.
142     *
143     * @type { string }
144     * @syscap SystemCapability.Security.CertificateManager
145     * @since 11
146     */
147    issuerName: string;
148
149    /**
150     * Indicates the subject name of certificate.
151     *
152     * @type { string }
153     * @syscap SystemCapability.Security.CertificateManager
154     * @since 11
155     */
156    subjectName: string;
157
158    /**
159     * Indicates the serial number of certificate.
160     *
161     * @type { string }
162     * @syscap SystemCapability.Security.CertificateManager
163     * @since 11
164     */
165    serial: string;
166
167    /**
168     * Indicates the not before time of certificate.
169     *
170     * @type { string }
171     * @syscap SystemCapability.Security.CertificateManager
172     * @since 11
173     */
174    notBefore: string;
175
176    /**
177     * Indicates the not after time of certificate.
178     *
179     * @type { string }
180     * @syscap SystemCapability.Security.CertificateManager
181     * @since 11
182     */
183    notAfter: string;
184
185    /**
186     * Indicates the fingerprint of certificate.
187     *
188     * @type { string }
189     * @syscap SystemCapability.Security.CertificateManager
190     * @since 11
191     */
192    fingerprintSha256: string;
193
194    /**
195     * Indicates the certificate binary data.
196     *
197     * @type { Uint8Array }
198     * @syscap SystemCapability.Security.CertificateManager
199     * @since 11
200     */
201    cert: Uint8Array;
202  }
203
204  /**
205   * Provides the abstract Cert type.
206   *
207   * @typedef CertAbstract
208   * @syscap SystemCapability.Security.CertificateManager
209   * @since 11
210   */
211  export interface CertAbstract {
212    /**
213     * Indicates the uri of certificate.
214     *
215     * @type { string }
216     * @syscap SystemCapability.Security.CertificateManager
217     * @since 11
218     */
219    uri: string;
220
221    /**
222     * Indicates the alias of certificate.
223     *
224     * @type { string }
225     * @syscap SystemCapability.Security.CertificateManager
226     * @since 11
227     */
228    certAlias: string;
229
230    /**
231     * Indicates the state of certificate.
232     *
233     * @type { boolean }
234     * @syscap SystemCapability.Security.CertificateManager
235     * @since 11
236     */
237    state: boolean;
238
239    /**
240     * Indicates the subject name of certificate.
241     *
242     * @type { string }
243     * @syscap SystemCapability.Security.CertificateManager
244     * @since 11
245     */
246    subjectName: string;
247  }
248
249  /**
250   * Provides the Credential type.
251   *
252   * @typedef Credential
253   * @syscap SystemCapability.Security.CertificateManager
254   * @since 11
255   */
256  export interface Credential {
257    /**
258     * Indicates the type of Credential.
259     *
260     * @type { string }
261     * @syscap SystemCapability.Security.CertificateManager
262     * @since 11
263     */
264    type: string;
265
266    /**
267     * Indicates the alias of Credential.
268     *
269     * @type { string }
270     * @syscap SystemCapability.Security.CertificateManager
271     * @since 11
272     */
273    alias: string;
274
275    /**
276     * Indicates the uri of Credential.
277     *
278     * @type { string }
279     * @syscap SystemCapability.Security.CertificateManager
280     * @since 11
281     */
282    keyUri: string;
283
284    /**
285     * Indicates the number of certificates included in the credential.
286     *
287     * @type { number }
288     * @syscap SystemCapability.Security.CertificateManager
289     * @since 11
290     */
291    certNum: number;
292
293    /**
294     * Indicates the number of key included in the credential.
295     *
296     * @type { number }
297     * @syscap SystemCapability.Security.CertificateManager
298     * @since 11
299     */
300    keyNum: number;
301
302    /**
303     * Indicates the credential binary data.
304     *
305     * @type { Uint8Array }
306     * @syscap SystemCapability.Security.CertificateManager
307     * @since 11
308     */
309    credentialData: Uint8Array;
310  }
311
312  /**
313   * Provides the abstract Credential type.
314   *
315   * @typedef CredentialAbstract
316   * @syscap SystemCapability.Security.CertificateManager
317   * @since 11
318   */
319  export interface CredentialAbstract {
320    /**
321     * Indicates the type of Credential.
322     *
323     * @type { string }
324     * @syscap SystemCapability.Security.CertificateManager
325     * @since 11
326     */
327    type: string;
328
329    /**
330     * Indicates the alias of Credential.
331     *
332     * @type { string }
333     * @syscap SystemCapability.Security.CertificateManager
334     * @since 11
335     */
336    alias: string;
337
338    /**
339     * Indicates the uri of Credential.
340     *
341     * @type { string }
342     * @syscap SystemCapability.Security.CertificateManager
343     * @since 11
344     */
345    keyUri: string;
346  }
347
348  /**
349   * Provides the CMResult type.
350   *
351   * @typedef CMResult
352   * @syscap SystemCapability.Security.CertificateManager
353   * @since 11
354   */
355  export interface CMResult {
356    /**
357     * Indicates the certificate list of CMResult.
358     *
359     * @type { ?Array<CertAbstract> }
360     * @syscap SystemCapability.Security.CertificateManager
361     * @since 11
362     */
363    certList?: Array<CertAbstract>;
364
365    /**
366     * Indicates the certificate info of CMResult.
367     *
368     * @type { ?CertInfo }
369     * @syscap SystemCapability.Security.CertificateManager
370     * @since 11
371     */
372    certInfo?: CertInfo;
373
374    /**
375     * Indicates the credential list of CMResult.
376     *
377     * @type { ?Array<CredentialAbstract> }
378     * @syscap SystemCapability.Security.CertificateManager
379     * @since 11
380     */
381    credentialList?: Array<CredentialAbstract>;
382
383    /**
384     * Indicates the credential of CMResult.
385     *
386     * @type { ?Credential }
387     * @syscap SystemCapability.Security.CertificateManager
388     * @since 11
389     */
390    credential?: Credential;
391
392    /**
393     * Indicates the app uid list of CMResult.
394     *
395     * @type { ?Array<string> }
396     * @syscap SystemCapability.Security.CertificateManager
397     * @since 11
398     */
399    appUidList?: Array<string>;
400
401    /**
402     * Indicates the certificate uri of CMResult.
403     *
404     * @type { ?string }
405     * @syscap SystemCapability.Security.CertificateManager
406     * @since 11
407     */
408    uri?: string;
409
410    /**
411     * Indicates the outData of CMResult.
412     *
413     * @type { ?Uint8Array }
414     * @syscap SystemCapability.Security.CertificateManager
415     * @since 11
416     */
417    outData?: Uint8Array;
418  }
419
420  /**
421   * Enum for Key Purpose
422   *
423   * @enum { number }
424   * @syscap SystemCapability.Security.CertificateManager
425   * @since 11
426   */
427  export enum CmKeyPurpose {
428    /**
429     * Indicates that key for signature.
430     *
431     * @syscap SystemCapability.Security.CertificateManager
432     * @since 11
433     */
434    CM_KEY_PURPOSE_SIGN = 4,
435
436    /**
437     * Indicates that key for verify.
438     *
439     * @syscap SystemCapability.Security.CertificateManager
440     * @since 11
441     */
442    CM_KEY_PURPOSE_VERIFY = 8
443  }
444
445  /**
446   * Enum for Key Digest
447   *
448   * @enum { number }
449   * @syscap SystemCapability.Security.CertificateManager
450   * @since 11
451   */
452  export enum CmKeyDigest {
453    /**
454     * Indicates that key digest is none.
455     *
456     * @syscap SystemCapability.Security.CertificateManager
457     * @since 11
458     */
459    CM_DIGEST_NONE = 0,
460
461    /**
462     * Indicates that key digest is md5.
463     *
464     * @syscap SystemCapability.Security.CertificateManager
465     * @since 11
466     */
467    CM_DIGEST_MD5 = 1,
468
469    /**
470     * Indicates that key digest is sha1.
471     *
472     * @syscap SystemCapability.Security.CertificateManager
473     * @since 11
474     */
475    CM_DIGEST_SHA1 = 2,
476
477    /**
478     * Indicates that key digest is sha224.
479     *
480     * @syscap SystemCapability.Security.CertificateManager
481     * @since 11
482     */
483    CM_DIGEST_SHA224 = 3,
484
485    /**
486     * Indicates that key digest is sha256.
487     *
488     * @syscap SystemCapability.Security.CertificateManager
489     * @since 11
490     */
491    CM_DIGEST_SHA256 = 4,
492
493    /**
494     * Indicates that key digest is sha384.
495     *
496     * @syscap SystemCapability.Security.CertificateManager
497     * @since 11
498     */
499    CM_DIGEST_SHA384 = 5,
500
501    /**
502     * Indicates that key digest is sha512.
503     *
504     * @syscap SystemCapability.Security.CertificateManager
505     * @since 11
506     */
507    CM_DIGEST_SHA512 = 6
508  }
509
510  /**
511   * Enum for Key Padding
512   *
513   * @enum { number }
514   * @syscap SystemCapability.Security.CertificateManager
515   * @since 11
516   */
517  export enum CmKeyPadding {
518    /**
519     * Indicates that key padding is none.
520     *
521     * @syscap SystemCapability.Security.CertificateManager
522     * @since 11
523     */
524    CM_PADDING_NONE = 0,
525
526    /**
527     * Indicates that key padding is PSS.
528     *
529     * @syscap SystemCapability.Security.CertificateManager
530     * @since 11
531     */
532    CM_PADDING_PSS = 1,
533
534    /**
535     * Indicates that key padding is PKCS1_V1_5.
536     *
537     * @syscap SystemCapability.Security.CertificateManager
538     * @since 11
539     */
540    CM_PADDING_PKCS1_V1_5 = 2
541  }
542
543  /**
544   * Provides the CMSignatureSpec type.
545   *
546   * @typedef CMSignatureSpec
547   * @syscap SystemCapability.Security.CertificateManager
548   * @since 11
549   */
550  export interface CMSignatureSpec {
551    /**
552     * Indicates the key purpose of CMSignatureSpec.
553     *
554     * @type { CmKeyPurpose }
555     * @syscap SystemCapability.Security.CertificateManager
556     * @since 11
557     */
558    purpose: CmKeyPurpose;
559
560    /**
561     * Indicates the key padding of CMSignatureSpec.
562     *
563     * @type { ?CmKeyPadding }
564     * @syscap SystemCapability.Security.CertificateManager
565     * @since 11
566     */
567    padding?: CmKeyPadding;
568
569    /**
570     * Indicates the key digest of CMSignatureSpec.
571     *
572     * @type { ?CmKeyDigest }
573     * @syscap SystemCapability.Security.CertificateManager
574     * @since 11
575     */
576    digest?: CmKeyDigest;
577  }
578
579  /**
580   * Provides the CMHandle type.
581   *
582   * @typedef CMHandle
583   * @syscap SystemCapability.Security.CertificateManager
584   * @since 11
585   */
586  export interface CMHandle {
587    /**
588     * Indicates the handle .
589     *
590     * @type { Uint8Array }
591     * @syscap SystemCapability.Security.CertificateManager
592     * @since 11
593     */
594    handle: Uint8Array;
595  }
596
597  /**
598   * Install private application certificate.
599   *
600   * @permission ohos.permission.ACCESS_CERT_MANAGER
601   * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate.
602   * @param { string } keystorePwd - Indicates the password of keystore file.
603   * @param { string } certAlias - Indicates the certificate name inputted by the user.
604   * @param { AsyncCallback<CMResult> } callback - The callback of installPrivateCertificate.
605   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
606   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
607   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
608   * @throws { BusinessError } 17500001 - Internal error.
609   * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect.
610   * @syscap SystemCapability.Security.CertificateManager
611   * @since 11
612   */
613  /**
614   * Install private application certificate.
615   *
616   * @permission ohos.permission.ACCESS_CERT_MANAGER
617   * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate.
618   * @param { string } keystorePwd - Indicates the password of keystore file.
619   * @param { string } certAlias - Indicates the certificate name inputted by the user.
620   * @param { AsyncCallback<CMResult> } callback - The callback of installPrivateCertificate.
621   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
622   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
623   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
624   * @throws { BusinessError } 17500001 - Internal error.
625   * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect.
626   * @throws { BusinessError } 17500004 - The number of certificates or credentials reaches the maximum allowed.
627   * @syscap SystemCapability.Security.CertificateManager
628   * @since 12
629   */
630  function installPrivateCertificate(
631    keystore: Uint8Array,
632    keystorePwd: string,
633    certAlias: string,
634    callback: AsyncCallback<CMResult>
635  ): void;
636
637  /**
638   * Install private application certificate.
639   *
640   * @permission ohos.permission.ACCESS_CERT_MANAGER
641   * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate.
642   * @param { string } keystorePwd - Indicates the password of keystore file.
643   * @param { string } certAlias - Indicates the certificate name inputted by the user.
644   * @returns { Promise<CMResult> } The promise returned by the function.
645   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
646   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
647   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
648   * @throws { BusinessError } 17500001 - Internal error.
649   * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect.
650   * @syscap SystemCapability.Security.CertificateManager
651   * @since 11
652   */
653  /**
654   * Install private application certificate.
655   *
656   * @permission ohos.permission.ACCESS_CERT_MANAGER
657   * @param { Uint8Array } keystore - Indicates the keystore file with key pair and certificate.
658   * @param { string } keystorePwd - Indicates the password of keystore file.
659   * @param { string } certAlias - Indicates the certificate name inputted by the user.
660   * @returns { Promise<CMResult> } The promise returned by the function.
661   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
662   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
663   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
664   * @throws { BusinessError } 17500001 - Internal error.
665   * @throws { BusinessError } 17500003 - The keystore is in an invalid format or the keystore password is incorrect.
666   * @throws { BusinessError } 17500004 - The number of certificates or credentials reaches the maximum allowed.
667   * @syscap SystemCapability.Security.CertificateManager
668   * @since 12
669   */
670  function installPrivateCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string): Promise<CMResult>;
671
672  /**
673   * Uninstall the specified normal application certificate.
674   *
675   * @permission ohos.permission.ACCESS_CERT_MANAGER
676   * @param { string } keyUri - Indicates key's name.
677   * @param { AsyncCallback<void> } callback - The callback of uninstallPrivateCertificate.
678   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
679   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
680   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
681   * @throws { BusinessError } 17500001 - Internal error.
682   * @throws { BusinessError } 17500002 - The certificate does not exist.
683   * @syscap SystemCapability.Security.CertificateManager
684   * @since 11
685   */
686  function uninstallPrivateCertificate(keyUri: string, callback: AsyncCallback<void>): void;
687
688  /**
689   * Uninstall the specified normal application certificate.
690   *
691   * @permission ohos.permission.ACCESS_CERT_MANAGER
692   * @param { string } keyUri - Indicates key's name.
693   * @returns { Promise<void> } The promise returned by the function.
694   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
695   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
696   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
697   * @throws { BusinessError } 17500001 - Internal error.
698   * @throws { BusinessError } 17500002 - The certificate does not exist.
699   * @syscap SystemCapability.Security.CertificateManager
700   * @since 11
701   */
702  function uninstallPrivateCertificate(keyUri: string): Promise<void>;
703
704  /**
705   * Get a list of all applications private certificates.
706   *
707   * @permission ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
708   * @param { AsyncCallback<CMResult> } callback - The callback of getAllAppPrivateCertificates.
709   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
710   * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API.
711   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
712   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
713   * @throws { BusinessError } 17500001 - Internal error.
714   * @syscap SystemCapability.Security.CertificateManager
715   * @systemapi
716   * @since 11
717   */
718  function getAllAppPrivateCertificates(callback: AsyncCallback<CMResult>): void;
719
720  /**
721   * Get a list of all applications private certificates.
722   *
723   * @permission ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
724   * @returns { Promise<CMResult> } The promise returned by the function.
725   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
726   * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API.
727   * @throws { BusinessError } 17500001 - Internal error.
728   * @syscap SystemCapability.Security.CertificateManager
729   * @systemapi
730   * @since 11
731   */
732  function getAllAppPrivateCertificates(): Promise<CMResult>;
733
734  /**
735   * Get the detail of private application certificate.
736   *
737   * @permission ohos.permission.ACCESS_CERT_MANAGER
738   * @param { string } keyUri - Indicates key's name.
739   * @param { AsyncCallback<CMResult> } callback - The callback of getPrivateCertificate.
740   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
741   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
742   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
743   * @throws { BusinessError } 17500001 - Internal error.
744   * @throws { BusinessError } 17500002 - The certificate does not exist.
745   * @syscap SystemCapability.Security.CertificateManager
746   * @since 11
747   */
748  function getPrivateCertificate(keyUri: string, callback: AsyncCallback<CMResult>): void;
749
750  /**
751   * Get the detail of private application certificate.
752   *
753   * @permission ohos.permission.ACCESS_CERT_MANAGER
754   * @param { string } keyUri - Indicates key's name.
755   * @returns { Promise<CMResult> } The promise returned by the function.
756   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
757   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
758   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
759   * @throws { BusinessError } 17500001 - Internal error.
760   * @throws { BusinessError } 17500002 - The certificate does not exist.
761   * @syscap SystemCapability.Security.CertificateManager
762   * @since 11
763   */
764  function getPrivateCertificate(keyUri: string): Promise<CMResult>;
765
766  /**
767   * Init operation for signing and verifying etc.
768   *
769   * @permission ohos.permission.ACCESS_CERT_MANAGER
770   * @param { string } authUri - Indicates the authorization relationship between application and application certificate.
771   * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification.
772   * @param { AsyncCallback<CMHandle> } callback - The callback of init.
773   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
774   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
775   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
776   * @throws { BusinessError } 17500001 - Internal error.
777   * @throws { BusinessError } 17500002 - The certificate does not exist.
778   * @syscap SystemCapability.Security.CertificateManager
779   * @since 11
780   */
781  /**
782   * Init operation for signing and verifying etc.
783   *
784   * @permission ohos.permission.ACCESS_CERT_MANAGER
785   * @param { string } authUri - Indicates the authorization relationship between application and application certificate.
786   * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification.
787   * @param { AsyncCallback<CMHandle> } callback - The callback of init.
788   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
789   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
790   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
791   * @throws { BusinessError } 17500001 - Internal error.
792   * @throws { BusinessError } 17500002 - The certificate does not exist.
793   * @throws { BusinessError } 17500005 - The application is not authorized by the user.
794   * @syscap SystemCapability.Security.CertificateManager
795   * @since 12
796   */
797  function init(authUri: string, spec: CMSignatureSpec, callback: AsyncCallback<CMHandle>): void;
798
799  /**
800   * Init operation for signing and verifying etc.
801   *
802   * @permission ohos.permission.ACCESS_CERT_MANAGER
803   * @param { string } authUri - Indicates the authorization relationship between application and application certificate.
804   * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification.
805   * @returns { Promise<CMHandle> } The promise returned by the function.
806   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
807   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
808   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
809   * @throws { BusinessError } 17500001 - Internal error.
810   * @throws { BusinessError } 17500002 - The certificate does not exist.
811   * @syscap SystemCapability.Security.CertificateManager
812   * @since 11
813   */
814  /**
815   * Init operation for signing and verifying etc.
816   *
817   * @permission ohos.permission.ACCESS_CERT_MANAGER
818   * @param { string } authUri - Indicates the authorization relationship between application and application certificate.
819   * @param { CMSignatureSpec } spec - Indicates the properties of the signature and verification.
820   * @returns { Promise<CMHandle> } The promise returned by the function.
821   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
822   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
823   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
824   * @throws { BusinessError } 17500001 - Internal error.
825   * @throws { BusinessError } 17500002 - The certificate does not exist.
826   * @throws { BusinessError } 17500005 - The application is not authorized by the user.
827   * @syscap SystemCapability.Security.CertificateManager
828   * @since 12
829   */
830  function init(authUri: string, spec: CMSignatureSpec): Promise<CMHandle>;
831
832  /**
833   * Update operation for signing and verifying etc.
834   *
835   * @permission ohos.permission.ACCESS_CERT_MANAGER
836   * @param { Uint8Array } handle - Indicates the handle of the init operation.
837   * @param { Uint8Array } data - Indicates the input value.
838   * @param { AsyncCallback<void> } callback - The callback of update.
839   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
840   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
841   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
842   * @throws { BusinessError } 17500001 - Internal error.
843   * @syscap SystemCapability.Security.CertificateManager
844   * @since 11
845   */
846  function update(handle: Uint8Array, data: Uint8Array, callback: AsyncCallback<void>): void;
847
848  /**
849   * Update operation for signing and verifying etc.
850   *
851   * @permission ohos.permission.ACCESS_CERT_MANAGER
852   * @param { Uint8Array } handle - Indicates the handle of the init operation.
853   * @param { Uint8Array } data - Indicates the input value.
854   * @returns { Promise<void> } The promise returned by the function.
855   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
856   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
857   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
858   * @throws { BusinessError } 17500001 - Internal error.
859   * @syscap SystemCapability.Security.CertificateManager
860   * @since 11
861   */
862  function update(handle: Uint8Array, data: Uint8Array): Promise<void>;
863
864  /**
865   * Finish operation for signing and verifying etc.
866   *
867   * @permission ohos.permission.ACCESS_CERT_MANAGER
868   * @param { Uint8Array } handle - Indicates the handle of the init operation.
869   * @param { AsyncCallback<CMResult> } callback - The callback of finish.
870   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
871   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
872   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
873   * @throws { BusinessError } 17500001 - Internal error.
874   * @syscap SystemCapability.Security.CertificateManager
875   * @since 11
876   */
877  function finish(handle: Uint8Array, callback: AsyncCallback<CMResult>): void;
878
879  /**
880   * Finish operation for signing and verifying etc.
881   *
882   * @permission ohos.permission.ACCESS_CERT_MANAGER
883   * @param { Uint8Array } handle - Indicates the handle of the init operation.
884   * @param { Uint8Array } signature - Indicates the sign data.
885   * @param { AsyncCallback<CMResult> } callback - The callback of finish.
886   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
887   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
888   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
889   * @throws { BusinessError } 17500001 - Internal error.
890   * @syscap SystemCapability.Security.CertificateManager
891   * @since 11
892   */
893  function finish(handle: Uint8Array, signature: Uint8Array, callback: AsyncCallback<CMResult>): void;
894
895  /**
896   * Finish operation for signing and verifying etc.
897   *
898   * @permission ohos.permission.ACCESS_CERT_MANAGER
899   * @param { Uint8Array } handle - Indicates the handle of the init operation.
900   * @param { Uint8Array } [options] signature - Indicates the sign data.
901   * @returns { Promise<CMResult> } The promise returned by the function.
902   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
903   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
904   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
905   * @throws { BusinessError } 17500001 - Internal error.
906   * @syscap SystemCapability.Security.CertificateManager
907   * @since 11
908   */
909  function finish(handle: Uint8Array, signature?: Uint8Array): Promise<CMResult>;
910
911  /**
912   * Abort operation for signing and verifying etc.
913   *
914   * @permission ohos.permission.ACCESS_CERT_MANAGER
915   * @param { Uint8Array } handle - Indicates the handle of the init operation.
916   * @param { AsyncCallback<void> } callback - The callback of abort.
917   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
918   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
919   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
920   * @throws { BusinessError } 17500001 - Internal error.
921   * @syscap SystemCapability.Security.CertificateManager
922   * @since 11
923   */
924  function abort(handle: Uint8Array, callback: AsyncCallback<void>): void;
925
926  /**
927   * Abort operation for signing and verifying etc.
928   *
929   * @permission ohos.permission.ACCESS_CERT_MANAGER
930   * @param { Uint8Array } handle - Indicates the handle of the init operation.
931   * @returns { Promise<void> } The promise returned by the function.
932   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
933   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
934   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
935   * @throws { BusinessError } 17500001 - Internal error.
936   * @syscap SystemCapability.Security.CertificateManager
937   * @since 11
938   */
939  function abort(handle: Uint8Array): Promise<void>;
940
941  /**
942   * Get the detail of public application certificate.
943   *
944   * @permission ohos.permission.ACCESS_CERT_MANAGER
945   * @param { string } keyUri - Indicates the key's name.
946   * @returns { Promise<CMResult> } The promise returned by the function.
947   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
948   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
949   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
950   * @throws { BusinessError } 17500001 - Internal error.
951   * @throws { BusinessError } 17500002 - The certificate does not exist.
952   * @throws { BusinessError } 17500005 - The application is not authorized by the user.
953   * @syscap SystemCapability.Security.CertificateManager
954   * @since 12
955   */
956  function getPublicCertificate(keyUri: string): Promise<CMResult>;
957
958  /**:
959   * Whether the current application is authorized by the specified public application certificate.
960   *
961   * @permission ohos.permission.ACCESS_CERT_MANAGER
962   * @param { string } keyUri - Indicates the key's name.
963   * @returns { Promise<boolean> } The promise returned by the function.
964   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
965   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
966   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
967   * @throws { BusinessError } 17500001 - Internal error.
968   * @syscap SystemCapability.Security.CertificateManager
969   * @since 12
970   */
971  function isAuthorizedApp(keyUri: string): Promise<boolean>;
972
973  /**
974   * Get a list of all user trusted CA certificates.
975   *
976   * @permission ohos.permission.ACCESS_CERT_MANAGER
977   * @returns { Promise<CMResult> } The promise returned by the function.
978   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
979   * @throws { BusinessError } 17500001 - Internal error.
980   * @syscap SystemCapability.Security.CertificateManager
981   * @since 12
982   */
983  function getAllUserTrustedCertificates(): Promise<CMResult>;
984
985  /**
986   * Get the detail of user trusted CA certificate.
987   *
988   * @permission ohos.permission.ACCESS_CERT_MANAGER
989   * @param { string } certUri - Indicates the certificate's name.
990   * @returns { Promise<CMResult> } The promise returned by the function.
991   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
992   * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified;
993   * <br>2. Incorrect parameter types; 3. Parameter verification failed.
994   * @throws { BusinessError } 17500001 - Internal error.
995   * @throws { BusinessError } 17500002 - The certificate does not exist.
996   * @syscap SystemCapability.Security.CertificateManager
997   * @since 12
998   */
999  function getUserTrustedCertificate(certUri: string): Promise<CMResult>;
1000
1001  /**
1002   * Get a list of all system application certificates, such as WLAN, VPN certificate.
1003   *
1004   * @permission ohos.permission.ACCESS_CERT_MANAGER
1005   * @returns { Promise<CMResult> } The promise returned by the function.
1006   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
1007   * @throws { BusinessError } 202 - Permission verification failed. A non-system application calls a system API.
1008   * @throws { BusinessError } 17500001 - Internal error.
1009   * @syscap SystemCapability.Security.CertificateManager
1010   * @systemapi
1011   * @since 12
1012   */
1013  function getAllSystemAppCertificates(): Promise<CMResult>;
1014
1015  /**
1016   * Get all private certificates installed by the application.
1017   *
1018   * @permission ohos.permission.ACCESS_CERT_MANAGER
1019   * @returns { Promise<CMResult> } The private certificates installed by the application.
1020   * @throws { BusinessError } 201 - Permission verification failed. The application does not have the permission required to call the API.
1021   * @throws { BusinessError } 17500001 - Internal error.
1022   * @syscap SystemCapability.Security.CertificateManager
1023   * @since 13
1024   */
1025  function getPrivateCertificates(): Promise<CMResult>;
1026}
1027
1028export default certificateManager;
1029