# 加解密(ArkTS) 以AES 128、RSA 2048和SM2为例,完成加解密。具体的场景介绍及支持的算法规格,请参考[密钥生成支持的算法](huks-encryption-decryption-overview.md#支持的算法)。 ## 开发步骤 **生成密钥** 1. 指定密钥别名。 2. 初始化密钥属性集。 3. 调用[generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9)生成密钥,具体请参考[密钥生成](huks-key-generation-overview.md)。 除此之外,开发者也可以参考[密钥导入](huks-key-import-overview.md),导入已有的密钥。 **加密** 1. 获取密钥别名。 2. 获取待加密的数据。 3. 获取加密[算法参数配置](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam)。 文档中提供多个示例,当使用不同算法时,请注意配置对应参数。 - 使用AES算法加密,用例中选取的分组模式为CBC、填充模式为PKCS7时,必须要填参数IV,请见[开发案例:AES/CBC/PKCS7](#aescbcpkcs7)。 - 使用AES算法加密,用例中选取的分组模式为GCM时,必须要填参数NONCE,AAD可选,请见[开发案例:AES/GCM/NoPadding](#aesgcmnopadding)。 - 使用RSA算法加密,需要选择其对应分组模式以及填充模式和摘要算法DIGEST,请见[开发案例:RSA/ECB/PKCS1_V1_5](#rsaecbpkcs1_v1_5)和[开发案例:RSA/ECB/OAEP/SHA256](#rsaecboaepsha256)。 - 使用SM2算法加密,摘要算法DIGEST需要指定为SM3,请见[开发案例:SM2](#sm2)。 详细规格请参考[加密/解密介绍及算法规格](huks-encryption-decryption-overview.md)。 4. 调用[initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9)初始化密钥会话,并获取会话的句柄handle。 5. 调用[finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9)结束密钥会话,获取加密后的密文。 **解密** 1. 获取密钥别名。 2. 获取待解密的密文。 3. 获取解密[算法参数配置](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam)。 文档中提供多个示例,当使用不同算法时,请注意配置对应参数。 - 使用AES算法解密,用例中选取的分组模式为GCM时,必须要填参数NONCE和参数AEAD,AAD可选,请见[开发案例:AES/GCM/NoPadding](#aesgcmnopadding)。 - 其余示例参数与加密要求一致。 详细规格请参考[加密/解密介绍及算法规格](huks-encryption-decryption-overview.md)。 4. 调用[initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9)初始化密钥会话,并获取会话的句柄handle。 5. 调用[finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9)结束密钥会话,获取解密后的数据。 **删除密钥** 当密钥废弃不用时,需要调用[deleteKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksdeletekeyitem9)删除密钥,具体请参考[密钥删除](huks-delete-key-arkts.md)。 ## 开发案例 ### AES/CBC/PKCS7 ```ts /* * 以下以AES/CBC/PKCS7的Promise操作使用为例 */ import { huks } from '@kit.UniversalKeystoreKit'; let aesKeyAlias = 'test_aesKeyAlias'; let handle: number; let plainText = '123456'; let IV = '001122334455'; let cipherData: Uint8Array; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetAesGenerateProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }]; return properties; } function GetAesEncryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_CBC }, { tag: huks.HuksTag.HUKS_TAG_IV, value: StringToUint8Array(IV) }]; return properties; } function GetAesDecryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_CBC }, { tag: huks.HuksTag.HUKS_TAG_IV, value: StringToUint8Array(IV) }]; return properties; } async function GenerateAesKey() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetAesGenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(aesKeyAlias, options) .then((data) => { console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); }).catch((error: Error) => { console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); }) } async function EncryptData() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetAesEncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init EncryptData failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: Error) => { console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); }) } async function DecryptData() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetAesDecryptProperties() let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init DecryptData failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: Error) => { console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(aesKeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: Error) => { console.error(`promise: delete data failed, ${JSON.stringify(error)}`); }) } ``` ### AES/GCM/NoPadding ```ts /* * 以下以AES/GCM/NoPadding的Promise操作使用为例 */ import { huks } from '@kit.UniversalKeystoreKit'; let aesKeyAlias = 'test_aesKeyAlias'; let handle: number; let plainText = '123456'; let cipherData: Uint8Array; let AAD = '1234567890123456'; let NONCE = '001122334455'; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetAesGenerateProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }]; return properties; } function GetAesGcmEncryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_NONE }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_GCM }, { tag: huks.HuksTag.HUKS_TAG_NONCE, value: StringToUint8Array(NONCE) }, { tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, value: StringToUint8Array(AAD) }]; return properties; } function GetAesGcmDecryptProperties(cipherData:Uint8Array) { let properties: Array = [ { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_AES }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_NONE }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_GCM }, { tag: huks.HuksTag.HUKS_TAG_NONCE, value: StringToUint8Array(NONCE) }, { tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, value: StringToUint8Array(AAD) }, { tag: huks.HuksTag.HUKS_TAG_AE_TAG, value: cipherData.slice(cipherData.length-16) }]; return properties; } async function GenerateAesKey() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetAesGenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(aesKeyAlias, options) .then((data) => { console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); }).catch((error: Error) => { console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); }) } async function EncryptData() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetAesGcmEncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init EncryptDataGcm failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: Error) => { console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); }) } async function DecryptData() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetAesGcmDecryptProperties(cipherData) let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData.slice(0, cipherData.length-16) } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init DecryptDataGcm failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: Error) => { console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(aesKeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: Error) => { console.error(`promise: delete data failed, ${JSON.stringify(error)}`); }) } ``` ### RSA/ECB/PKCS1_V1_5 ``` /* * 以下以RSA/ECB/PKCS1_V1_5模式的Promise操作使用为例 */ import { huks } from '@kit.UniversalKeystoreKit'; let rsaKeyAlias = 'test_rsaKeyAlias'; let handle: number; let plainText = '123456'; let cipherData: Uint8Array; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetRsaGenerateProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }]; return properties; } function GetRsaEncryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_NONE }]; return properties; } function GetRsaDecryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_NONE }]; return properties; } async function GenerateRsaKey() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetRsaGenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(rsaKeyAlias, options) .then((data) => { console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); }).catch((error: Error) => { console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); }) } async function EncryptData() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetRsaEncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(rsaKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: Error) => { console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); }) } async function DecryptData() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetRsaDecryptProperties() let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData } /* * 4. 调用initSession获取handle */ await huks.initSession(rsaKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: Error) => { console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: Error) => { console.error(`promise: delete data failed, ${JSON.stringify(error)}`); }) } ``` ### RSA/ECB/OAEP/SHA256 ``` /* * 以下以RSA/ECB/OAEP/SHA256模式的Promise操作使用为例 */ import { huks } from '@kit.UniversalKeystoreKit'; let rsaKeyAlias = 'test_rsaKeyAlias'; let handle: number; let plainText = '123456'; let cipherData: Uint8Array; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetRsaGenerateProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }]; return properties; } function GetRsaEncryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_OAEP }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 }]; return properties; } function GetRsaDecryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }, { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_OAEP }, { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 }]; return properties; } async function GenerateRsaKey() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetRsaGenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(rsaKeyAlias, options) .then((data) => { console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); }).catch((error: Error) => { console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); }) } async function EncryptData() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetRsaEncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(rsaKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: Error) => { console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); }) } async function DecryptData() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetRsaDecryptProperties() let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData } /* * 4. 调用initSession获取handle */ await huks.initSession(rsaKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: Error) => { console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: Error) => { console.error(`promise: delete data failed, ${JSON.stringify(error)}`); }) } ``` ### SM2 ```ts /* * 以下以SM2模式的Promise操作使用为例 */ import { huks } from '@kit.UniversalKeystoreKit'; let sm2KeyAlias = 'test_sm2KeyAlias'; let handle: number; let plainText = '123456'; let cipherData: Uint8Array; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetSm2GenerateProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_SM2 }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }]; return properties; } function GetSm2EncryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_SM2 }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 }]; return properties; } function GetSm2DecryptProperties() { let properties: Array = [{ tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_SM2 }, { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 }, { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }, { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 }]; return properties; } async function GenerateSm2Key() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetSm2GenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(sm2KeyAlias, options) .then((data) => { console.info(`promise: generate SM2 Key success, data = ${JSON.stringify(data)}`); }).catch((error: Error) => { console.error(`promise: generate SM2 Key failed, ${JSON.stringify(error)}`); }) } async function EncryptDataSm2() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetSm2EncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(sm2KeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init EncryptDataSm2 failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: Error) => { console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); }) } async function DecryptDataSm2() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetSm2DecryptProperties() let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData } /* * 4. 调用initSession获取handle */ await huks.initSession(sm2KeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: Error) => { console.error(`promise: init DecryptDataSm2 failed, ${JSON.stringify(error)}`); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: Error) => { console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(sm2KeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: Error) => { console.error(`promise: delete data failed, ${JSON.stringify(error)}`); }) } ```