1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef NATIVE_HUKS_API_H 17 #define NATIVE_HUKS_API_H 18 19 /** 20 * @addtogroup HuksKeyApi 21 * @{ 22 * 23 * @brief Describes the OpenHarmony Universal KeyStore (HUKS) capabilities, including key management and 24 * cryptography operations, provided for applications. 25 * The keys managed by HUKS can be imported by applications or generated by calling the HUKS APIs. 26 * 27 * @syscap SystemCapability.Security.Huks 28 * @since 9 29 * @version 1.0 30 */ 31 32 /** 33 * @file native_huks_api.h 34 * 35 * @brief Defines the Universal Keystore Kit APIs. 36 * 37 * include "huks/include/native_huks_type.h" 38 * @kit Universal Keystore Kit 39 * @since 9 40 * @version 1.0 41 */ 42 43 #include "native_huks_type.h" 44 45 #ifdef __cplusplus 46 extern "C" { 47 #endif 48 49 /** 50 * @brief Obtains the current HUKS SDK version. 51 * 52 * @param sdkVersion Indicates the pointer to the SDK version (in string format) obtained. 53 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 54 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If sdkVersion or 55 * sdkVersion->data is null, or if sdkVersion->size is too small. 56 * @since 9 57 * @version 1.0 58 */ 59 struct OH_Huks_Result OH_Huks_GetSdkVersion(struct OH_Huks_Blob *sdkVersion); 60 61 /** 62 * @brief Generates a key. 63 * 64 * @param keyAlias Indicates the pointer to the alias of the key to generate. 65 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 66 * @param paramSetIn Indicates the pointer to the parameter set for generating the key. 67 * @param paramSetOut Indicates the pointer to a temporary key generated. If the generated key is 68 * not of a temporary type, this parameter is a null pointer. 69 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 70 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSetIn or 71 * paramSetOut is invalid. 72 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 73 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 74 * or if failed to write file. 75 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 76 * is invalid. 77 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the base key file is not exit. 78 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 79 * get key argument. 80 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 81 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 82 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 83 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 84 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 85 * but not set. 86 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 87 * @since 9 88 * @version 1.0 89 */ 90 struct OH_Huks_Result OH_Huks_GenerateKeyItem(const struct OH_Huks_Blob *keyAlias, 91 const struct OH_Huks_ParamSet *paramSetIn, struct OH_Huks_ParamSet *paramSetOut); 92 93 /** 94 * @brief Imports a key in plaintext. 95 * 96 * @param keyAlias Indicates the pointer to the alias of the key to import. 97 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 98 * @param paramSet Indicates the pointer to the parameters of the key to import. 99 * @param key Indicates the pointer to the key to import. The key must be in the format required by the HUKS. 100 * For details, see {@link HuksTypeApi}. 101 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 102 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or key is invalid. 103 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 104 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 105 * or if failed to write file. 106 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 107 * is invalid. 108 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 109 * get key argument. 110 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 111 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 112 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 113 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 114 * @since 9 115 * @version 1.0 116 */ 117 struct OH_Huks_Result OH_Huks_ImportKeyItem(const struct OH_Huks_Blob *keyAlias, 118 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *key); 119 120 /** 121 * @brief Imports a wrapped key. 122 * 123 * @param keyAlias Indicates the pointer to the alias of the key to import. 124 * The alias must be unique in the process of the service. Otherwise, the key will be overwritten. 125 * @param wrappingKeyAlias Indicates the pointer to the alias of the wrapping key, 126 * which is obtained through key agreement and used to decrypt the key to import. 127 * @param paramSet Indicates the pointer to the parameters of the wrapped key to import. 128 * @param wrappedKeyData Indicates the pointer to the wrapped key to import. 129 * The key must be in the format required by the HUKS. For details, see {@link OH_Huks_AlgSuite}. 130 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 131 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or wrappingKeyAlias or 132 * paramSet or wrappedKeyData is invalid. 133 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 134 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FILE_OPERATION_FAIL} 12000004 - If failed to remove file, 135 * or if failed to write file. 136 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 137 * is invalid. 138 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 139 * get key argument. 140 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 141 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 142 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 143 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CALL_SERVICE_FAILED} 12000015 - If connect userIam failed. 144 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 145 * @since 9 146 * @version 1.0 147 */ 148 struct OH_Huks_Result OH_Huks_ImportWrappedKeyItem(const struct OH_Huks_Blob *keyAlias, 149 const struct OH_Huks_Blob *wrappingKeyAlias, const struct OH_Huks_ParamSet *paramSet, 150 const struct OH_Huks_Blob *wrappedKeyData); 151 152 /** 153 * @brief Exports a public key. 154 * 155 * @param keyAlias Indicates the pointer to the alias of the public key to export. 156 * The alias must be the same as the alias for the key generated. 157 * @param paramSet Indicates the pointer to the parameters required for exporting the public key. 158 * @param key Indicates the pointer to the public key exported. 159 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 160 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or key is invalid. 161 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 162 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 163 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 164 * is invalid. 165 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 166 * get key argument. 167 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 168 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 169 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 170 * @since 9 171 * @version 1.0 172 */ 173 struct OH_Huks_Result OH_Huks_ExportPublicKeyItem(const struct OH_Huks_Blob *keyAlias, 174 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_Blob *key); 175 176 /** 177 * @brief Deletes a key. 178 * 179 * @param keyAlias Indicates the pointer to the alias of the key to delete. 180 * The alias must be the same as the alias for the key generated. 181 * @param paramSet Indicates the pointer to the parameters required for deleting the key. 182 * By default, this parameter is a null pointer. 183 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 184 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet is invalid. 185 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 186 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 187 * is invalid. 188 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 189 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 190 * get key argument. 191 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 192 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 193 * @since 9 194 * @version 1.0 195 */ 196 struct OH_Huks_Result OH_Huks_DeleteKeyItem(const struct OH_Huks_Blob *keyAlias, 197 const struct OH_Huks_ParamSet *paramSet); 198 199 /** 200 * @brief Obtains the attributes of a key. 201 * 202 * @param keyAlias Indicates the pointer to the alias of the target key. 203 * @param paramSetIn Indicates the pointer to the attribute tag required for 204 * obtaining the attributes. By default, this parameter is a null pointer. 205 * @param paramSetOut Indicates the pointer to the attributes obtained. 206 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 207 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSetIn or 208 * paramSetOut is invalid. 209 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 210 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 211 * is invalid. 212 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 213 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 214 * get key argument. 215 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 216 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 217 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 218 * @since 9 219 * @version 1.0 220 */ 221 struct OH_Huks_Result OH_Huks_GetKeyItemParamSet(const struct OH_Huks_Blob *keyAlias, 222 const struct OH_Huks_ParamSet *paramSetIn, struct OH_Huks_ParamSet *paramSetOut); 223 224 /** 225 * @brief Checks whether a key exists. 226 * 227 * @param keyAlias Indicates the pointer to the alias of the target key. 228 * @param paramSet Indicates the pointer to the attribute tag required for checking the key. 229 * By default, this parameter is a null pointer. 230 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 231 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet is invalid. 232 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 233 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 234 * is invalid. 235 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 236 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 237 * get key argument. 238 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 239 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 240 * @since 9 241 * @version 1.0 242 */ 243 struct OH_Huks_Result OH_Huks_IsKeyItemExist(const struct OH_Huks_Blob *keyAlias, 244 const struct OH_Huks_ParamSet *paramSet); 245 246 /** 247 * @brief Obtain the key certificate chain. 248 * 249 * @permission ohos.permission.ATTEST_KEY 250 * @param keyAlias Indicates the pointer to the alias of the target key. 251 * @param paramSet Indicates the pointer to the parameters required for obtaining the key certificate. 252 * @param certChain Indicates the pointer to the key certificate chain obtained. 253 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 254 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or 255 * paramSet or certChain is invalid. 256 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 257 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 258 * is invalid. 259 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 260 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 261 * get key argument. 262 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 263 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 264 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 265 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 266 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_PERMISSION_FAIL} 201 - If the permission check failed, 267 * please apply for the required permissions first. 268 * @since 9 269 * @version 1.0 270 */ 271 struct OH_Huks_Result OH_Huks_AttestKeyItem(const struct OH_Huks_Blob *keyAlias, 272 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_CertChain *certChain); 273 274 /** 275 * @brief Obtain the key certificate chain. 276 * 277 * @param keyAlias Indicates the pointer to the alias of the target key. 278 * @param paramSet Indicates the pointer to the parameters required for obtaining the key certificate. 279 * @param certChain Indicates the pointer to the key certificate chain obtained. 280 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 281 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or 282 * paramSet or certChain is invalid. 283 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 284 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 285 * is invalid. 286 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 287 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 288 * get key argument. 289 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 290 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 291 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 292 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 293 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_PERMISSION_FAIL} 201 - If the permission check failed, 294 * please apply for the required permissions first. 295 * @since 11 296 * @version 1.0 297 * @note this is a networking duration interface caller need to get the certChain in asynchronous thread 298 */ 299 struct OH_Huks_Result OH_Huks_AnonAttestKeyItem(const struct OH_Huks_Blob *keyAlias, 300 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_CertChain *certChain); 301 302 /** 303 * @brief Initializes the key session interface and obtains a handle (mandatory) and challenge value (optional). 304 * 305 * @param keyAlias Indicates the pointer to the alias of the target key. 306 * @param paramSet Indicates the pointer to the parameters for the initialization operation. 307 * @param handle Indicates the pointer to the handle of the key session obtained. 308 * This handle is required for subsequent operations, including {@link OH_Huks_UpdateSession}, 309 * {@link OH_Huks_FinishSession}, and {@link OH_Huks_AbortSession}. 310 * @param challenge Indicates the pointer to the challenge value obtained. 311 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 312 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If keyAlias or paramSet or handle or 313 * token is invalid. 314 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 315 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 316 * is invalid. 317 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit. 318 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 319 * get key argument. 320 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 321 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_SESSION_LIMIT} 12000010 - If reached max session limit. 322 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 323 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 324 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 325 * @since 9 326 * @version 1.0 327 * @see OH_Huks_UpdateSession 328 * @see OH_Huks_FinishSession 329 * @see OH_Huks_AbortSession 330 */ 331 struct OH_Huks_Result OH_Huks_InitSession(const struct OH_Huks_Blob *keyAlias, 332 const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_Blob *handle, struct OH_Huks_Blob *token); 333 334 /** 335 * @brief Adds data by segment for the key operation, performs the related key operation, 336 * and outputs the processed data. 337 * 338 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 339 * @param paramSet Indicates the pointer to the parameters required for the key operation. 340 * @param inData Indicates the pointer to the data to be processed. 341 * This API can be called multiples time to process large data by segment. 342 * @param outData Indicates the pointer to the output data. 343 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 344 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 345 * outData is invalid. 346 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 347 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 348 * is invalid. 349 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit, 350 * or if the handle is not exist. 351 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 352 * get key argument. 353 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 354 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 355 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 356 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED} 12000008 - If auth token verify failed. 357 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED} 12000007 - If auth token info 358 * verify failed. 359 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_TIME_OUT} 12000009 - If authentication token timed out. 360 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 361 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 362 * but not set. 363 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 364 * @since 9 365 * @version 1.0 366 * @see OH_Huks_InitSession 367 * @see OH_Huks_FinishSession 368 * @see OH_Huks_AbortSession 369 */ 370 struct OH_Huks_Result OH_Huks_UpdateSession(const struct OH_Huks_Blob *handle, 371 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *inData, struct OH_Huks_Blob *outData); 372 373 /** 374 * @brief Ends the key session. 375 * 376 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 377 * @param paramSet Indicates the pointer to the parameters required for the key operation. 378 * @param inData Indicates the pointer to the data to be processed. 379 * @param outData Indicates the pointer to the output data. 380 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 381 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 382 * outData is invalid. 383 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 384 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 385 * is invalid. 386 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - If the key file is not exit, 387 * or if the handle is not exist. 388 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 389 * get key argument. 390 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 391 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 392 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CRYPTO_FAIL} 12000006 - If crypto engine failed. 393 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED} 12000008 - If auth token verify failed. 394 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED} 12000007 - If auth token info 395 * verify failed. 396 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_KEY_AUTH_TIME_OUT} 12000009 - If authentication token timed out. 397 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 398 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET} 12000016 - If device password is required 399 * but not set. 400 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED} 12000001 - If the feature is not support. 401 * @since 9 402 * @version 1.0 403 * @see OH_Huks_InitSession 404 * @see OH_Huks_UpdateSession 405 * @see OH_Huks_AbortSession 406 */ 407 struct OH_Huks_Result OH_Huks_FinishSession(const struct OH_Huks_Blob *handle, 408 const struct OH_Huks_ParamSet *paramSet, const struct OH_Huks_Blob *inData, struct OH_Huks_Blob *outData); 409 410 /** 411 * @brief Aborts a key session. 412 * 413 * @param handle Indicates the pointer to the key session handle, which is generated by {@link OH_Huks_InitSession}. 414 * @param paramSet Indicates the pointer to the parameters required for aborting the key session. 415 * By default, this parameter is a null pointer. 416 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 417 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If handle or paramSet or inData or 418 * outData is invalid. 419 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 420 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT} 12000003 - If the key argument 421 * is invalid. 422 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ITEM_NOT_EXIST} 12000011 - or if the handle is not exist. 423 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT} 12000002 - If failed to 424 * get key argument. 425 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 426 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST} 12000013 - If credemtial is not exist. 427 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 428 * @since 9 429 * @version 1.0 430 * @see OH_Huks_InitSession 431 * @see OH_Huks_UpdateSession 432 * @see OH_Huks_FinishSession 433 */ 434 struct OH_Huks_Result OH_Huks_AbortSession(const struct OH_Huks_Blob *handle, 435 const struct OH_Huks_ParamSet *paramSet); 436 437 /** 438 * @brief Get key alias list. 439 * 440 * @param paramSet Indicates the pointer to the parameters required for getting key alias list. 441 * By default, this parameter is a null pointer. 442 * @param outData Indicates the pointer to the output data. 443 * @return {@link OH_Huks_ErrCode#OH_HUKS_SUCCESS} 0 - If the operation is successful. 444 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT} 401 - If paramSet or outData is invalid. 445 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INTERNAL_ERROR} 12000012 - If system error ocurred. 446 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_COMMUNICATION_FAIL} 12000005 - If Ipc commuication failed. 447 * {@link OH_Huks_ErrCode#OH_HUKS_ERR_CODE_INSUFFICIENT_MEMORY} 12000014 - If the memory is insufficient. 448 * @since 12 449 * @version 1.0 450 */ 451 struct OH_Huks_Result OH_Huks_ListAliases(const struct OH_Huks_ParamSet *paramSet, 452 struct OH_Huks_KeyAliasSet **outData); 453 454 #ifdef __cplusplus 455 } 456 #endif 457 458 /** @} */ 459 #endif /* NATIVE_HUKS_API_H */ 460