1# Signing and Signature Verification (ArkTS) 2 3 4This topic provides signing and signature verification development cases with the following algorithms: 5 6- [Key algorithm ECC256 and digest algorithm SHA-256](#ecc256sha256) 7- [Key algorithm SM2 and digest algorithm SM3](#sm2sm3) 8- [Key algorithm RSA, digest algorithm SHA-256, and padding mode PSS](#rsasha256pss) 9- [Key algorithm RSA, digest algorithm SHA-256, and padding mode PKCS #1 v1.5](#rsasha256pkcs1_v1_5) 10 11For details about the scenarios and supported algorithms, see [Supported Algorithms](huks-signing-signature-verification-overview.md#supported-algorithms). 12 13 14## How to Develop 15 16**Key Generation** 17 181. Set the key alias. 19 202. Initialize the key property set. 21 223. Use [generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9) to generate a key. For details, see [Key Generation](huks-key-generation-overview.md). 23 24Alternatively, you can [import a key](huks-key-import-overview.md). 25 26**Signing** 27 281. Obtain the key alias. 29 302. Obtain the plaintext to be signed. 31 323. Obtain **HuksOptions**, which include the **properties** and **inData** fields. 33 Pass in the plaintext to be signed in **inData**, and [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) in **properties**. 34 354. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 36 375. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) to generate a signature. 38 39**Signature Verification** 40 411. Obtain the key alias. 42 432. Obtain the signature to be verified. 44 453. Obtain **HuksOptions**, which include the **properties** and **inData** fields. 46 Pass in the signature in **inData**, and [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) in **properties**. 47 484. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 49 505. Use [updateSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksupdatesession9) to process data. 51 526. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) to finish signature verification. 53 54**Key Deletion** 55 56Use [deleteKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksdeletekeyitem9) to delete the key that is not required. For details, see [Deleting a Key](huks-delete-key-arkts.md). 57## Development Cases 58 59### ECC256/SHA256 60```ts 61/* 62 * Key algorithm ECC256 and digest algorithm SHA-256 are used. 63 */ 64import { huks } from '@kit.UniversalKeystoreKit'; 65 66let keyAlias = 'test_eccKeyAlias'; 67let handle: number; 68let plaintext = '123456'; 69let signature: Uint8Array; 70 71function StringToUint8Array(str: String) { 72 let arr: number[] = new Array(); 73 for (let i = 0, j = str.length; i < j; ++i) { 74 arr.push(str.charCodeAt(i)); 75 } 76 return new Uint8Array(arr); 77} 78 79function Uint8ArrayToString(fileData: Uint8Array) { 80 let dataString = ''; 81 for (let i = 0; i < fileData.length; i++) { 82 dataString += String.fromCharCode(fileData[i]); 83 } 84 return dataString; 85} 86 87function GetEccGenerateProperties() { 88 let properties: Array<huks.HuksParam> = [{ 89 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 90 value: huks.HuksKeyAlg.HUKS_ALG_ECC 91 }, { 92 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 93 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 94 }, { 95 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 96 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 97 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 98 }, { 99 tag: huks.HuksTag.HUKS_TAG_DIGEST, 100 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 101 }]; 102 return properties; 103} 104 105function GetEccSignProperties() { 106 let properties: Array<huks.HuksParam> = [{ 107 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 108 value: huks.HuksKeyAlg.HUKS_ALG_ECC 109 }, { 110 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 111 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 112 }, { 113 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 114 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 115 }, { 116 tag: huks.HuksTag.HUKS_TAG_DIGEST, 117 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 118 }]; 119 return properties; 120} 121 122function GetEccVerifyProperties() { 123 let properties: Array<huks.HuksParam> = [{ 124 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 125 value: huks.HuksKeyAlg.HUKS_ALG_ECC 126 }, { 127 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 128 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 129 }, { 130 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 131 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 132 }, { 133 tag: huks.HuksTag.HUKS_TAG_DIGEST, 134 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 135 }]; 136 return properties; 137} 138 139async function GenerateEccKey(keyAlias: string) { 140 let genProperties = GetEccGenerateProperties(); 141 let options: huks.HuksOptions = { 142 properties: genProperties 143 } 144 await huks.generateKeyItem(keyAlias, options) 145 .then((data) => { 146 console.info(`promise: generate ECC Key success, data = ${JSON.stringify(data)}`); 147 }).catch((err: Error) => { 148 console.error(`promise: generate ECC Key failed, error: ` + JSON.stringify(err)); 149 }) 150} 151 152async function Sign(keyAlias: string, plaintext: string) { 153 let signProperties = GetEccSignProperties(); 154 let options: huks.HuksOptions = { 155 properties: signProperties, 156 inData: StringToUint8Array(plaintext) 157 } 158 await huks.initSession(keyAlias, options) 159 .then((data) => { 160 handle = data.handle; 161 }).catch((err: Error) => { 162 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 163 }) 164 await huks.finishSession(handle, options) 165 .then((data) => { 166 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 167 signature = data.outData as Uint8Array; 168 }).catch((err: Error) => { 169 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 170 }) 171} 172 173async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 174 let verifyProperties = GetEccVerifyProperties() 175 let options: huks.HuksOptions = { 176 properties: verifyProperties, 177 inData: StringToUint8Array(plaintext) 178 } 179 await huks.initSession(keyAlias, options) 180 .then((data) => { 181 handle = data.handle; 182 }).catch((err: Error) => { 183 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 184 }) 185 await huks.updateSession(handle, options) 186 .then((data) => { 187 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 188 }).catch((err: Error) => { 189 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 190 }) 191 options.inData = signature; 192 await huks.finishSession(handle, options) 193 .then((data) => { 194 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 195 }).catch((err: Error) => { 196 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 197 }) 198} 199 200async function DeleteEccKey(keyAlias: string) { 201 let emptyOptions: huks.HuksOptions = { 202 properties: [] 203 } 204 await huks.deleteKeyItem(keyAlias, emptyOptions) 205 .then((data) => { 206 console.info(`promise: delete data success`); 207 }).catch((err: Error) => { 208 console.error(`promise: delete data failed`); 209 }) 210} 211 212async function testSignVerify() { 213 await GenerateEccKey(keyAlias); 214 await Sign(keyAlias, plaintext); 215 await Verify(keyAlias, plaintext, signature); 216 await DeleteEccKey(keyAlias); 217} 218``` 219### SM2/SM3 220```ts 221/* 222 * The key algorithm SM2 and digest algorithm SM3 are used. 223 */ 224import { huks } from '@kit.UniversalKeystoreKit'; 225 226let keyAlias = 'test_sm2KeyAlias'; 227let handle: number; 228let plaintext = '123456'; 229let signature: Uint8Array; 230 231 232function StringToUint8Array(str: String) { 233 let arr: number[] = new Array(); 234 for (let i = 0, j = str.length; i < j; ++i) { 235 arr.push(str.charCodeAt(i)); 236 } 237 return new Uint8Array(arr); 238} 239 240 241function Uint8ArrayToString(fileData: Uint8Array) { 242 let dataString = ''; 243 for (let i = 0; i < fileData.length; i++) { 244 dataString += String.fromCharCode(fileData[i]); 245 } 246 return dataString; 247} 248 249 250function GetSm2GenerateProperties() { 251 let properties: Array<huks.HuksParam> = [{ 252 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 253 value: huks.HuksKeyAlg.HUKS_ALG_SM2 254 }, { 255 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 256 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 257 }, { 258 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 259 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 260 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 261 }, { 262 tag: huks.HuksTag.HUKS_TAG_DIGEST, 263 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 264 }]; 265 return properties; 266} 267 268function GetSm2SignProperties() { 269 let properties: Array<huks.HuksParam> = [{ 270 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 271 value: huks.HuksKeyAlg.HUKS_ALG_SM2 272 }, { 273 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 274 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 275 }, { 276 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 277 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 278 }, { 279 tag: huks.HuksTag.HUKS_TAG_DIGEST, 280 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 281 }]; 282 return properties; 283} 284 285function GetSm2VerifyProperties() { 286 let properties: Array<huks.HuksParam> = [{ 287 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 288 value: huks.HuksKeyAlg.HUKS_ALG_SM2 289 }, { 290 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 291 value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256 292 }, { 293 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 294 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 295 }, { 296 tag: huks.HuksTag.HUKS_TAG_DIGEST, 297 value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 298 }]; 299 return properties; 300} 301 302async function GenerateSm2Key(keyAlias: string) { 303 let genProperties = GetSm2GenerateProperties(); 304 let options: huks.HuksOptions = { 305 properties: genProperties 306 } 307 await huks.generateKeyItem(keyAlias, options) 308 .then((data) => { 309 console.info(`promise: generate Sm2 Key success, data = ${JSON.stringify(data)}`); 310 }).catch((err: Error) => { 311 console.error(`promise: generate Sm2 Key failed, error: ` + JSON.stringify(err)); 312 }) 313} 314 315async function Sign(keyAlias: string, plaintext: string) { 316 let signProperties = GetSm2SignProperties(); 317 let options: huks.HuksOptions = { 318 properties: signProperties, 319 inData: StringToUint8Array(plaintext) 320 } 321 await huks.initSession(keyAlias, options) 322 .then((data) => { 323 handle = data.handle; 324 }).catch((err: Error) => { 325 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 326 }) 327 await huks.finishSession(handle, options) 328 .then((data) => { 329 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 330 signature = data.outData as Uint8Array; 331 }).catch((err: Error) => { 332 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 333 }) 334} 335 336async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 337 let verifyProperties = GetSm2VerifyProperties() 338 let options: huks.HuksOptions = { 339 properties: verifyProperties, 340 inData: StringToUint8Array(plaintext) 341 } 342 await huks.initSession(keyAlias, options) 343 .then((data) => { 344 handle = data.handle; 345 }).catch((err: Error) => { 346 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 347 }) 348 await huks.updateSession(handle, options) 349 .then((data) => { 350 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 351 }).catch((err: Error) => { 352 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 353 }) 354 options.inData = signature; 355 await huks.finishSession(handle, options) 356 .then((data) => { 357 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 358 }).catch((err: Error) => { 359 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 360 }) 361} 362 363async function DeleteSm2Key(keyAlias: string) { 364 let emptyOptions: huks.HuksOptions = { 365 properties: [] 366 } 367 await huks.deleteKeyItem(keyAlias, emptyOptions) 368 .then((data) => { 369 console.info(`promise: delete data success`); 370 }).catch((err: Error) => { 371 console.error(`promise: delete data failed`); 372 }) 373} 374 375export async function testSignVerify() { 376 await GenerateSm2Key(keyAlias); 377 await Sign(keyAlias, plaintext); 378 await Verify(keyAlias, plaintext, signature); 379 await DeleteSm2Key(keyAlias); 380} 381``` 382### RSA/SHA256/PSS 383```ts 384/* 385 * The key algorithm RSA, digest algorithm SHA-256, and padding mode PSS are used. 386 */ 387import { huks } from '@kit.UniversalKeystoreKit'; 388 389let keyAlias = 'test_rsaKeyAlias'; 390let handle: number; 391let plaintext = '123456'; 392let signature: Uint8Array; 393 394function StringToUint8Array(str: string) { 395 let arr: number[] = []; 396 for (let i = 0, j = str.length; i < j; ++i) { 397 arr.push(str.charCodeAt(i)); 398 } 399 return new Uint8Array(arr); 400} 401 402function Uint8ArrayToString(fileData: Uint8Array) { 403 let dataString = ''; 404 for (let i = 0; i < fileData.length; i++) { 405 dataString += String.fromCharCode(fileData[i]); 406 } 407 return dataString; 408} 409 410function GetRsaGenerateProperties() { 411 let properties: Array<huks.HuksParam> = [{ 412 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 413 value: huks.HuksKeyAlg.HUKS_ALG_RSA 414 }, { 415 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 416 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 417 }, { 418 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 419 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 420 huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 421 }, { 422 tag: huks.HuksTag.HUKS_TAG_PADDING, 423 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 424 }, { 425 tag: huks.HuksTag.HUKS_TAG_DIGEST, 426 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 427 }]; 428 return properties; 429} 430 431function GetRsaSignProperties() { 432 let properties: Array<huks.HuksParam> = [{ 433 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 434 value: huks.HuksKeyAlg.HUKS_ALG_RSA 435 }, { 436 tag: huks.HuksTag.HUKS_TAG_PADDING, 437 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 438 }, { 439 tag: huks.HuksTag.HUKS_TAG_DIGEST, 440 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 441 }, { 442 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 443 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 444 }]; 445 return properties; 446} 447 448function GetRsaVerifyProperties() { 449 let properties: Array<huks.HuksParam> = [{ 450 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 451 value: huks.HuksKeyAlg.HUKS_ALG_RSA 452 }, { 453 tag: huks.HuksTag.HUKS_TAG_PADDING, 454 value: huks.HuksKeyPadding.HUKS_PADDING_PSS 455 }, { 456 tag: huks.HuksTag.HUKS_TAG_DIGEST, 457 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 458 }, { 459 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 460 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 461 }]; 462 return properties; 463} 464 465async function GenerateRsaKey(keyAlias: string) { 466 let genProperties = GetRsaGenerateProperties(); 467 let options: huks.HuksOptions = { 468 properties: genProperties 469 }; 470 await huks.generateKeyItem(keyAlias, options) 471 .then((data) => { 472 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 473 }).catch((err: Error) => { 474 console.error(`promise: generate RSA Key failed, error: ` + JSON.stringify(err)); 475 }); 476} 477 478async function Sign(keyAlias: string, plaintext: string) { 479 let signProperties = GetRsaSignProperties(); 480 let options: huks.HuksOptions = { 481 properties: signProperties, 482 inData: StringToUint8Array(plaintext) 483 } 484 await huks.initSession(keyAlias, options) 485 .then((data) => { 486 handle = data.handle; 487 }).catch((err: Error) => { 488 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 489 return; 490 }); 491 492 if (handle !== undefined) { 493 await huks.finishSession(handle, options) 494 .then((data) => { 495 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 496 signature = data.outData as Uint8Array; 497 }).catch((err: Error) => { 498 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 499 }); 500 } 501} 502 503async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 504 let verifyProperties = GetRsaVerifyProperties(); 505 let options: huks.HuksOptions = { 506 properties: verifyProperties, 507 inData: StringToUint8Array(plaintext) 508 } 509 await huks.initSession(keyAlias, options) 510 .then((data) => { 511 handle = data.handle; 512 }).catch((err: Error) => { 513 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 514 return; 515 }); 516 517 if (handle !== undefined) { 518 await huks.updateSession(handle, options) 519 .then((data) => { 520 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 521 }).catch((err: Error) => { 522 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 523 }); 524 525 options.inData = signature; 526 await huks.finishSession(handle, options) 527 .then((data) => { 528 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 529 }).catch((err: Error) => { 530 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 531 }); 532 } 533} 534 535async function DeleteRsaKey(keyAlias: string) { 536 let emptyOptions: huks.HuksOptions = { 537 properties: [] 538 } 539 await huks.deleteKeyItem(keyAlias, emptyOptions) 540 .then((data) => { 541 console.info(`promise: delete data success`); 542 }).catch((err: Error) => { 543 console.error(`promise: delete data failed`); 544 }); 545} 546 547export async function testSignVerify() { 548 await GenerateRsaKey(keyAlias); 549 await Sign(keyAlias, plaintext); 550 await Verify(keyAlias, plaintext, signature); 551 await DeleteRsaKey(keyAlias); 552} 553``` 554### RSA/SHA256/PKCS1_V1_5 555```ts 556/* 557 * The key algorithm RSA, digest algorithm SHA-256, and padding mode PKCS #1 v1.5 are used. 558 */ 559import { huks } from '@kit.UniversalKeystoreKit'; 560 561let keyAlias = 'test_rsaKeyAlias'; 562let handle: number; 563let plaintext = '123456'; 564let signature: Uint8Array; 565 566function StringToUint8Array(str: String) { 567 let arr: number[] = new Array(); 568 for (let i = 0, j = str.length; i < j; ++i) { 569 arr.push(str.charCodeAt(i)); 570 } 571 return new Uint8Array(arr); 572} 573 574function Uint8ArrayToString(fileData: Uint8Array) { 575 let dataString = ''; 576 for (let i = 0; i < fileData.length; i++) { 577 dataString += String.fromCharCode(fileData[i]); 578 } 579 return dataString; 580} 581 582function GetRsaGenerateProperties() { 583 let properties: Array<huks.HuksParam> = [ 584 { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }, 585 { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }, 586 { 587 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 588 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 589 }, 590 { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }, 591 { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 } 592 ]; 593 return properties; 594} 595 596function GetRsaSignProperties() { 597 let properties: Array<huks.HuksParam> = [{ 598 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 599 value: huks.HuksKeyAlg.HUKS_ALG_RSA 600 }, { 601 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 602 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 603 }, { 604 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 605 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 606 }, { 607 tag: huks.HuksTag.HUKS_TAG_PADDING, 608 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 609 }, { 610 tag: huks.HuksTag.HUKS_TAG_DIGEST, 611 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 612 }]; 613 return properties; 614} 615 616function GetRsaVerifyProperties() { 617 let properties: Array<huks.HuksParam> = [{ 618 tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 619 value: huks.HuksKeyAlg.HUKS_ALG_RSA 620 }, { 621 tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 622 value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 623 }, { 624 tag: huks.HuksTag.HUKS_TAG_PURPOSE, 625 value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 626 }, { 627 tag: huks.HuksTag.HUKS_TAG_PADDING, 628 value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 629 }, { 630 tag: huks.HuksTag.HUKS_TAG_DIGEST, 631 value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 632 }]; 633 return properties; 634} 635 636async function GenerateRsaKey(keyAlias: string) { 637 let genProperties = GetRsaGenerateProperties(); 638 let options: huks.HuksOptions = { 639 properties: genProperties 640 } 641 await huks.generateKeyItem(keyAlias, options) 642 .then((data) => { 643 console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 644 }).catch((err: Error) => { 645 console.error(`promise: generate RSA Key failed, error: ` + JSON.stringify(err)); 646 }) 647} 648 649async function Sign(keyAlias: string, plaintext: string) { 650 let signProperties = GetRsaSignProperties(); 651 let options: huks.HuksOptions = { 652 properties: signProperties, 653 inData: StringToUint8Array(plaintext) 654 } 655 await huks.initSession(keyAlias, options) 656 .then((data) => { 657 handle = data.handle; 658 }).catch((err: Error) => { 659 console.error(`promise: init sign failed, error: ` + JSON.stringify(err)); 660 }) 661 await huks.finishSession(handle, options) 662 .then((data) => { 663 console.info(`promise: sign success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 664 signature = data.outData as Uint8Array; 665 }).catch((err: Error) => { 666 console.error(`promise: sign failed, error: ` + JSON.stringify(err)); 667 }) 668} 669 670async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) { 671 let verifyProperties = GetRsaVerifyProperties() 672 let options: huks.HuksOptions = { 673 properties: verifyProperties, 674 inData: StringToUint8Array(plaintext) 675 } 676 await huks.initSession(keyAlias, options) 677 .then((data) => { 678 handle = data.handle; 679 }).catch((err: Error) => { 680 console.error(`promise: init verify failed, error: ` + JSON.stringify(err)); 681 }) 682 await huks.updateSession(handle, options) 683 .then((data) => { 684 console.info(`promise: update verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 685 }).catch((err: Error) => { 686 console.error(`promise: update verify failed, error: ` + JSON.stringify(err)); 687 }) 688 options.inData = signature; 689 await huks.finishSession(handle, options) 690 .then((data) => { 691 console.info(`promise: verify success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 692 }).catch((err: Error) => { 693 console.error(`promise: verify failed, error: ` + JSON.stringify(err)); 694 }) 695} 696 697async function DeleteRsaKey(keyAlias: string) { 698 let emptyOptions: huks.HuksOptions = { 699 properties: [] 700 } 701 await huks.deleteKeyItem(keyAlias, emptyOptions) 702 .then((data) => { 703 console.info(`promise: delete data success`); 704 }).catch((err: Error) => { 705 console.error(`promise: delete data failed`); 706 }) 707} 708 709export async function testSignVerify() { 710 await GenerateRsaKey(keyAlias); 711 await Sign(keyAlias, plaintext); 712 await Verify(keyAlias, plaintext, signature); 713 await DeleteRsaKey(keyAlias); 714} 715``` 716