HarmonyOS 鸿蒙Next中ECC256/SHA256
HarmonyOS 鸿蒙Next中ECC256/SHA256 有没有ECC256/SHA256的签名/验签指导?
3 回复
【背景知识】
HarmonyOS签名验签指导案例:签名/验签(ArkTS)。
【解决方案】
可以参考如下案例:
/*
* 密钥算法为ECC256、摘要算法为SHA256
*/
import { huks } from '@kit.UniversalKeystoreKit';
import { BusinessError } from "@kit.BasicServicesKit";
let keyAlias = 'test_eccKeyAlias';
let handle: number;
let plaintext = '123456';
let signature: Uint8Array;
function StringToUint8Array(str: string) {
let arr: number[] = new Array();
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
return new Uint8Array(arr);
}
function Uint8ArrayToString(fileData: Uint8Array) {
let dataString = '';
for (let i = 0; i < fileData.length; i++) {
dataString += String.fromCharCode(fileData[i]);
}
return dataString;
}
function GetEccGenerateProperties() {
let properties: Array<huks.HuksParam> = [{
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
}, {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
}, {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN |
huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
}, {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
}];
return properties;
}
function GetEccSignProperties() {
let properties: Array<huks.HuksParam> = [{
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
}, {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
}, {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN
}, {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
}];
return properties;
}
function GetEccVerifyProperties() {
let properties: Array<huks.HuksParam> = [{
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_ECC
}, {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_ECC_KEY_SIZE_256
}, {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY
}, {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256
}];
return properties;
}
async function generateKeyItem(keyAlias: string, huksOptions: huks.HuksOptions) {
console.info(`promise: enter generateKeyItem`);
try {
await huks.generateKeyItem(keyAlias, huksOptions)
.then(() => {
console.info(`promise: generateKeyItem success`);
}).catch((error: BusinessError) => {
console.error(`promise: generateKeyItem failed, errCode : ${error.code}, errMsg : ${error.message}`);
})
} catch (error) {
console.error(`promise: generateKeyItem input arg invalid`);
}
}
async function initSession(keyAlias: string, huksOptions: huks.HuksOptions) {
console.info(`promise: enter initSession`);
try {
await huks.initSession(keyAlias, huksOptions)
.then((data) => {
handle = data.handle;
console.info(`promise: initSession success`);
}).catch((error: BusinessError) => {
console.error(`promise: initSession failed, errCode : ${error.code}, errMsg : ${error.message}`);
})
} catch (error) {
console.error(`promise: initSession input arg invalid`);
}
}
async function updateSession(handle: number, huksOptions: huks.HuksOptions) {
console.info(`promise: enter updateSession`);
try {
await huks.updateSession(handle, huksOptions)
.then((data) => {
let outData = data.outData as Uint8Array;
console.info(`promise: updateSession success, data = ${Uint8ArrayToString(outData)}`);
}).catch((error: BusinessError) => {
console.error(`promise: updateSession failed, errCode : ${error.code}, errMsg : ${error.message}`);
})
} catch (error) {
console.error(`promise: updateSession input arg invalid`);
}
}
async function finishSession(handle: number, huksOptions: huks.HuksOptions) {
console.info(`promise: enter finishSession`);
try {
await huks.finishSession(handle, huksOptions)
.then((data) => {
signature = data.outData as Uint8Array;
console.info(`promise: finishSession success, data = ${Uint8ArrayToString(signature)}`);
}).catch((error: BusinessError) => {
console.error(`promise: finishSession failed, errCode : ${error.code}, errMsg : ${error.message}`);
})
} catch (error) {
console.error(`promise: finishSession input arg invalid`);
}
}
async function deleteKeyItem(keyAlias: string, huksOptions: huks.HuksOptions) {
console.info(`promise: enter deleteKeyItem`);
try {
await huks.deleteKeyItem(keyAlias, huksOptions)
.then(() => {
console.info(`promise: deleteKeyItem success`);
}).catch((error: BusinessError) => {
console.error(`promise: deleteKeyItem failed, errCode : ${error.code}, errMsg : ${error.message}`);
})
} catch (error) {
console.error(`promise: deleteKeyItem input arg invalid`);
}
}
async function GenerateEccKey(keyAlias: string) {
console.info(`enter GenerateEccKey`);
let genProperties = GetEccGenerateProperties();
let options: huks.HuksOptions = {
properties: genProperties
};
await generateKeyItem(keyAlias, options);
}
async function Sign(keyAlias: string, plaintext: string) {
console.info(`enter Sign`);
let signProperties = GetEccSignProperties();
let options: huks.HuksOptions = {
properties: signProperties,
inData: StringToUint8Array(plaintext)
}
await initSession(keyAlias, options);
await finishSession(handle, options);
}
async function Verify(keyAlias: string, plaintext: string, signature: Uint8Array) {
console.info(`enter Verify`);
let verifyProperties = GetEccVerifyProperties()
let options: huks.HuksOptions = {
properties: verifyProperties,
inData: StringToUint8Array(plaintext)
}
await initSession(keyAlias, options);
await updateSession(handle, options);
options.inData = signature;
await finishSession(handle, options);
}
async function DeleteEccKey(keyAlias: string) {
console.info(`enter DeleteEccKey`);
let emptyOptions: huks.HuksOptions = {
properties: []
}
await deleteKeyItem(keyAlias, emptyOptions);
}
async function testSignVerify() {
await GenerateEccKey(keyAlias);
await Sign(keyAlias, plaintext);
await Verify(keyAlias, plaintext, signature);
await DeleteEccKey(keyAlias);
}
更多关于HarmonyOS 鸿蒙Next中ECC256/SHA256的实战系列教程也可以访问 https://www.itying.com/category-93-b0.html
HarmonyOS鸿蒙Next中ECC256/SHA256是系统内置的加密算法套件。ECC256基于椭圆曲线密码学,提供256位安全强度,用于非对称加密和数字签名。SHA256是安全散列算法,生成256位哈希值,用于数据完整性验证。两者结合可用于实现数字证书、安全通信等场景。鸿蒙通过安全子系统提供标准化API调用,开发者可直接使用系统级加密服务,无需额外集成第三方库。
在HarmonyOS Next中,可通过@ohos.security.cryptoFramework模块实现ECC256/SHA256签名验签。以下是核心步骤:
- 生成ECC密钥对:
import cryptoFramework from '@ohos.security.cryptoFramework';
let keyGen = cryptoFramework.createAsyKeyGenerator("ECC256");
let keyPair = await keyGen.generateKeyPair();
- 签名流程:
let signer = cryptoFramework.createSign("ECC256|SHA256");
await signer.init(keyPair.priKey);
let data = new Uint8Array([...]); // 待签名数据
let signature = await signer.sign(data);
- 验签流程:
let verifier = cryptoFramework.createVerify("ECC256|SHA256");
await verifier.init(keyPair.pubKey);
let result = await verifier.verify(data, signature);
关键点:
- 算法参数统一使用"ECC256|SHA256"格式
- 密钥对象需通过AsyKeyGenerator生成
- 支持对Uint8Array格式数据的处理
注意:实际使用时需添加异常处理,确保密钥与算法参数匹配。
