HUKS的SM2签名验签的算法规格及开发步骤

1.首先指定密钥别名，初始化密钥属性集，调用generateKeyItem生成密钥，具体请参考密钥生成介绍及算法规格。

2.获取密钥别名。指定待签名的明文数据。获取属性参数HuksOptions，包括两个字段properties和inData。inData传入明文数据，properties传入算法参数配置。调用initSession初始化密钥会话，并获取会话的句柄handle。调用finishSession结束密钥会话，获取签名signature。

3.获取密钥别名。获取待验证的签名signature。获取属性参数HuksOptions，包括两个字段properties和inData。

inData传入签名signature，properties传入算法参数配置。调用initSession初始化密钥会话，并获取会话的句柄handle。调用updateSession更新密钥会话。调用finishSession结束密钥会话，验证签名。

HarmonyOS

海不辞水

2024-05-28 21:29:27

987浏览

回答 1

按赞同

按时间

宇宙无敌超英俊

使用的核心API

签名验签算法规格

签名验签开发步骤

核心代码解释

核心代码如下：

import huks from '@ohos.security.huks'; 
import promptAction from '@ohos.promptAction'; 
import buffer from '@ohos.buffer'; 
import util from '@ohos.util'; 
import { BusinessError } from '@ohos.base'; 
  
  
let KeyAlias = 'KeyAlias'; 
let handle: number; 
let plainText = 'aaaaaaabbbbbbbbbjghjghfg'; 
let cipherData: Uint8Array; 
let signature: Uint8Array; 
  
// 字符串转成字节流 
function stringToUint8Array(str: string) { 
  return new Uint8Array(buffer.from(str,'utf-8').buffer); 
} 
// 字节流转成可理解的字符串 
function uint8ArrayToString(array: Uint8Array) { 
  // 将UTF-8编码转换成Unicode编码 
  let out: string = ""; 
  let index: number = 0; 
  let len: number = array.length; 
  while (index < len) { 
    let character = array[index++]; 
    switch (character >> 4) { 
      case 0: 
      case 1: 
      case 2: 
      case 3: 
      case 4: 
      case 5: 
      case 6: 
      case 7: 
        out += String.fromCharCode(character); 
        break; 
      case 12: 
      case 13: 
        out += String.fromCharCode(((character & 0x1F) << 6) | (array[index++] & 0x3F)); 
        break; 
      case 14: 
        out += String.fromCharCode(((character & 0x0F) << 12) | ((array[index++] & 0x3F) << 6) | ((array[index++] & 0x3F) << 0)); 
        break; 
      default: 
        break; 
    } 
  } 
  return out; 
} 
const TAG='Test--'; 
//生成RSA密钥属性信息 
function GetSm2GenerateProperties() { 
  let properties: Array<huks.HuksParam> = new Array(); 
  let index = 0; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 
    value: huks.HuksKeyAlg.HUKS_ALG_SM2 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 
    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_PURPOSE, 
    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN | 
    huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 
  } 
  return properties; 
} 
  
//RSA加密密钥属性信息 
function GetSm2EncryptProperties() { 
  let properties: Array<huks.HuksParam> = new Array(); 
  let index = 0; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 
    value: huks.HuksKeyAlg.HUKS_ALG_SM2 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 
    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_PURPOSE, 
    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_SIGN 
  } 
  
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_PADDING, 
    value: huks.HuksKeyPadding.HUKS_PADDING_NONE 
  } 
  
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_DIGEST, 
    value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 
  } 
  
  return properties; 
} 
  
//RSA解密密钥属性信息 
function GetSm2DecryptProperties() { 
  let properties: Array<huks.HuksParam> = new Array(); 
  let index = 0; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 
    value: huks.HuksKeyAlg.HUKS_ALG_SM2 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 
    value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 
  }; 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_PURPOSE, 
    value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_VERIFY 
  } 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_PADDING, 
    value: huks.HuksKeyPadding.HUKS_PADDING_NONE 
  } 
  properties[index++] = { 
    tag: huks.HuksTag.HUKS_TAG_DIGEST, 
    value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 
  } 
  return properties; 
} 
async function GenerateEccKey(keyAlias: string) { 
  let genProperties = GetSm2GenerateProperties(); 
  let options: huks.HuksOptions = { 
    properties: genProperties 
  } 
  await huks.generateKeyItem(keyAlias, options) 
    .then((data) => { 
      promptAction.showToast({ 
        message: "成功生成了一个别名为："+ keyAlias + " 的密钥" , 
        duration: 2500, 
      }) 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "密钥生成失败，错误码是： " + err.code + " 错误吗信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
} 
async function Sign(keyAlias: string, plaintext: string) { 
  if (stringToUint8Array(plaintext) == null) { 
    promptAction.showToast({ 
      message: "签名验签数据为空，无法执行签名验签操作！", 
      duration: 6500, 
    }) 
    return; 
  } 
  let signProperties = GetSm2EncryptProperties(); 
  let options: huks.HuksOptions = { 
    properties: signProperties, 
    inData: stringToUint8Array(plaintext) 
  } 
  
  await huks.initSession(keyAlias, options) 
    .then((data) => { 
      handle = data.handle; 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "密钥初始化失败，错误码是： " + err.code + " 错误吗信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
  await huks.finishSession(handle, options) 
    .then((data) => { 
      promptAction.showToast({ 
        message: "验签完成， 验签结果是： " + uint8ArrayToString(data.outData), 
        duration: 6500, 
      }) 
      //signature = data.outData as Uint8Array; 
      signature = data.outData as Uint8Array; 
      console.log("test---signature"+signature) 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "签名验签finish阶段捕获了异常，错误码是： " + err.code + " 错误码信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
} 
async function Verify(keyAlias: string, signature: Uint8Array, plaintext: string) { 
  if (signature == null) { 
    promptAction.showToast({ 
      message: "签名验签数据为空，无法执行签名验签操作！", 
      duration: 6500, 
    }) 
    return; 
  } 
  let verifyProperties = GetSm2DecryptProperties() 
  let options: huks.HuksOptions = { 
    properties: verifyProperties, 
    inData: stringToUint8Array(plaintext) 
  } 
  await huks.initSession(keyAlias, options) 
    .then((data) => { 
      handle = data.handle; 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "密钥初始化失败，错误码是： " + err.code + " 错误吗信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
  await huks.updateSession(handle, options) 
    .then((data) => { 
      //console.info(`promise: update verify success, data is ` + uint8ArrayToString(data.outData as Uint8Array)); 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "验签update过程错误，错误码是： " + err.code + " 错误吗信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
  options.inData = signature 
  await huks.finishSession(handle, options) 
    .then((data) => { 
      promptAction.showToast({ 
        message: "验签通过", 
        duration: 6500, 
      }) 
    }).catch((err:BusinessError)=>{ 
      promptAction.showToast({ 
        message: "签名验签finish阶段捕获了异常，错误码是： " + err.code + " 错误码信息： " + err.message, 
        duration: 6500, 
      }) 
    }) 
} 
  
async function DeleteEccKey(keyAlias: string) { 
  let emptyOptions: huks.HuksOptions = { 
    properties: [] 
  } 
  await huks.deleteKeyItem(keyAlias, emptyOptions) 
    .then((data) => { 
      console.info(`promise: delete data success`); 
    }).catch((err:BusinessError)=>{ 
      console.error(`promise: delete data failed`); 
    }) 
} 
  
async function exportPuk(){ 
  let emptyOptions: huks.HuksOptions = { 
    properties: [] 
  }; 
  try { 
    huks.exportKeyItem(KeyAlias, emptyOptions, (error, data) => { 
      if (error) { 
        console.error(`test---callback: exportKeyItem failed`); 
      } else { 
        let base64=new util.Base64Helper 
        let pukBase=base64.encodeToStringSync(data.outData) 
        console.info(`test---callback: exportKeyItem success, data = ${JSON.stringify(data)}`,pukBase); 
      } 
    }); 
  } catch (error) { 
    console.error(`callback: exportKeyItem input arg invalid`); 
  } 
} 
  
  
  
@Entry 
@Component 
struct Index { 
  @State message: string = 'Hello Huks' 
  controller: TextInputController = new TextInputController(); 
  build() { 
    Column() { 
      Row() { 
        Button({ type: ButtonType.Normal, stateEffect: true }) { 
          Text('GenerateKey') 
            .fontColor(Color.White) 
            .fontSize(20) 
        } 
        .borderRadius(8) 
        .width('45%') 
        .height('5%') 
        .backgroundColor(0x317aff) 
        .onClick(async () => { 
          let str=stringToUint8Array(plainText) 
          console.log("test---str"+str) 
          await GenerateEccKey(KeyAlias); 
          await exportPuk(); 
        }) 
        .margin(10) 
  
        Button({ type: ButtonType.Normal, stateEffect: true }) { 
          Text('SignKey') 
            .fontColor(Color.White) 
            .fontSize(20) 
        } 
        .borderRadius(8) 
        .width('45%') 
        .height('5%') 
        .backgroundColor(0x317aff) 
        .onClick(() => { 
          Sign(KeyAlias,plainText); 
        }) 
        .margin(10) 
      } 
  
      Row() { 
        Button({ type: ButtonType.Normal, stateEffect: true }) { 
          Text('VerifyKey') 
            .fontColor(Color.White) 
            .fontSize(20) 
        } 
        .borderRadius(8) 
        .width('45%') 
        .height('5%') 
        .backgroundColor(0x317aff) 
        .onClick(() => { 
          Verify(KeyAlias,signature,plainText); 
        }) 
        .margin(10) 
      } 
    } 
  } 
}1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.

实现效果

适配的版本信息

IDE：DevEco Studio 4.1.3.500
SDK：API11

已于2024-5-29 22:40:15修改

2024-05-29 22:39:42

如何写精华回答，获更多曝光？

发布

51CTO

51CTO博客

51CTO学堂

HUKS的SM2签名验签的算法规格及开发步骤

订阅鸿蒙技术特刊，精选内容抢先看