中国优质的IT技术网站
专业IT技术创作平台
IT职业在线教育平台
需要使用密钥库生产非对称密钥,针对网络接口参数进行双向加密,没有在文档中找到对应的demo,写了RSA demo生产RSA密钥成功,但是加密的时候失败了。 当前困难影响:没法使用密钥库中的RSA密钥进行加解密,使用算法库中的RSA不够安全。
微信扫码分享
import huks from '@ohos.security.huks'; import { BusinessError } from '@ohos.base'; let aesKeyAlias = 'test_rsaKeyAlias'; let handle: number; let plainText = '123456'; let IV = '001122334455'; let cipherData: Uint8Array; function StringToUint8Array(str: String) { let arr: number[] = new Array(); for (let i = 0, j = str.length; i < j; ++i) { arr.push(str.charCodeAt(i)); } return new Uint8Array(arr); } function Uint8ArrayToString(fileData: Uint8Array) { let dataString = ''; for (let i = 0; i < fileData.length; i++) { dataString += String.fromCharCode(fileData[i]); } return dataString; } function GetRsaGenerateProperties() { let properties: Array<huks.HuksParam> = new Array(); let index = 0; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }; return properties; } function GetRsaEncryptProperties() { let properties: Array<huks.HuksParam> = new Array(); let index = 0; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB }; // properties[index++] = { // tag: huks.HuksTag.HUKS_TAG_IV, // value: StringToUint8Array(IV) // } return properties; } function GetRsaDecryptProperties() { let properties: Array<huks.HuksParam> = new Array(); let index = 0; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_ALGORITHM, value: huks.HuksKeyAlg.HUKS_ALG_RSA }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_DIGEST, value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 }; properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PURPOSE, value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT } properties[index++] = { tag: huks.HuksTag.HUKS_TAG_PADDING, value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 } properties[index++] = { tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, value: huks.HuksCipherMode.HUKS_MODE_ECB } // properties[index++] = { // tag: huks.HuksTag.HUKS_TAG_IV, // value: StringToUint8Array(IV) // } return properties; } export async function GenerateRsaKey() { /* * 模拟生成密钥场景 * 1. 确定密钥别名 */ /* * 2. 获取生成密钥算法参数配置 */ let genProperties = GetRsaGenerateProperties(); let options: huks.HuksOptions = { properties: genProperties } /* * 3. 调用generateKeyItem */ await huks.generateKeyItem(aesKeyAlias, options) .then((data) => { console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); }).catch((error: BusinessError) => { console.error(`promise: generate RSA Key failed` + error); }) } export async function EncryptData() { /* * 模拟加密场景 * 1. 获取密钥别名 */ /* * 2. 获取待加密的数据 */ /* * 3. 获取加密算法参数配置 */ let encryptProperties = GetRsaEncryptProperties(); let options: huks.HuksOptions = { properties: encryptProperties, inData: StringToUint8Array(plainText) } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: BusinessError) => { console.error(`promise: init EncryptData failed` + error); }) /* * 5. 调用finishSession获取加密后的密文 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); cipherData = data.outData as Uint8Array; }).catch((error: BusinessError) => { console.error(`promise: encrypt data failed` + error); }) } export async function DecryptData() { /* * 模拟解密场景 * 1. 获取密钥别名 */ /* * 2. 获取待解密的密文 */ /* * 3. 获取解密算法参数配置 */ let decryptOptions = GetRsaDecryptProperties() let options: huks.HuksOptions = { properties: decryptOptions, inData: cipherData } /* * 4. 调用initSession获取handle */ await huks.initSession(aesKeyAlias, options) .then((data) => { handle = data.handle; }).catch((error: BusinessError) => { console.error(`promise: init DecryptData failed` + error); }) /* * 5. 调用finishSession获取解密后的数据 */ await huks.finishSession(handle, options) .then((data) => { console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); }).catch((error: BusinessError) => { console.error(`promise: decrypt data failed` + error); }) } async function DeleteKey() { /* * 模拟删除密钥场景 * 1. 获取密钥别名 */ let emptyOptions: huks.HuksOptions = { properties: [] } /* * 2. 调用deleteKeyItem删除密钥 */ await huks.deleteKeyItem(aesKeyAlias, emptyOptions) .then((data) => { console.info(`promise: delete data success`); }).catch((error: BusinessError) => { console.error(`promise: delete data failed` + error); }) } export async function rsa_test() { await GenerateRsaKey() await EncryptData() await DecryptData() }