harmony 鸿蒙@ohos.security.cert (证书模块)

  • 2022-12-22
  • 浏览 (1467)

@ohos.security.cert (证书模块)

证书算法库框架提供证书相关接口。其中,依赖加解密算法库框架的基础算法能力的部分,详细接口说明可参考cryptoFramework API参考

说明:

本模块首批接口从API version 9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。

导入模块

import certFramework from '@ohos.security.cert';
import cryptoFramework from '@ohos.security.cryptoFramework';

CertResult

表示执行结果的枚举。

系统能力: SystemCapability.Security.Cert

名称 说明
INVALID_PARAMS 401 非法入参。
NOT_SUPPORT 801 操作不支持。
ERR_OUT_OF_MEMORY 19020001 内存错误。
ERR_RUNTIME_ERROR 19020002 运行时外部错误。
ERR_CRYPTO_OPERATION 19030001 调用三方算法库API出错。
ERR_CERT_SIGNATURE_FAILURE 19030002 证书签名验证错误。
ERR_CERT_NOT_YET_VALID 19030003 证书尚未生效。
ERR_CERT_HAS_EXPIRED 19030004 证书过期。
ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 19030005 无法获取证书的颁发者。
ERR_KEYUSAGE_NO_CERTSIGN 19030006 证书的秘钥用途不含证书签名。
ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 19030007 证书的秘钥用途不含数字签名。

DataBlob

buffer数组。 系统能力: SystemCapability.Security.Cert |名称 |类型 |可读|可写|说明 | |————–|————–|—-|—-|—————-| |data |Uint8Array |是 |是 |数据。 |

DataArray

buffer数组的列表。 系统能力: SystemCapability.Security.Cert |名称 |类型 |可读|可写|说明 | |————–|————–|—-|—-|—————-| |data |Uint8Array |是 |是 |数据列表。 |

EncodingFormat

表示证书编码格式的枚举。

系统能力: SystemCapability.Security.Cert

名称 说明
FORMAT_DER 0 DER格式。
FORMAT_PEM 1 PEM格式。

CertItemType10+

表示获取证书字段的枚举。

系统能力: SystemCapability.Security.Cert

名称 说明
CERT_ITEM_TYPE_TBS 0 表示获取证书的待签名信息。
CERT_ITEM_TYPE_PUBLIC_KEY 1 表示获取证书的公钥信息。
CERT_ITEM_TYPE_ISSUER_UNIQUE_ID 2 表示获取证书的颁发者唯一编号。
CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID 3 表示获取证书的主体唯一编号。
CERT_ITEM_TYPE_EXTENSIONS 4 表示获取证书的扩展域信息。

ExtensionOidType10+

表示获取扩展域中对象标识符类型的枚举。

系统能力: SystemCapability.Security.Cert

名称 说明
EXTENSION_OID_TYPE_ALL 0 表示获取扩展域中所有的对象标识符。
EXTENSION_OID_TYPE_CRITICAL 1 表示获取扩展域中critical为true的对象标识符。
EXTENSION_OID_TYPE_UNCRITICAL 2 表示获取扩展域中critical为false的对象标识符。

ExtensionEntryType10+

表示获取扩展域中对象类型的枚举。

系统能力: SystemCapability.Security.Cert

名称 说明
EXTENSION_ENTRY_TYPE_ENTRY 0 表示获取整个对象。
EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL 1 表示获取对象的critical属性。
EXTENSION_ENTRY_TYPE_ENTRY_VALUE 2 表示获取对象的数据。

EncodingBlob

带编码格式的证书二进制数组。

属性

系统能力: SystemCapability.Security.Cert

名称 类型 可读 可写 说明
data Uint8Array 传入的证书数据。
encodingFormat EncodingFormat 指明证书编码格式。

CertChainData

证书链数据,在证书链校验时,作为入参传入。

属性

系统能力: SystemCapability.Security.Cert

名称 类型 可读 可写 说明
data Uint8Array 证书数据,按照长度(2字节)-数据的形式传入,如:08ABCDEFGH07ABCDEFG,第一本证书,前2个字节表示证书的长度为8字节,后面附加8字节的证书数据;第2本证书前2个字节表示证书的长度为7字节,后面附加7字节的证书数据。
count number 传入的数据中,包含的证书数量。
encodingFormat EncodingFormat 指明证书编码格式。

cryptoCert.createX509Cert

createX509Cert(inStream : EncodingBlob, callback : AsyncCallback<X509Cert>) : void

表示创建X509证书对象,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数:

参数名 类型 必填 说明
inStream EncodingBlob X509证书序列化数据
callback AsyncCallback<X509Cert> 回调函数。表示X509证书对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
  }
});

cryptoCert.createX509Cert

createX509Cert(inStream : EncodingBlob) : Promise<X509Cert>

表示创建X509证书对象,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

参数:

参数名 类型 必填 说明
inStream EncodingBlob X509证书序列化数据

返回值:

类型 说明
Promise<X509Cert> 表示X509证书对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob).then(x509Cert => {
  console.log('createX509Cert success');
}).catch((error: BusinessError) => {
  console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

X509Cert

X509证书类。

verify

verify(key : cryptoFramework.PubKey, callback : AsyncCallback<void>) : void

表示对证书验签,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数:

参数名 类型 必填 说明
key cryptoFramework.PubKey 用于验签的公钥对象
callback AsyncCallback<void> 回调函数。使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,不为null表示失败

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');

    // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey
    try {
      let pubKey = x509Cert.getPublicKey();

      // 验证证书签名
      x509Cert.verify(pubKey, (err, data) => {
        if (err == null) {
          console.log('verify success');
        } else {
          console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message);
        }
      });
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

verify

verify(key : cryptoFramework.PubKey) : Promise<void>

表示对证书验签,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

参数:

参数名 类型 必填 说明
key cryptoFramework.PubKey 用于验签的公钥对象

返回值:

类型 说明
Promise<void> Promise对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob).then(x509Cert => {
  console.log('createX509Cert success');

  try {
    // 业务需通过上级X509Cert证书对象(或当前证书对象为自签名的证书)的getPublicKey获取PubKey
    let pubKey = x509Cert.getPublicKey();
    x509Cert.verify(pubKey).then(result => {
      console.log('verify success');
    }).catch((error: BusinessError) => {
      console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message);
    });
  } catch (err) {
    console.error('get public key failed');
  }
}).catch((error: BusinessError) => {
  console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

getEncoded

getEncoded(callback : AsyncCallback<EncodingBlob>) : void

表示获取X509证书序列化数据,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
callback AsyncCallback<EncodingBlob> 回调函数。表示X509证书序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    x509Cert.getEncoded((error, data) => {
      if (error != null) {
        console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
      } else {
        console.log('getEncoded success');
      }
    });
  }
});

getEncoded

getEncoded() : Promise<EncodingBlob>

表示获取X509证书序列化数据,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
Promise<EncodingBlob> 表示X509证书序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' +
  'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' +
  'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' +
  'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' +
  'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' +
  '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' +
  'BetUokslUfjT6+s/X4ByaxycAA==\n' +
  '-----END CERTIFICATE-----\n';

// 证书二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};
certFramework.createX509Cert(encodingBlob).then(x509Cert => {
  console.log('createX509Cert success');
  x509Cert.getEncoded().then(result => {
    console.log('getEncoded success');
  }).catch((error: BusinessError) => {
    console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  });
}).catch((error: BusinessError) => {
  console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

getPublicKey

getPublicKey() : cryptoFramework.PubKey

表示获取X509证书公钥。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
cryptoFramework.PubKey X509证书公钥对象:仅用于X509Cert的verify接口

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let pubKey = x509Cert.getPublicKey();
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getPublicKey failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

checkValidityWithDate

checkValidityWithDate(date: string) : void

表示检查X509证书有效期。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
date string 日期(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间必须以Z结尾:表示标准时间)

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.
19030003 the certificate has not taken effect.
19030004 the certificate has expired.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');

    let date = '231001000001Z';
    // Verify the certificate validity period.
    try {
      x509Cert.checkValidityWithDate(date);
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('checkValidityWithDate failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getVersion

getVersion() : number

表示获取X509证书版本。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 表示X509证书版本

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};
certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    let version = x509Cert.getVersion();
  }
});

getSerialNumber(deprecated)

getSerialNumber() : number

表示获取X509证书序列号。

说明:

从API version 9开始支持,从API version 10开始废弃,建议使用getCertSerialNumber替代。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 表示X509证书序列号

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    let serialNumber = x509Cert.getSerialNumber();
  }
});

getCertSerialNumber10+

getCertSerialNumber() : bigint

表示获取X509证书序列号。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
bigint 表示X509证书序列号

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020002 runtime error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let serialNumber = x509Cert.getCertSerialNumber();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getCertSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getIssuerName

getIssuerName() : DataBlob

表示获取X509证书颁发者名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书颁发者名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let issuerName = x509Cert.getIssuerName();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSubjectName

getSubjectName() : DataBlob

表示获取X509证书主体名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书主体名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let subjectName = x509Cert.getSubjectName();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSubjectName failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getNotBeforeTime

getNotBeforeTime() : string

表示获取X509证书有效期起始时间。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书有效期起始时间(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间以Z结尾:表示标准时间)

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let notBefore = x509Cert.getNotBeforeTime();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getNotAfterTime

getNotAfterTime() : string

表示获取X509证书有效期截止时间。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书有效期截止时间(格式:YYMMDDHHMMSSZ 或 YYYYMMDDHHMMSSZ,时间以Z结尾:表示标准时间)

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';

import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let notAfter = x509Cert.getNotAfterTime();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getNotAfterTime failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignature

getSignature() : DataBlob

表示获取X509证书签名数据。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书签名数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';

import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let signature = x509Cert.getSignature();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgName

getSignatureAlgName() : string

表示获取X509证书签名算法名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书签名算法名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';

import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let sigAlgName = x509Cert.getSignatureAlgName();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgOid

getSignatureAlgOid() : string

表示获取X509证书签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书签名算法对象标志符OID

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let sigAlgOid = x509Cert.getSignatureAlgOid();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgParams

getSignatureAlgParams() : DataBlob

表示获取X509证书签名算法参数。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书签名算法参数

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let sigAlgParams = x509Cert.getSignatureAlgParams();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getKeyUsage

getKeyUsage() : DataBlob

表示获取X509证书秘钥用途。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书秘钥用途

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let keyUsage = x509Cert.getKeyUsage();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getKeyUsage failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getExtKeyUsage

getExtKeyUsage() : DataArray

表示获取X509证书扩展秘钥用途。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataArray 表示X509证书扩展秘钥用途

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let extKeyUsage = x509Cert.getExtKeyUsage();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getBasicConstraints

getBasicConstraints() : number

表示获取X509证书基本约束。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 表示X509证书基本约束

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    let basicConstraints = x509Cert.getBasicConstraints();
  }
});

getSubjectAltNames

getSubjectAltNames() : DataArray

表示获取X509证书主体可选名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataArray 表示X509证书主体可选名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let subjectAltNames = x509Cert.getSubjectAltNames();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSubjectAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getIssuerAltNames

getIssuerAltNames() : DataArray

表示获取X509证书颁发者可选名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataArray 表示X509证书颁发者可选名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let issuerAltNames = x509Cert.getIssuerAltNames();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getIssuerAltNames failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getItem10+

getItem(itemType: CertItemType) : DataBlob

表示获取X509证书对应的字段。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书对应的字段,返回值为DER格式。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' +
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' +
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' +
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' +
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' +
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' +
  'Qw==\n' +
  '-----END CERTIFICATE-----\n';

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Cert(encodingBlob, (error, x509Cert) => {
  if (error != null) {
    console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Cert success');
    try {
      let tbs = x509Cert.getItem(certFramework.CertItemType.CERT_ITEM_TYPE_TBS);
      let pubKey = x509Cert.getItem(certFramework.CertItemType.CERT_ITEM_TYPE_PUBLIC_KEY);
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getItem failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

cryptoCert.createCertExtension10+

createCertExtension(inStream : EncodingBlob, callback : AsyncCallback<CertExtension>) : void

表示创建证书扩展域段的对象,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
inStream EncodingBlob 表示证书扩展域段序列化数据
callback AsyncCallback<CertExtension> 回调函数。表示扩展域段对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};

certFramework.createCertExtension(encodingBlob, (error, certExt) => {
  if (error != null) {
    console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createCertExtension success');
  }
});

cryptoCert.createCertExtension10+

createCertExtension(inStream : EncodingBlob) : Promise<CertExtension>

表示创建证书扩展域段的对象,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
inStream EncodingBlob 表示证书扩展域段序列化数据

返回值

类型 说明
Promise<CertExtension> 表示证书扩展域段对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};

certFramework.createCertExtension(encodingBlob).then(certExt => {
  console.log('createCertExtension success');
}).catch((error: BusinessError) => {
  console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

CertExtension10+

证书扩展域段类。

getEncoded10+

getEncoded() : EncodingBlob

表示获取证书扩展域段序列化数据。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
EncodingBlob 表示证书扩展域段序列化数据。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};

certFramework.createCertExtension(encodingBlob, (error, certExt) => {
  if (error != null) {
    console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createCertExtension success');
    try {
      let extEncodedBlob = certExt.getEncoded();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('ext getEncoded failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getOidList10+

getOidList(valueType : ExtensionOidType) : DataArray

表示获取证书扩展域段对象标识符列表。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
valueType ExtensionOidType 表示证书扩展域段对象标识符类型

返回值

类型 说明
DataArray 表示证书扩展域段对象标识符列表。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};

certFramework.createCertExtension(encodingBlob, (error, certExt) => {
  if (error != null) {
    console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createCertExtension success');
    try {
      let oidList = certExt.getOidList(certFramework.ExtensionOidType.EXTENSION_OID_TYPE_ALL);
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('ext getOidList failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getEntry10+

getEntry(valueType: ExtensionEntryType, oid : DataBlob) : DataBlob

表示获取证书扩展域段对象信息。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
valueType ExtensionEntryType 表示证书扩展域段获取的类型
oid DataBlob 表示证书扩展域段获取的对象标识符

返回值

类型 说明
DataBlob 表示证书扩展域段对象的数据。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};

certFramework.createCertExtension(encodingBlob, (error, certExt) => {
  if (error != null) {
    console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createCertExtension success');
    let oid = new Uint8Array([0x32, 0x2e, 0x35, 0x2e, 0x32, 0x39, 0x2e, 0x31, 0x35]);
    let oidBlob: certFramework.DataBlob = {
      data: oid
    }
    try {
      let entry = certExt.getEntry(certFramework.ExtensionEntryType.EXTENSION_ENTRY_TYPE_ENTRY, oidBlob);
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('ext getEntry failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

checkCA10+

checkCA() : number

表示校验证书是否为CA证书。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 当证书扩展域段中密钥用途包含签名用途,并且基本约束中cA字段为true时,表示证书为CA证书。如果不是CA,则返回-1;否则返回基本约束中的路径长度。如果证书是CA证书,但是基本约束中未给定路径长度,则返回-2,表示无路径长度限制。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书扩展域段二进制数据,需业务自行赋值
let extData = new Uint8Array([
  0x30, 0x40, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D,
  0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03,
  0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55,
  0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
  0x02, 0x01, 0xC6, 0x30, 0x1D, 0x06, 0x03, 0x55,
  0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE0, 0x8C,
  0x9B, 0xDB, 0x25, 0x49, 0xB3, 0xF1, 0x7C, 0x86,
  0xD6, 0xB2, 0x42, 0x87, 0x0B, 0xD0, 0x6B, 0xA0,
  0xD9, 0xE4
]);

let encodingBlob: certFramework.EncodingBlob = {
  data: extData,
  // 根据encodingData的格式进行赋值,仅支持FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_DER
};
certFramework.createCertExtension(encodingBlob, (error, certExt) => {
  if (error != null) {
    console.error('createCertExtension failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createCertExtension success');
    try {
      let res = certExt.checkCA();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('ext checkCA failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

cryptoCert.createX509Crl

createX509Crl(inStream : EncodingBlob, callback : AsyncCallback<X509Crl>) : void

表示创建X509证书吊销列表的对象,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
inStream EncodingBlob 表示证书吊销列表序列化数据
callback AsyncCallback<X509Crl> 回调函数。表示证书吊销列表对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
  }
});

cryptoCert.createX509Crl

createX509Crl(inStream : EncodingBlob) : Promise<X509Crl>

表示创建X509证书吊销列表的对象,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
inStream EncodingBlob 表示证书吊销列表序列化数据

返回值

类型 说明
Promise<X509Crl> 表示证书吊销列表对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob).then(x509Crl => {
  console.log('createX509Crl success');
}).catch((error: BusinessError) => {
  console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

X509Crl

X509证书吊销列表对象。

isRevoked

isRevoked(cert : X509Cert) : boolean

表示检查证书是否吊销。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
cert X509Cert 表示被检查的证书对象

返回值

类型 说明
boolean 表示证书吊销状态,true表示已吊销,false表示未吊销

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

let certData = '-----BEGIN CERTIFICATE-----\n' +
  'MIIBLzCB1QIUO/QDVJwZLIpeJyPjyTvE43xvE5cwCgYIKoZIzj0EAwIwGjEYMBYG\n' +
  'A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTIzMDkwNDExMjAxOVoXDTI2MDUzMDEx\n' +
  'MjAxOVowGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYI\n' +
  'KoZIzj0DAQcDQgAEHjG74yMIueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTa\n' +
  'tUsU0i/sePnrKglj2H8Abbx9PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEA\n' +
  '0ce/fvA4tckNZeB865aOApKXKlBjiRlaiuq5mEEqvNACIQDPD9WyC21MXqPBuRUf\n' +
  'BetUokslUfjT6+s/X4ByaxycAA==\n' +
  '-----END CERTIFICATE-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

let certEncodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    // Create an X509Cert instance.
    certFramework.createX509Cert(certEncodingBlob, (error, x509Cert) => {
      if (error == null) {
        try {
          let revokedFlag = x509Crl.isRevoked(x509Cert);
        } catch (error) {
          let e: BusinessError = error as BusinessError;
          console.error('isRevoked failed, errCode: ' + e.code + ', errMsg: ' + e.message);
        }
      }
    });
  }
});

getType

getType() : string

表示获取证书吊销列表类型。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示证书吊销列表类型

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    let type = x509Crl.getType();
  }
});

getEncoded

getEncoded(callback : AsyncCallback<EncodingBlob>) : void

表示获取X509证书吊销列表的序列化数据,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
callback AsyncCallback<EncodingBlob> 回调函数,表示X509证书吊销列表的序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    x509Crl.getEncoded((error, data) => {
      if (error != null) {
        console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
      } else {
        console.log('getEncoded success');
      }
    });
  }
});

getEncoded

getEncoded() : Promise<EncodingBlob>

表示获取X509证书吊销列表的序列化数据,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
Promise<EncodingBlob> 表示X509证书吊销列表的序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob).then(x509Crl => {
  console.log('createX509Crl success');
  x509Crl.getEncoded().then(result => {
    console.log('getEncoded success');
  }).catch((error: BusinessError) => {
    console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  });
}).catch((error: BusinessError) => {
  console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

verify

verify(key : cryptoFramework.PubKey, callback : AsyncCallback<void>) : void

表示对X509证书吊销列表进行验签,使用Callback回调异步返回结果。验签支持RSA算法。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
key cryptoFramework.PubKey 表示用于验签的公钥对象
callback AsyncCallback<void> 回调函数,使用AsyncCallback的第一个error参数判断是否验签成功,error为null表示成功,error不为null表示失败。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import cryptoFramework from '@ohos.security.cryptoFramework';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

let pubKeyData = new Uint8Array([
  0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
  0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D,
  0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE,
  0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C,
  0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66,
  0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0,
  0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C,
  0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65,
  0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA,
  0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01,
  0x00, 0x01
]);

let priKeyData = new Uint8Array([
  0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
  0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01,
  0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED,
  0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67,
  0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20,
  0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4,
  0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23,
  0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22,
  0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14,
  0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91,
  0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F,
  0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE,
  0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9,
  0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D,
  0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53,
  0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D,
  0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3,
  0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67,
  0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00,
  0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE,
  0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54,
  0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A,
  0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D,
  0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17,
  0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB,
  0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB,
  0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6,
  0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4,
  0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20,
  0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6,
  0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29,
  0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91,
  0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2,
  0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7,
  0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92,
  0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C,
  0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1,
  0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05,
  0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0,
  0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D
]);

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      // Generate the public key by AsyKeyGenerator.
      let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3');
      console.log('createAsyKeyGenerator success');
      let priEncodingBlob: cryptoFramework.DataBlob = {
        data: priKeyData,
      };
      let pubEncodingBlob: cryptoFramework.DataBlob = {
        data: pubKeyData,
      };
      keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob, (e, keyPair) => {
        if (e == null) {
          console.log('convert key success');
          x509Crl.verify(keyPair.pubKey, (err, data) => {
            if (err == null) {
              console.log('verify success');
            } else {
              console.error('verify failed, errCode: ' + err.code + ', errMsg: ' + err.message);
            }
          });
        } else {
          console.error('convert key failed, message: ' + e.message + 'code: ' + e.code);
        }
      })
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

verify

verify(key : cryptoFramework.PubKey) : Promise<void>

表示对X509证书吊销列表进行验签,使用Promise方式异步返回结果。验签支持RSA算法。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
key cryptoFramework.PubKey 表示用于验签的公钥对象。

返回值

类型 说明
Promise<void> Promise对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import cryptoFramework from '@ohos.security.cryptoFramework'
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

let pubKeyData = new Uint8Array([
  0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
  0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D,
  0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED, 0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE,
  0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67, 0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C,
  0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20, 0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66,
  0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4, 0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0,
  0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23, 0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C,
  0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22, 0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65,
  0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14, 0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA,
  0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91, 0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01,
  0x00, 0x01
]);

let priKeyData = new Uint8Array([
  0x30, 0x82, 0x02, 0x77, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
  0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x61, 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01,
  0x00, 0x02, 0x81, 0x81, 0x00, 0xDC, 0x4C, 0x2D, 0x57, 0x49, 0x3D, 0x42, 0x52, 0x1A, 0x09, 0xED,
  0x3E, 0x90, 0x29, 0x51, 0xF7, 0x70, 0x15, 0xFE, 0x76, 0xB0, 0xDB, 0xDF, 0xA1, 0x2C, 0x6C, 0x67,
  0x95, 0xDA, 0x63, 0x3D, 0x4F, 0x71, 0x48, 0x8C, 0x3E, 0xFA, 0x24, 0x79, 0xE9, 0xF2, 0xF2, 0x20,
  0xCB, 0xF1, 0x59, 0x6B, 0xED, 0xC8, 0x72, 0x66, 0x6E, 0x31, 0xD4, 0xF3, 0xCE, 0x0B, 0x12, 0xC4,
  0x17, 0x39, 0xB4, 0x52, 0x16, 0xD3, 0xE3, 0xC0, 0xF8, 0x48, 0xB3, 0xF6, 0x40, 0xD5, 0x47, 0x23,
  0x30, 0x7F, 0xA7, 0xC5, 0x5A, 0x5A, 0xBB, 0x5C, 0x7B, 0xEF, 0x69, 0xE2, 0x74, 0x35, 0x24, 0x22,
  0x25, 0x45, 0x7E, 0xFC, 0xE8, 0xC4, 0x52, 0x65, 0xA0, 0x4E, 0xBC, 0xFD, 0x3F, 0xD9, 0x85, 0x14,
  0x8A, 0x5A, 0x93, 0x02, 0x24, 0x6C, 0x19, 0xBA, 0x81, 0xBE, 0x65, 0x2E, 0xCB, 0xBB, 0xE9, 0x91,
  0x7B, 0x7C, 0x47, 0xC2, 0x61, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x5A, 0xCF, 0x0F,
  0xF5, 0xA6, 0x1C, 0x19, 0x65, 0x8C, 0x94, 0x40, 0xF6, 0x84, 0x28, 0x74, 0x40, 0x42, 0x34, 0xDE,
  0xC3, 0x00, 0x5E, 0x72, 0x4D, 0x96, 0xE9, 0x4C, 0xBD, 0xC9, 0xDB, 0x14, 0x9F, 0xD5, 0xBB, 0xA9,
  0x0C, 0x20, 0xC2, 0xBE, 0x7A, 0x80, 0x89, 0xEC, 0x99, 0x04, 0xF0, 0xEE, 0x7B, 0x83, 0x20, 0x1D,
  0x37, 0x19, 0x55, 0x85, 0xF6, 0x8E, 0x3B, 0xFB, 0x16, 0xF3, 0xD3, 0x6F, 0xEE, 0x73, 0x12, 0x53,
  0xCA, 0x77, 0xD7, 0x6C, 0x29, 0xF5, 0x08, 0xA3, 0x09, 0x01, 0x0B, 0x00, 0x05, 0x57, 0xAD, 0x4D,
  0xF0, 0x92, 0xB2, 0x5A, 0x8B, 0x19, 0x09, 0x81, 0x86, 0xFE, 0x66, 0xB9, 0x33, 0x88, 0x28, 0xF3,
  0x37, 0x73, 0x09, 0x5F, 0xD7, 0xC9, 0xC6, 0xFA, 0x13, 0x74, 0xFE, 0xAE, 0x53, 0xA9, 0x71, 0x67,
  0xCE, 0x3A, 0xE6, 0x8D, 0x35, 0xD1, 0xB8, 0xFD, 0x6F, 0x0D, 0x43, 0xC2, 0xD1, 0x02, 0x41, 0x00,
  0xF7, 0x33, 0xE5, 0x6C, 0x29, 0x5A, 0x30, 0x58, 0xA4, 0x52, 0x65, 0xA0, 0x39, 0xC2, 0xE8, 0xAE,
  0x5F, 0xA3, 0x2D, 0x0C, 0x65, 0xB1, 0x7B, 0xFD, 0x92, 0xBF, 0x47, 0x87, 0x97, 0x40, 0xCB, 0x54,
  0xF9, 0xBB, 0x50, 0x27, 0x70, 0x51, 0xD0, 0xD8, 0x48, 0x0D, 0xC6, 0x47, 0x60, 0xF8, 0x4E, 0x0A,
  0x32, 0x76, 0x6D, 0xA4, 0xBA, 0x40, 0xE5, 0x58, 0xF8, 0x4A, 0x39, 0x4E, 0xF8, 0x3F, 0x4E, 0x2D,
  0x02, 0x41, 0x00, 0xE4, 0x23, 0x2A, 0x5F, 0x59, 0xCF, 0x7C, 0x91, 0x24, 0x0D, 0xA2, 0x44, 0x17,
  0xCD, 0x37, 0xDE, 0x1F, 0x53, 0x4D, 0x33, 0x9F, 0x90, 0x4D, 0xD9, 0x72, 0x64, 0x25, 0xBA, 0xAB,
  0x47, 0x91, 0xC4, 0x99, 0x95, 0x86, 0xB5, 0x8A, 0xEA, 0x77, 0xF7, 0x64, 0x72, 0x5E, 0xB7, 0xBB,
  0x16, 0xA1, 0x64, 0xA4, 0xE1, 0x2D, 0x76, 0x6D, 0xEF, 0xB1, 0x5E, 0xD6, 0x17, 0xE8, 0xAA, 0xB6,
  0xA0, 0xD9, 0x85, 0x02, 0x41, 0x00, 0xDF, 0xC8, 0x5B, 0x28, 0x4F, 0x47, 0x15, 0xFD, 0x28, 0xC4,
  0x6E, 0xBB, 0x5D, 0x8E, 0xD4, 0x95, 0x06, 0x7E, 0xF1, 0x89, 0x07, 0x86, 0x64, 0x78, 0x69, 0x20,
  0x3F, 0xE0, 0xBF, 0x4C, 0x28, 0xC6, 0x04, 0x4D, 0x4D, 0x82, 0x66, 0x6B, 0xAA, 0x64, 0x20, 0xD6,
  0x57, 0x68, 0xC6, 0xA0, 0x02, 0x05, 0xB9, 0x28, 0xFC, 0x98, 0xE3, 0x03, 0x5C, 0x9B, 0xEE, 0x29,
  0x43, 0x37, 0xFA, 0x03, 0x55, 0x01, 0x02, 0x40, 0x69, 0x5B, 0x7C, 0x24, 0x10, 0xDB, 0xEB, 0x91,
  0x33, 0xEF, 0x3F, 0xF2, 0xE6, 0x73, 0x15, 0xCB, 0xF4, 0xF7, 0x89, 0x7D, 0xBF, 0xC0, 0xEA, 0xD2,
  0xF3, 0x2B, 0x20, 0xE9, 0x76, 0x54, 0x55, 0x13, 0x50, 0x42, 0x67, 0xB5, 0xCB, 0x73, 0xC0, 0xF7,
  0x75, 0x62, 0x04, 0x30, 0x21, 0xAC, 0xAF, 0xD8, 0x44, 0xF4, 0xE1, 0x04, 0x02, 0x7D, 0x61, 0x92,
  0x84, 0x99, 0x02, 0x10, 0x64, 0xCB, 0x1F, 0xE9, 0x02, 0x41, 0x00, 0xAB, 0x4B, 0x7D, 0x90, 0x7C,
  0x57, 0x08, 0x6B, 0xC0, 0x43, 0x72, 0x09, 0x8A, 0x18, 0x35, 0x36, 0x64, 0x9D, 0x84, 0x8D, 0xF1,
  0x84, 0x94, 0x48, 0xC6, 0x80, 0x9D, 0xB9, 0xA2, 0x58, 0x0A, 0x4D, 0x0A, 0xCA, 0x1E, 0xD6, 0x05,
  0x55, 0x5B, 0xFE, 0xD7, 0xAA, 0x70, 0xED, 0x76, 0xB3, 0x40, 0x2E, 0xA0, 0xB3, 0x32, 0x37, 0xB0,
  0xA0, 0xB9, 0x96, 0x2D, 0xC4, 0x70, 0xE9, 0x99, 0x10, 0x67, 0x8D
]);

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob).then(x509Crl => {
  console.log('createX509Crl success');

  try {
    // 生成公钥对象
    let keyGenerator = cryptoFramework.createAsyKeyGenerator('RSA1024|PRIMES_3');
    console.log('createAsyKeyGenerator success');
    let priEncodingBlob: cryptoFramework.DataBlob = {
      data: priKeyData,
    };
    let pubEncodingBlob: cryptoFramework.DataBlob = {
      data: pubKeyData,
    };
    keyGenerator.convertKey(pubEncodingBlob, priEncodingBlob).then((keyPair) => {
      console.log('convert key success');
      x509Crl.verify(keyPair.pubKey).then(result => {
        console.log('verify success');
      }).catch((error: BusinessError) => {
        console.error('verify failed, errCode: ' + error.code + ', errMsg: ' + error.message);
      });
    }).catch((error: BusinessError) => {
      console.error('convert key failed, message: ' + error.message + 'code: ' + error.code);
    });
  } catch (error) {
    let e: BusinessError = error as BusinessError;
    console.error('get pubKey failed, errCode: ' + e.code + ', errMsg: ' + e.message);
  }
}).catch((error: BusinessError) => {
  console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

getVersion

getVersion() : number

表示获取X509证书吊销列表的版本号。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 表示获取X509证书吊销列表的版本号

示例:

import certFramework from '@ohos.security.cert';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    let version = x509Crl.getVersion();
  }
});

getIssuerName

getIssuerName() : DataBlob

表示获取X509证书吊销列表颁发者名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书吊销列表颁发者名称

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let issuerName = x509Crl.getIssuerName();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getIssuerName failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getLastUpdate

getLastUpdate() : string

表示获取X509证书吊销列表最后一次更新日期。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书吊销列表最后一次更新日期

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let lastUpdate = x509Crl.getLastUpdate();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getLastUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getNextUpdate

getNextUpdate() : string

表示获取证书吊销列表下一次更新的日期。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书吊销列表下一次更新的日期

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let nextUpdate = x509Crl.getNextUpdate();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getNextUpdate failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getRevokedCert

getRevokedCert(serialNumber : number) : X509CrlEntry

表示通过指定证书序列号获取被吊销X509证书对象。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
serialNumber number 表示证书序列号

返回值:

类型 说明
X509CrlEntry 表示被吊销X509证书对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    let serialNumber = 1000;
    try {
      let entry = x509Crl.getRevokedCert(serialNumber);
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getRevokedCertWithCert

getRevokedCertWithCert(cert : X509Cert) : X509CrlEntry

表示通过指定证书对象获取被吊销X509证书对象。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
cert X509Cert 表示证书对象

返回值:

类型 说明
X509CrlEntry 表示被吊销X509证书对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书二进制数据,需业务自行赋值
let certData = '-----BEGIN CERTIFICATE-----\n'
  'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n'
  'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n'
  'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n'
  'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n'
  'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n'
  'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n'
  'Qw==\n'
  '-----END CERTIFICATE-----\n';

let certEncodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(certData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    // 创建X509证书对象.
    certFramework.createX509Cert(certEncodingBlob).then((x509Cert) => {
      try {
        let entry = x509Crl.getRevokedCertWithCert(x509Cert);
      } catch (error) {
        let e: BusinessError = error as BusinessError;
        console.error('getRevokedCertWithCert failed, errCode: ' + e.code + ', errMsg: ' + e.message);
      }
    }).catch((error: BusinessError) => {
      console.error('createX509Cert failed, errCode: ' + error.code + ', errMsg: ' + error.message);
    })
  }
});

getRevokedCerts

getRevokedCerts(callback : AsyncCallback>) : void

表示获取被吊销X509证书列表,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
callback AsyncCallback> 回调函数。表示被吊销X509证书列表

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    x509Crl.getRevokedCerts((error, array) => {
      if (error != null) {
        console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message);
      } else {
        console.log('getRevokedCerts success');
      }
    });
  }
});

getRevokedCerts

getRevokedCerts() : Promise>

表示获取被吊销X509证书列表,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

返回值:

类型 说明
Promise> 表示被吊销X509证书列表

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob).then(x509Crl => {
  console.log('createX509Crl success');
  x509Crl.getRevokedCerts().then(array => {
    console.log('getRevokedCerts success');
  }).catch((error: BusinessError) => {
    console.error('getRevokedCerts failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  });
}).catch((error: BusinessError) => {
  console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
});

getTbsInfo

getTbsInfo() : DataBlob

表示获取证书吊销列表的tbsCertList信息。

系统能力: SystemCapability.Security.Cert

返回值:

类型 说明
DataBlob 表示证书吊销列表的tbsCertList信息

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let tbsInfo = x509Crl.getTbsInfo();
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getTbsInfo failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignature

getSignature() : DataBlob

表示获取X509证书吊销列表的签名数据。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书吊销列表的签名数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let signature = x509Crl.getSignature();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignature failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgName

getSignatureAlgName() : string

表示获取X509证书吊销列表签名的算法名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书吊销列表签名的算法名

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let sigAlgName = x509Crl.getSignatureAlgName();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignatureAlgName failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgOid

getSignatureAlgOid() : string

表示获取X509证书吊销列表签名算法的对象标志符OID(Object Identifier)。OID是由国际标准组织(ISO)的名称注册机构分配。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示X509证书吊销列表签名算法的对象标志符OID。

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let sigAlgOid = x509Crl.getSignatureAlgOid();
    } catch (err) {
      let e: BusinessError = err as BusinessError;
      console.error('getSignatureAlgOid failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

getSignatureAlgParams

getSignatureAlgParams() : DataBlob

表示获取X509证书吊销列表签名的算法参数。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示X509证书吊销列表签名的算法参数

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n';

// 证书吊销列表二进制数据,需业务自行赋值
let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (error, x509Crl) => {
  if (error != null) {
    console.error('createX509Crl failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  } else {
    console.log('createX509Crl success');
    try {
      let sigAlgParams = x509Crl.getSignatureAlgParams();
    } catch (err) {
      let e: BusinessError = error as BusinessError;
      console.error('getSignatureAlgParams failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
});

cryptoCert.createCertChainValidator

createCertChainValidator(algorithm :string) : CertChainValidator

表示创建证书链校验器对象。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
algorithm string 表示证书链校验器算法。当前仅支持输入“PKIX”

返回值

类型 说明
CertChainValidator 表示证书链校验器对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

try {
  let validator = certFramework.createCertChainValidator('PKIX');
} catch (error) {
  let e: BusinessError = error as BusinessError;
  console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message);
}

CertChainValidator

证书链校验器对象。

属性

系统能力: SystemCapability.Security.Cert

名称 类型 可读 可写 说明
algorithm string X509证书链校验器算法名称。

validate

validate(certChain : CertChainData, callback : AsyncCallback<void>) : void

表示校验X509证书链,使用Callback回调异步返回结果。 由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的checkValidityWithDate方法进行检查。详见证书规格

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
certChain CertChainData 表示X509证书链序列化数据
callback AsyncCallback<void> 回调函数。使用AsyncCallback的第一个error参数判断是否校验成功,error为null表示成功,error不为null表示失败

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.
19030002 the certificate signature verification failed.
19030003 the certificate has not taken effect.
19030004 the certificate has expired.
19030005 failed to obtain the certificate issuer.
19030006 the key cannot be used for signing a certificate.
19030007 the key cannot be used for digital signature.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书链二进制数据,需业务自行赋值
let certChainBuff = new Uint8Array([0x30, 0x82, 0x44]);

let certChainData: certFramework.CertChainData = {
  data: certChainBuff,
  // 证书链包含的证书个数,需业务自行赋值
  count: 2,
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

try {
  let validator = certFramework.createCertChainValidator('PKIX');
  validator.validate(certChainData, (error, data) => {
    if (error != null) {
      console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message);
    } else {
      console.log('validate success');
    }
  });
} catch (error) {
  let e: BusinessError = error as BusinessError;
  console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message);
}

validate

validate(certChain : CertChainData) : Promise<void>

表示校验X509证书链,使用Promise方式异步返回结果。 由于端侧系统时间不可信,证书链校验不包含对证书有效时间的校验。如果需要检查证书的时间有效性,可使用X509证书的checkValidityWithDate方法进行检查。详见证书规格

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
certChain CertChainData 表示X509证书链序列化数据。

返回值

类型 说明
Promise<void> Promise对象

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.
19030002 the certificate signature verification failed.
19030003 the certificate has not taken effect.
19030004 the certificate has expired.
19030005 failed to obtain the certificate issuer.
19030006 the key cannot be used for signing a certificate.
19030007 the key cannot be used for digital signature.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// 证书链二进制数据,需业务自行赋值
let certChainBuff = new Uint8Array([0x30, 0x82, 0x44]);

let certChainData: certFramework.CertChainData = {
  data: certChainBuff,
  // 证书链包含的证书个数,需业务自行赋值
  count: 2,
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

try {
  let validator = certFramework.createCertChainValidator('PKIX');
  validator.validate(certChainData).then(result => {
    console.log('validate success');
  }).catch((error: BusinessError) => {
    console.error('validate failed, errCode: ' + error.code + ', errMsg: ' + error.message);
  });
} catch (error) {
  let e: BusinessError = error as BusinessError;
  console.error('getNotBeforeTime failed, errCode: ' + e.code + ', errMsg: ' + e.message);
}

algorithm

algorithm : string

表示X509证书链校验器算法名称。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示证书链校验器算法名称

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

try {
  let validator = certFramework.createCertChainValidator('PKIX');
  let algorithm = validator.algorithm;
} catch (error) {
  let e: BusinessError = error as BusinessError;
  console.error('createCertChainValidator failed, errCode: ' + e.code + ', errMsg: ' + e.message);
}

X509CrlEntry

被吊销证书对象。

getEncoded

getEncoded(callback : AsyncCallback<EncodingBlob>) : void

表示获取被吊销证书的序列化数据,使用Callback回调异步返回结果。

系统能力: SystemCapability.Security.Cert

参数

参数名 类型 必填 说明
callback AsyncCallback<EncodingBlob> 回调函数。表示被吊销证书的序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n'

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (err, x509Crl) => {
  if (err != null) {
    console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message);
  } else {
    console.log('create x509 crl success');

    try {
      let serialNumber = 1000;
      let crlEntry = x509Crl.getRevokedCert(serialNumber);
      crlEntry.getEncoded((error, data) => {
        if (error != null) {
          console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
        } else {
          console.log('getEncoded success');
        }
      });
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
})

getEncoded

getEncoded() : Promise<EncodingBlob>

表示获取被吊销证书的序列化数据,使用Promise方式异步返回结果。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
Promise<EncodingBlob> 表示被吊销证书的序列化数据

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n'

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (err, x509Crl) => {
  if (err != null) {
    console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message);
  } else {
    console.log('create x509 crl success');

    try {
      let serialNumber = 1000;
      let crlEntry = x509Crl.getRevokedCert(serialNumber);
      crlEntry.getEncoded().then(result => {
        console.log('getEncoded success');
      }).catch((error: BusinessError) => {
        console.error('getEncoded failed, errCode: ' + error.code + ', errMsg: ' + error.message);
      });
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
})

getSerialNumber

getSerialNumber() : number

表示获取被吊销证书的序列号。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
number 表示被吊销证书的序列号

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n'

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (err, x509Crl) => {
  if (err != null) {
    console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message);
  } else {
    console.log('create x509 crl success');

    try {
      let serialNumber = 1000;
      let crlEntry = x509Crl.getRevokedCert(serialNumber);
      serialNumber = crlEntry.getSerialNumber();
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert or getSerialNumber failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
})

getCertIssuer

getCertIssuer() : DataBlob

表示获取被吊销证书的颁发者信息。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
DataBlob 表示被吊销证书的颁发者信息

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n'

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (err, x509Crl) => {
  if (err != null) {
    console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message);
  } else {
    console.log('create x509 crl success');

    try {
      let serialNumber = 1000;
      let crlEntry = x509Crl.getRevokedCert(serialNumber);
      let issuer = crlEntry.getCertIssuer();
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert or getCertIssuer failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
})

getRevocationDate

getRevocationDate() : string

表示获取证书被吊销的日期。

系统能力: SystemCapability.Security.Cert

返回值

类型 说明
string 表示证书被吊销的日期

错误码:

以下错误码的详细介绍请参见cert错误码

错误码ID 错误信息
19020001 memory error.
19020002 runtime error.
19030001 crypto operation error.

示例:

import certFramework from '@ohos.security.cert';
import { BusinessError } from '@ohos.base';

// string转Uint8Array
function stringToUint8Array(str: string): Uint8Array {
  let arr: Array<number> = [];
  for (let i = 0, j = str.length; i < j; i++) {
    arr.push(str.charCodeAt(i));
  }
  return new Uint8Array(arr);
}

let crlData = '-----BEGIN X509 CRL-----\n' +
  'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' +
  'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' +
  'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' +
  'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' +
  '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' +
  'eavsH0Q3\n' +
  '-----END X509 CRL-----\n'

let encodingBlob: certFramework.EncodingBlob = {
  data: stringToUint8Array(crlData),
  // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER
  encodingFormat: certFramework.EncodingFormat.FORMAT_PEM
};

certFramework.createX509Crl(encodingBlob, (err, x509Crl) => {
  if (err != null) {
    console.error('createX509Crl failed, errCode: ' + err.code + ', errMsg: ' + err.message);
  } else {
    console.log('create x509 crl success');

    try {
      let serialNumber = 1000;
      let crlEntry = x509Crl.getRevokedCert(serialNumber);
      let date = crlEntry.getRevocationDate();
    } catch (error) {
      let e: BusinessError = error as BusinessError;
      console.error('getRevokedCert or getRevocationDate failed, errCode: ' + e.code + ', errMsg: ' + e.message);
    }
  }
})

你可能感兴趣的鸿蒙文章

harmony 鸿蒙接口

harmony 鸿蒙系统公共事件定义(待停用)

harmony 鸿蒙系统公共事件定义

harmony 鸿蒙开发说明

harmony 鸿蒙企业设备管理概述(仅对系统应用开放)

harmony 鸿蒙BundleStatusCallback

harmony 鸿蒙@ohos.bundle.innerBundleManager (innerBundleManager模块)

harmony 鸿蒙@ohos.distributedBundle (分布式包管理)

harmony 鸿蒙@ohos.bundle (Bundle模块)

harmony 鸿蒙@ohos.enterprise.EnterpriseAdminExtensionAbility (企业设备管理扩展能力)

0  赞