Generating a Key (ArkTS)
This topic walks you through on how to randomly generate a key with the DH algorithm. For details about the scenarios and supported algorithms, see Supported Algorithms.
NOTE Key aliases must not contain sensitive information, such as personal data.
How to Develop
-
Specify the key alias. For details about the naming rules, see Key Generation Overview and Algorithm Specifications.
-
Initialize the key property set.
- Encapsulate key properties in HuksParam and use a HuksParam array to assign values to the properties field of HuksOptions.
- The key property set must contain HuksKeyAlg, HuksKeySize, and HuksKeyPurpose. That is, the HUKS_TAG_ALGORITHM, HUKS_TAG_PURPOSE, and HUKS_TAG_KEY_SIZE tags are mandatory.
NOTE
A key can have only one purpose, and the purpose specified during key generation must match the key purpose during usage. Otherwise, an exception occurs.
-
Use generateKeyItem to generate a key based on the key alias and key properties specified.
NOTE
If the service uses the same key alias to call the HUKS API to generate a key again, HUKS will generate a new key and overwrite the historical key file.
import { huks } from '@kit.UniversalKeystoreKit';
/* 1. Set the key alias. */
let keyAlias = 'dh_key';
/* 2. Initialize the key property set. */
let properties1: huks.HuksParam[] = [
{
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_DH
},
{
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_AGREE
},
{
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_DH_KEY_SIZE_2048
}
];
let huksOptions: huks.HuksOptions = {
properties: properties1,
inData: new Uint8Array([])
}
/* 3. Generate a key. */
function generateKeyItem(keyAlias: string, huksOptions: huks.HuksOptions) {
return new Promise<void>((resolve, reject) => {
try {
huks.generateKeyItem(keyAlias, huksOptions, (error, data) => {
if (error) {
reject(error);
} else {
resolve(data);
}
});
} catch (error) {
throw (error as Error);
}
});
}
async function publicGenKeyFunc(keyAlias: string, huksOptions: huks.HuksOptions): Promise<string> {
console.info(`enter promise generateKeyItem`);
try {
await generateKeyItem(keyAlias, huksOptions)
.then((data) => {
console.info(`promise: generateKeyItem success, data = ${JSON.stringify(data)}`);
})
.catch((error: Error) => {
console.error(`promise: generateKeyItem failed, ${JSON.stringify(error)}`);
});
return 'Success';
} catch (error) {
console.error(`promise: generateKeyItem input arg invalid, ` + JSON.stringify(error));
return 'Failed';
}
}
async function testGenKey(): Promise<string> {
let ret = await publicGenKeyFunc(keyAlias, huksOptions);
return ret;
}