diff --git a/OAT.xml b/OAT.xml
index 3ae5bf2fbc643e6416e9e427371f195987608618..ce35cdbf3e03cf04dafaf920335b664228326419 100644
--- a/OAT.xml
+++ b/OAT.xml
@@ -67,6 +67,7 @@
+
diff --git a/README.md b/README.md
index 95338ded79d969c2117ee1237c13c9c250392128..7af11747eb90c665fbd0f33c01e225a62bb7963b 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,10 @@
# 证书管理
-- [简介](#section11660541593)
-- [目录](#section161941989596)
-- [相关仓](#section1371113476307)
-
## 简介
-证书管理主要提供系统级的证书管理能力,实现证书全生命周期(生成,存储,使用,销毁)的管理和安全使用 ,满足生态应用和上层业务的诉求。
+证书管理主要提供系统级的证书管理能力,实现证书全生命周期(生成,存储,使用,销毁)的管理和安全使用 ,满足生态应用和上层业务的诉求。 证书管理架构如下图所示:
+图1 证书管理架构
+
证书管理模块可以分为如下三大部分:
@@ -14,24 +12,32 @@
- Service层:实现证书全生命周期管理。
- Engine层:证书管理核心模块,负责证书的生成、存储、授权、使用、销毁等工作。其中密钥相关操作依赖于当前设备中的HUKS能力,证书管理通过HUKS组件提供对业务证书以及其关联密钥的生成,导入,存储,读取和删除等能力。
+证书生命周期管理:
+- 证书安装。使用者可以通过安装接口,传入证书文件或密钥库文件,实现证书的安装。
+- 证书存储。证书管理模块将用户传入的证书、或设备端生成的证书,存储在/data/service/el1/public/cert_manager_service/certificates目录下,并使用UserID和UID对证书进行隔离。对应的密钥会存储在HUKS模块中。
+- 证书使用。通过查询对应的证书,使用者可获取到证书文件进行业务相关操作。
+- 证书销毁。删除接口允许使用者,批量或单张销毁存储在证书管理中的证书,相对应的密钥也会在HUKS模块中被删除
+
## 目录
```
base/security/certificate_manager/
-├── build # 编译配置文件
├── config # 系统根证书文件
-├── frameworks # 框架代码, 作为基础功能目录, 被interfaces和services使用.
+├── frameworks # 框架代码, 作为基础功能目录, 被interfaces和services使用
├── interfaces # 接口API代码
-│ └── innerkits
-│ └── kits
-├── services
+│ └── innerkits # c接口代码
+│ └── kits # napi代码
+├── services # 服务层代码
│ └── cert_manager_standard # 证书管理核心功能代码
├── test # 测试资源存放目录
```
+## 说明
+### 接口说明
+证书管理相关接口将在后续API版本中体现,具体参见证书管理使用指南。
## 相关仓
**安全子系统**
-
**security_huks**
+**security_privacy_center**
diff --git a/build/config.gni b/build/config.gni
deleted file mode 100644
index e65619fc1324680ad1e7d55bdff4990ed5ca62dc..0000000000000000000000000000000000000000
--- a/build/config.gni
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# Copyright (c) 2020 Huawei Device Co., Ltd.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-declare_args() {
- # for HUKS can compile on liteos_m
- disable_huks_binary = false
-
- # cut abilities for authentication
- disable_authenticate = false
-
- # if HUKS use mbedtls engine
- huks_use_mbedtls = true
-
- # whether use lite storeage
- huks_use_lite_storage = false
-
- # whether use hardware root key
- huks_use_hardware_root_key = false
-
- # whether use hks config file
- huks_config_file = ""
-
- # whether use hks key store path
- huks_key_store_path = "/storage/"
-
- # whether huks enable log
- huks_enable_log = false
-}
diff --git a/figures/zh-cn_certificate_manager_architecture.png b/figures/zh-cn_certificate_manager_architecture.png
new file mode 100644
index 0000000000000000000000000000000000000000..a360f067b314677492c5faddb77d2efd84a88742
Binary files /dev/null and b/figures/zh-cn_certificate_manager_architecture.png differ
diff --git a/interfaces/kits/js/@ohos.security.certManager.d.ts b/interfaces/kits/js/@ohos.security.certManager.d.ts
index f7127bd5ec758eda3f545b9e83bde5ec6fca0bd1..dc80ab842de24e44f5e6d6972604fa6d32f672a3 100644
--- a/interfaces/kits/js/@ohos.security.certManager.d.ts
+++ b/interfaces/kits/js/@ohos.security.certManager.d.ts
@@ -27,6 +27,7 @@ declare namespace certManager {
* @since 9
* @syscap SystemCapability.Security.CertManager
* @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
function getSystemTrustedCertificateList(context: CMContext, callback: AsyncCallback) : void;
function getSystemTrustedCertificateList(context: CMContext) : Promise;
@@ -37,6 +38,7 @@ declare namespace certManager {
* @syscap SystemCapability.Security.CertManager
* @param context Indicates the context of the calling interface application.
* @param certUri Indicates the certificate's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
function getSystemTrustedCertificate(context: CMContext, certUri: string, callback: AsyncCallback) : void;
function getSystemTrustedCertificate(context: CMContext, certUri: string) : Promise;
@@ -45,10 +47,12 @@ declare namespace certManager {
* Set the status of root certificates.
* @since 9
* @syscap SystemCapability.Security.CertManager
+ * @param context Indicates the context of the calling interface application.
* @param certUri Indicates the certificate's name.
* @param store Indicates the type of certificate.
- * @param context Indicates the context of the calling interface application.
* @param status Indicates the status of certificate to be set.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
function setCertificateStatus(context: CMContext, certUri: string, store: number, status: boolean, callback: AsyncCallback) : void;
function setCertificateStatus(context: CMContext, certUri: string, store: number, status: boolean) : Promise;
@@ -57,255 +61,264 @@ declare namespace certManager {
* Install the user root certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param certificate Indicates the certificate file.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function installUserTrustedCertificate(context: CMContext, certificate: CMBlob, callback: AsyncCallback) : void;
- function installUserTrustedCertificate(context: CMContext, certificate: CMBlob,) : Promise;
+ function installUserTrustedCertificate(certificate: CertBlob, callback: AsyncCallback) : void;
+ function installUserTrustedCertificate(certificate: CertBlob,) : Promise;
/**
* Uninstall all user root certificates.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function uninstallAllUserTrustedCertificate(context: CMContext, callback: AsyncCallback) : void;
- function uninstallAllUserTrustedCertificate(context: CMContext) : Promise;
+ function uninstallAllUserTrustedCertificate(callback: AsyncCallback) : void;
+ function uninstallAllUserTrustedCertificate() : Promise;
/**
* Uninstall the specified user root certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param certUri Indicates the certificate's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function uninstallUserTrustedCertificate(context: CMContext, certUri: string, callback: AsyncCallback) : void;
- function uninstallUserTrustedCertificate(context: CMContext, certUri: string) : Promise;
+ function uninstallUserTrustedCertificate(certUri: string, callback: AsyncCallback) : void;
+ function uninstallUserTrustedCertificate(certUri: string) : Promise;
/**
* Get a list of user root certificates.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function getUserTrustedCertificateList(context: CMContext, callback: AsyncCallback) : void;
- function getUserTrustedCertificateList(context: CMContext) : Promise;
+ function getUserTrustedCertificateList(callback: AsyncCallback) : void;
+ function getUserTrustedCertificateList() : Promise;
/**
* Get the detail of user root certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param certUri Indicates the certificate's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function getUserTrustedCertificate(context: CMContext, certUri: string, callback: AsyncCallback) : void;
- function getUserTrustedCertificate(context: CMContext, certUri: string) : Promise;
+ function getUserTrustedCertificate(certUri: string, callback: AsyncCallback) : void;
+ function getUserTrustedCertificate(certUri: string) : Promise;
/**
* Install normal application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keystore Indicates the keystore file with key pair and certificate.
* @param keystorePwd Indicates the password of keystore file.
* @param certAlias Indicates the certificate name inputted by the user.
- * @param keyProperties Indicates the properties of keys in keystore file.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function installAppCertificate(context: CMContext, keystore: CMBlob, keystorePwd: string, certAlias: string, keyProperties: CMKeyProperties, callback: AsyncCallback) : void;
- function installAppCertificate(context: CMContext, keystore: CMBlob, keystorePwd: string, certAlias: string, keyProperties: CMKeyProperties) : Promise;
+ function installAppCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string, callback: AsyncCallback) : void;
+ function installAppCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string) : Promise;
/**
* Install private application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keystore Indicates the keystore file with key pair and certificate.
* @param keystorePwd Indicates the password of keystore file.
* @param certAlias Indicates the certificate name inputted by the user.
- * @param keyProperties Indicates the properties of keys in keystore file.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function installPrivateCertificate(context: CMContext, keystore: CMBlob, keystorePwd: string, certAlias: string, keyProperties: CMKeyProperties, callback: AsyncCallback) : void;
- function installPrivateCertificate(context: CMContext, keystore: CMBlob, keystorePwd: string, certAlias: string, keyProperties: CMKeyProperties) : Promise;
+ function installPrivateCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string, callback: AsyncCallback) : void;
+ function installPrivateCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string) : Promise;
/**
* Generate private application certificate locally.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyAlias Indicates the key alias inputted by the user.
* @param keyProperties Indicates the properties of keys in keystore file.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function generatePrivateCertificate(context: CMContext, keyAlias: string, keyProperties: CMKeyProperties, callback: AsyncCallback) : void;
- function generatePrivateCertificate(context: CMContext, keyAlias: string, keyProperties: CMKeyProperties) : Promise;
+ function generatePrivateCertificate(keyAlias: string, keyProperties: CMKeyProperties, callback: AsyncCallback) : void;
+ function generatePrivateCertificate(keyAlias: string, keyProperties: CMKeyProperties) : Promise;
/**
* Update private application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param type Indicates the type of the certificate used.
* @param keyUri Indicates key's name.
* @param certificate Indicates the certificate file.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function updatePrivateCertificate(context: CMContext, type: string, keyUri: string, certificate: CMBlob, callback: AsyncCallback) : void;
- function updatePrivateCertificate(context: CMContext, type: string, keyUri: string, certificate: CMBlob) : Promise;
+ function updatePrivateCertificate(type: string, keyUri: string, certificate: CertBlob, callback: AsyncCallback) : void;
+ function updatePrivateCertificate(type: string, keyUri: string, certificate: CertBlob) : Promise;
/**
* Uninstall all application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function uninstallAllAppCertificate(context: CMContext, callback: AsyncCallback) : void;
- function uninstallAllAppCertificate(context: CMContext) : Promise;
+ function uninstallAllAppCertificate(callback: AsyncCallback) : void;
+ function uninstallAllAppCertificate() : Promise;
/**
* Uninstall the specified normal application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function uninstallAppCertificate(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function uninstallAppCertificate(context: CMContext, keyUri: string) : Promise;
+ function uninstallAppCertificate(keyUri: string, callback: AsyncCallback) : void;
+ function uninstallAppCertificate(keyUri: string) : Promise;
/**
* Uninstall the specified normal application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function uninstallPrivateCertificate(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function uninstallPrivateCertificate(context: CMContext, keyUri: string) : Promise;
+ function uninstallPrivateCertificate(keyUri: string, callback: AsyncCallback) : void;
+ function uninstallPrivateCertificate(keyUri: string) : Promise;
/**
* Get a list of normal application certificates.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function getAppCertificateList(context: CMContext, callback: AsyncCallback) : void;
- function getAppCertificateList(context: CMContext) : Promise;
+ function getAppCertificateList(callback: AsyncCallback) : void;
+ function getAppCertificateList() : Promise;
/**
* Get a list of private application certificates.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function getPrivateCertificateList(context: CMContext, callback: AsyncCallback) : void;
- function getPrivateCertificateList(context: CMContext) : Promise;
+ function getPrivateCertificateList(callback: AsyncCallback) : void;
+ function getPrivateCertificateList() : Promise;
/**
* Get the detail of normal application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function getAppCertificate(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function getAppCertificate(context: CMContext, keyUri: string, ) : Promise;
+ function getAppCertificate(keyUri: string, callback: AsyncCallback) : void;
+ function getAppCertificate(keyUri: string, ) : Promise;
/**
* Get the detail of private application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function getPrivateCertificate(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function getPrivateCertificate(context: CMContext, keyUri: string) : Promise;
+ function getPrivateCertificate(keyUri: string, callback: AsyncCallback) : void;
+ function getPrivateCertificate(keyUri: string) : Promise;
/**
* Authorize the specified application certificate for the specified application.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
- * @param clientApp Indicates the context of the authorized application.
+ * @param clientAppUid Indicates the uid of the authorized application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function grantAppCertificate(context: CMContext, keyUri: string, clientApp: CMContext, callback: AsyncCallback) : void;
- function grantAppCertificate(context: CMContext, keyUri: string, clientApp: CMContext) : Promise;
+ function grantAppCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void;
+ function grantAppCertificate(keyUri: string, clientAppUid: string) : Promise;
/**
* Whether the current application is authorized by the specified application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function isAuthorizedApp(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function isAuthorizedApp(context: CMContext, keyUri: string) : Promise;
+ function isAuthorizedApp(keyUri: string, callback: AsyncCallback) : void;
+ function isAuthorizedApp(keyUri: string) : Promise;
/**
* Get the list of applications authorized by the specified certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function getAuthorizedAppList(context: CMContext, keyUri: string, callback: AsyncCallback) : void;
- function getAuthorizedAppList(context: CMContext, keyUri: string) : Promise;
+ function getAuthorizedAppList(keyUri: string, callback: AsyncCallback) : void;
+ function getAuthorizedAppList(keyUri: string) : Promise;
/**
* Deauthorize the specified application from the specified application certificate.
* @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param keyUri Indicates key's name.
- * @param clientApp Indicates the context of the deauthorized application.
+ * @param clientAppUid Indicates the uid of the deauthorized application.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
+ * @systemapi Hide this for inner system use
*/
- function removeGrantAppCertificate(context: CMContext, keyUri: string, clientApp: CMContext, callback: AsyncCallback) : void;
- function removeGrantAppCertificate(context: CMContext, keyUri: string, clientApp: CMContext) : Promise;
+ function removeGrantedAppCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void;
+ function removeGrantedAppCertificate(keyUri: string, clientAppUid: string) : Promise;
/**
- * Init Operation.
- * @since 8
+ * Init operation for signing and verifying etc.
+ * @since 9
* @syscap SystemCapability.Security.CertManager
- * @param context Indicates the context of the calling interface application.
* @param authUri Indicates the authorization relationship between application and application certificate.
* @param spec Indicates the properties of the signature and verification..
* @return The handle of the init Operation.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function init(context: CMContext, authUri: string, spec: CMSignatureSpec, callback: AsyncCallback) : void;
- function init(context: CMContext, authUri: string, spec: CMSignatureSpec) : Promise;
+ function init(authUri: string, spec: CMSignatureSpec, callback: AsyncCallback) : void;
+ function init(authUri: string, spec: CMSignatureSpec) : Promise;
/**
- * Update Operation.
- * @since 8
+ * Update operation for signing and verifying etc.
+ * @since 9
* @syscap SystemCapability.Security.Huks
- * @param context Indicates the context of the calling interface application.
* @param handle Indicates the handle of the init operation.
* @param data Indicates the input value.
* @param token Indicates the value of token.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function update(context: CMContext, handle: number, data: Uint8Array, callback: AsyncCallback) : void;
- function update(context: CMContext, handle: number, data: Uint8Array, token: Uint8Array, callback: AsyncCallback) : void;
- function update(context: CMContext, handle: number, data: Uint8Array, token?: Uint8Array) : Promise;
+ function update(handle: number, data: Uint8Array, callback: AsyncCallback) : void;
+ function update(handle: number, data: Uint8Array, token: Uint8Array, callback: AsyncCallback) : void;
+ function update(handle: number, data: Uint8Array, token?: Uint8Array) : Promise;
/**
- * Finish Operation.
- * @since 8
+ * Finish operation for signing and verifying etc.
+ * @since 9
* @syscap SystemCapability.Security.Huks
- * @param context Indicates the context of the calling interface application.
* @param handle Indicates the handle of the init operation.
* @param signature Indicates the sign data.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function finish(context: CMContext, handle: number, callback: AsyncCallback) : void;
- function finish(context: CMContext, handle: number, signature: Uint8Array, callback: AsyncCallback) : void;
- function finish(context: CMContext, handle: number, signature?: Uint8Array) : Promise;
+ function finish(handle: number, callback: AsyncCallback) : void;
+ function finish(handle: number, signature: Uint8Array, callback: AsyncCallback) : void;
+ function finish(handle: number, signature?: Uint8Array) : Promise;
/**
- * Abort Operation.
- * @since 8
+ * Abort operation for signing and verifying etc.
+ * @since 9
* @syscap SystemCapability.Security.Huks
- * @param context Indicates the context of the calling interface application.
* @param handle Indicates the handle of the init operation.
+ * @permission ohos.permission.ACCESS_CERT_MANAGER
*/
- function abort(context: CMContext, handle: number, callback: AsyncCallback) : void;
- function abort(context: CMContext, handle: number) : Promise;
+ function abort(handle: number, callback: AsyncCallback) : void;
+ function abort(handle: number) : Promise;
export interface CMContext {
userId: string;
@@ -322,7 +335,6 @@ declare namespace certManager {
serial: string;
notBefore: string;
notAfter: string;
- fingerprintSha1: string;
fingerprintSha256: string;
cert: Uint8Array;
}
@@ -349,9 +361,9 @@ declare namespace certManager {
keyUri: string;
}
- export interface CMBlob {
- readonly inData?: Uint8Array;
- readonly alias?: string;
+ export interface CertBlob {
+ inData: Uint8Array;
+ alias: string;
}
export interface CMResult {
@@ -360,7 +372,7 @@ declare namespace certManager {
certInfo?: CertInfo;
credentialList?: Array;
credential?: Credential;
- appList?: Array;
+ appUidList?: Array;
authUri?: string;
outData?: Uint8Array;
isAuth?: boolean;
@@ -392,45 +404,10 @@ declare namespace certManager {
export enum CMErrorCode {
CM_SUCCESS = 0,
- CM_FAILURE = -1,
- CM_ERROR_INSTALL_CERTIFICATE = -2,
- CM_ERROR_SET_STATUS = -3,
- CM_ERROR_INVALID_ARGUMENT = -3,
- CM_ERROR_INVALID_STORE = -4,
- CM_ERROR_NOT_SUPPORTED = -5,
- CM_ERROR_UNINSTALL = -6,
- CM_ERROR_NO_PERMISSION = -7,
- CM_ERROR_INSUFFICIENT_DATA = -8,
- CM_ERROR_GET_CERTIRICATE = -9,
- CM_ERROR_STORAGE_FAILURE = -10,
- CM_ERROR_HARDWARE_FAILURE = -11,
- CM_ERROR_ALREADY_EXISTS = -12,
- CM_ERROR_NOT_EXIST = -13,
- CM_ERROR_NULL_POINTER = -14,
- CM_ERROR_FILE_SIZE_FAIL = -15,
- CM_ERROR_READ_FILE_FAIL = -16,
- CM_ERROR_INVALID_PUBLIC_KEY = -17,
- CM_ERROR_INVALID_PRIVATE_KEY = -18,
- CM_ERROR_INVALID_KEY_INFO = -19,
- CM_ERROR_REMOVE_CERTIFICATE_FAIL = -20,
- CM_ERROR_OPEN_FILE_FAIL = -21,
- CM_ERROR_INVALID_KEY_FILE = -22,
- CM_ERROR_IPC_MSG_FAIL = -23,
- CM_ERROR_REQUEST_OVERFLOWS = -24,
- CM_ERROR_PARAM_NOT_EXIST = -25,
- CM_ERROR_CRYPTO_ENGINE_ERROR = -26,
- CM_ERROR_COMMUNICATION_TIMEOUT = -27,
- CM_ERROR_IPC_INIT_FAIL = -28,
- CM_ERROR_IPC_DLOPEN_FAIL = -29,
- CM_ERROR_EFUSE_READ_FAIL = -30,
-
- CM_ERROR_CHECK_GET_ALG_FAIL = -100,
- CM_ERROR_CHECK_GET_KEY_SIZE_FAIL = -101,
- CM_ERROR_CHECK_GET_PADDING_FAIL = -102,
- CM_ERROR_INVALID_DIGEST = -117,
-
- CM_ERROR_INTERNAL_ERROR = -999,
- CM_ERROR_UNKNOWN_ERROR = -1000,
+ CM_ERROR_INNER_ERROR = 17500001,
+ CM_ERROR_NO_PERMISSION = 17500002,
+ CM_ERROR_NO_FOUND = 17500003,
+ CM_ERROR_X509_FORMATE = 17500004,
}
}