密钥删除(ArkTS)
为保证数据安全性,当不需要使用该密钥时,应该删除密钥。
开发步骤
以删除HKDF256密钥为例。
-
确定密钥别名keyAlias,密钥别名最大长度为64字节。
-
初始化密钥属性集。用于删除时指定密钥的属性TAG,比如删除的密钥范围(全量/单个),当删除单个时,TAG字段可传空。
-
调用接口deleteKeyItem,删除密钥。
/*
* 以下以HKDF256密钥的Promise操作使用为例
*/
import huks from '@ohos.security.huks';
import { BusinessError } from '@ohos.base';
/* 1.确定密钥别名 */
let keyAlias = "test_Key";
/* 2.构造空对象 */
let huksOptions:huks.HuksOptions = {
properties:[]
}
class throwObject{
isThrow=false;
}
function deleteKeyItem(keyAlias: string, huksOptions: huks.HuksOptions, throwObject: throwObject) {
return new Promise<void>((resolve, reject) => {
try {
huks.deleteKeyItem(keyAlias, huksOptions, (error, data)=> {
if (error) {
reject(error);
} else {
resolve(data);
}
});
} catch (error) {
throwObject.isThrow = true;
throw(error as Error);
}
});
}
/* 3.删除密钥*/
async function publicDeleteKeyFunc(keyAlias:string, huksOptions:huks.HuksOptions) {
console.info(`enter promise deleteKeyItem`);
let throwObject:throwObject = {isThrow: false};
try {
await deleteKeyItem(keyAlias, huksOptions, throwObject)
.then ((data) => {
console.info(`promise: deleteKeyItem key success, data = ${JSON.stringify(data)}`);
})
.catch((error: BusinessError) => {
if (throwObject.isThrow) {
throw(error as Error);
} else {
console.error(`promise: deleteKeyItem failed` + error);
}
});
} catch (error) {
console.error(`promise: deleteKeyItem input arg invalid` + error);
}
}
async function testDerive() {
await publicDeleteKeyFunc(keyAlias, huksOptions);
}