harmony 鸿蒙Security Subsystem - Key Management Service Changelog
Security Subsystem - Key Management Service Changelog
cl.security.1 Permission Change on the Key Attestation APIs
Access Level
Public API
Reason for Change
The public key of the end-entity certificate (device certificate) in the certificate chain obtained by using the key attestation API can be used as the unique identifier of a device, which imposes privacy leakage risks. For security purposes, a permission is required for calling these APIs.
Change Impact
This change is a non-compatible change. Adaptation is required.
API level
9
Change Since
OpenHarmony SDK 4.1.5.3
Key API/Component Changes
| Involved APIs | Before the Change | After the Change |
|---|---|---|
| attestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback |
No permission is required. | The ohos.permission.ATTEST_KEY permission is required. |
| attestKeyItem(keyAlias: string, options: HuksOptions) : Promise |
No permission is required. | The ohos.permission.ATTEST_KEY permission is required. |
| struct OH_Huks_Result OH_Huks_AttestKeyItem(const struct OH_Huks_Blob *keyAlias, const struct OH_Huks_ParamSet *paramSet, struct OH_Huks_CertChain *certChain) | No permission is required. | The ohos.permission.ATTEST_KEY permission is required. |
Adaptation Guide
Method 1: Use the following APIs for key attestation.
|API|
|——-|
|anonAttestKeyItem(keyAlias: string, options: HuksOptions, callback: AsyncCallback
Method 2: Request the ohos.permission.ATTEST_KEY permission for your application. This permission is available only to system applications.
你可能感兴趣的鸿蒙文章
harmony 鸿蒙Access Token Changelog
- 所属分类: 后端技术
- 本文标签:
热门推荐
-
2、 - 优质文章
-
3、 gate.io
-
7、 golang
-
9、 openharmony
-
10、 Vue中input框自动聚焦