e11c8fb6b2
Signed-off-by: code4lala <fengziteng2@huawei.com> Change-Id: If82fe8ad3d50acf9542eac03edfbe4ae882a5cd9 |
||
|---|---|---|
| build | ||
| figures | ||
| frameworks | ||
| interfaces | ||
| services/huks_standard | ||
| test | ||
| utils | ||
| .gitattributes | ||
| BUILD.gn | ||
| bundle.json | ||
| CODEOWNERS | ||
| hisysevent.yaml | ||
| huks.gni | ||
| LICENSE | ||
| OAT.xml | ||
| README_zh.md | ||
| README.md | ||
HUKS
Introduction
OpenHarmony Universal KeyStore HUKS provides applications with key library capabilities, such as key management and cryptographic operations on keys. HUKS also provides APIs for applications to import or generate keys.
HUKS consists of the following modules:
-
HUKS SDK layer: provides HUKS APIs for applications.
-
HUKS service layer: implements functions such as HUKS key management and storage.
-
HUKS engine layer: HUKS core module, which generates, encrypts, and decrypts keys. For devices running a standard system, this module of the commercial version must run in a secure environment such as a TEE or a chip with security capabilities. A secure environment requires dedicated hardware and is therefore implemented only by emulation in the open-source code. For the small and mini systems, HUKS only provides the example implementation of the root key protection solution. In commercial scenarios, the implementation must adapt to the protection solution for either the hardware root key or other root keys.
Directory Structure
base/security/huks/
├── build # Build configuration file
├── frameworks # Framework code, which is used by interfaces and services
│ └── huks_standard # Code implementation
| └── huks_lite # Build script in a small and mini systems
| └── crypto_lite # Encryption and decryption implementation
├── interfaces # APIs
│ └── innerkits
│ └── kits
├── services
│ └── huks_standard
├── test
└── utils
└── crypto_adapter
└── file_operator
└── list
└── mutex
Repositories Involved
Security subsystem