The device authentication module belongs to the security subsystem of OpenHarmony. It manages the entire lifecycle of trust relationships between devices, including establishment, maintenance, use, and cancellation, and implements authentication and secure session key exchange between trusted devices. It provides basic capabilities for trusted interconnections between devices that run OpenHarmony.
The device authentication module provides the following capabilities:
The device authentication module consists of three submodules: device group management, device group authentication, and account-irrelevant P2P device authentication. The following figure shows the logical architecture of the device authentication module.
Figure 1 Architecture of the device authentication module
In the architecture:
/base/security/deviceauth
├── frameworks # Device authentication framework code
├── hals # HAL code for the tool library
│ ├── inc # Tool library header files
│ └── src # Tool library source files
├── interfaces # APIs exposed externally
└── services # Device authentication services
├── common # Common code
├── group_auth # Device group authentication
├── group_manager # Device group management
├── module # Authenticator module (including the account-irrelevant P2P device authenticator)
└── session # Scheduling and session management module
The device group management sub-module abstracts trust relationships established by different services between devices into trust groups and provides unified APIs for creating, deleting, and querying groups. The device group authentication sub-module provides trusted device authentication and end-to-end session key exchange based on the trust groups.
Table 1 APIs in DeviceGroupManager
Table 2 APIs in GroupAuthManager
int32_t AuthDevice(int64_t authReqId, const char *authParams, const DeviceAuthCallback *gaCallback) |
|
int32_t ProcessData(int64_t authReqId, const uint8_t *data, uint32_t dataLen, |
Security subsystem
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。