Class OpenPgp

java.lang.Object
cloud.opencode.base.crypto.OpenPgp
public final class OpenPgp extends Object
OpenPGP Facade - Simplified API for PGP encryption and decryption OpenPGP 门面类 - 简化的 PGP 加密解密 API

This facade provides easy-to-use static methods for common PGP operations, commonly used in email security and file encryption scenarios.

此门面类提供易于使用的静态方法用于常见的 PGP 操作,通常用于电子邮件安全和文件加密场景。

Features | 主要功能:

  • Key pair generation - 密钥对生成
  • Public key encryption - 公钥加密
  • Private key decryption - 私钥解密
  • Armored ASCII format support - 装甲 ASCII 格式支持
  • Key import/export - 密钥导入/导出

Usage Examples | 使用示例:

// Generate key pair
PgpKeyPair keyPair = OpenPgp.generateKeyPair("user@example.com", "passphrase");

// Export public key for sharing
String publicKeyArmor = OpenPgp.exportPublicKey(keyPair);

// Encrypt message
String encrypted = OpenPgp.encrypt("Hello, World!", keyPair.publicKey());

// Decrypt message
String decrypted = OpenPgp.decrypt(encrypted, keyPair.secretKey(), "passphrase");

// Quick encrypt/decrypt with key pair
String encrypted = OpenPgp.encrypt("message", keyPair);
String decrypted = OpenPgp.decrypt(encrypted, keyPair, "passphrase");

Security | 安全性:

  • Thread-safe: Yes - 线程安全: 是
  • Null-safe: Yes - 空值安全: 是
Since:
JDK 25, opencode-base-crypto V1.2.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Method Details

    • generateKeyPair

      public static PgpKeyPair generateKeyPair(String userId, String passphrase)
      Generates a new PGP key pair with default 4096-bit RSA. 使用默认的 4096 位 RSA 生成新的 PGP 密钥对。
      Parameters:
      userId - the user ID (typically email address)
      passphrase - the passphrase to protect the secret key
      Returns:
      the generated PGP key pair

    • generateKeyPair

      public static PgpKeyPair generateKeyPair(String userId, String passphrase, int keySize)
      Generates a new PGP key pair with specified key size. 使用指定密钥大小生成新的 PGP 密钥对。
      Parameters:
      userId - the user ID (typically email address)
      passphrase - the passphrase to protect the secret key
      keySize - the RSA key size in bits (minimum 2048)
      Returns:
      the generated PGP key pair

    • encrypt

      public static String encrypt(String plaintext, org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Encrypts a message using the public key. 使用公钥加密消息。
      Parameters:
      plaintext - the message to encrypt
      publicKey - the recipient's public key
      Returns:
      armored encrypted message

    • encrypt

      public static String encrypt(String plaintext, String armoredPublicKey)
      Encrypts a message using the armored public key. 使用装甲格式的公钥加密消息。
      Parameters:
      plaintext - the message to encrypt
      armoredPublicKey - the recipient's armored public key
      Returns:
      armored encrypted message

    • encrypt

      public static String encrypt(String plaintext, PgpKeyPair keyPair)
      Encrypts a message using the key pair's public key. 使用密钥对的公钥加密消息。
      Parameters:
      plaintext - the message to encrypt
      keyPair - the key pair (uses public key)
      Returns:
      armored encrypted message

    • encrypt

      public static byte[] encrypt(byte[] data, org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Encrypts binary data using the public key. 使用公钥加密二进制数据。
      Parameters:
      data - the data to encrypt
      publicKey - the recipient's public key
      Returns:
      encrypted bytes

    • encryptArmored

      public static String encryptArmored(byte[] data, org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Encrypts binary data and returns armored ASCII. 加密二进制数据并返回装甲 ASCII。
      Parameters:
      data - the data to encrypt
      publicKey - the recipient's public key
      Returns:
      armored encrypted data

    • decrypt

      public static String decrypt(String armoredMessage, org.bouncycastle.openpgp.PGPSecretKey secretKey, String passphrase)
      Decrypts an armored message using the secret key. 使用私钥解密装甲消息。
      Parameters:
      armoredMessage - the armored encrypted message
      secretKey - the recipient's secret key
      passphrase - the passphrase for the secret key
      Returns:
      decrypted message

    • decrypt

      public static String decrypt(String armoredMessage, String armoredSecretKey, String passphrase)
      Decrypts an armored message using the armored secret key. 使用装甲格式的私钥解密消息。
      Parameters:
      armoredMessage - the armored encrypted message
      armoredSecretKey - the recipient's armored secret key
      passphrase - the passphrase for the secret key
      Returns:
      decrypted message

    • decrypt

      public static String decrypt(String armoredMessage, PgpKeyPair keyPair, String passphrase)
      Decrypts an armored message using the key pair. 使用密钥对解密装甲消息。
      Parameters:
      armoredMessage - the armored encrypted message
      keyPair - the key pair
      passphrase - the passphrase for the secret key
      Returns:
      decrypted message

    • decrypt

      public static byte[] decrypt(byte[] encryptedData, org.bouncycastle.openpgp.PGPSecretKey secretKey, String passphrase)
      Decrypts binary data using the secret key. 使用私钥解密二进制数据。
      Parameters:
      encryptedData - the encrypted data
      secretKey - the recipient's secret key
      passphrase - the passphrase for the secret key
      Returns:
      decrypted bytes

    • exportPublicKey

      public static String exportPublicKey(PgpKeyPair keyPair)
      Exports the public key to armored ASCII format. 将公钥导出为装甲 ASCII 格式。
      Parameters:
      keyPair - the key pair
      Returns:
      armored public key

    • exportPublicKey

      public static String exportPublicKey(org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Exports the public key to armored ASCII format. 将公钥导出为装甲 ASCII 格式。
      Parameters:
      publicKey - the public key
      Returns:
      armored public key

    • exportSecretKey

      public static String exportSecretKey(PgpKeyPair keyPair)
      Exports the secret key to armored ASCII format. 将私钥导出为装甲 ASCII 格式。
      Parameters:
      keyPair - the key pair
      Returns:
      armored secret key

    • exportSecretKey

      public static String exportSecretKey(org.bouncycastle.openpgp.PGPSecretKey secretKey)
      Exports the secret key to armored ASCII format. 将私钥导出为装甲 ASCII 格式。
      Parameters:
      secretKey - the secret key
      Returns:
      armored secret key

    • importPublicKey

      public static org.bouncycastle.openpgp.PGPPublicKey importPublicKey(String armoredKey)
      Imports a public key from armored ASCII format. 从装甲 ASCII 格式导入公钥。
      Parameters:
      armoredKey - the armored public key
      Returns:
      the PGP public key

    • importKeyPair

      public static PgpKeyPair importKeyPair(String armoredSecretKey, String passphrase)
      Imports a key pair from armored ASCII format. 从装甲 ASCII 格式导入密钥对。
      Parameters:
      armoredSecretKey - the armored secret key
      passphrase - the passphrase
      Returns:
      the PGP key pair

    • keyIdHex

      public static String keyIdHex(org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Returns the key ID in hexadecimal format. 返回十六进制格式的密钥 ID。
      Parameters:
      publicKey - the public key
      Returns:
      the key ID in hex format

    • fingerprintHex

      public static String fingerprintHex(org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Returns the key fingerprint in hexadecimal format. 返回十六进制格式的密钥指纹。
      Parameters:
      publicKey - the public key
      Returns:
      the fingerprint in hex format

    • cipher

      public static PgpCipher cipher()
      Creates a new PGP cipher builder for advanced configuration. 创建新的 PGP 加密器构建器用于高级配置。
      Returns:
      a new PgpCipher instance