Class SecureKeyStore

java.lang.Object

cloud.opencode.base.crypto.key.SecureKeyStore

All Implemented Interfaces:

AutoCloseable

public final class SecureKeyStore
extends Object
implements AutoCloseable

Secure key store for managing cryptographic keys - Store and retrieve keys securely using PKCS12 format 安全密钥存储 - 使用 PKCS12 格式安全地存储和检索密钥

Features | 主要功能:

• In-memory secure key storage - 内存安全密钥存储
• Key lifecycle management - 密钥生命周期管理

Usage Examples | 使用示例:

SecureKeyStore store = SecureKeyStore.create();
store.store("myKey", secretKey);
SecretKey key = store.load("myKey");

Security | 安全性:

• Thread-safe: No - 线程安全: 否
• Null-safe: Yes - 空值安全: 是

Since:

JDK 25, opencode-base-crypto V1.0.0

Author:

Leon Soo www.LeonSoo.com

See Also:

• OpenCode.cloud

Method Summary

Modifier and Type	Method	Description
Set<String>	aliases()	Get all aliases in key store 获取密钥存储中的所有别名
void	close()	Close the key store and clear sensitive data 关闭密钥存储并清除敏感数据
boolean	containsAlias(String alias)	Check if key store contains entry with given alias 检查密钥存储是否包含给定别名的条目
static SecureKeyStore	create()	Create a new empty key store 创建新的空密钥存储
void	deleteEntry(String alias)	Delete entry from key store 从密钥存储中删除条目
KeyPair	getKeyPair(String alias, char[] password)	Get key pair from key store 从密钥存储中获取密钥对
PrivateKey	getPrivateKey(String alias, char[] password)	Get private key from key store 从密钥存储中获取私钥
PublicKey	getPublicKey(String alias)	Get public key from key store 从密钥存储中获取公钥
SecretKey	getSecretKey(String alias, char[] password)	Get secret key from key store 从密钥存储中获取对称密钥
static SecureKeyStore	load(Path path, char[] password)	Load key store from file 从文件加载密钥存储
void	save(Path path, char[] password)	Save key store to file 保存密钥存储到文件
void	store(String alias, KeyPair keyPair, char[] password)	Store key pair in key store 在密钥存储中存储密钥对
void	store(String alias, PrivateKey privateKey, char[] password, Certificate[] chain)	Store private key with certificate chain in key store 在密钥存储中存储带证书链的私钥
void	store(String alias, SecretKey key, char[] password)	Store secret key in key store 在密钥存储中存储对称密钥

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

create

public static SecureKeyStore create()

Create a new empty key store 创建新的空密钥存储

Returns:

new SecureKeyStore instance

Throws:

OpenKeyException - if creation fails

load

public static SecureKeyStore load(Path path,
 char[] password)

Load key store from file 从文件加载密钥存储

Parameters:

path - path to key store file

password - password to unlock key store

Returns:

loaded SecureKeyStore instance

Throws:

OpenKeyException - if loading fails

store

public void store(String alias,
 SecretKey key,
 char[] password)

Store secret key in key store 在密钥存储中存储对称密钥

Parameters:

alias - alias for the key

key - secret key to store

password - password to protect the key

Throws:

OpenKeyException - if storing fails

store

public void store(String alias,
 KeyPair keyPair,
 char[] password)

Store key pair in key store 在密钥存储中存储密钥对

Parameters:

alias - alias for the key pair

keyPair - key pair to store

password - password to protect the private key

Throws:

OpenKeyException - if storing fails

store

public void store(String alias,
 PrivateKey privateKey,
 char[] password,
 Certificate[] chain)

Store private key with certificate chain in key store 在密钥存储中存储带证书链的私钥

Parameters:

alias - alias for the key

privateKey - private key to store

password - password to protect the private key

chain - certificate chain

Throws:

OpenKeyException - if storing fails

getSecretKey

public SecretKey getSecretKey(String alias,
 char[] password)

Get secret key from key store 从密钥存储中获取对称密钥

Parameters:

alias - alias of the key

password - password to unlock the key

Returns:

secret key

Throws:

OpenKeyException - if retrieval fails or key not found

getKeyPair

public KeyPair getKeyPair(String alias,
 char[] password)

Get key pair from key store 从密钥存储中获取密钥对

Parameters:

alias - alias of the key pair

password - password to unlock the private key

Returns:

key pair

Throws:

OpenKeyException - if retrieval fails or key not found

getPrivateKey

public PrivateKey getPrivateKey(String alias,
 char[] password)

Get private key from key store 从密钥存储中获取私钥

Parameters:

alias - alias of the key

password - password to unlock the private key

Returns:

private key

Throws:

OpenKeyException - if retrieval fails or key not found

getPublicKey

public PublicKey getPublicKey(String alias)

Get public key from key store 从密钥存储中获取公钥

Parameters:

alias - alias of the key

Returns:

public key

Throws:

OpenKeyException - if retrieval fails or key not found

containsAlias

public boolean containsAlias(String alias)

Check if key store contains entry with given alias 检查密钥存储是否包含给定别名的条目

Parameters:

alias - alias to check

Returns:

true if alias exists

Throws:

OpenKeyException - if check fails

deleteEntry

public void deleteEntry(String alias)

Delete entry from key store 从密钥存储中删除条目

Parameters:

alias - alias of the entry to delete

Throws:

OpenKeyException - if deletion fails

aliases

public Set<String> aliases()

Get all aliases in key store 获取密钥存储中的所有别名

Returns:

set of aliases

Throws:

OpenKeyException - if retrieval fails

save

public void save(Path path,
 char[] password)

Save key store to file 保存密钥存储到文件

Parameters:

path - path to save the key store

password - password to protect the key store

Throws:

OpenKeyException - if saving fails

close

public void close()

Close the key store and clear sensitive data 关闭密钥存储并清除敏感数据

Specified by:

close in interface AutoCloseable