Class TotpSecret

java.lang.Object
cloud.opencode.base.crypto.otp.TotpSecret
public final class TotpSecret extends Object
OTP secret key management utilities for TOTP/HOTP TOTP/HOTP 的 OTP 密钥管理工具

Provides secure random key generation and Base32 encoding/decoding for use with TOTP and HOTP one-time password schemes.

提供安全随机密钥生成和 Base32 编解码,用于 TOTP 和 HOTP 一次性密码方案。

Features | 主要功能:

  • Cryptographically secure random key generation - 密码学安全的随机密钥生成
  • RFC 4648 Base32 encoding without padding - RFC 4648 Base32 编码(无填充)
  • Case-insensitive Base32 decoding - 大小写不敏感的 Base32 解码
  • Tolerant decoding (ignores spaces and hyphens) - 宽容解码(忽略空格和连字符)

Usage Examples | 使用示例:

byte[] secret = TotpSecret.generate();
String base32 = TotpSecret.toBase32(secret);
byte[] decoded = TotpSecret.fromBase32(base32);

Security | 安全性:

  • Thread-safe: Yes - 线程安全: 是
  • Null-safe: Yes (validates inputs) - 空值安全: 是(校验输入)
Since:
JDK 25, opencode-base-crypto V1.0.3
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    static byte[]
    fromBase32(String base32)
    Decodes a Base32 string to a byte array.
    static byte[]
    generate()
    Generates a 20-byte (160-bit) cryptographically secure random secret key.
    static byte[]
    generate(int length)
    Generates a cryptographically secure random secret key of the specified length.
    static String
    toBase32(byte[] data)
    Encodes a byte array to Base32 string (RFC 4648, no padding).

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • generate

      public static byte[] generate()
      Generates a 20-byte (160-bit) cryptographically secure random secret key. 生成 20 字节(160 位)密码学安全的随机密钥
      Returns:
      a 20-byte random secret | 20 字节随机密钥

    • generate

      public static byte[] generate(int length)
      Generates a cryptographically secure random secret key of the specified length. 生成指定长度的密码学安全的随机密钥
      Parameters:
      length - the key length in bytes (must be positive) | 密钥长度(字节,必须为正数)
      Returns:
      a random secret of the specified length | 指定长度的随机密钥
      Throws:
      IllegalArgumentException - if length is not positive | 当长度不为正数时抛出

    • toBase32

      public static String toBase32(byte[] data)
      Encodes a byte array to Base32 string (RFC 4648, no padding). 将字节数组编码为 Base32 字符串(RFC 4648,无填充)
      Parameters:
      data - the data to encode | 待编码数据
      Returns:
      the Base32 encoded string | Base32 编码字符串
      Throws:
      NullPointerException - if data is null | 当数据为空时抛出

    • fromBase32

      public static byte[] fromBase32(String base32)
      Decodes a Base32 string to a byte array. Case-insensitive, ignores spaces and hyphens. 将 Base32 字符串解码为字节数组。大小写不敏感,忽略空格和连字符。
      Parameters:
      base32 - the Base32 string to decode | 待解码的 Base32 字符串
      Returns:
      the decoded byte array | 解码后的字节数组
      Throws:
      NullPointerException - if base32 is null | 当字符串为空时抛出
      IllegalArgumentException - if the string contains invalid Base32 characters | 当字符串包含无效 Base32 字符时抛出