Class Argon2Kdf

java.lang.Object
cloud.opencode.base.crypto.kdf.Argon2Kdf
All Implemented Interfaces:
KdfEngine
public final class Argon2Kdf extends Object implements KdfEngine
Argon2 key derivation function implementation - Winner of the Password Hashing Competition (PHC) Argon2 密钥派生函数实现 - 密码哈希竞赛(PHC)获胜者

Features | 主要功能:

  • Argon2 key derivation - Argon2 密钥派生
  • Memory-hard function - 内存密集型函数

Usage Examples | 使用示例:

Argon2Kdf kdf = Argon2Kdf.argon2id();
byte[] key = kdf.deriveKey(password, salt, 32);

Security | 安全性:

  • Thread-safe: Yes - 线程安全: 是
  • Null-safe: Yes - 空值安全: 是
Since:
JDK 25, opencode-base-crypto V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static class 
    Argon2Kdf.Builder
    Builder for Argon2Kdf configuration Argon2Kdf 配置构建器

  • Method Summary

    Modifier and Type
    Method
    Description
    static Argon2Kdf
    argon2d()
    Creates Argon2d instance with default parameters 创建使用默认参数的 Argon2d 实例
    static Argon2Kdf
    argon2i()
    Creates Argon2i instance with default parameters 创建使用默认参数的 Argon2i 实例
    static Argon2Kdf
    argon2id()
    Creates Argon2id instance with default OWASP recommended parameters 创建使用 OWASP 推荐默认参数的 Argon2id 实例
    static Argon2Kdf.Builder
    builder()
    Creates a builder for Argon2Kdf configuration 创建 Argon2Kdf 配置构建器
    byte[]
    derive(byte[] inputKeyMaterial, byte[] salt, byte[] info, int length)
    Derives a key from input key material with salt and info parameters 使用盐值和信息参数从输入密钥材料派生密钥
    byte[]
    derive(byte[] inputKeyMaterial, int length)
    Derives a key from input key material with default parameters 使用默认参数从输入密钥材料派生密钥
    byte[]
    deriveKey(byte[] password, byte[] salt, byte[] secret, byte[] ad, int length)
    Derives a key from password and salt with optional additional data and secret 使用可选的附加数据和密钥从密码和盐值派生密钥
    byte[]
    deriveKey(byte[] password, byte[] salt, int length)
    Derives a key from password and salt using Argon2 algorithm 使用 Argon2 算法从密码和盐值派生密钥
    byte[]
    deriveKey(char[] password, byte[] salt, int length)
    Derives a key from password (as char array) and salt 从密码(字符数组)和盐值派生密钥
    byte[]
    deriveKey(String password, byte[] salt, int length)
    Derives a key from password string and salt 从密码字符串和盐值派生密钥
    static byte[]
    generateSalt()
    Generates a cryptographically secure random salt 生成密码学安全的随机盐值
    static byte[]
    generateSalt(int length)
    Generates a cryptographically secure random salt with custom length 生成自定义长度的密码学安全随机盐值
    String
    getAlgorithm()
    Returns the algorithm name of this KDF 返回此 KDF 的算法名称
    static int
    getDefaultSaltLength()
    Gets the default salt length 获取默认盐值长度
    int
    getIterations()
    Gets the time cost parameter (iterations) 获取时间成本参数(迭代次数)
    int
    getMemory()
    Gets the memory cost parameter in KB 获取内存成本参数(KB)
    static int
    getMinMemory()
    Gets the minimum memory requirement in KB 获取最小内存需求(KB)
    int
    getParallelism()
    Gets the parallelism parameter 获取并行度参数
    Argon2Type
    getType()
    Gets the Argon2 variant type 获取 Argon2 变体类型
    static boolean
    isBouncyCastleAvailable()
    Check if Bouncy Castle provider is available.

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • argon2id

      public static Argon2Kdf argon2id()
      Creates Argon2id instance with default OWASP recommended parameters 创建使用 OWASP 推荐默认参数的 Argon2id 实例
      Returns:
      new Argon2Kdf instance using Argon2id

    • argon2d

      public static Argon2Kdf argon2d()
      Creates Argon2d instance with default parameters 创建使用默认参数的 Argon2d 实例
      Returns:
      new Argon2Kdf instance using Argon2d

    • argon2i

      public static Argon2Kdf argon2i()
      Creates Argon2i instance with default parameters 创建使用默认参数的 Argon2i 实例
      Returns:
      new Argon2Kdf instance using Argon2i

    • builder

      public static Argon2Kdf.Builder builder()
      Creates a builder for Argon2Kdf configuration 创建 Argon2Kdf 配置构建器
      Returns:
      new Builder instance

    • isBouncyCastleAvailable

      public static boolean isBouncyCastleAvailable()
      Check if Bouncy Castle provider is available. 检查 Bouncy Castle 提供商是否可用。
      Returns:
      true if available / 如果可用则返回 true

    • deriveKey

      public byte[] deriveKey(byte[] password, byte[] salt, int length)
      Derives a key from password and salt using Argon2 algorithm 使用 Argon2 算法从密码和盐值派生密钥
      Parameters:
      password - the password as byte array
      salt - the salt value (recommended minimum 16 bytes)
      length - the desired output key length in bytes
      Returns:
      the derived key
      Throws:
      NullPointerException - if password or salt is null
      IllegalArgumentException - if length or salt length is invalid
      OpenCryptoException - if derivation fails

    • deriveKey

      public byte[] deriveKey(byte[] password, byte[] salt, byte[] secret, byte[] ad, int length)
      Derives a key from password and salt with optional additional data and secret 使用可选的附加数据和密钥从密码和盐值派生密钥
      Parameters:
      password - the password as byte array
      salt - the salt value (recommended minimum 16 bytes)
      secret - optional secret value (can be null)
      ad - optional additional data (can be null)
      length - the desired output key length in bytes
      Returns:
      the derived key
      Throws:
      NullPointerException - if password or salt is null
      IllegalArgumentException - if length or salt length is invalid
      OpenCryptoException - if derivation fails

    • deriveKey

      public byte[] deriveKey(char[] password, byte[] salt, int length)
      Derives a key from password (as char array) and salt 从密码(字符数组)和盐值派生密钥
      Parameters:
      password - the password as char array
      salt - the salt value (recommended minimum 16 bytes)
      length - the desired output key length in bytes
      Returns:
      the derived key
      Throws:
      NullPointerException - if password or salt is null
      IllegalArgumentException - if length or salt length is invalid
      OpenCryptoException - if derivation fails

    • deriveKey

      public byte[] deriveKey(String password, byte[] salt, int length)
      Derives a key from password string and salt 从密码字符串和盐值派生密钥
      Parameters:
      password - the password as string
      salt - the salt value (recommended minimum 16 bytes)
      length - the desired output key length in bytes
      Returns:
      the derived key
      Throws:
      NullPointerException - if password or salt is null
      IllegalArgumentException - if length or salt length is invalid
      OpenCryptoException - if derivation fails

    • generateSalt

      public static byte[] generateSalt()
      Generates a cryptographically secure random salt 生成密码学安全的随机盐值
      Returns:
      random salt of default length (16 bytes)

    • generateSalt

      public static byte[] generateSalt(int length)
      Generates a cryptographically secure random salt with custom length 生成自定义长度的密码学安全随机盐值
      Parameters:
      length - the desired salt length in bytes
      Returns:
      random salt of specified length
      Throws:
      IllegalArgumentException - if length is less than minimum

    • getAlgorithm

      public String getAlgorithm()
      Description copied from interface: KdfEngine
      Returns the algorithm name of this KDF 返回此 KDF 的算法名称
      Specified by:
      getAlgorithm in interface KdfEngine
      Returns:
      the algorithm name

    • getType

      public Argon2Type getType()
      Gets the Argon2 variant type 获取 Argon2 变体类型
      Returns:
      Argon2 type

    • getIterations

      public int getIterations()
      Gets the time cost parameter (iterations) 获取时间成本参数(迭代次数)
      Returns:
      iterations parameter

    • getMemory

      public int getMemory()
      Gets the memory cost parameter in KB 获取内存成本参数(KB)
      Returns:
      memory parameter in KB

    • getParallelism

      public int getParallelism()
      Gets the parallelism parameter 获取并行度参数
      Returns:
      parallelism parameter

    • getDefaultSaltLength

      public static int getDefaultSaltLength()
      Gets the default salt length 获取默认盐值长度
      Returns:
      default salt length in bytes

    • getMinMemory

      public static int getMinMemory()
      Gets the minimum memory requirement in KB 获取最小内存需求(KB)
      Returns:
      minimum memory in KB

    • derive

      public byte[] derive(byte[] inputKeyMaterial, byte[] salt, byte[] info, int length)
      Description copied from interface: KdfEngine
      Derives a key from input key material with salt and info parameters 使用盐值和信息参数从输入密钥材料派生密钥
      Specified by:
      derive in interface KdfEngine
      Parameters:
      inputKeyMaterial - the input key material (IKM)
      salt - the salt value (can be null or empty for some algorithms)
      info - the context and application specific information (can be null)
      length - the desired output key length in bytes
      Returns:
      the derived key

    • derive

      public byte[] derive(byte[] inputKeyMaterial, int length)
      Description copied from interface: KdfEngine
      Derives a key from input key material with default parameters 使用默认参数从输入密钥材料派生密钥
      Specified by:
      derive in interface KdfEngine
      Parameters:
      inputKeyMaterial - the input key material (IKM)
      length - the desired output key length in bytes
      Returns:
      the derived key