Class KeyGenerator
java.lang.Object
cloud.opencode.base.crypto.key.KeyGenerator
Key generator utility for symmetric and asymmetric keys - Generate cryptographic keys
密钥生成器工具类 - 生成对称和非对称密钥
Features | 主要功能:
- AES, RSA, EC, Ed25519 key generation - AES、RSA、EC、Ed25519 密钥生成
Usage Examples | 使用示例:
SecretKey aesKey = KeyGenerator.generateAesKey(256);
KeyPair rsaKeyPair = KeyGenerator.generateRsaKeyPair(2048);
Security | 安全性:
- Thread-safe: Yes - 线程安全: 是
- Null-safe: Yes - 空值安全: 是
- Since:
- JDK 25, opencode-base-crypto V1.0.0
- Author:
- Leon Soo www.LeonSoo.com
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionstatic StringexportKeyPairPem(KeyPair keyPair) Export key pair to PEM format 导出密钥对为 PEM 格式static byte[]exportPrivateKey(PrivateKey privateKey) Export private key to byte array 导出私钥为字节数组static StringexportPrivateKeyPem(PrivateKey privateKey) Export private key to PEM format 导出私钥为 PEM 格式static byte[]exportPublicKey(PublicKey publicKey) Export public key to byte array 导出公钥为字节数组static StringexportPublicKeyPem(PublicKey publicKey) Export public key to PEM format 导出公钥为 PEM 格式static SecretKeyGenerate AES-128 key 生成 AES-128 密钥static SecretKeyGenerate AES-256 key 生成 AES-256 密钥static SecretKeygenerateAesKey(int keyBits) Generate AES key with specified key size 生成指定大小的 AES 密钥static SecretKeyGenerate ChaCha20 key 生成 ChaCha20 密钥static KeyPairgenerateEcKeyPair(CurveType curve) Generate elliptic curve key pair 生成椭圆曲线密钥对static KeyPairGenerate Ed25519 key pair for EdDSA signatures 生成用于 EdDSA 签名的 Ed25519 密钥对static KeyPairGenerate Ed448 key pair for EdDSA signatures 生成用于 EdDSA 签名的 Ed448 密钥对static KeyPairGenerate P-256 elliptic curve key pair 生成 P-256 椭圆曲线密钥对static KeyPairGenerate P-384 elliptic curve key pair 生成 P-384 椭圆曲线密钥对static KeyPairGenerate RSA-2048 key pair 生成 RSA-2048 密钥对static KeyPairGenerate RSA-4096 key pair 生成 RSA-4096 密钥对static KeyPairgenerateRsaKeyPair(int keyBits) Generate RSA key pair with specified key size 生成指定大小的 RSA 密钥对static KeyPairGenerate SM2 key pair (Chinese standard) 生成 SM2 密钥对(中国标准)static SecretKeyGenerate SM4 key (Chinese standard) 生成 SM4 密钥(中国标准)static KeyPairGenerate X25519 key pair for key exchange 生成用于密钥交换的 X25519 密钥对static PublicKeyimportCertificatePublicKey(String input) Import a public key from an X.509 certificate (PEM or bare Base64).static KeyPairimportKeyPairPem(String publicKeyPem, String privateKeyPem) Import key pair from PEM format 从 PEM 格式导入密钥对static PrivateKeyimportPrivateKey(byte[] encoded, String algorithm) Import private key from byte array 从字节数组导入私钥static PrivateKeyimportPrivateKeyFlexible(String input) Import a private key from either PEM-with-markers or bare Base64.static PrivateKeyImport private key from PEM format 从 PEM 格式导入私钥static PublicKeyimportPublicKey(byte[] encoded, String algorithm) Import public key from byte array 从字节数组导入公钥static PublicKeyimportPublicKeyFlexible(String input) Import a public key from either PEM-with-markers or bare Base64.static PublicKeyimportPublicKeyPem(String pem) Import public key from PEM format 从 PEM 格式导入公钥static SecretKeyCreate secret key from byte array 从字节数组创建对称密钥
-
Method Details
-
generateAesKey
Generate AES key with specified key size 生成指定大小的 AES 密钥- Parameters:
keyBits- key size in bits (128, 192, or 256)- Returns:
- generated AES secret key
- Throws:
OpenKeyException- if key generation fails
-
generateAes128Key
Generate AES-128 key 生成 AES-128 密钥- Returns:
- generated AES-128 secret key
- Throws:
OpenKeyException- if key generation fails
-
generateAes256Key
Generate AES-256 key 生成 AES-256 密钥- Returns:
- generated AES-256 secret key
- Throws:
OpenKeyException- if key generation fails
-
generateChacha20Key
Generate ChaCha20 key 生成 ChaCha20 密钥- Returns:
- generated ChaCha20 secret key
- Throws:
OpenKeyException- if key generation fails
-
generateSm4Key
Generate SM4 key (Chinese standard) 生成 SM4 密钥(中国标准)- Returns:
- generated SM4 secret key
- Throws:
OpenKeyException- if key generation fails
-
secretKey
Create secret key from byte array 从字节数组创建对称密钥- Parameters:
keyBytes- key bytesalgorithm- algorithm name (e.g., "AES", "ChaCha20")- Returns:
- secret key
- Throws:
OpenKeyException- if key creation fails
-
generateRsaKeyPair
Generate RSA key pair with specified key size 生成指定大小的 RSA 密钥对- Parameters:
keyBits- key size in bits (minimum 2048 recommended)- Returns:
- generated RSA key pair
- Throws:
OpenKeyException- if key generation fails
-
generateRsa2048KeyPair
Generate RSA-2048 key pair 生成 RSA-2048 密钥对- Returns:
- generated RSA-2048 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateRsa4096KeyPair
Generate RSA-4096 key pair 生成 RSA-4096 密钥对- Returns:
- generated RSA-4096 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateEcKeyPair
Generate elliptic curve key pair 生成椭圆曲线密钥对- Parameters:
curve- elliptic curve type- Returns:
- generated EC key pair
- Throws:
OpenKeyException- if key generation fails
-
generateP256KeyPair
Generate P-256 elliptic curve key pair 生成 P-256 椭圆曲线密钥对- Returns:
- generated P-256 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateP384KeyPair
Generate P-384 elliptic curve key pair 生成 P-384 椭圆曲线密钥对- Returns:
- generated P-384 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateEd25519KeyPair
Generate Ed25519 key pair for EdDSA signatures 生成用于 EdDSA 签名的 Ed25519 密钥对- Returns:
- generated Ed25519 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateEd448KeyPair
Generate Ed448 key pair for EdDSA signatures 生成用于 EdDSA 签名的 Ed448 密钥对- Returns:
- generated Ed448 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateX25519KeyPair
Generate X25519 key pair for key exchange 生成用于密钥交换的 X25519 密钥对- Returns:
- generated X25519 key pair
- Throws:
OpenKeyException- if key generation fails
-
generateSm2KeyPair
Generate SM2 key pair (Chinese standard) 生成 SM2 密钥对(中国标准)- Returns:
- generated SM2 key pair
- Throws:
OpenKeyException- if key generation fails
-
exportPublicKey
Export public key to byte array 导出公钥为字节数组- Parameters:
publicKey- public key to export- Returns:
- encoded public key bytes
- Throws:
OpenKeyException- if export fails
-
exportPrivateKey
Export private key to byte array 导出私钥为字节数组- Parameters:
privateKey- private key to export- Returns:
- encoded private key bytes
- Throws:
OpenKeyException- if export fails
-
exportPublicKeyPem
Export public key to PEM format 导出公钥为 PEM 格式- Parameters:
publicKey- public key to export- Returns:
- PEM formatted public key
- Throws:
OpenKeyException- if export fails
-
exportPrivateKeyPem
Export private key to PEM format 导出私钥为 PEM 格式- Parameters:
privateKey- private key to export- Returns:
- PEM formatted private key
- Throws:
OpenKeyException- if export fails
-
exportKeyPairPem
Export key pair to PEM format 导出密钥对为 PEM 格式- Parameters:
keyPair- key pair to export- Returns:
- PEM formatted key pair (public key + private key)
- Throws:
OpenKeyException- if export fails
-
importPublicKey
Import public key from byte array 从字节数组导入公钥- Parameters:
encoded- encoded public key bytesalgorithm- key algorithm (e.g., "RSA", "EC")- Returns:
- imported public key
- Throws:
OpenKeyException- if import fails
-
importPrivateKey
Import private key from byte array 从字节数组导入私钥- Parameters:
encoded- encoded private key bytesalgorithm- key algorithm (e.g., "RSA", "EC")- Returns:
- imported private key
- Throws:
OpenKeyException- if import fails
-
importPublicKeyPem
Import public key from PEM format 从 PEM 格式导入公钥- Parameters:
pem- PEM formatted public key- Returns:
- imported public key
- Throws:
OpenKeyException- if import fails
-
importPrivateKeyPem
Import private key from PEM format 从 PEM 格式导入私钥- Parameters:
pem- PEM formatted private key- Returns:
- imported private key
- Throws:
OpenKeyException- if import fails
-
importKeyPairPem
Import key pair from PEM format 从 PEM 格式导入密钥对- Parameters:
publicKeyPem- PEM formatted public keyprivateKeyPem- PEM formatted private key- Returns:
- imported key pair
- Throws:
OpenKeyException- if import fails
-
importPublicKeyFlexible
Import a public key from either PEM-with-markers or bare Base64. 从 PEM 格式或裸 Base64 导入公钥。Accepts both
-----BEGIN PUBLIC KEY-----...and raw Base64-encoded X.509SubjectPublicKeyInfobytes. The algorithm is auto-detected.同时接受带 PEM 标记和裸 Base64 编码的 X.509 SubjectPublicKeyInfo 字节, 自动检测算法。
- Parameters:
input- PEM or bare Base64 encoded public key | PEM 或裸 Base64 编码的公钥- Returns:
- imported public key | 导入的公钥
- Throws:
OpenKeyException- if import fails- Since:
- V1.0.4
-
importPrivateKeyFlexible
Import a private key from either PEM-with-markers or bare Base64. 从 PEM 格式或裸 Base64 导入私钥。Accepts both
-----BEGIN PRIVATE KEY-----...and raw Base64-encoded PKCS#8 bytes. The algorithm is auto-detected. This is particularly useful for payment platforms (e.g. WeChat Pay) that ship merchant private keys as bare PKCS#8 Base64 blobs without PEM markers.同时接受带 PEM 标记和裸 Base64 编码的 PKCS#8 字节,自动检测算法。 特别适用于以裸 PKCS#8 Base64 格式分发商户私钥的支付平台(如微信支付)。
- Parameters:
input- PEM or bare Base64 encoded private key | PEM 或裸 Base64 编码的私钥- Returns:
- imported private key | 导入的私钥
- Throws:
OpenKeyException- if import fails- Since:
- V1.0.4
-
importCertificatePublicKey
Import a public key from an X.509 certificate (PEM or bare Base64). 从 X.509 证书(PEM 或裸 Base64)导入公钥。Decodes the input, constructs an
X509CertificateviaCertificateFactory, and extracts the public key. Accepts both-----BEGIN CERTIFICATE-----...and raw Base64-encoded DER bytes.解码输入,通过
CertificateFactory构造X509Certificate并提取公钥。同时接受带 PEM 标记和裸 Base64 编码的 DER 字节。- Parameters:
input- PEM or bare Base64 encoded X.509 certificate | PEM 或裸 Base64 编码的 X.509 证书- Returns:
- the certificate's public key | 证书公钥
- Throws:
OpenKeyException- if parsing fails- Since:
- V1.0.4
-