Class X25519Engine

java.lang.Object

cloud.opencode.base.crypto.keyexchange.X25519Engine

All Implemented Interfaces:

KeyExchangeEngine

public final class X25519Engine
extends Object
implements KeyExchangeEngine

X25519 key exchange engine (Curve25519 ECDH) - Recommended for most applications X25519 密钥协商引擎 - 推荐用于大多数应用场景

Features | 主要功能:

• X25519 Diffie-Hellman key exchange - X25519 Diffie-Hellman 密钥交换
• 256-bit security level - 256 位安全级别

Usage Examples | 使用示例:

X25519Engine engine = X25519Engine.create();
KeyPair kp = engine.generateKeyPair();
byte[] shared = engine.computeSharedSecret(kp.getPrivate(), peerPubKey);

Security | 安全性:

• Thread-safe: No - 线程安全: 否
• Null-safe: Yes - 空值安全: 是

Since:

JDK 25, opencode-base-crypto V1.0.0

Author:

Leon Soo www.LeonSoo.com

See Also:

• OpenCode.cloud

Method Summary

Modifier and Type	Method	Description
static byte[]	agree(PrivateKey myPrivateKey, PublicKey theirPublicKey)	Performs X25519 key agreement between two parties (static method) 执行两方之间的 X25519 密钥协商（静态方法）
static byte[]	agreeAndDerive(PrivateKey myPrivateKey, PublicKey theirPublicKey, byte[] info, int keyLength)	Performs X25519 key agreement and derives key material using HKDF (static method) 执行 X25519 密钥协商并使用 HKDF 派生密钥材料（静态方法）
byte[]	computeSharedSecret()	Computes the shared secret using the configured keys 使用配置的密钥计算共享密钥
static X25519Engine	create()	Creates a new X25519 engine instance 创建新的 X25519 引擎实例
byte[]	deriveKey(byte[] info, int length)	Derives key material from the shared secret using HKDF 使用 HKDF 从共享密钥派生密钥材料
KeyPair	generateKeyPair()	Generates a new key pair for the key exchange 为密钥交换生成新的密钥对
String	getAlgorithm()	Gets the algorithm name of this key exchange engine 获取密钥交换引擎的算法名称
PrivateKey	getPrivateKey()	Gets the private key if set 获取已设置的私钥
PublicKey	getPublicKey()	Gets the public key from the private key (if set).
X25519Engine	setPrivateKey(PrivateKey privateKey)	Sets the private key for this party 设置本方的私钥
X25519Engine	setRemotePublicKey(PublicKey publicKey)	Sets the remote party's public key 设置对方的公钥
static X25519Engine	withGeneratedKeyPair()	Creates a new X25519 engine instance with a generated key pair 创建新的 X25519 引擎实例并生成密钥对

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

create

public static X25519Engine create()

Creates a new X25519 engine instance 创建新的 X25519 引擎实例

Returns:

new X25519 engine instance

withGeneratedKeyPair

public static X25519Engine withGeneratedKeyPair()

Creates a new X25519 engine instance with a generated key pair 创建新的 X25519 引擎实例并生成密钥对

Returns:

new X25519 engine instance with generated key pair

agree

public static byte[] agree(PrivateKey myPrivateKey,
 PublicKey theirPublicKey)

Performs X25519 key agreement between two parties (static method) 执行两方之间的 X25519 密钥协商（静态方法）

Parameters:

myPrivateKey - the local private key

theirPublicKey - the remote public key

Returns:

the shared secret (32 bytes)

Throws:

NullPointerException - if any key is null

agreeAndDerive

public static byte[] agreeAndDerive(PrivateKey myPrivateKey,
 PublicKey theirPublicKey,
 byte[] info,
 int keyLength)

Performs X25519 key agreement and derives key material using HKDF (static method) 执行 X25519 密钥协商并使用 HKDF 派生密钥材料（静态方法）

Parameters:

myPrivateKey - the local private key

theirPublicKey - the remote public key

info - optional context information for key derivation

keyLength - desired key length in bytes

Returns:

derived key material

Throws:

NullPointerException - if any required parameter is null

IllegalArgumentException - if keyLength is invalid

generateKeyPair

public KeyPair generateKeyPair()

Description copied from interface: KeyExchangeEngine

Generates a new key pair for the key exchange 为密钥交换生成新的密钥对

Specified by:

generateKeyPair in interface KeyExchangeEngine

Returns:

a new key pair

setPrivateKey

public X25519Engine setPrivateKey(PrivateKey privateKey)

Description copied from interface: KeyExchangeEngine

Sets the private key for this party 设置本方的私钥

Specified by:

setPrivateKey in interface KeyExchangeEngine

Parameters:

privateKey - the private key to use

Returns:

this engine for method chaining

setRemotePublicKey

public X25519Engine setRemotePublicKey(PublicKey publicKey)

Description copied from interface: KeyExchangeEngine

Sets the remote party's public key 设置对方的公钥

Specified by:

setRemotePublicKey in interface KeyExchangeEngine

Parameters:

publicKey - the remote public key

Returns:

this engine for method chaining

computeSharedSecret

public byte[] computeSharedSecret()

Description copied from interface: KeyExchangeEngine

Computes the shared secret using the configured keys 使用配置的密钥计算共享密钥

Specified by:

computeSharedSecret in interface KeyExchangeEngine

Returns:

the raw shared secret bytes

deriveKey

public byte[] deriveKey(byte[] info,
 int length)

Description copied from interface: KeyExchangeEngine

Derives key material from the shared secret using HKDF 使用 HKDF 从共享密钥派生密钥材料

Specified by:

deriveKey in interface KeyExchangeEngine

Parameters:

info - optional context and application specific information (can be null)

length - desired key length in bytes

Returns:

derived key material

getAlgorithm

public String getAlgorithm()

Description copied from interface: KeyExchangeEngine

Gets the algorithm name of this key exchange engine 获取密钥交换引擎的算法名称

Specified by:

getAlgorithm in interface KeyExchangeEngine

Returns:

the algorithm name

getPrivateKey

public PrivateKey getPrivateKey()

Gets the private key if set 获取已设置的私钥

Returns:

the private key, or null if not set

getPublicKey

public PublicKey getPublicKey()

Gets the public key from the private key (if set). 从私钥获取公钥（如果已设置）。

X25519 does not support deriving a public key from an existing private key through the standard JCA API. Use generateKeyPair() to obtain both the public and private keys together.

Returns:

never returns normally

Throws:

UnsupportedOperationException - always; use generateKeyPair() to obtain keys