如何检查字符串是否在Java中加密?
[英]How to check if a string is encrypted in java?
问题描述
I am using the following code for encrypting my data: 
我正在使用以下代码来加密我的数据:
public static String encrypt(String clearData, String password)
throws UnsupportedEncodingException {
byte[] bytes = encrypt(clearData.getBytes("UTF-8"), password);
return Base64.encodeBytes(bytes);
}
public static byte[] encrypt(byte[] clearData, String password)
throws UnsupportedEncodingException {
byte[] passwordKey = encodeDigest(password);
try {
aesCipher = Cipher.getInstance(CIPHER_TRANSFORMATION);
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, "No such algorithm " + CIPHER_ALGORITHM, e);
} catch (NoSuchPaddingException e) {
Log.e(TAG, "No such padding PKCS5", e);
}
secretKey = new SecretKeySpec(passwordKey, CIPHER_ALGORITHM);
try {
aesCipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParameterSpec);
} catch (InvalidKeyException e) {
Log.e(TAG, "Invalid key", e);
return null;
} catch (InvalidAlgorithmParameterException e) {
Log.e(TAG, "Invalid algorithm " + CIPHER_ALGORITHM, e);
return null;
}
byte[] encryptedData;
try {
encryptedData = aesCipher.doFinal(clearData);
} catch (IllegalBlockSizeException e) {
Log.e(TAG, "Illegal block size", e);
return null;
} catch (BadPaddingException e) {
Log.e(TAG, "Bad padding", e);
return null;
}
return encryptedData;
}
How can I check that an input string data is encrypted or not without using try-catch ? 如何在不使用try-catch情况下检查输入的字符串数据是否已加密?
Update: 更新:
for example the user gives me a string. 例如,用户给了我一个字符串。 If it is encrypted I store it in database if not I encrypt it then store. 如果已加密,则将其存储在数据库中;如果未加密,则将其存储。
3 个解决方案
解决方案1
5 2015-05-19 06:59:22
Well, with the code you've written, you could be fairly confident that you've got an encrypted string by simply checking if it's a valid Base64 encoding . 那么,与你写的代码,你可能是相当有信心,你只需有一个加密的字符串检查,如果它是一个有效的Base64编码 。
Broadly speaking however, if you could tell for sure a string was encrypted simply by looking at it, that would mean the encryption was very weak. 但是,从广义上讲,如果仅通过查看就可以确定字符串已加密,则意味着加密非常弱。 Properly encrypted data is indiscernible from random noise. 正确的加密数据与随机噪声是无法区分的。
If the user can send you arbitrary encrypted or clear-text data they'll need to tell you which it is. 如果用户可以向您发送任意加密或明文数据,则需要告诉您它是哪一个。
解决方案2
0 2019-01-16 23:48:52
You Can't; 你不能 you can just play the odds(which are in your favor due to the complexity of padding algorithms which make cipher texts very non random (data-authenticity-checking-wise)). 您可以玩几率(由于填充算法的复杂性而使密码文本变得非常非随机(数据真实性检查方式),所以这很对您有利。
The reason why is that you are inputting data with infinite number of combinations which indeed include the combinations that would produce valid results after decryption(but are never really encrypted); 原因是您输入的数据具有无限数量的组合,这些组合实际上包括在解密后会产生有效结果的组合(但从未真正加密过);
No matter how rare certain combinations are infinity has it. 无论罕见的某些组合是如何无穷拥有它。
and also containing only base64 characters means it contains only base64 characters; 并且还仅包含base64字符意味着它仅包含base64字符; nothing more. 而已。 (it definitely doesn't mean it's encrypted data!) (这绝对不意味着它是加密数据!)
解决方案3
-1 2019-01-09 09:50:57
This can be done in two ways. 这可以通过两种方式完成。
- Anyway you might have written some logic for encryption and decryption. 无论如何,您可能已经编写了一些用于加密和解密的逻辑。 Now you can try with your decryption and see weather it was decrypted properly or not. 现在,您可以尝试解密,看看天气是否正确解密。
You can try to decode with base64 and see weather you can able to do it without exception.
您可以尝试使用base64进行解码,并查看天气,您可以毫无例外地做到这一点。 Code will be like following. 代码如下。 enter code here
在这里输入代码
private boolean isBase64(String input) { try { new String(Base64.getDecoder().decode(input)); return true; } catch (Exception e) { return false; } }
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.