How to validate javax cipher key?
I'm an android developer trying to use the j开发者_如何学Goavax.crypto package to encrypt/decrypt my SQLite database backups when I put them on the SD Card. That way, they can't be read while they're in the publicly accessible file system.
I can encrypt/decrypt the file just fine, but I have no idea how to tell if the user input the right key or the wrong key. An incorrect key just returns a more jumbled file. I need a way of validating the user's password without storing it on the device (since they could be importing to another device).
How can I check to see if the file has been successfully and correctly decrypted?
Also, is there a way that I can check if a file is encrypted or not?
How about a simple wrapper format that appends a hash of the file to the file before encrypting it? After decrypting, retrieve the saved hash from the end of the file and check that the hash of the decrypted file matches the saved hash. If not, something went wrong with very high probability.
精彩评论