Class CryptoDetector

java.lang.Object
cloud.opencode.base.crypto.util.CryptoDetector
public final class CryptoDetector extends Object
CryptoDetector - Cryptographic Data Detection Utility CryptoDetector - 加密数据检测工具

Provides heuristic methods for detecting cryptographic patterns in data, including encrypted content, encoded data, keys, and cryptographic artifacts.

提供用于检测数据中加密模式的启发式方法,包括加密内容、编码数据、密钥和加密相关元素。

Usage Examples | 使用示例:

// Check if data appears encrypted
boolean encrypted = CryptoDetector.looksEncrypted(data);

// Detect encoding type
Optional<EncodingType> encoding = CryptoDetector.detectEncoding(text);

// Check for high entropy (random-looking data)
double entropy = CryptoDetector.calculateEntropy(data);
boolean highEntropy = entropy > 7.5; // Close to maximum of 8

// Detect key format
Optional<KeyFormat> keyFormat = CryptoDetector.detectKeyFormat(pemString);

// Detect hash format
Optional<HashFormat> hashFormat = CryptoDetector.detectHashFormat(hashString);

// Analyze cryptographic properties
CryptoAnalysis analysis = CryptoDetector.analyze(data);
System.out.println("Entropy: " + analysis.entropy());
System.out.println("Looks encrypted: " + analysis.looksEncrypted());

Important Notes | 重要说明:

  • Detection is heuristic-based and not 100% accurate - 检测基于启发式方法,不是 100% 准确
  • High entropy alone doesn't prove encryption - 高熵本身并不能证明是加密的
  • Compressed data also has high entropy - 压缩数据也具有高熵

Features | 主要功能:

  • Entropy calculation and analysis - 熵计算和分析
  • Encryption, encoding, key, and hash format detection - 加密、编码、密钥和哈希格式检测
  • Comprehensive cryptographic data analysis - 综合加密数据分析

Security | 安全性:

  • Thread-safe: Yes - 线程安全: 是
  • Null-safe: Yes - 空值安全: 是
Since:
JDK 25, opencode-base-crypto V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Method Details

    • calculateEntropy

      public static double calculateEntropy(byte[] data)
      Calculate Shannon entropy of byte data. 计算字节数据的香农熵。

      Entropy ranges from 0 (completely uniform) to 8 (maximum randomness). Encrypted data typically has entropy > 7.5.

      熵范围从 0(完全均匀)到 8(最大随机性)。加密数据通常熵 > 7.5。

      Parameters:
      data - the data to analyze | 要分析的数据
      Returns:
      entropy value (0-8 for byte data) | 熵值(字节数据为 0-8)
      Throws:
      IllegalArgumentException - if data is null or empty | 如果数据为 null 或空

    • calculateEntropy

      public static double calculateEntropy(String text)
      Calculate Shannon entropy of string data. 计算字符串数据的香农熵。
      Parameters:
      text - the text to analyze | 要分析的文本
      Returns:
      entropy value | 熵值
      Throws:
      IllegalArgumentException - if text is null or empty | 如果文本为 null 或空

    • looksEncrypted

      public static boolean looksEncrypted(byte[] data)
      Heuristically determine if data appears to be encrypted. 启发式判断数据是否看起来被加密。

      Uses multiple heuristics including entropy analysis, byte distribution, and pattern detection.

      使用多种启发式方法,包括熵分析、字节分布和模式检测。

      Parameters:
      data - the data to analyze | 要分析的数据
      Returns:
      true if data appears encrypted | 如果数据看起来被加密则返回 true

    • hasUniformByteDistribution

      public static boolean hasUniformByteDistribution(byte[] data, double tolerance)
      Check if byte distribution is approximately uniform. 检查字节分布是否大致均匀。
      Parameters:
      data - the data to analyze | 要分析的数据
      tolerance - acceptable deviation from uniform (0.0-1.0) | 与均匀分布的可接受偏差 (0.0-1.0)
      Returns:
      true if distribution is uniform within tolerance | 如果分布在容差范围内均匀则返回 true

    • hasSignificantTextContent

      public static boolean hasSignificantTextContent(byte[] data)
      Check if data contains significant readable text content. 检查数据是否包含大量可读文本内容。
      Parameters:
      data - the data to analyze | 要分析的数据
      Returns:
      true if contains significant text | 如果包含大量文本则返回 true

    • detectEncoding

      public static CryptoDetector.EncodingType detectEncoding(String text)
      Detect the encoding type of a string. 检测字符串的编码类型。
      Parameters:
      text - the text to analyze | 要分析的文本
      Returns:
      the detected encoding type | 检测到的编码类型

    • detectKeyFormat

      public static CryptoDetector.KeyFormat detectKeyFormat(String keyData)
      Detect the key format from a string. 从字符串检测密钥格式。
      Parameters:
      keyData - the key data to analyze | 要分析的密钥数据
      Returns:
      the detected key format | 检测到的密钥格式

    • detectHashFormat

      public static CryptoDetector.HashFormat detectHashFormat(String hashString)
      Detect the hash format from a string. 从字符串检测哈希格式。
      Parameters:
      hashString - the hash string to analyze | 要分析的哈希字符串
      Returns:
      the detected hash format | 检测到的哈希格式

    • analyze

      public static CryptoDetector.CryptoAnalysis analyze(byte[] data)
      Perform comprehensive cryptographic analysis on byte data. 对字节数据执行综合加密分析。
      Parameters:
      data - the data to analyze | 要分析的数据
      Returns:
      analysis result | 分析结果

    • analyze

      public static CryptoDetector.CryptoAnalysis analyze(String text)
      Perform comprehensive cryptographic analysis on text data. 对文本数据执行综合加密分析。
      Parameters:
      text - the text to analyze | 要分析的文本
      Returns:
      analysis result | 分析结果

    • looksLikeSecret

      public static boolean looksLikeSecret(String text)
      Check if a string looks like a cryptographic key or secret. 检查字符串是否看起来像加密密钥或秘密。
      Parameters:
      text - the text to check | 要检查的文本
      Returns:
      true if looks like a secret | 如果看起来像秘密则返回 true

    • estimateSecurityStrength

      public static int estimateSecurityStrength(byte[] data)
      Estimate the security strength in bits based on entropy. 根据熵估计安全强度(以位为单位)。
      Parameters:
      data - the data to analyze | 要分析的数据
      Returns:
      estimated security strength in bits | 估计的安全强度(位)