Test file (or resource) for encryption without fully decrypting

[crossan007]

A core function to test whether a given resource (file, string, etc) has been encrypted by (and therefore is decryptable by) this library (and version?) would be very useful, rather than attempting a decryption and handling the associated exceptions.

The checks present in the beginning of File::decryptResourceInternal() seem like what I desire; but I'd rather handle a boolean response from something like isDecryptableCiphertext() before actually attempting to decrypt a file which may or may not actually have been encrypted.

[defuse]

Performance-wise, the only way to (safely) predict if the string will be decryptable by this library is to decrypt it, which is why the way to find out is currently just to try to decrypt it and see if it works. If that's a common pattern, we can wrap it up into a convenient isDecryptableCiphertext() function (option 1).

Another option (option 2) is adding a looksLikeCiphertext() function, which just tells you if the string you pass looks like a ciphertext or not (i.e. does it have the proper headers and a valid length?). You couldn't rely on this function to predict whether or not decryption will succeed (because it could have good headers but a bad authentication tag).

It sounds like you're asking for option 2, right?

[crossan007]

Yes, number two.

My scenario allows upload by an authenticated user a file which may or may not be encrypted.

Determining if the encryption header is present is all I'm after so I may proceed to prompt the user a password.

[defuse]

I won't add it to the library but all ciphertexts produced by this library will start with "\xDE\xF5\x02\x00"