0

我正在尝试使用 Base64 对我的 sharedPreferences 用户名和密码进行编码,但是在 eclipse 模拟器中运行我的程序时,我收到一条错误消息,提示“数组越界”。我不确定这个错误是什么意思以及如何纠正它。

日志猫:

10-06 13:51:24.005: E/AndroidRuntime(4272): FATAL EXCEPTION: main
10-06 13:51:24.005: E/AndroidRuntime(4272): java.lang.ArrayIndexOutOfBoundsException: length=3; index=3
10-06 13:51:24.005: E/AndroidRuntime(4272):     at com.SharedPreferences.Login.SharedPrefLoginActivity.onClick(SharedPrefLoginActivity.java:84)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.view.View.performClick(View.java:3511)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.view.View$PerformClick.run(View.java:14105)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.os.Handler.handleCallback(Handler.java:605)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.os.Handler.dispatchMessage(Handler.java:92)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.os.Looper.loop(Looper.java:137)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at android.app.ActivityThread.main(ActivityThread.java:4424)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at java.lang.reflect.Method.invokeNative(Native Method)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at java.lang.reflect.Method.invoke(Method.java:511)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:784)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:551)
10-06 13:51:24.005: E/AndroidRuntime(4272):     at dalvik.system.NativeStart.main(Native Method)

这是我的注册活动,它应该采用 EditText 字符串、编码并保存到 sharedpreferences xml。

 public void onClick(View arg0) {
    user=rName.getText().toString().trim();
    pass=rPwd.getText().toString().trim();

    if(arg0==regBttn){     
       if((user.length()!=0))
        {
         if((pass.length()!=0))
            {

        sp=getSharedPreferences("AccessApp",MODE_WORLD_WRITEABLE);
        Editor myEditor=sp.edit();

        try {
            myEditor.putString("USERNAME_KEY", user);
            byte[ ] superSecretKeyBytes = Base64.decode(user);
            byte[] key = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6 };
            for (int i = 0; i < pass.length(); i++) {
                key[i] = superSecretKeyBytes[i];
            }
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }   
        try {
            myEditor.putString("PASSWORD_KEY", pass);
            byte[ ] superSecretKeyBytes = Base64.decode(pass);
            byte[] key = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6 };
            for (int i = 0; i < pass.length(); i++) {
                key[i] = superSecretKeyBytes[i];
            }
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        myEditor.commit();
        Toast.makeText(this, "Registration is successfull",10000).show();
        i=new Intent(this,AccessApp.class);
        startActivity(i);
        }
        else
         {
          Toast.makeText(this, "Please Enter password", 10000).show();  
         }
         }
        else{
            Toast.makeText(this,"Please Enter Username",10000).show();
         }
        }

    else if(arg0==rtnBttn){
        AlertDialog.Builder builder=new AlertDialog.Builder(this);
         builder.setTitle("Exit");
         builder.setMessage("Do you want to exit");
         builder.setCancelable(false);
         builder.setPositiveButton("Yes",new DialogInterface.OnClickListener() {

  public void onClick(DialogInterface dialog, int which) {
  // TODO Auto-generated method stub
  finish();
  }
  });
    builder.setNegativeButton("No", new DialogInterface.OnClickListener() {

            public void onClick(DialogInterface arg0, int arg1) {
               arg0.cancel();
            }
        });
    AlertDialog alert=builder.create();
    alert.show();

    }
}
public String encrypt(String toencrypt, byte key[]) throws Exception {
    SecretKeySpec secret = new SecretKeySpec(key, "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, secret);
    byte[] encryptedbytes = cipher.doFinal(toencrypt.getBytes());
    String encrypted = Base64.encodeBytes(encryptedbytes);
    return encrypted;

}
}

更正:

  The below corrections were applied.
 (int i = 0; i < superSecretKeyBytes.length && i < key.length; i++)

 Issue:
  Array error has cleared but EditText string is still saved in clear text.?
4

4 回答 4

0

解码 USERNAME_KEY 时,看起来您引用 pass.length 而不是 user.length 作为 for 循环中的停止条件,即第一个实例:

for (int i = 0; i < pass.length(); i++) {

应该:

for (int i = 0; i < user.length(); i++) {
于 2012-10-08T15:50:15.647 回答
0

pass.length() (实际上它是 pass.length() - 1,从技术上讲)大于 key[] 和 superSecretKeyBytes[] 数组中分配的位置/位置。因此,您最终会尝试访问不存在的数组中的位置,从而产生 Out of Bounds 错误。

于 2012-10-08T15:52:14.343 回答
0

为什么在循环内不使用pass长度时在循环条件下使用长度?你确定superSecretKeyBytes.length == pass.length()吗?(可能不等于,您正在从 Base64 解码)

写这个更安全:

for (int i = 0; i < superSecretKeyBytes.length; i++) {
    key[i] = superSecretKeyBytes[i];
}

代替:

for (int i = 0; i < pass.length(); i++) {
    key[i] = superSecretKeyBytes[i];
}

OutOfBoundsException此外,您的key阵列在哪里得不到保证?更喜欢在循环中检查这个:

for (int i = 0; i < superSecretKeyBytes.length && i < key.length; i++) {
    key[i] = superSecretKeyBytes[i];
}
于 2012-10-08T15:53:15.587 回答
0

我认为你正在摆脱你的钥匙阵列。您应该检查:

pass.length() <= key.length

希望这可以帮助

于 2012-10-08T15:54:15.740 回答