java - 从 InputStream JAVA 读取不同的输入

标签 java android sockets

我正在编写一个代码,将加密文件从客户端发送到服务器 但首先客户端将文件的加密消息摘要发送到服务器,然后发送文件名,最后发送加密文件的字节, 但在服务器端,它将所有这些变量作为一个变量读取,即摘要,

当服务器尝试解密摘要时它会抛出 Illegal Block Size Exception 我的问题是服务器如何读取并将它们保存在不同的变量中??

客户端

            // set mode to encrypt
            AesCipher.init(Cipher.ENCRYPT_MODE, key);

            DataOutputStream toServer = new DataOutputStream(socket.getOutputStream());

            // get the digest of the file
            MessageDigest md = MessageDigest.getInstance("MD5");
            byte[] hash = md.digest(bytes);

            // encrypt digest and write it to file
            byte [] encryptedHash = AesCipher.doFinal(hash);
            toServer.write(encryptedHash);


            // write file name to server
            toServer.writeUTF(fileName);

            //encrypt file
            byte[] encryptedByte = AesCipher.doFinal(bytes);


            // write file to server
            toServer.write(encryptedByte);
            toServer.flush();
            socket.close();

服务器

// read digest of the file
        byte [] digest =IOUtils.toByteArray(fromClient);

        // decrypt it
        AesCipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decryptedDigest = AesCipher.doFinal(digest);

        // read file name to be received
        String fileName = fromClient.readUTF();

        File file = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), fileName);
        file.createNewFile();
        FileOutputStream fos = new FileOutputStream(file);
        BufferedOutputStream bos = new BufferedOutputStream(fos);

        // read file bytes from client
        byte[] fileBytes = IOUtils.toByteArray(fromClient);

        AesCipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decryptedByte = AesCipher.doFinal(fileBytes);
        bos.write(decryptedByte, 0, decryptedByte.length);
        bos.close();

我也试过这段代码,但它也不起作用

// read digest of the file
         ByteArrayOutputStream buffer = new ByteArrayOutputStream();

        int nRead;
        byte[] data = new byte[1024];

        while ((nRead = fromClient.read(data, 0, data.length)) != -1) {
            buffer.write(data, 0, nRead);
        }

        buffer.flush();
        byte[] digest = buffer.toByteArray();

        // decrypt it
        AesCipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decryptedDigest = AesCipher.doFinal(digest);

        // read file name to be received
        String fileName = fromClient.readUTF();

        File file = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), fileName);
        file.createNewFile();
        FileOutputStream fos = new FileOutputStream(file);
        BufferedOutputStream bos = new BufferedOutputStream(fos);

        // read file bytes from client
        byte[] fileBytes = IOUtils.toByteArray(fromClient);

        AesCipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decryptedByte = AesCipher.doFinal(fileBytes);
        bos.write(decryptedByte, 0, decryptedByte.length);
        bos.close();

最佳答案

IOUtils.toByteArray(InputStream) 读取整个流。因此,您不仅获得了哈希字节,还获得了整个流,文件名或密文没有任何剩余,并且哈希没有检查。

为此您不需要外部库。您可以使用 DataInputStreamDataOutputStream 完成这一切。但是您确实需要在散列之前发送散列的长度。

客户:

        // set mode to encrypt
        AesCipher.init(Cipher.ENCRYPT_MODE, key);

        DataOutputStream toServer = new DataOutputStream(socket.getOutputStream());

        // get the digest of the file
        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] hash = md.digest(bytes);

        // encrypt digest and write it to file
        byte [] encryptedHash = AesCipher.doFinal(hash);
        toServer.writeInt(encryptedHash.length);
        toServer.write(encryptedHash);

        // write file name to server
        toServer.writeUTF(fileName);

        //encrypt file
        byte[] encryptedByte = AesCipher.doFinal(bytes);

        // write file to server
        toServer.writeInt(encryptedByte.length);
        toServer.write(encryptedByte);
        socket.close();

服务器:

    // read digest of the file
    int digestLength = fromClient.readInt();
    byte[] digest = new byte[digestLength];
    fromClient.readFully(digest);

    // decrypt it
    AesCipher.init(Cipher.DECRYPT_MODE, key);
    byte[] decryptedDigest = AesCipher.doFinal(digest);

    // read file name to be received
    String fileName = fromClient.readUTF();

    File file = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), fileName);
    FileOutputStream fos = new FileOutputStream(file);
    BufferedOutputStream bos = new BufferedOutputStream(fos);

    // read file bytes from client
    int fileLength = fromClient.readInt();
    byte[] fileBytes = new byte[fileLength];
    fromClient.readFully(fileBytes);

    AesCipher.init(Cipher.DECRYPT_MODE, key);
    byte[] decryptedByte = AesCipher.doFinal(fileBytes);
    bos.write(decryptedByte, 0, decryptedByte.length);
    bos.close();

然而,使用 CipherInputStreamCipherOutputStream 可以更好地完成加密和解密部分。您不应该将整个文件加载到内存中。

请注意 file.createNewFile() 调用在 new FileOutputStream(...) 之前是多余的。

为什么要加密消息摘要是另一个谜。您应该将其用作解密后与本地生成的摘要进行比较的最后一步。

关于java - 从 InputStream JAVA 读取不同的输入,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45746211/

上一篇:java - 如何检查用户是否从应用程序管理器禁用 Google 文本转语音

下一篇:java - 如何将文件从 Uri 复制到外部数据存储中的特定文件夹

相关文章:

java - 将默认字符集更改为 UTF-8

java - 未绑定(bind)套接字的目的是什么?

java - 如何从谷歌blobstore下载文件到android

android - 指定的子项已有父项。填充表格行时,您必须对 child 的 parent 调用 removeChild()

C - 为 UDP/多播套接字选择接口(interface)

swift - 如何在 swift 2.0 中将 sockaddr_in 转换为 sockaddr?

java - 如何在 JSP 中使用 SLF4J 记录器

java - 如何使用gmail从Spring应用程序发送电子邮件?

java - 为什么我在这里得到一个 ClassCastException?

android - 从 onResume 继续播放 VideoView

©2024 IT工具网  联系我们