Fatal编程技术网
  • java/
  • AES在套接字上执行序列化/反序列化。无效的流标头。JAVA

AES在套接字上执行序列化/反序列化。无效的流标头。JAVA

java sockets serialization stream

AES在套接字上执行序列化/反序列化。无效的流标头。JAVA,java,sockets,serialization,stream,aes,Java,Sockets,Serialization,Stream,Aes,我正在从事一个项目,需要加密java对象并通过套接字发送它们。当对象未加密时,序列化和反序列化可以完美地工作,但当我加密它们时,我得到: Error: invalid stream header: 5F15DD25 java.io.StreamCorruptedException: invalid stream header: 5F15DD25 at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:802

我正在从事一个项目,需要加密java对象并通过套接字发送它们。当对象未加密时,序列化和反序列化可以完美地工作,但当我加密它们时,我得到:

Error: invalid stream header: 5F15DD25
java.io.StreamCorruptedException: invalid stream header: 5F15DD25
    at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:802)
    at java.io.ObjectInputStream.<init>(ObjectInputStream.java:299)
    at Utils.deserializeEnv(Utils.java:236)
    at Utils.decryptEnv(Utils.java:221)
    at GroupThread.run(GroupThread.java:59)
Exception in thread "Thread-2" java.lang.NullPointerException
    at GroupThread.run(GroupThread.java:63)
并序列化和反序列化对象,如下所示:

ObjectOutputStream output = new ObjectOutputStream(socket.getOutputStream());
ObjectInputStream input = new ObjectInputStream(socket.getInputStream());

static byte[] serializeEnv(Envelope message) {
    try {
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        ObjectOutputStream oos = new ObjectOutputStream(baos);
        oos.writeObject(message);
        return baos.toByteArray();
    } catch (IOException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    }
    return null;
}

static Envelope deserializeEnv(byte[] bytes) {
    System.out.println("\nRECEVIVED LENGTH: " + bytes.length + ". SEND BYTES YO: " + bytes[0] + ", " + bytes[1] + ", " + bytes[2] + ", " + bytes[3] + ", " + bytes[4]);
    ObjectInputStream ois = null;
    try {
仅当字节已加密/解密时,此处出现错误

以下是我加密和解密的方式:

static byte[] encryptEnv(Envelope message, SecretKey secretKey) {
    try {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        byte[] serializedEnv = serializeEnv(message);
        return cipher.doFinal(serializedEnv);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException | InvalidKeyException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    } catch (IllegalBlockSizeException | BadPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    }
    return null;
}

static Envelope decryptEnv(int length, byte[] bytes, SecretKey secretKey, IvParameterSpec ivSpec) {
    try {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
        cipher.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
        byte[] decrypted = cipher.doFinal(bytes);
        return deserializeEnv(decrypted);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    } catch (InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    }
    return null;
}
要通过套接字发送加密的字节数组,我只需将其添加到包装类Envelope中,然后发送:output.writeObjectmyEnvelope并将其检索myEnvelope=Envelope input.readObject

有人能看到加密是如何把一切搞得一团糟的吗?

anttix是对的,我不知何故忘记了在加密密码中包含初始化向量。唉

cipher.initCipher.ENCRYPT_模式,secretKey;->

cipher.initCipher.ENCRYPT_模式,secretKey,ivSpec

您是否有任何在加密方法中省略IV的具体原因?请查看此链接:应修复此问题。还有,你为什么省略了静脉注射?@anttix你是什么意思?@user2494817你能详细说明一下吗 
static byte[] encryptEnv(Envelope message, SecretKey secretKey) {
    try {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        byte[] serializedEnv = serializeEnv(message);
        return cipher.doFinal(serializedEnv);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException | InvalidKeyException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    } catch (IllegalBlockSizeException | BadPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    }
    return null;
}

static Envelope decryptEnv(int length, byte[] bytes, SecretKey secretKey, IvParameterSpec ivSpec) {
    try {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
        cipher.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
        byte[] decrypted = cipher.doFinal(bytes);
        return deserializeEnv(decrypted);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    } catch (InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) {
        System.err.println("Error: " + e.getMessage());
        e.printStackTrace(System.err);
    }
    return null;
}