Por que o arquivo AES de desktop IO é incompatível com o arquivo AES AES IO?
-
28-09-2019 - |
Pergunta
Por exemplo, portei um aplicativo do Android para o desktop que usa AES para criptografar alguns dados privados. Ambos os aplicativos são capazes de criptografar e descriptografar os dados para seu próprio uso, mas incapazes de descriptografar os outros dados de aplicativos. As teclas AES, IVs e algoritmos são idênticos. A principal diferença entre os dois aplicativos é que o Android-SDK vem com o provedor de Bouncycastle já adicionado à segurança enquanto o aplicativo de desktop necessário
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
App Android:
public class AesFileIo {
public final static String EOL = "\n";
public static final String AES_ALGORITHM = "AES/CTR/NoPadding";
public static final String PROVIDER = "BC";
private static final SecretKeySpec secretKeySpec =
new SecretKeySpec(AES_KEY_128, "AES");
private static final IvParameterSpec ivSpec = new IvParameterSpec(IV);
public String readAesFile(Context c, String fileName) {
StringBuilder stringBuilder = new StringBuilder();
try {
InputStream is = c.openFileInput(fileName);
Cipher cipher = Cipher.getInstance(AES_ALGORITHM, PROVIDER);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
CipherInputStream cis = new CipherInputStream(is, cipher);
InputStreamReader isr = new InputStreamReader(cis);
BufferedReader reader = new BufferedReader(isr);
String line;
while ((line = reader.readLine()) != null) {
stringBuilder.append(line).append(EOL);
}
is.close();
} catch (java.io.FileNotFoundException e) {
// OK, file probably not created yet
Log.i(this.getClass().toString(), e.getMessage(), e);
} catch (Exception e) {
Log.e(this.getClass().toString(), e.getMessage(), e);
}
return stringBuilder.toString();
}
public void writeAesFile(Context c, String fileName, String theFile) {
try {
Cipher cipher = Cipher.getInstance(AES_ALGORITHM, PROVIDER);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
byte[] encrypted = cipher.doFinal(theFile.getBytes());
OutputStream os = c.openFileOutput(fileName, 0);
os.write(encrypted);
os.flush();
os.close();
} catch (Exception e) {
Log.e(this.getClass().toString(), e.getMessage(), e);
}
}
}
App de desktop:
public class AesFileIo {
private static final String EOL = "\n";
private static final String AES_ALGORITHM = "AES/CTR/NoPadding";
private static final SecretKeySpec secretKeySpec =
new SecretKeySpec(AES_KEY_128, "AES");
private static final IvParameterSpec ivSpec = new IvParameterSpec(IV);
public void AesFileIo() {
Security.addProvider(new org.bouncycastle.jce.provider
.BouncyCastleProvider());
}
public String readFile(String fileName) {
StringBuilder stringBuilder = new StringBuilder();
try {
ObjectInputStream is = new ObjectInputStream(
new FileInputStream(fileName));
Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
CipherInputStream cis = new CipherInputStream(is, cipher);
InputStreamReader isr = new InputStreamReader(cis);
BufferedReader reader = new BufferedReader(isr);
String line;
while ((line = reader.readLine()) != null) {
stringBuilder.append(line).append(EOL);
}
is.close();
} catch (java.io.FileNotFoundException e) {
System.out.println("FileNotFoundException: probably OK");
} catch (Exception e) {
e.printStackTrace();
}
return stringBuilder.toString();
}
public void writeFile(String fileName, String theFile) {
try {
Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
byte[] encrypted = cipher.doFinal(theFile.getBytes());
ObjectOutputStream os = new ObjectOutputStream(
new FileOutputStream(fileName));
os.write(encrypted);
os.flush();
os.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
Solução
Resolvido por
- Adicionando construtores adequados para inicializar o SecretKeyspec e o IVParameterspec.
- Livre -se do ObjectOutputStream e ObjectInputStream no aplicativo Desktop.
App Android:
public class AesFileIo {
private static final String EOL = "\n";
private static final String AES_ALGORITHM = "AES/CTR/NoPadding";
private SecretKeySpec secretKeySpec;
private IvParameterSpec ivSpec;
private static final String PROVIDER = "BC";
AesFileIo(byte[] aesKey, byte[] iv) {
ivSpec = new IvParameterSpec(iv);
secretKeySpec = new SecretKeySpec(aesKey, "AES");
}
public String readFile(Context c, String fileName) {
StringBuilder stringBuilder = new StringBuilder();
try {
InputStream is = c.openFileInput(fileName);
Cipher cipher = Cipher.getInstance(AES_ALGORITHM, PROVIDER);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
CipherInputStream cis = new CipherInputStream(is, cipher);
InputStreamReader isr = new InputStreamReader(cis);
BufferedReader reader = new BufferedReader(isr);
String line;
while ((line = reader.readLine()) != null) {
stringBuilder.append(line).append(EOL);
}
is.close();
} catch (java.io.FileNotFoundException e) {
// OK, file probably not created yet
Log.i(this.getClass().toString(), e.getMessage(), e);
} catch (Exception e) {
Log.e(this.getClass().toString(), e.getMessage(), e);
}
return stringBuilder.toString();
}
public void writeFile(Context c, String fileName, String theFile) {
try {
Cipher cipher = Cipher.getInstance(AES_ALGORITHM, PROVIDER);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
byte[] encrypted = cipher.doFinal(theFile.getBytes());
OutputStream os = c.openFileOutput(fileName, 0);
os.write(encrypted);
os.flush();
os.close();
} catch (Exception e) {
Log.e(this.getClass().toString(), e.getMessage(), e);
}
}
}
App de desktop:
public class AesFileIo {
private static final String EOL = "\n";
private static final String AES_ALGORITHM = "AES/CTR/NoPadding";
private SecretKeySpec secretKeySpec;
private IvParameterSpec ivSpec;
AesFileIo(byte[] aesKey, byte[] iv) {
Security.addProvider(new org.bouncycastle.jce.provider
.BouncyCastleProvider());
ivSpec = new IvParameterSpec(iv);
secretKeySpec = new SecretKeySpec(aesKey, "AES");
}
public String readFile(String fileName) {
StringBuilder stringBuilder = new StringBuilder();
try {
FileInputStream fis = new FileInputStream(fileName);
Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
CipherInputStream cis = new CipherInputStream(fis, cipher);
InputStreamReader isr = new InputStreamReader(cis);
BufferedReader reader = new BufferedReader(isr);
String line;
while ((line = reader.readLine()) != null) {
stringBuilder.append(line).append(EOL);
}
fis.close();
} catch (java.io.FileNotFoundException e) {
System.out.println("FileNotFoundException: probably OK");
} catch (Exception e) {
e.printStackTrace();
}
return stringBuilder.toString();
}
public void writeFile(String fileName, String theFile) {
try {
Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
byte[] encrypted = cipher.doFinal(theFile.getBytes());
FileOutputStream fos = new FileOutputStream(fileName);
fos.write(encrypted);
fos.flush();
fos.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow