从套接字读取/解密时发生java.io.EOFException

Question

I have a big client-server program.

But if I send a crypted package, when trying to receive and decrypt it, causes an java.io.EOFException .

If I use the non encrypted way (for instance for pings) it works perfectly.

Client code (receive):

InputStream is = subChannel.getInputStream();
ObjectInputStream pre = new ObjectInputStream(is);
ObjectInputStream ois;
boolean crypt = (boolean) pre.readObject();

if (crypt) {
    ois = new ObjectInputStream(SimpleAES.decryptInputStream(c.getAesKey(), is));
} else {
    ois = new ObjectInputStream(is);
}

Response<? extends Serializable> res = (Response<? extends Serializable>) ois.readObject();
req.onResponse(res);
is.close();

subChannel is a Socket which connects seperated.

I know that I get a response this can't be the error.

SimpleAES

private final static byte[] iv = new byte[16];
private static final String TRANSFORMATION = "AES/CBC/NoPadding";

public static CipherOutputStream cryptOutputStream(SecretKey key,OutputStream os) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        cipher.init(Cipher.ENCRYPT_MODE, key, ivspec);
        CipherOutputStream out = new CipherOutputStream(os, cipher);
        return out;
}

public static CipherInputStream decryptInputStream(SecretKey key,InputStream os) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        cipher.init(Cipher.DECRYPT_MODE, key, ivspec);
        CipherInputStream out = new CipherInputStream(os, cipher);
        return out;
}

Server code (sending):

OutputStream base;
base = sock.getOutputStream();

ObjectOutputStream infoStream = new ObjectOutputStream(base);

infoStream.writeObject(pack.isEncrypted());
ObjectOutputStream packageStream;

if (pack.isEncrypted()) {
    String tolken = pack.getClientTolken();
    Session s = getSession(tolken);
    packageStream = new ObjectOutputStream(SimpleAES.cryptOutputStream(s.getAesKey(), base));
}
else
    packageStream = new ObjectOutputStream(base);

packageStream.writeObject(pack);
packageStream.flush();

if (pack instanceof Request) {
    InputStream baseIn = sock.getInputStream();
    ObjectInputStream res;

    if (pack.isEncrypted()) {
        res = new ObjectInputStream(SimpleAES.decryptInputStream(getSession(pack.getClientTolken()).getAesKey(), baseIn));
    } else {
        res = new ObjectInputStream(baseIn);
    }

    @SuppressWarnings("unchecked")
    Response<? extends Serializable> response = (Response<? extends Serializable>) res.readObject();
    ((Request) pack).onResponse(response);
    res.close();
}

base.close();

I don't think the stack trace will give you big information but here it is:

Ping Response : 8ms
[Client] Added TolkenRequest to Query
[Client] Added RSARequest to Query
[Client] Added AESKeyPack to Query
[Client] Added ValidIdRequest to Query
java.io.EOFException
Fatal Error Exit
    at java.io.ObjectInputStream$PeekInputStream.readFully(Unknown Source)
    at java.io.ObjectInputStream$BlockDataInputStream.readShort(Unknown Source)
    at java.io.ObjectInputStream.readShort(Unknown Source)
    at java.io.ObjectStreamClass.readNonProxy(Unknown Source)
    at java.io.ObjectInputStream.readClassDescriptor(Unknown Source)
    at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
    at java.io.ObjectInputStream.readClassDesc(Unknown Source)
    at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
    at java.io.ObjectInputStream.readObject0(Unknown Source)
    at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
    at java.io.ObjectInputStream.readSerialData(Unknown Source)
    at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
    at java.io.ObjectInputStream.readObject0(Unknown Source)
    at java.io.ObjectInputStream.readObject(Unknown Source)
    at com.niton.tele.core.network.client.ClientListenerThread.run(ClientListenerThread.java:104)

ClientListenerThread.java:104 is this line Response res = (Response) ois.readObject();

Answer 1

You can't mix different buffered streams on the same socket. They will steal data from each other. You need to redesign and rewrite this using a single ObjectInputStream and ObjectOutputStream for the life of the socket.

Possibly you are looking for SealedObject ?