使用 AES 加密和解密大文件

Question

我正在嘗試使用AES加密一個大文件，然后對其進行解密並與原始文件進行比較。

這個 class 總結了工作。 它適用於 .txt 文件，但不適用於 .mp3、.pdf 等。

幫助將不勝感激。

import java.io.FileInputStream;
import java.io.FileOutputStream;

public class LargeFileEncryptionTest7 {

    protected static String FOLDER_PATH = "C:/temp/";
    protected static String FILE = "some-large-file";
    protected static String EXT = ".mp3"; //Works for .txt, but not for .mp3 or .pdf

    public static void main(String[] args) throws Exception {

        //Load file to encrypt
        byte[] largeFileBytes = loadFile(FOLDER_PATH + FILE + EXT);
        String largeFileString = new String(largeFileBytes);

        //Encrypt file with AES
        AESUtils aesUtils = new AESUtils();
        byte[] secretKey = aesUtils.generateSecretKey();
        aesUtils.setSecretKey(secretKey);
        byte[] largeFileEncBytes = aesUtils.encrypt(largeFileString);

        //Save encrypted file
        saveFile(largeFileEncBytes, FOLDER_PATH + FILE + "-encrypted" + EXT);

        //Load encrypted file
        byte[] largeFileEncBytesToCheck = loadFile(FOLDER_PATH + FILE + "-encrypted" + EXT);

        //Decrypt file      
        byte[] largeFileBytesToCheck = aesUtils.decrypt(largeFileEncBytesToCheck);
        String largeFileStringToCheck = new String(largeFileBytesToCheck);

        //Save decrypted file
        saveFile(largeFileBytesToCheck, FOLDER_PATH + FILE + "-decrypted" + EXT);

        //Check strings
        //System.out.println("Original content: " + largeFileStringToCheck);
        if (largeFileStringToCheck.equals(largeFileString)) {
            System.out.println("OK  :-) ");
        } else {
            System.out.println("KO  :-( ");
        }                       
    }

    private static void saveFile(byte[] bytes, String fileName) throws Exception {
        FileOutputStream fos = new FileOutputStream(fileName);
        fos.write(bytes);
        fos.close();
    }

    private static byte[] loadFile(String fileName) throws Exception {
        FileInputStream fis = new FileInputStream(fileName);
        int numBtyes = fis.available();
        byte[] bytes = new byte[numBtyes];
        fis.read(bytes);
        fis.close();
        return bytes;
    }

}

Answer 1

我發現您的解決方案存在 2 個問題：

你的代碼：

 int numBtyes = fis.available(); byte[] bytes = new byte[numBtyes]; fis.read(bytes);

這實際上並不能保證閱讀全部內容。 同樣在加密大文件時（當不能保證它可以放入內存時），您可能不想將所有內容讀入 memory。

加密/解密大型內容（無限制）時，您可能需要使用以下內容：

byte[] buff = new byte[BUFFERSIZE];
for(int readBytes=in.read(buff); readBytes>-1;readBytes=in.read(buff)) {
  out.write(cipher.update(buff,0, readBytes);
}
out.write(cipher.doFinal());

或者看看 CipherOutputStream 和CipherInputStream

另一個問題是比較：

 String largeFileStringToCheck = new String(largeFileBytesToCheck);

正如已經評論過的，這是一種比較內容的糟糕方式。 在 Java 中，字符串僅用於可打印字符，當嘗試“字符串化”任何字節數組時，將應用編碼並且不可打印字符可能會被“丟棄”。

對於簡單的比較（具有字節數組），您可以使用Arrays.equals方法

在比較非常大的內容時（當您可能不確定它是否適合您的 RAM 內存時），通常最好創建一條消息 hash並比較哈希值

編輯：如果您真的想將密文查看/打印/比較為字符串，您可以對二進制數據進行編碼，您可以查看Base64 encoding 。

Answer 2

如果有人感興趣，我會在這里提出最終解決方案。

它受到人們所做的一些評論的啟發。 主要避免使用Strings並使用byte[]：

import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Arrays;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

public class LargeFileEncryptionTest11 {

    private static final String FOLDER_PATH = "C:/temp/";
    private static final String FILE = "some-large-file";
    private static final String EXT = ".pdf";

    private static final String ENCRYPTION_ALGORITHM = "AES";
    private static final int KEY_SIZE = 128; // 192 and 256 bits may not be available

    public static void main(String[] args) throws Exception {
        //Common stuff to encrypt/decrypt
        KeyGenerator kgen = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM);
        kgen.init(KEY_SIZE); 
        SecretKey skey = kgen.generateKey();
        byte[] secretKey = skey.getEncoded();
        SecretKeySpec skeySpec = new SecretKeySpec(secretKey, ENCRYPTION_ALGORITHM);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);

        //Load file to encrypt
        byte[] largeFileBytes = Files.readAllBytes(Paths.get(FOLDER_PATH + FILE + EXT));

        //Encrypt file
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
        byte[] largeFileEncBytes = cipher.doFinal(largeFileBytes);

        //Save encrypted file
        Files.write(Paths.get(FOLDER_PATH + FILE + "-encrypted" + EXT), largeFileEncBytes);

        //Load encrypted file
        byte[] largeFileEncBytesToCheck = Files.readAllBytes(Paths.get(FOLDER_PATH + FILE + "-encrypted" + EXT));

        //Decrypt file      
        cipher.init(Cipher.DECRYPT_MODE, skeySpec);
        byte[] largeFileBytesToCheck = cipher.doFinal(largeFileEncBytesToCheck);

        //Save decrypted file
        Files.write(Paths.get(FOLDER_PATH + FILE + "-decrypted" + EXT), largeFileBytesToCheck);

        //Compare results
        if (Arrays.equals(largeFileBytes, largeFileBytesToCheck)) {
            System.out.println("OK  :-) ");
        } else {
            System.out.println("KO  :-( ");
        }                       
    }

}