从套接字读取/解密时的java.io.EOFException

时间:2017-10-03 06:14:46

标签: java sockets encryption client-server

我有一个很大的客户端服务器程序。

但是,如果我发送加密包,在尝试接收和解密时,会导致java.io.EOFException

如果我使用非加密方式(例如ping),它可以很好地工作。

客户端代码(接收):

InputStream is = subChannel.getInputStream();
ObjectInputStream pre = new ObjectInputStream(is);
ObjectInputStream ois;
boolean crypt = (boolean) pre.readObject();

if (crypt) {
    ois = new ObjectInputStream(SimpleAES.decryptInputStream(c.getAesKey(), is));
} else {
    ois = new ObjectInputStream(is);
}

Response<? extends Serializable> res = (Response<? extends Serializable>) ois.readObject();
req.onResponse(res);
is.close();

subChannel是一个连接分离的Socket。

我知道我得到了一个回复,这不是错误。

SimpleAES 

private final static byte[] iv = new byte[16];
private static final String TRANSFORMATION = "AES/CBC/NoPadding";

public static CipherOutputStream cryptOutputStream(SecretKey key,OutputStream os) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        cipher.init(Cipher.ENCRYPT_MODE, key, ivspec);
        CipherOutputStream out = new CipherOutputStream(os, cipher);
        return out;
}

public static CipherInputStream decryptInputStream(SecretKey key,InputStream os) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        cipher.init(Cipher.DECRYPT_MODE, key, ivspec);
        CipherInputStream out = new CipherInputStream(os, cipher);
        return out;
}

服务器代码(发送):

OutputStream base;
base = sock.getOutputStream();

ObjectOutputStream infoStream = new ObjectOutputStream(base);

infoStream.writeObject(pack.isEncrypted());
ObjectOutputStream packageStream;

if (pack.isEncrypted()) {
    String tolken = pack.getClientTolken();
    Session s = getSession(tolken);
    packageStream = new ObjectOutputStream(SimpleAES.cryptOutputStream(s.getAesKey(), base));
}
else
    packageStream = new ObjectOutputStream(base);

packageStream.writeObject(pack);
packageStream.flush();

if (pack instanceof Request) {
    InputStream baseIn = sock.getInputStream();
    ObjectInputStream res;

    if (pack.isEncrypted()) {
        res = new ObjectInputStream(SimpleAES.decryptInputStream(getSession(pack.getClientTolken()).getAesKey(), baseIn));
    } else {
        res = new ObjectInputStream(baseIn);
    }

    @SuppressWarnings("unchecked")
    Response<? extends Serializable> response = (Response<? extends Serializable>) res.readObject();
    ((Request) pack).onResponse(response);
    res.close();
}

base.close();

我不认为堆栈跟踪会给你提供大量信息,但这里是:

Ping Response : 8ms
[Client] Added TolkenRequest to Query
[Client] Added RSARequest to Query
[Client] Added AESKeyPack to Query
[Client] Added ValidIdRequest to Query
java.io.EOFException
Fatal Error Exit
    at java.io.ObjectInputStream$PeekInputStream.readFully(Unknown Source)
    at java.io.ObjectInputStream$BlockDataInputStream.readShort(Unknown Source)
    at java.io.ObjectInputStream.readShort(Unknown Source)
    at java.io.ObjectStreamClass.readNonProxy(Unknown Source)
    at java.io.ObjectInputStream.readClassDescriptor(Unknown Source)
    at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
    at java.io.ObjectInputStream.readClassDesc(Unknown Source)
    at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
    at java.io.ObjectInputStream.readObject0(Unknown Source)
    at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
    at java.io.ObjectInputStream.readSerialData(Unknown Source)
    at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
    at java.io.ObjectInputStream.readObject0(Unknown Source)
    at java.io.ObjectInputStream.readObject(Unknown Source)
    at com.niton.tele.core.network.client.ClientListenerThread.run(ClientListenerThread.java:104)
  

ClientListenerThread.java:104是此行Response res =(Response)ois.readObject();

1 个答案:

答案 0 :(得分:1)

您无法在同一插槽上混合使用不同的缓冲流。他们会互相窃取数据。你需要在套接字的生命周期内使用单个ObjectInputStreamObjectOutputStream重新设计和重写它。

您可能正在寻找SealedObject

相关问题
最新问题