skip method in CipherInputStream

1.1k views Asked by At

I am running into an issue where the code that works against a InputStream backed by a FileInputStream does not work if a CipherInputStream is used.

Example is below:

  // skipCount is same as n in a FileInputStream
  FileInputStream fis;
  ... 
  skipCount = fis.skip(n)

Get a different behavior if a CipherInputStream is used

  // skipCount is always 0
  CipherInputStream cis;
  ...
  skipCount = cis.skip(n)

After further debugging it looks like, skip will only work (i.e., return values > 0) if used in conjunction with the read() call.

Is there a better way of getting skip to work with CipherInputStream, than rolling my own "skip" method that relies on calling read?

Also, is there a way of telling the CipherInputStream to automatically do a "read" as part of invoking the skip call? Otherwise it looks like the skip API is flaky in CipherInputStream.

MCVE

public class TestSkip {
  public static final String ALGO = "AES/CBC/PKCS5Padding";
  public static final String CONTENT = "Strive not to be a success, but rather to be of value";
  private static int BlockSizeBytes = 16;
  private static SecureRandom random = null;

  static {
    try {
      random = SecureRandom.getInstance("SHA1PRNG");
    } catch (NoSuchAlgorithmException e) {
      throw new RuntimeException("Could not initialize AES encryption", e);
    }
  }

  static byte[] getKeyBytes() throws NoSuchAlgorithmException, UnsupportedEncodingException
  {
    byte[] key = "Not a secure string!".getBytes("UTF-8");
    MessageDigest sha = MessageDigest.getInstance("SHA-1");
    key = sha.digest(key);
    key = Arrays.copyOf(key, 16); // use only first 128 bit

    return key;
  }

  static KeySpec getKeySpec() throws GeneralSecurityException, UnsupportedEncodingException
  {
    return new SecretKeySpec(getKeyBytes(), "AES");
  }

  static byte[] getIv ()
  {
    byte[] iv = new byte[BlockSizeBytes];
    random.nextBytes(iv);

    return iv;
  }

  static Cipher initCipher (int mode, byte[] iv) throws GeneralSecurityException, UnsupportedEncodingException
  {
    KeySpec spec = getKeySpec();
    Cipher cipher = Cipher.getInstance(ALGO);
    cipher.init(mode, (SecretKey) spec, new IvParameterSpec(iv));
    return cipher;
  }

  static void encrypt(String fileName) throws
      GeneralSecurityException,
      IOException
  {
    FileOutputStream fos = new FileOutputStream(fileName);
    byte[] iv = getIv();
    fos.write(iv);

    Cipher cipher = initCipher(Cipher.ENCRYPT_MODE, iv);
    CipherOutputStream cos = new CipherOutputStream(fos, cipher);
    PrintWriter pw = new PrintWriter(cos);
    pw.println(CONTENT);
    pw.close();
  }

  static void skipAndCheck(String fileName) throws
      GeneralSecurityException,
      IOException
  {
    FileInputStream fis = new FileInputStream(fileName);
    byte[] iv = new byte[BlockSizeBytes];
    if (fis.read(iv) != BlockSizeBytes) {
      throw new GeneralSecurityException("Could not retrieve IV from AES encrypted stream");
    }

    Cipher cipher = initCipher(Cipher.DECRYPT_MODE, iv);
    CipherInputStream cis = new CipherInputStream(fis, cipher);

    // This does not skip
    long count = cis.skip(32);
    System.out.println("Bytes skipped: " + count);

    // Read a line
    InputStreamReader is = new InputStreamReader(cis);
    BufferedReader br = new BufferedReader(is);
    String read = br.readLine();
    System.out.println("Content after skipping 32 bytes is: " + read);

    br.close();
  }

  static InputStream getWrapper(CipherInputStream cis) {
    return new SkipInputStream(cis);
  }

  public static void main(String[] args) throws
      IOException,
      GeneralSecurityException
  {
    String fileName = "EncryptedSample.txt";

    encrypt(fileName);
    skipAndCheck(fileName); 
  }

}
1

There are 1 answers

1
codedabbler On BEST ANSWER

Found a solution that worked for me.

Created a wrapper class that extended FilterInputStream and implemented the skip method using the same code found in InputStream.java

Wrapper class

public class SkipInputStream extends FilterInputStream
{
    private static final int MAX_SKIP_BUFFER_SIZE = 2048;

    /**
     * Creates a <code>FilterInputStream</code>
     * by assigning the  argument <code>in</code>
     * to the field <code>this.in</code> so as
     * to remember it for later use.
     *
     * @param in the underlying input stream, or <code>null</code> if
     *           this instance is to be created without an underlying stream.
     */
    protected SkipInputStream (InputStream in)
    {
        super(in);
    }

    /**
     * Same implementation as InputStream#skip
     *
     * @param n
     * @return
     * @throws IOException
     */
    public long skip(long n)
        throws IOException
    {
        long remaining = n;
        int nr;

        if (n <= 0) {
            return 0;
        }

        int size = (int)Math.min(MAX_SKIP_BUFFER_SIZE, remaining);
        byte[] skipBuffer = new byte[size];
        while (remaining > 0) {
            nr = in.read(skipBuffer, 0, (int)Math.min(size, remaining));
            if (nr < 0) {
                break;
            }
            remaining -= nr;
        }

        return n - remaining;
    }

}

With this class one just needs to change the following line in the MCVE above

long count = cis.skip(32);

to

long count = getWrapper(cis).skip(32);

Output

Old

Bytes skipped: 0
Content after skipping 32 bytes is: Strive not to be a success, but rather to be of value

New

Bytes skipped: 32
Content after skipping 32 bytes is: rather to be of value