Bouncy Castle AES Encryption - 提供塊輸入

Question

我使用Bouncy Castle庫來加密我的Windows應用商店中的一些數據。我EncryptHelper類：

public static class EncryptHelper 
{ 
    private const string KEY = "chiaveAES"; 
    private const int SIZE = 16; 
    private enum CipherMode 
    { 
     Encrypt, 
     Decrypt 
    } 

    private static PaddedBufferedBlockCipher InitCipher(CipherMode mode) 
    { 
     PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesLightEngine()), new ZeroBytePadding()); 

     var key = new byte[32]; 
     var keyArray = KEY.ToCharArray(); 
     Buffer.BlockCopy(keyArray, 0, key, 0, Math.Min(keyArray.Length, key.Length)); 
     cipher.Init(mode == CipherMode.Encrypt, new KeyParameter(key)); 
     return cipher; 
    } 

    public static async Task Encrypt(Stream sourceStream, Stream destinationStream, bool autoSeekStart = true, bool autoSeekEnd = true) 
    { 
     //await Process(InitCipher(CipherMode.Encrypt), sourceStream, destinationStream, autoSeekStart, autoSeekEnd); 
     await ProcessBlocks(InitCipher(CipherMode.Encrypt), sourceStream, destinationStream, autoSeekStart, autoSeekEnd); 
    } 


    public static async Task Decrypt(Stream sourceStream, Stream destinationStream, bool autoSeekStart = true, bool autoSeekEnd = true) 
    { 
     //await Process(InitCipher(CipherMode.Decrypt), sourceStream, destinationStream, autoSeekStart, autoSeekEnd); 
     await ProcessBlocks(InitCipher(CipherMode.Decrypt), sourceStream, destinationStream, autoSeekStart, autoSeekEnd); 
    } 

    private static async Task Process(PaddedBufferedBlockCipher cipher, Stream sourceStream, Stream destinationStream, bool autoSeekStart, bool autoSeekEnd) 
    { 
     if (autoSeekStart) 
     { 
      sourceStream.ToBegin(); 
      destinationStream.ToBegin(); 
     } 

     var size = Convert.ToInt16(sourceStream.Length); 
     byte[] inBuffer = new byte[size]; 
     byte[] outBuffer = new byte[cipher.GetOutputSize(size)]; 
     int inCount = 0; 
     int outCount = 0; 

     try 
     { 
      inCount = await sourceStream.ReadAsync(inBuffer, 0, inBuffer.Length); 

      outCount = cipher.ProcessBytes(inBuffer, 0, inCount, outBuffer, 0); 
      outCount += cipher.DoFinal(outBuffer, outCount); 

      await destinationStream.WriteAsync(); 

      await destinationStream.FlushAsync(); 
     } 
     catch { } 

     if (autoSeekEnd) 
     { 
      sourceStream.ToBegin(); 
      destinationStream.ToBegin(); 
     } 
    } 

    private static async Task ProcessBlocks(PaddedBufferedBlockCipher cipher, Stream sourceStream, Stream destinationStream, bool autoSeekStart, bool autoSeekEnd) 
    { 
     if (autoSeekStart) 
     { 
      sourceStream.ToBegin(); 
      destinationStream.ToBegin(); 
     } 

     byte[] inBuffer = new byte[SIZE]; 
     byte[] outBuffer = new byte[cipher.GetOutputSize(SIZE)]; 
     int inCount = 0; 
     int outCount = 0; 

     try 
     { 
      while ((inCount = await sourceStream.ReadAsync(inBuffer, 0, inBuffer.Length)) > 0) 
      { 
       outCount += cipher.ProcessBytes(inBuffer, 0, inCount, outBuffer, 0); 
       await destinationStream.WriteAsync(outBuffer, 0, outBuffer.Length); 
      } 

      outBuffer = ? 
      outCount += cipher.DoFinal(outBuffer, outCount); 

      await destinationStream.WriteAsync(outBuffer, 0, outCount); 

      await destinationStream.FlushAsync(); 
     } 
     catch { } 

     if (autoSeekEnd) 
     { 
      sourceStream.ToBegin(); 
      destinationStream.ToBegin(); 
     } 
    } 
} 

我Process()方法工作正常，但是當指令

inCount = await sourceStream.ReadAsync(inBuffer, 0, inBuffer.Length); 

我怕如果流有太多的數據可能occurr一個OutOfMemoryException。所以，我試圖構建ProcessBlocks()方法，它應該逐步從流中讀取，每次一個塊，而不會對RAM過度充電。我對如何處理outBuffer有一些疑問：它應該在執行cipher.ProcessBytes（）的每個循環中被覆蓋，但是在調用the cipher.DoFinal()之前它應該在哪個大小上執行？

謝謝

UPDATE 30/07/2015

我修改了主要的回答來處理一個zip文件和outcoming zip文件不再是一個有效的ZIP，可能有人給我解釋一下爲什麼？

public static void Main(string[] args) 
    { 
      var plainPath = @"C:\Users\Federico\Desktop\0abed72d-defc-4c9a-a8ae-3fec43f01224.zip"; 
      var decryptPath = @"C:\Users\Federico\Desktop\0abed72d-defc-4c9a-a8ae-3fec43f01224 - decrypted.zip"; 

      var plainStream = new FileStream(plainPath, FileMode.Open, FileAccess.Read); 
      var cipherStream = new MemoryStream(); 
      EncryptHelper.Encrypt(plainStream, cipherStream); 
      cipherStream.Seek(0, SeekOrigin.Begin); 
      FileStream fs = new FileStream(decryptPath, FileMode.Create); 
      EncryptHelper.Decrypt(cipherStream, fs); 

      fs.Flush(); 
      fs.Close(); 
     } 

Answer 1

cipher.DoFinal()將生產多達2 * Cipher.GetBlockSize()字節。實際產生的字節數由方法返回。

下面是一個基於您的示例鬆散的例子。

using System; 
using System.IO; 

using Org.BouncyCastle.Crypto.Paddings; 
using Org.BouncyCastle.Crypto.Parameters; 
using Org.BouncyCastle.Crypto.Modes; 
using Org.BouncyCastle.Crypto.Engines; 
using System.Text; 

namespace PaddedBufferedBlockCipherExample 
{ 
    public class EncryptHelper 
    { 
     private const string KEY = "chiaveAES"; 
     private const int BufferSize = 1024; 
     private PaddedBufferedBlockCipher cipher; 

     public enum CipherMode 
     { 
      Encrypt, 
      Decrypt 
     } 

     public EncryptHelper (CipherMode mode) 
     { 
      cipher = new PaddedBufferedBlockCipher (new CbcBlockCipher (new AesLightEngine()), new Pkcs7Padding()); 

      var key = new byte[32]; 
      var keyArray = KEY.ToCharArray(); 
      Buffer.BlockCopy (keyArray, 0, key, 0, Math.Min (keyArray.Length, key.Length)); 
      cipher.Init (mode == CipherMode.Encrypt, new KeyParameter (key)); 
     } 

     public static void Encrypt (Stream sourceStream, Stream destinationStream) 
     { 
      var helper = new EncryptHelper (CipherMode.Encrypt); 
      helper.ProcessBlocks (sourceStream, destinationStream); 
     } 


     public static void Decrypt (Stream sourceStream, Stream destinationStream) 
     { 
      var helper = new EncryptHelper (CipherMode.Decrypt); 
      helper.ProcessBlocks (sourceStream, destinationStream); 
     } 


     private void ProcessBlocks (Stream sourceStream, Stream destinationStream) 
     { 


      // inBuffer is sized for efficient I/O 
      var inBuffer = new byte[BufferSize]; 

      // outBuffer should be large enough to not require further resizing 
      var outBuffer = new byte[cipher.GetBlockSize() + cipher.GetOutputSize (inBuffer.Length)]; 
      int inCount = 0; 
      int outCount = 0; 

      // Process data using the cipher.ProcessBytes method, until we reach EOF 

      while ((inCount = sourceStream.Read (inBuffer, 0, inBuffer.Length)) > 0) { 
       outCount = cipher.ProcessBytes (inBuffer, 0, inCount, outBuffer, 0); 
       destinationStream.Write (outBuffer, 0, outCount); 
      } 

      // Now "flush" the cipher instance by calling the DoFinal method. This 
      // will finish the en/de-cryption by ciphering any buffered data and processing any 
      // encryption padding. 

      outCount = cipher.DoFinal (outBuffer, 0); 

      destinationStream.Write (outBuffer, 0, outCount); 
     } 

     public static void Main (string[] args) 
     { 
      var plainPath = "/Users/robert/src/csharp_toys/toy1/Program.cs"; 
      var plainStream = new FileStream (plainPath, FileMode.Open, FileAccess.Read); 
      var cipherStream = new MemoryStream(); 
      EncryptHelper.Encrypt (plainStream, cipherStream); 
      cipherStream.Seek (0, SeekOrigin.Begin); 
      var decryptedStream = new MemoryStream(); 
      EncryptHelper.Decrypt (cipherStream, decryptedStream); 
      var decryptedString = Encoding.ASCII.GetString (decryptedStream.ToArray()); 
      Console.Write (decryptedString); 
     } 
    } 
} 

Answer 2

UPDATE 30/07/2015

我發現這只是一個填充問題，我用ZeroBytePadding，它搞砸了一切。