java aes iv_Java AES CTR IV和计数器

我试着找到答案,自己看这里并在别处搜索了一段时间,但我还是有一些问题.

假设这个Java代码：

try

{

int cipherMode = Cipher.ENCRYPT_MODE;

SecretKeySpec secretKey = ...; // generated previously using KeyGenerator

byte[] nonceAndCounter = new byte[16];

byte[] nonceBytes = ...; // generated previously using SecureRandom's nextBytes(8);

// use first 8 bytes as nonce

Arrays.fill(nonceAndCounter, (byte) 0);

System.arraycopy(nonceBytes, 0, nonceAndCounter, 0, 8);

IvParameterSpec ivSpec = new IvParameterSpec(nonceAndCounter);

Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");

cipher.init(cipherMode, secretKey, ivSpec);

File inFile = new File(...);

File outFile = new File(...);

long bytesRead = 0;

try (FileInputStream is = new FileInputStream(inFile);

FileOutputStream os = new FileOutputStream(outFile))

{

byte[] inBuf = new byte[512 * 1024];

byte[] outBuf = new byte[512 * 1024];

int readLen = 0;

ByteBuffer byteBuffer = ByteBuffer.allocate(8);

byteBuffer.putLong(bytesRead);

while ((readLen = is.read(inBuf)) != -1)

{

bytesRead += readLen;

cipher.update(inBuf, 0, readLen, outBuf, 0);

os.write(outBuf);

}

cipher.doFinal(outBuf, 0);

os.write(outBuf);

is.close();

os.close();

}

catch (Exception e) {

System.out.printf("Exception for file: %s\n", e);

}

}

catch (Exception e) {

System.out.printf("Exception: %s\n", e);

}

我的问题是：

>对于CTR模式的计数器更新,上述代码是否正常？具体来说,我不是自己更新计数器.我应该使用以下while循环吗？我试过这个是因为我查看了cipher.getIV()在循环中返回的内容,但它没有改变,getIV()的描述没有详细说明：

while ((readLen = is.read(inBuf)) != -1)

{

// use offset for last 8 bytes as counter

byteBuffer.putLong(bytesRead);

System.arraycopy(byteBuffer.array(), 0, nonceAndCounter, 8, 8);

bytesRead += readLen;

IvParameterSpec ivSpec = new IvParameterSpec(nonceAndCounter);

cipher.init(cipherMode, secretKey, ivSpec);

cipher.update(inBuf, 0, readLen, outBuf, 0);

os.write(outBuf);

}

>我有更多与修改的while循环方法相关的问题.以这种方式调用cipher.init()可以吗？我这样做是因为我还没有找到一种方法来更新IV(计数器真的).

>这么大的块大小可以或者它应该变小吗？在那种情况下它应该有多大？