2

Problem: I read and write large multipage tiffs. During my test I have seen plain tiffs on disk. I know I can disable writing to disk with

ImageIO.setUseCache(false)

but then all data is in memory, what may lead to OutOfMemoryException.

Is there any way to encrypt the cache/temp file created by ImageIO.createImageInputStream() and ImageIO.createImageOutputStream()?

My current variants, what I can/will try

  • Registering a custom ImageInputStream/ImageOutputStream(Spi)for encrypted files similar to "javax.imageio.stream.FileImageInputStream". Is there any documentation/tutorial how to do that?
  • Extends RandomAccessFile to write encrypted and read decrypted to/from file due to existing "javax.imageio.stream.FileImageInputStream" already accepts RandomAccessFile. Is there already a solution for that?
  • last hope is to secure/encrypt the temp folder outside of my java app, but that would be error prone.

PS: I would use AES128/256 encryption with temp. key/IV (save that in memory) !

hiaclibe
  • 636
  • 9
  • 25
  • My initial hunch is, it will be easier (and likely more performant) to use an encrypted file system, and possibly specify the directory using `ImageIO.setCacheDirectory(encryptedPath)`, than any of the variants involving implementing custom streams in Java... But one thing I don't get in this scenario... Where/how is your *input data* stored? If it's already "seekable", you may not need a cache (memory or disk) at all. – Harald K Nov 01 '22 at 10:34
  • Yes, I'm downloading this from external service and store it already on disc (via CipherOutputStream). Thats why I spotted unencrypted content during processing. Deactivate ImageIO cache means data in memory and for big tiffs you get OOM. Activate cache is always plain file (via RandomAccessFile), what I dont want. Securing outside of java with encrypted file system would be my last hope, but thats why I asked, because I want that inside the java app. – hiaclibe Nov 04 '22 at 13:29

0 Answers0