src/share/classes/com/sun/crypto/provider/GCTR.java
Print this page
8012900: CICO ignores AAD in GCM mode
@@ -52,11 +52,11 @@
// the current counter value
private byte[] counter;
// needed for save/restore calls
- private byte[] counterSave;
+ private byte[] counterSave = null;
// NOTE: cipher should already be initialized
GCTR(SymmetricCipher cipher, byte[] initialCounterBlk) {
this.aes = cipher;
this.icb = initialCounterBlk;
@@ -96,21 +96,20 @@
try {
if (inLen < 0) {
throw new IllegalBlockSizeException("Negative input size!");
} else if (inLen > 0) {
int lastBlockSize = inLen % AES_BLOCK_SIZE;
+ int completeBlkLen = inLen - lastBlockSize;
// process the complete blocks first
- update(in, inOfs, inLen - lastBlockSize, out, outOfs);
+ update(in, inOfs, completeBlkLen, out, outOfs);
if (lastBlockSize != 0) {
// do the last partial block
byte[] encryptedCntr = new byte[AES_BLOCK_SIZE];
aes.encryptBlock(counter, 0, encryptedCntr, 0);
-
- int processed = inLen - lastBlockSize;
for (int n = 0; n < lastBlockSize; n++) {
- out[outOfs + processed + n] =
- (byte) ((in[inOfs + processed + n] ^
+ out[outOfs + completeBlkLen + n] =
+ (byte) ((in[inOfs + completeBlkLen + n] ^
encryptedCntr[n]));
}
}
}
} finally {
@@ -118,16 +117,15 @@
}
return inLen;
}
/**
- * Resets the current counter to its initial value.
- * This is used after the doFinal() is called so this object can be
- * reused w/o explicit re-initialization.
+ * Resets the content of this object to when it's first constructed.
*/
void reset() {
System.arraycopy(icb, 0, counter, 0, icb.length);
+ counterSave = null;
}
/**
* Save the current content of this object.
*/