input/output overlap for DefaultBufferedBlockCipher and PaddedBufferedBlockCipher

ligefeiBouncycastle · dghgit · commit 4ec69f2d7d4c · 2025-03-29T23:56:30.000Z
diff --git a/core/src/main/java/org/bouncycastle/crypto/DefaultBufferedBlockCipher.java b/core/src/main/java/org/bouncycastle/crypto/DefaultBufferedBlockCipher.java
@@ -14,15 +14,15 @@
 public class DefaultBufferedBlockCipher
     extends BufferedBlockCipher
 {
-    protected byte[]        buf;
-    protected int           bufOff;
+    protected byte[] buf;
+    protected int bufOff;
 
-    protected boolean          forEncryption;
-    protected BlockCipher      cipher;
+    protected boolean forEncryption;
+    protected BlockCipher cipher;
     protected MultiBlockCipher mbCipher;
 
-    protected boolean       partialBlockOkay;
-    protected boolean       pgpCFB;
+    protected boolean partialBlockOkay;
+    protected boolean pgpCFB;
 
     /**
      * constructor for subclasses
@@ -37,7 +37,7 @@ protected DefaultBufferedBlockCipher()
      * @param cipher the underlying block cipher this buffering object wraps.
      */
     public DefaultBufferedBlockCipher(
-        BlockCipher     cipher)
+        BlockCipher cipher)
     {
         this.cipher = cipher;
 
@@ -57,8 +57,8 @@ public DefaultBufferedBlockCipher(
         //
         // check if we can handle partial blocks on doFinal.
         //
-        String  name = cipher.getAlgorithmName();
-        int     idx = name.indexOf('/') + 1;
+        String name = cipher.getAlgorithmName();
+        int idx = name.indexOf('/') + 1;
 
         pgpCFB = (idx > 0 && name.startsWith("PGP", idx));
 
@@ -86,14 +86,14 @@ public BlockCipher getUnderlyingCipher()
      * initialise the cipher.
      *
      * @param forEncryption if true the cipher is initialised for
-     *  encryption, if false for decryption.
-     * @param params the key and other data required by the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
+     *                      encryption, if false for decryption.
+     * @param params        the key and other data required by the cipher.
+     * @throws IllegalArgumentException if the params argument is
+     *                                  inappropriate.
      */
     public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
+        boolean forEncryption,
+        CipherParameters params)
         throws IllegalArgumentException
     {
         this.forEncryption = forEncryption;
@@ -114,7 +114,7 @@ public int getBlockSize()
     }
 
     /**
-     * return the size of the output buffer required for an update 
+     * return the size of the output buffer required for an update
      * an input of len bytes.
      *
      * @param len the length of the input.
@@ -124,7 +124,7 @@ public int getBlockSize()
     public int getUpdateOutputSize(
         int len)
     {
-        int total       = len + bufOff;
+        int total = len + bufOff;
         int leftOver;
 
         if (pgpCFB)
@@ -140,7 +140,7 @@ public int getUpdateOutputSize(
         }
         else
         {
-            leftOver    = total % buf.length;
+            leftOver = total % buf.length;
         }
 
         return total - leftOver;
@@ -169,20 +169,20 @@ public int getOutputSize(
     /**
      * process a single byte, producing an output block if necessary.
      *
-     * @param in the input byte.
-     * @param out the space for any output that might be produced.
+     * @param in     the input byte.
+     * @param out    the space for any output that might be produced.
      * @param outOff the offset from which the output will be copied.
      * @return the number of output bytes copied to out.
-     * @exception DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
+     * @throws DataLengthException   if there isn't enough space in out.
+     * @throws IllegalStateException if the cipher isn't initialised.
      */
     public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
+        byte in,
+        byte[] out,
+        int outOff)
         throws DataLengthException, IllegalStateException
     {
-        int         resultLen = 0;
+        int resultLen = 0;
 
         buf[bufOff++] = in;
 
@@ -198,31 +198,31 @@ public int processByte(
     /**
      * process an array of bytes, producing output if necessary.
      *
-     * @param in the input byte array.
-     * @param inOff the offset at which the input data starts.
-     * @param len the number of bytes to be copied out of the input array.
-     * @param out the space for any output that might be produced.
+     * @param in     the input byte array.
+     * @param inOff  the offset at which the input data starts.
+     * @param len    the number of bytes to be copied out of the input array.
+     * @param out    the space for any output that might be produced.
      * @param outOff the offset from which the output will be copied.
      * @return the number of output bytes copied to out.
-     * @exception DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
+     * @throws DataLengthException   if there isn't enough space in out.
+     * @throws IllegalStateException if the cipher isn't initialised.
      */
     public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
+        byte[] in,
+        int inOff,
+        int len,
+        byte[] out,
+        int outOff)
         throws DataLengthException, IllegalStateException
     {
         if (len < 0)
         {
             throw new IllegalArgumentException("Can't have a negative input length!");
         }
 
-        int blockSize   = getBlockSize();
-        int length      = getUpdateOutputSize(len);
-        
+        int blockSize = getBlockSize();
+        int length = getUpdateOutputSize(len);
+
         if (length > 0)
         {
             if ((outOff + length) > out.length)
@@ -237,12 +237,25 @@ public int processBytes(
         if (len > gapLen)
         {
             System.arraycopy(in, inOff, buf, bufOff, gapLen);
+            inOff += gapLen;
+            len -= gapLen;
+            if (in == out)
+            {
+                int inEnd = inOff + len;
+                int outEnd = outOff + length;
+                if ((inOff <= outOff && outOff <= inEnd) ||
+                    (outOff <= inOff && inOff <= outEnd))
+                {
+                    in = new byte[len];
+                    System.arraycopy(out, inOff, in, 0, len);
+                    inOff = 0;
+                }
+            }
 
             resultLen += cipher.processBlock(buf, 0, out, outOff);
 
             bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
+
 
             if (mbCipher != null)
             {
@@ -286,20 +299,20 @@ public int processBytes(
     /**
      * Process the last block in the buffer.
      *
-     * @param out the array the block currently being held is copied into.
+     * @param out    the array the block currently being held is copied into.
      * @param outOff the offset at which the copying starts.
      * @return the number of output bytes copied to out.
-     * @exception DataLengthException if there is insufficient space in out for
-     * the output, or the input is not block size aligned and should be.
-     * @exception IllegalStateException if the underlying cipher is not
-     * initialised.
-     * @exception InvalidCipherTextException if padding is expected and not found.
-     * @exception DataLengthException if the input is not block size
-     * aligned.
+     * @throws DataLengthException        if there is insufficient space in out for
+     *                                    the output, or the input is not block size aligned and should be.
+     * @throws IllegalStateException      if the underlying cipher is not
+     *                                    initialised.
+     * @throws InvalidCipherTextException if padding is expected and not found.
+     * @throws DataLengthException        if the input is not block size
+     *                                    aligned.
      */
     public int doFinal(
-        byte[]  out,
-        int     outOff)
+        byte[] out,
+        int outOff)
         throws DataLengthException, IllegalStateException, InvalidCipherTextException
     {
         try
diff --git a/core/src/main/java/org/bouncycastle/crypto/paddings/PaddedBufferedBlockCipher.java b/core/src/main/java/org/bouncycastle/crypto/paddings/PaddedBufferedBlockCipher.java
@@ -202,12 +202,24 @@ public int processBytes(
         if (len > gapLen)
         {
             System.arraycopy(in, inOff, buf, bufOff, gapLen);
+            inOff += gapLen;
+            len -= gapLen;
+            if (in == out)
+            {
+                int inEnd = inOff + len;
+                int outEnd = outOff + length;
+                if ((inOff <= outOff && outOff <= inEnd) ||
+                    (outOff <= inOff && inOff <= outEnd))
+                {
+                    in = new byte[len];
+                    System.arraycopy(out, inOff, in, 0, len);
+                    inOff = 0;
+                }
+            }
 
             resultLen += cipher.processBlock(buf, 0, out, outOff);
 
             bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
 
             while (len > buf.length)
             {
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/PaddingTest.java b/core/src/test/java/org/bouncycastle/crypto/test/PaddingTest.java
