1111 */
1212public class BufferedBlockCipher
1313{
14- protected byte [] buf ;
15- protected int bufOff ;
14+ protected byte [] buf ;
15+ protected int bufOff ;
1616
17- protected boolean forEncryption ;
18- protected BlockCipher cipher ;
17+ protected boolean forEncryption ;
18+ protected BlockCipher cipher ;
1919 protected MultiBlockCipher mbCipher ;
2020
21- protected boolean partialBlockOkay ;
22- protected boolean pgpCFB ;
21+ protected boolean partialBlockOkay ;
22+ protected boolean pgpCFB ;
2323
2424 /**
2525 * constructor for subclasses
@@ -35,7 +35,7 @@ public class BufferedBlockCipher
3535 * @deprecated use the constructor on DefaultBufferedBlockCipher.
3636 */
3737 public BufferedBlockCipher (
38- BlockCipher cipher )
38+ BlockCipher cipher )
3939 {
4040 this .cipher = cipher ;
4141
@@ -55,8 +55,8 @@ public BufferedBlockCipher(
5555 //
5656 // check if we can handle partial blocks on doFinal.
5757 //
58- String name = cipher .getAlgorithmName ();
59- int idx = name .indexOf ('/' ) + 1 ;
58+ String name = cipher .getAlgorithmName ();
59+ int idx = name .indexOf ('/' ) + 1 ;
6060
6161 pgpCFB = (idx > 0 && name .startsWith ("PGP" , idx ));
6262
@@ -84,14 +84,14 @@ public BlockCipher getUnderlyingCipher()
8484 * initialise the cipher.
8585 *
8686 * @param forEncryption if true the cipher is initialised for
87- * encryption, if false for decryption.
88- * @param params the key and other data required by the cipher.
89- * @exception IllegalArgumentException if the params argument is
90- * inappropriate.
87+ * encryption, if false for decryption.
88+ * @param params the key and other data required by the cipher.
89+ * @throws IllegalArgumentException if the params argument is
90+ * inappropriate.
9191 */
9292 public void init (
93- boolean forEncryption ,
94- CipherParameters params )
93+ boolean forEncryption ,
94+ CipherParameters params )
9595 throws IllegalArgumentException
9696 {
9797 this .forEncryption = forEncryption ;
@@ -112,7 +112,7 @@ public int getBlockSize()
112112 }
113113
114114 /**
115- * return the size of the output buffer required for an update
115+ * return the size of the output buffer required for an update
116116 * an input of len bytes.
117117 *
118118 * @param len the length of the input.
@@ -122,7 +122,7 @@ public int getBlockSize()
122122 public int getUpdateOutputSize (
123123 int len )
124124 {
125- int total = len + bufOff ;
125+ int total = len + bufOff ;
126126 int leftOver ;
127127
128128 if (pgpCFB )
@@ -138,7 +138,7 @@ public int getUpdateOutputSize(
138138 }
139139 else
140140 {
141- leftOver = total % buf .length ;
141+ leftOver = total % buf .length ;
142142 }
143143
144144 return total - leftOver ;
@@ -167,20 +167,20 @@ public int getOutputSize(
167167 /**
168168 * process a single byte, producing an output block if necessary.
169169 *
170- * @param in the input byte.
171- * @param out the space for any output that might be produced.
170+ * @param in the input byte.
171+ * @param out the space for any output that might be produced.
172172 * @param outOff the offset from which the output will be copied.
173173 * @return the number of output bytes copied to out.
174- * @exception DataLengthException if there isn't enough space in out.
175- * @exception IllegalStateException if the cipher isn't initialised.
174+ * @throws DataLengthException if there isn't enough space in out.
175+ * @throws IllegalStateException if the cipher isn't initialised.
176176 */
177177 public int processByte (
178- byte in ,
179- byte [] out ,
180- int outOff )
178+ byte in ,
179+ byte [] out ,
180+ int outOff )
181181 throws DataLengthException , IllegalStateException
182182 {
183- int resultLen = 0 ;
183+ int resultLen = 0 ;
184184
185185 buf [bufOff ++] = in ;
186186
@@ -196,31 +196,31 @@ public int processByte(
196196 /**
197197 * process an array of bytes, producing output if necessary.
198198 *
199- * @param in the input byte array.
200- * @param inOff the offset at which the input data starts.
201- * @param len the number of bytes to be copied out of the input array.
202- * @param out the space for any output that might be produced.
199+ * @param in the input byte array.
200+ * @param inOff the offset at which the input data starts.
201+ * @param len the number of bytes to be copied out of the input array.
202+ * @param out the space for any output that might be produced.
203203 * @param outOff the offset from which the output will be copied.
204204 * @return the number of output bytes copied to out.
205- * @exception DataLengthException if there isn't enough space in out.
206- * @exception IllegalStateException if the cipher isn't initialised.
205+ * @throws DataLengthException if there isn't enough space in out.
206+ * @throws IllegalStateException if the cipher isn't initialised.
207207 */
208208 public int processBytes (
209- byte [] in ,
210- int inOff ,
211- int len ,
212- byte [] out ,
213- int outOff )
209+ byte [] in ,
210+ int inOff ,
211+ int len ,
212+ byte [] out ,
213+ int outOff )
214214 throws DataLengthException , IllegalStateException
215215 {
216216 if (len < 0 )
217217 {
218218 throw new IllegalArgumentException ("Can't have a negative input length!" );
219219 }
220220
221- int blockSize = getBlockSize ();
222- int length = getUpdateOutputSize (len );
223-
221+ int blockSize = getBlockSize ();
222+ int length = getUpdateOutputSize (len );
223+
224224 if (length > 0 )
225225 {
226226 if ((outOff + length ) > out .length )
@@ -237,17 +237,11 @@ public int processBytes(
237237 System .arraycopy (in , inOff , buf , bufOff , gapLen );
238238 inOff += gapLen ;
239239 len -= gapLen ;
240- if (in == out )
240+ if (in == out && segmentsOverlap ( inOff , len , outOff , length ) )
241241 {
242- int inEnd = inOff + len ;
243- int outEnd = outOff + length ;
244- if ((inOff <= outOff && outOff <= inEnd ) ||
245- (outOff <= inOff && inOff <= outEnd ))
246- {
247- in = new byte [len ];
248- System .arraycopy (out , inOff , in , 0 , len );
249- inOff = 0 ;
250- }
242+ in = new byte [len ];
243+ System .arraycopy (out , inOff , in , 0 , len );
244+ inOff = 0 ;
251245 }
252246
253247 resultLen += cipher .processBlock (buf , 0 , out , outOff );
@@ -296,20 +290,20 @@ public int processBytes(
296290 /**
297291 * Process the last block in the buffer.
298292 *
299- * @param out the array the block currently being held is copied into.
293+ * @param out the array the block currently being held is copied into.
300294 * @param outOff the offset at which the copying starts.
301295 * @return the number of output bytes copied to out.
302- * @exception DataLengthException if there is insufficient space in out for
303- * the output, or the input is not block size aligned and should be.
304- * @exception IllegalStateException if the underlying cipher is not
305- * initialised.
306- * @exception InvalidCipherTextException if padding is expected and not found.
307- * @exception DataLengthException if the input is not block size
308- * aligned.
296+ * @throws DataLengthException if there is insufficient space in out for
297+ * the output, or the input is not block size aligned and should be.
298+ * @throws IllegalStateException if the underlying cipher is not
299+ * initialised.
300+ * @throws InvalidCipherTextException if padding is expected and not found.
301+ * @throws DataLengthException if the input is not block size
302+ * aligned.
309303 */
310304 public int doFinal (
311- byte [] out ,
312- int outOff )
305+ byte [] out ,
306+ int outOff )
313307 throws DataLengthException , IllegalStateException , InvalidCipherTextException
314308 {
315309 try
@@ -363,4 +357,10 @@ public void reset()
363357 //
364358 cipher .reset ();
365359 }
360+
361+ protected boolean segmentsOverlap (int inOff , int inLen , int outOff , int outLen )
362+ {
363+ // please ensure a valid check for inLen > 0 and outLen > 0 outside this function
364+ return inOff <= outOff + outLen && outOff <= inOff + inLen ;
365+ }
366366}
0 commit comments