The JCE spec for Cipher.doFinal states: "Upon finishing, this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data." However, the various doFinal() methods of the Cipher class reset the cipher to an uninitialized state. Subsequent calls to update() or doFinal() result in an IllegalStateException. The Cipher class contains the following in several doFinal methods: ... if (state != ENCRYPT_MODE && state != DECRYPT_MODE) { throw new IllegalStateException("neither encrypting nor decrypting"); } state = INITIAL_STATE; ... The state of the cipher should not be set to INITIAL_STATE after doFinal but remain either in ENCRYPT_MODE or DECRYPT_MODE. All of the doFinal methods are affected by this bug. This is my first bug report here, so please let me know if more information is needed such as an executable example. I'm also not sure (since I didn't see it in the bug writing guidelines) whether I sould attach a patch for this bug. The same problem also exists in the latest Classpath codebase.
Confirmed. The doFinal methods should leave 'state' as-is, as the reporter suggests. It is up to CipherSpi subclasses to reset themselves when their 'engineDoFinal' methods are called.
Subject: Bug 23768 CVSROOT: /cvsroot/classpath Module name: classpath Branch: jessie-nio Changes by: Casey Marshall <rsdio@savannah.gnu.org> 06/03/11 05:15:47 Modified files: . : ChangeLog-jessie-nio javax/crypto : Cipher.java CipherSpi.java Log message: 2006-03-10 Casey Marshall <csm@gnu.org> Fixes PR 23768. * javax/crypto/Cipher.java (doFinal, doFinal, doFinal): don't reset `state.' (doFinal, update): new methods. (init, init, init, init): initialize `state' after trying the implementation, which can throw an exception. * javax/crypto/CipherSpi.java (engineDoFinal, engineUpdate): new methods. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/ChangeLog-jessie-nio.diff?only_with_tag=jessie-nio&tr1=1.1.2.2&tr2=1.1.2.3&r1=text&r2=text http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/javax/crypto/Cipher.java.diff?only_with_tag=jessie-nio&tr1=1.4&tr2=1.4.6.1&r1=text&r2=text http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/javax/crypto/CipherSpi.java.diff?only_with_tag=jessie-nio&tr1=1.2&tr2=1.2.6.1&r1=text&r2=text
Subject: Bug 23768 CVSROOT: /cvsroot/classpath Module name: classpath Branch: Changes by: Casey Marshall <rsdio@savannah.gnu.org> 06/03/11 05:21:58 Modified files: . : ChangeLog javax/crypto : Cipher.java CipherSpi.java Log message: 2006-03-10 Casey Marshall <csm@gnu.org> Fixes PR 23768. * javax/crypto/Cipher.java (doFinal, doFinal, doFinal): don't reset `state.' (doFinal, update): new methods. (init, init, init, init): initialize `state' after trying the implementation, which can throw an exception. * javax/crypto/CipherSpi.java (engineDoFinal, engineUpdate): new methods. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/ChangeLog.diff?tr1=1.6692&tr2=1.6693&r1=text&r2=text http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/javax/crypto/Cipher.java.diff?tr1=1.4&tr2=1.5&r1=text&r2=text http://cvs.savannah.gnu.org/viewcvs/classpath/classpath/javax/crypto/CipherSpi.java.diff?tr1=1.2&tr2=1.3&r1=text&r2=text