From 69b42b64fb1f0555aa36f17c971b25cecea9cf8b Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Tue, 18 Apr 2017 17:22:24 -0600
Subject: [PATCH] JCE: fix Cipher update with offset

---
 .../wolfssl/provider/jce/WolfCryptCipher.java  | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptCipher.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptCipher.java
index af91062..73819de 100644
--- a/src/main/java/com/wolfssl/provider/jce/WolfCryptCipher.java
+++ b/src/main/java/com/wolfssl/provider/jce/WolfCryptCipher.java
@@ -457,8 +457,7 @@ public class WolfCryptCipher extends CipherSpi {
 
         int ret = 0;
 
-        byte tmpIn[]  = Arrays.copyOfRange(input, inputOffset,
-                            inputOffset + len);
+        byte tmpIn[]  = null;
         byte tmpOut[] = null;
 
         /* return null if input data is too short to result in a new
@@ -466,18 +465,25 @@ public class WolfCryptCipher extends CipherSpi {
         if (input == null || isValidBlockLength(len) == 0)
             return null;
 
+        tmpIn = Arrays.copyOfRange(input, inputOffset,
+                                   inputOffset + len);
+
         switch (this.cipherType) {
 
             case WC_AES:
                 tmpOut = this.aes.update(input, inputOffset, len);
-                tmpOut = Arrays.copyOfRange(tmpOut, inputOffset,
-                                            inputOffset + len);
+
+                /* truncate */
+                tmpOut = Arrays.copyOfRange(tmpOut, 0, len);
+
                 break;
 
             case WC_DES3:
                 tmpOut = this.des3.update(input, inputOffset, len);
-                tmpOut = Arrays.copyOfRange(tmpOut, inputOffset,
-                                            inputOffset + len);
+
+                /* truncate */
+                tmpOut = Arrays.copyOfRange(tmpOut, 0, len);
+
                 break;
 
             case WC_RSA: