The JCE spec for Cipher.doFinal states: "Upon finishing, this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data."
However, the various doFinal() methods of the Cipher class reset the cipher to an uninitialized state. Subsequent calls to update() or doFinal() result in an IllegalStateException. The Cipher class contains the following in several doFinal methods: ... if (state != ENCRYPT_MODE && state != DECRYPT_MODE) { throw new IllegalStateException("neither encrypting nor decrypting"); } state = INITIAL_STATE; ... The state of the cipher should not be set to INITIAL_STATE after doFinal but remain either in ENCRYPT_MODE or DECRYPT_MODE. All of the doFinal methods are affected by this bug. This is my first bug report here, so please let me know if more information is needed such as an executable example. I'm also not sure (since I didn't see it in the bug writing guidelines) whether I sould attach a patch for this bug. The same problem also exists in the latest Classpath codebase. -- Summary: doFinal() methods in javax.crypto.Cipher incorrectly resetting cipher state Product: gcc Version: 4.0.1 Status: UNCONFIRMED Severity: normal Priority: P2 Component: libgcj AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: qianzwang at yahoo dot com CC: gcc-bugs at gcc dot gnu dot org,java-prs at gcc dot gnu dot org http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23768