From 0d6e7616f0d57d461a0f9002f395f8e2c7365cd3 Mon Sep 17 00:00:00 2001 From: dominic reed Date: Thu, 7 Nov 2024 10:47:51 -0800 Subject: [PATCH] fix(sdk): uses offset for ByteBuffer array offset (#209) ByteBuffer could have an array offset. We consider the length of the ByteBuffer, but we do not consider the offset and default it to 0. This PR fixes this problem by adding in the array offset when encrypting. --- sdk/src/main/java/io/opentdf/platform/sdk/NanoTDF.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/NanoTDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/NanoTDF.java index 39170b97..5695713a 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/NanoTDF.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/NanoTDF.java @@ -140,7 +140,7 @@ public int createNanoTDF(ByteBuffer data, OutputStream outputStream, System.arraycopy(iv, 0, actualIV, kIvPadding, iv.length); } while (Arrays.equals(actualIV, kEmptyIV)); // if match, we need to retry to prevent key + iv reuse with the policy - byte[] cipherData = gcm.encrypt(actualIV, authTagSize, data.array(), 0, dataSize); + byte[] cipherData = gcm.encrypt(actualIV, authTagSize, data.array(), data.arrayOffset(), dataSize); // Write the length of the payload as int24 int cipherDataLengthWithoutPadding = cipherData.length - kIvPadding;