Address issue in TDECFormattedCipher.DoEncodeDecodeStream where GCM based cipher produces incorrect tag when reusing buffers. Solution is duplicating logic in existing DecodeBytes method.

denovosoftware · denovosoftware · commit cc3af2f40753 · 2022-11-07T16:27:43.000-08:00
diff --git a/Source/DECCipherFormats.pas b/Source/DECCipherFormats.pas
@@ -726,6 +726,7 @@ procedure TDECFormattedCipher.DoEncodeDecodeStream(const Source, Dest: TStream;
                                                    const OnProgress: TDECProgressEvent);
 var
   Buffer: TBytes;
+  outBuffer: TBytes;
   BufferSize, Bytes: Integer;
   Max, StartPos, Pos: Int64;
 begin
@@ -752,6 +753,11 @@ procedure TDECFormattedCipher.DoEncodeDecodeStream(const Source, Dest: TStream;
         SetLength(Buffer, BufferSize)
       else
         SetLength(Buffer, DataSize);
+
+      outBuffer := Buffer;
+      if (FMode = cmGCM) then
+        SetLength(outBuffer, Length(Buffer));
+
       while DataSize > 0 do
       begin
         Bytes := BufferSize;
@@ -760,8 +766,8 @@ procedure TDECFormattedCipher.DoEncodeDecodeStream(const Source, Dest: TStream;
         Source.ReadBuffer(Buffer[0], Bytes);
 
         // The real encryption or decryption routine
-        CipherProc(Buffer[0], Buffer[0], Bytes);
-        Dest.WriteBuffer(Buffer[0], Bytes);
+        CipherProc(Buffer[0], outBuffer[0], Bytes);
+        Dest.WriteBuffer(outBuffer[0], Bytes);
         Dec(DataSize, Bytes);
         Inc(Pos, Bytes);
 
@@ -770,6 +776,8 @@ procedure TDECFormattedCipher.DoEncodeDecodeStream(const Source, Dest: TStream;
       end;
     finally
       ProtectBytes(Buffer);
+      if (FMode = cmGCM) then
+        ProtectBytes(outBuffer);
       if Assigned(OnProgress) then
         OnProgress(Max, Max, Finished);
     end;
