bcgit
diff --git a/‎prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+25-27 b/‎prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+25-27
diff --git a/‎prov/src/test/java/org/bouncycastle/jcajce/provider/test/jasypt/AlreadyInitializedException.java
-42 b/‎prov/src/test/java/org/bouncycastle/jcajce/provider/test/jasypt/AlreadyInitializedException.java
-42
@@ -634,11 +634,11 @@ else if (paddingName.equals("TBCPADDING"))
     protected void engineInit(
         int opmode,
         Key key,
-        AlgorithmParameterSpec params,
+        final AlgorithmParameterSpec paramSpec,
         SecureRandom random)
         throws InvalidKeyException, InvalidAlgorithmParameterException
     {
-        CipherParameters param = null;
+        CipherParameters param;
 
         this.pbeSpec = null;
         this.pbeAlgorithm = null;
@@ -656,7 +656,7 @@ protected void engineInit(
         //
         // for RC5-64 we must have some default parameters
         //
-        if (params == null && (baseEngine != null && baseEngine.getAlgorithmName().startsWith("RC5-64")))
+        if (paramSpec == null && (baseEngine != null && baseEngine.getAlgorithmName().startsWith("RC5-64")))
         {
             throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in.");
         }
@@ -676,9 +676,9 @@ protected void engineInit(
                 throw new InvalidKeyException("PKCS12 requires a SecretKey/PBEKey");
             }
 
-            if (params instanceof PBEParameterSpec)
+            if (paramSpec instanceof PBEParameterSpec)
             {
-                pbeSpec = (PBEParameterSpec)params;
+                pbeSpec = (PBEParameterSpec)paramSpec;
             }
 
             if (k instanceof PBEKey && pbeSpec == null)
@@ -727,9 +727,9 @@ else if (key instanceof PBKDF1Key)
         {
             PBKDF1Key k = (PBKDF1Key)key;
 
-            if (params instanceof PBEParameterSpec)
+            if (paramSpec instanceof PBEParameterSpec)
             {
-                pbeSpec = (PBEParameterSpec)params;
+                pbeSpec = (PBEParameterSpec)paramSpec;
             }
             if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null)
             {
@@ -746,9 +746,9 @@ else if (key instanceof PBKDF2Key)
         {
             PBKDF2Key k = (PBKDF2Key)key;
 
-            if (param instanceof PBEParameterSpec)
+            if (paramSpec instanceof PBEParameterSpec)
             {
-                pbeSpec = (PBEParameterSpec)param;
+                pbeSpec = (PBEParameterSpec)paramSpec;
             }
             if (k instanceof PBKDF2KeyWithParameters && pbeSpec == null)
             {
@@ -776,12 +776,12 @@ else if (key instanceof BCPBEKey)
 
             if (k.getParam() != null)
             {
-                param = adjustParameters(params, k.getParam());
+                param = adjustParameters(paramSpec, k.getParam());
             }
-            else if (params instanceof PBEParameterSpec)
+            else if (paramSpec instanceof PBEParameterSpec)
             {
-                pbeSpec = (PBEParameterSpec)params;
-                param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());
+                pbeSpec = (PBEParameterSpec)paramSpec;
+                param = PBE.Util.makePBEParameters(k, paramSpec, cipher.getUnderlyingCipher().getAlgorithmName());
             }
             else
             {
@@ -796,7 +796,7 @@ else if (params instanceof PBEParameterSpec)
         else if (key instanceof PBEKey)
         {
             PBEKey k = (PBEKey)key;
-            pbeSpec = (PBEParameterSpec)params;
+            pbeSpec = (PBEParameterSpec)paramSpec;
             if (k instanceof PKCS12KeyWithParameters && pbeSpec == null)
             {
                 pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
@@ -821,19 +821,17 @@ else if (!(key instanceof RepeatedSecretKeySpec))
             param = null;
         }
 
-//        AlgorithmParameterSpec params;
-//        if (params instanceof PBEParameterSpec)
-//        {
-//            params = ((PBEParameterSpec)params).getParameterSpec();
-//            if (((IvParameterSpec)params).getIV().length == 0)
-//            {
-//                params = new IvParameterSpec(((ParametersWithIV)param).getIV());
-//            }
-//        }
-//        else
-//        {
-//            params = params;
-//        }
+        AlgorithmParameterSpec params = paramSpec;
+        if (paramSpec instanceof PBEParameterSpec)
+        {
+            params = ((PBEParameterSpec)paramSpec).getParameterSpec();
+            // If params.getIv() returns an empty byte array, ivParam will be assigned an IV generated by PBE.Util.makePBEParameters
+            // according to RFC 7292. This behavior is intended for Jasypt users who choose to use NoIvGenerator.
+            if (params instanceof IvParameterSpec && ((IvParameterSpec)params).getIV().length == 0)
+            {
+                params = paramSpec;
+            }
+        }
 
         if (params instanceof AEADParameterSpec)
         {
Original file line number	Diff line number	Diff line change
`@@ -634,11 +634,11 @@ else if (paddingName.equals("TBCPADDING"))`
`634`	`634`	`protected void engineInit(`
`635`	`635`	`int opmode,`
`636`	`636`	`Key key,`
`637`		`- AlgorithmParameterSpec params,`
	`637`	`+ final AlgorithmParameterSpec paramSpec,`
`638`	`638`	`SecureRandom random)`
`639`	`639`	`throws InvalidKeyException, InvalidAlgorithmParameterException`
`640`	`640`	`{`
`641`		`- CipherParameters param = null;`
	`641`	`+ CipherParameters param;`
`642`	`642`
`643`	`643`	`this.pbeSpec = null;`
`644`	`644`	`this.pbeAlgorithm = null;`
`@@ -656,7 +656,7 @@ protected void engineInit(`
`656`	`656`	`//`
`657`	`657`	`// for RC5-64 we must have some default parameters`
`658`	`658`	`//`
`659`		`- if (params == null && (baseEngine != null && baseEngine.getAlgorithmName().startsWith("RC5-64")))`
	`659`	`+ if (paramSpec == null && (baseEngine != null && baseEngine.getAlgorithmName().startsWith("RC5-64")))`
`660`	`660`	`{`
`661`	`661`	`throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in.");`
`662`	`662`	`}`
`@@ -676,9 +676,9 @@ protected void engineInit(`
`676`	`676`	`throw new InvalidKeyException("PKCS12 requires a SecretKey/PBEKey");`
`677`	`677`	`}`
`678`	`678`
`679`		`- if (params instanceof PBEParameterSpec)`
	`679`	`+ if (paramSpec instanceof PBEParameterSpec)`
`680`	`680`	`{`
`681`		`- pbeSpec = (PBEParameterSpec)params;`
	`681`	`+ pbeSpec = (PBEParameterSpec)paramSpec;`
`682`	`682`	`}`
`683`	`683`
`684`	`684`	`if (k instanceof PBEKey && pbeSpec == null)`
`@@ -727,9 +727,9 @@ else if (key instanceof PBKDF1Key)`
`727`	`727`	`{`
`728`	`728`	`PBKDF1Key k = (PBKDF1Key)key;`
`729`	`729`
`730`		`- if (params instanceof PBEParameterSpec)`
	`730`	`+ if (paramSpec instanceof PBEParameterSpec)`
`731`	`731`	`{`
`732`		`- pbeSpec = (PBEParameterSpec)params;`
	`732`	`+ pbeSpec = (PBEParameterSpec)paramSpec;`
`733`	`733`	`}`
`734`	`734`	`if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null)`
`735`	`735`	`{`
`@@ -746,9 +746,9 @@ else if (key instanceof PBKDF2Key)`
`746`	`746`	`{`
`747`	`747`	`PBKDF2Key k = (PBKDF2Key)key;`
`748`	`748`
`749`		`- if (param instanceof PBEParameterSpec)`
	`749`	`+ if (paramSpec instanceof PBEParameterSpec)`
`750`	`750`	`{`
`751`		`- pbeSpec = (PBEParameterSpec)param;`
	`751`	`+ pbeSpec = (PBEParameterSpec)paramSpec;`
`752`	`752`	`}`
`753`	`753`	`if (k instanceof PBKDF2KeyWithParameters && pbeSpec == null)`
`754`	`754`	`{`
`@@ -776,12 +776,12 @@ else if (key instanceof BCPBEKey)`
`776`	`776`
`777`	`777`	`if (k.getParam() != null)`
`778`	`778`	`{`
`779`		`- param = adjustParameters(params, k.getParam());`
	`779`	`+ param = adjustParameters(paramSpec, k.getParam());`
`780`	`780`	`}`
`781`		`- else if (params instanceof PBEParameterSpec)`
	`781`	`+ else if (paramSpec instanceof PBEParameterSpec)`
`782`	`782`	`{`
`783`		`- pbeSpec = (PBEParameterSpec)params;`
`784`		`- param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());`
	`783`	`+ pbeSpec = (PBEParameterSpec)paramSpec;`
	`784`	`+ param = PBE.Util.makePBEParameters(k, paramSpec, cipher.getUnderlyingCipher().getAlgorithmName());`
`785`	`785`	`}`
`786`	`786`	`else`
`787`	`787`	`{`
`@@ -796,7 +796,7 @@ else if (params instanceof PBEParameterSpec)`
`796`	`796`	`else if (key instanceof PBEKey)`
`797`	`797`	`{`
`798`	`798`	`PBEKey k = (PBEKey)key;`
`799`		`- pbeSpec = (PBEParameterSpec)params;`
	`799`	`+ pbeSpec = (PBEParameterSpec)paramSpec;`
`800`	`800`	`if (k instanceof PKCS12KeyWithParameters && pbeSpec == null)`
`801`	`801`	`{`
`802`	`802`	`pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());`
`@@ -821,19 +821,17 @@ else if (!(key instanceof RepeatedSecretKeySpec))`
`821`	`821`	`param = null;`
`822`	`822`	`}`
`823`	`823`
`824`		`-// AlgorithmParameterSpec params;`
`825`		`-// if (params instanceof PBEParameterSpec)`
`826`		`-// {`
`827`		`-// params = ((PBEParameterSpec)params).getParameterSpec();`
`828`		`-// if (((IvParameterSpec)params).getIV().length == 0)`
`829`		`-// {`
`830`		`-// params = new IvParameterSpec(((ParametersWithIV)param).getIV());`
`831`		`-// }`
`832`		`-// }`
`833`		`-// else`
`834`		`-// {`
`835`		`-// params = params;`
`836`		`-// }`
	`824`	`+ AlgorithmParameterSpec params = paramSpec;`
	`825`	`+ if (paramSpec instanceof PBEParameterSpec)`
	`826`	`+ {`
	`827`	`+ params = ((PBEParameterSpec)paramSpec).getParameterSpec();`
	`828`	`+ // If params.getIv() returns an empty byte array, ivParam will be assigned an IV generated by PBE.Util.makePBEParameters`
	`829`	`+ // according to RFC 7292. This behavior is intended for Jasypt users who choose to use NoIvGenerator.`
	`830`	`+ if (params instanceof IvParameterSpec && ((IvParameterSpec)params).getIV().length == 0)`
	`831`	`+ {`
	`832`	`+ params = paramSpec;`
	`833`	`+ }`
	`834`	`+ }`
`837`	`835`
`838`	`836`	`if (params instanceof AEADParameterSpec)`
`839`	`837`	`{`