8261462: GCM ByteBuffer decryption problems

Reviewed-by: valeriep

src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1240,16 +1240,19 @@ final class CipherCore {
             throw new ShortBufferException("output buffer too small");
         }
 
+        int len;
         if (decrypting) {
             if (buffered > 0) {
                 cipher.decrypt(buffer, 0, buffered, new byte[0], 0);
             }
-            return cipher.decryptFinal(src, dst);
+            len = cipher.decryptFinal(src, dst);
         } else {
             if (buffered > 0) {
                 ((GaloisCounterMode)cipher).encrypt(buffer, 0, buffered);
             }
-            return cipher.encryptFinal(src, dst);
+            len = cipher.encryptFinal(src, dst);
         }
+        endDoFinal();
+        return len;
     }
 }

src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -907,6 +907,7 @@ final class GaloisCounterMode extends FeedbackCipher {
         // Decrypt the all the input data and put it into dst
         doLastBlock(buffer, ct, dst);
         restoreDst(dst);
+        src.position(src.limit());
         // 'processed' from the gctr decryption operation, not ghash
         return processed;
     }