Throw ShortBufferException in RSA CipherSpi.

The Javadoc for javax.crypto.Cipher.doFinal() and friends states that
Ciphers should throw ShortBufferException when given an output buffer
that's too small to hold the output.  BC does this in its other
classes, but the RSA implementation doesn't check the output buffer
size and just throws ArrayIndexOutOfBoundsException when it tries to
fill the output buffer.

This is bad not only because it's the wrong exception, but because it
modifies the Cipher object's internal buffers when it does it, which
means that passing a too-short buffer and then calling doFinal() again
with a properly-sized buffer will result in incorrect output.

This fixes tests that have been added for this case in Conscrypt

Test: cts -m CtsLibcoreTestCases -t
Change-Id: Ieac98be5b9574006f1409911103487b8b55bb94e
1 file changed