in source/header.c [189:228]
int aws_cryptosdk_hdr_parse(
struct aws_cryptosdk_hdr *hdr, struct aws_byte_cursor *pcursor, size_t max_encrypted_data_keys) {
struct aws_byte_cursor cur = *pcursor;
int field_err;
aws_cryptosdk_hdr_clear(hdr);
uint8_t header_version;
const struct aws_cryptosdk_alg_properties *alg_props;
uint8_t content_type;
uint8_t iv_len;
if ((field_err = aws_cryptosdk_priv_hdr_parse_header_version(hdr, &header_version, &cur))) return field_err;
if (header_version == AWS_CRYPTOSDK_HEADER_VERSION_1_0 &&
(field_err = aws_cryptosdk_priv_hdr_parse_message_type(hdr, &cur)))
return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_alg_id(hdr, &alg_props, header_version, &cur))) return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_message_id(hdr, alg_props, &cur))) return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_aad(hdr, &cur))) return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_edks(hdr, &cur, max_encrypted_data_keys))) return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_content_type(hdr, &content_type, &cur))) return field_err;
if (header_version == AWS_CRYPTOSDK_HEADER_VERSION_1_0) {
if ((field_err = aws_cryptosdk_priv_hdr_parse_reserved(hdr, &cur))) return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_iv_len(hdr, &iv_len, &cur))) return field_err;
}
if ((field_err = aws_cryptosdk_priv_hdr_parse_frame_len(hdr, content_type, &cur))) return field_err;
if (header_version == AWS_CRYPTOSDK_HEADER_VERSION_2_0 &&
(field_err = aws_cryptosdk_priv_hdr_parse_alg_suite_data(hdr, alg_props, &cur)))
return field_err;
// cur.ptr now points to end of portion of header that is authenticated
hdr->auth_len = cur.ptr - pcursor->ptr;
if (header_version == AWS_CRYPTOSDK_HEADER_VERSION_1_0 &&
(field_err = aws_cryptosdk_priv_hdr_parse_iv(hdr, iv_len, &cur)))
return field_err;
if ((field_err = aws_cryptosdk_priv_hdr_parse_auth_tag(hdr, &cur))) return field_err;
*pcursor = cur;
return AWS_OP_SUCCESS;
}