Note that if the encrypted message includes a trailing signature, by necessity it cannot be * verified until after the decrypted plaintext has been released to the underlying {@link * OutputStream}! This behavior can be avoided by using the non-streaming * #decryptData(ICryptographicMaterialsManager, byte[]) method instead, or * #createUnsignedMessageDecryptingStream(ICryptographicMaterialsManager, OutputStream) if you do * not need to decrypt signed messages. * * @see #decryptData(ICryptographicMaterialsManager, byte[]) * @see #createUnsignedMessageDecryptingStream(ICryptographicMaterialsManager, OutputStream) * @see javax.crypto.CipherOutputStream */ public CryptoOutputStream createDecryptingStream( - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java [1518:1543]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - final MessageCryptoHandler cryptoHandler = DecryptionHandler.create( materialsManager, commitmentPolicy_, SignaturePolicy.AllowEncryptAllowDecrypt, maxEncryptedDataKeys_); return new CryptoOutputStream(os, cryptoHandler); } /** * Returns a {@link CryptoOutputStream} which decrypts the data prior to passing it onto the * underlying {@link OutputStream}. * *
Note that if the encrypted message includes a trailing signature, by necessity it cannot be
* verified until after the decrypted plaintext has been released to the underlying {@link
* OutputStream}! This behavior can be avoided by using the non-streaming
* #decryptData(ICryptographicMaterialsManager, byte[], Map