Note that if the encrypted message includes a trailing signature, by necessity it cannot be * verified until after the decrypted plaintext has been produced from the {@link InputStream}! * This behavior can be avoided by using the non-streaming * #decryptData(ICryptographicMaterialsManager, byte[]) method instead, or * #createUnsignedMessageDecryptingStream(ICryptographicMaterialsManager, InputStream) if you do * not need to decrypt signed messages. * * @see #decryptData(ICryptographicMaterialsManager, byte[]) * @see #createUnsignedMessageDecryptingStream(ICryptographicMaterialsManager, InputStream) * @see javax.crypto.CipherInputStream */ public CryptoInputStream createDecryptingStream( - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java [1600:1625]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - final MessageCryptoHandler cryptoHandler = DecryptionHandler.create( materialsManager, commitmentPolicy_, SignaturePolicy.AllowEncryptAllowDecrypt, maxEncryptedDataKeys_); return new CryptoInputStream(is, cryptoHandler); } /** * Returns a {@link CryptoInputStream} which decrypts the data after reading it from the * underlying {@link InputStream}. * *
Note that if the encrypted message includes a trailing signature, by necessity it cannot be
* verified until after the decrypted plaintext has been produced from the {@link InputStream}!
* This behavior can be avoided by using the non-streaming
* #decryptData(ICryptographicMaterialsManager, byte[], Map