in src/main/java/com/amazonaws/encryptionsdk/internal/FrameEncryptionHandler.java [260:307]
private int writeEncryptedFrame(
final byte[] input, final int off, final int len, final byte[] out, final int outOff)
throws BadCiphertextException, AwsCryptoException {
if (frameNumber_ > Constants.MAX_FRAME_NUMBER
// Make sure we have the appropriate flag set for the final frame; we don't want to accept
// non-final-frame data when there won't be a subsequent frame for it to go into.
|| (frameNumber_ == Constants.MAX_FRAME_NUMBER && !isFinalFrame_)) {
throw new AwsCryptoException("Frame number exceeded the maximum allowed value.");
}
if (out.length == 0) {
return 0;
}
int outLen = 0;
byte[] contentAad;
if (isFinalFrame_ == true) {
contentAad =
Utils.generateContentAad(
messageId_, Constants.FINAL_FRAME_STRING_ID, (int) frameNumber_, len);
} else {
contentAad =
Utils.generateContentAad(
messageId_, Constants.FRAME_STRING_ID, (int) frameNumber_, frameSize_);
}
final byte[] nonce = getNonce();
final byte[] encryptedBytes = cipherHandler_.cipherData(nonce, contentAad, input, off, len);
// create the cipherblock headers now for the encrypted data
final int encryptedContentLen = encryptedBytes.length - tagLenBytes_;
final CipherFrameHeaders cipherFrameHeaders =
new CipherFrameHeaders((int) frameNumber_, nonce, encryptedContentLen, isFinalFrame_);
final byte[] cipherFrameHeaderBytes = cipherFrameHeaders.toByteArray();
// assemble the headers and the encrypted bytes into a single block
System.arraycopy(
cipherFrameHeaderBytes, 0, out, outOff + outLen, cipherFrameHeaderBytes.length);
outLen += cipherFrameHeaderBytes.length;
System.arraycopy(encryptedBytes, 0, out, outOff + outLen, encryptedBytes.length);
outLen += encryptedBytes.length;
frameNumber_++;
return outLen;
}