in source/kms.c [2781:2817]
int aws_kms_encrypt_blocking_with_context(
struct aws_nitro_enclaves_kms_client *client,
const struct aws_string *key_id,
const struct aws_byte_buf *plaintext,
const struct aws_string *encryption_context,
struct aws_byte_buf *ciphertext_blob
/* TODO: err_reason */) {
AWS_PRECONDITION(client != NULL);
AWS_PRECONDITION(key_id != NULL);
AWS_PRECONDITION(ciphertext_blob != NULL);
AWS_PRECONDITION(plaintext != NULL);
struct aws_kms_encrypt_request *request_structure = NULL;
int rc = AWS_OP_SUCCESS;
request_structure = aws_kms_encrypt_request_new(client->allocator);
if (request_structure == NULL) {
return AWS_OP_ERR;
}
aws_byte_buf_init_copy(&request_structure->plaintext, client->allocator, plaintext);
request_structure->key_id = aws_string_clone_or_reuse(client->allocator, key_id);
if (encryption_context) {
struct json_object *context_json = s_json_object_from_string(encryption_context);
rc = s_aws_hash_table_from_json(client->allocator, context_json, &request_structure->encryption_context);
json_object_put(context_json);
}
if (rc == AWS_OP_SUCCESS) {
rc = aws_kms_encrypt_blocking_from_request(client, request_structure, ciphertext_blob);
}
aws_kms_encrypt_request_destroy(request_structure);
return rc;
}