/**
   * Returns a request that has the content as input stream wrapped with a cipher, and configured
   * with some meta data and user metadata.
   */
  protected final PutObjectRequest wrapWithCipher(
      PutObjectRequest request, ContentCryptoMaterial cekMaterial) {
    // Create a new metadata object if there is no metadata already.
    ObjectMetadata metadata = request.getMetadata();
    if (metadata == null) {
      metadata = new ObjectMetadata();
    }

    // Record the original Content MD5, if present, for the unencrypted data
    if (metadata.getContentMD5() != null) {
      metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_MD5, metadata.getContentMD5());
    }

    // Removes the original content MD5 if present from the meta data.
    metadata.setContentMD5(null);

    // Record the original, unencrypted content-length so it can be accessed
    // later
    final long plaintextLength = plaintextLength(request, metadata);
    if (plaintextLength >= 0) {
      metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_LENGTH, Long.toString(plaintextLength));
      // Put the ciphertext length in the metadata
      metadata.setContentLength(ciphertextLength(plaintextLength));
    }
    request.setMetadata(metadata);
    request.setInputStream(newS3CipherLiteInputStream(request, cekMaterial, plaintextLength));
    // Treat all encryption requests as input stream upload requests, not as
    // file upload requests.
    request.setFile(null);
    return request;
  }
 /**
  * Updates put request to store the specified instruction object in S3.
  *
  * @param request The put request for the original object to be stored in S3.
  * @param cekMaterial The instruction object to be stored in S3.
  * @return A put request to store the specified instruction object in S3.
  */
 protected final PutObjectRequest upateInstructionPutRequest(
     PutObjectRequest request, ContentCryptoMaterial cekMaterial) {
   byte[] bytes = cekMaterial.toJsonString().getBytes(UTF8);
   InputStream is = new ByteArrayInputStream(bytes);
   ObjectMetadata metadata = request.getMetadata();
   if (metadata == null) {
     metadata = new ObjectMetadata();
     request.setMetadata(metadata);
   }
   // Set the content-length of the upload
   metadata.setContentLength(bytes.length);
   // Set the crypto instruction file header
   metadata.addUserMetadata(Headers.CRYPTO_INSTRUCTION_FILE, "");
   // Update the instruction request
   request.setKey(request.getKey() + INSTRUCTION_SUFFIX);
   request.setMetadata(metadata);
   request.setInputStream(is);
   request.setFile(null);
   return request;
 }
  /**
   * Update the request's ObjectMetadata with the necessary information for decrypting the object
   *
   * @param request Non-null PUT request encrypted using the given instruction
   * @param instruction Non-null instruction used to encrypt the data in this PUT request.
   * @deprecated no longer used and will be removed in the future
   */
  @Deprecated
  public static void updateMetadataWithEncryptionInstruction(
      PutObjectRequest request, EncryptionInstruction instruction) {
    byte[] keyBytesToStoreInMetadata = instruction.getEncryptedSymmetricKey();
    Cipher symmetricCipher = instruction.getSymmetricCipher();
    Map<String, String> materialsDescription = instruction.getMaterialsDescription();

    ObjectMetadata metadata = request.getMetadata();
    if (metadata == null) metadata = new ObjectMetadata();

    if (request.getFile() != null) {
      Mimetypes mimetypes = Mimetypes.getInstance();
      metadata.setContentType(mimetypes.getMimetype(request.getFile()));
    }

    updateMetadata(metadata, keyBytesToStoreInMetadata, symmetricCipher, materialsDescription);
    request.setMetadata(metadata);
  }
  /**
   * Returns an updated request where the input stream contains the encrypted object contents. The
   * specified instruction will be used to encrypt data.
   *
   * @param request The request whose contents are to be encrypted.
   * @param instruction The instruction that will be used to encrypt the object data.
   * @return The updated request where the input stream contains the encrypted contents.
   * @deprecated no longer used and will be removed in the future
   */
  @Deprecated
  public static PutObjectRequest encryptRequestUsingInstruction(
      PutObjectRequest request, EncryptionInstruction instruction) {
    // Create a new metadata object if there is no metadata already.
    ObjectMetadata metadata = request.getMetadata();
    if (metadata == null) {
      metadata = new ObjectMetadata();
    }

    // Record the original Content MD5, if present, for the unencrypted data
    if (metadata.getContentMD5() != null) {
      metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_MD5, metadata.getContentMD5());
    }

    // Removes the original content MD5 if present from the meta data.
    metadata.setContentMD5(null);

    // Record the original, unencrypted content-length so it can be accessed later
    final long plaintextLength = getUnencryptedContentLength(request, metadata);
    if (plaintextLength >= 0) {
      metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_LENGTH, Long.toString(plaintextLength));
    }

    // Put the calculated length of the encrypted contents in the metadata
    long cryptoContentLength =
        calculateCryptoContentLength(instruction.getSymmetricCipher(), request, metadata);
    if (cryptoContentLength >= 0) {
      metadata.setContentLength(cryptoContentLength);
    }

    request.setMetadata(metadata);

    // Create encrypted input stream
    request.setInputStream(
        getEncryptedInputStream(request, instruction.getCipherFactory(), plaintextLength));

    // Treat all encryption requests as input stream upload requests, not as file upload requests.
    request.setFile(null);

    return request;
  }
  /**
   * Creates a put request to store the specified instruction object in S3.
   *
   * @param request The put request for the original object to be stored in S3.
   * @param instruction The instruction object to be stored in S3.
   * @return A put request to store the specified instruction object in S3.
   * @deprecated no longer used and will be removed in the future
   */
  @Deprecated
  public static PutObjectRequest createInstructionPutRequest(
      PutObjectRequest request, EncryptionInstruction instruction) {
    JSONObject instructionJSON = convertInstructionToJSONObject(instruction);
    byte[] instructionBytes = instructionJSON.toString().getBytes(StringUtils.UTF8);
    InputStream instructionInputStream = new ByteArrayInputStream(instructionBytes);

    ObjectMetadata metadata = request.getMetadata();

    // Set the content-length of the upload
    metadata.setContentLength(instructionBytes.length);

    // Set the crypto instruction file header
    metadata.addUserMetadata(Headers.CRYPTO_INSTRUCTION_FILE, "");

    // Update the instruction request
    request.setKey(request.getKey() + INSTRUCTION_SUFFIX);
    request.setMetadata(metadata);
    request.setInputStream(instructionInputStream);

    return request;
  }