ciphertext  := sealed_chunk_0   ||       sealed_chunk_1   ||       sealed_chunk_2   ||       ...
```

In case of a S3 multi-part operation each part is en/decrypted with the scheme shown in Figure 1. However, for each part a unique secret key is derived from the OEK and the part number using a PRF. So in case of multi-part not the OEK but the output of `PRF(OEK, part_id)` is used as secret key.

#### Cryptographic Primitives

       *
       * My impression is that an AtomicReferenceFieldUpdater in a static field is similarly fast to
       * Unsafe on modern JVMs (if perhaps not quite as fast as VarHandle?). However, I'm not sure
       * exactly what we've benchmarked, and we certainly haven't benchmarked as far back as JDK 8.
       * (We also haven't benchmarked under Android. We continue to use UnsafeAtomicHelper there so

import org.jspecify.annotations.Nullable;

/**
 * An abstract implementation of {@link Hasher}, which only requires subtypes to implement {@link
 * #putByte}. Subtypes may provide more efficient implementations, however.
 *
 * @author Dimitris Andreou
 */
abstract class AbstractHasher implements Hasher {
  @Override
  @CanIgnoreReturnValue
  public final Hasher putBoolean(boolean b) {
    return putByte(b ? (byte) 1 : (byte) 0);

SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

    for details.

    The summary is that it ignores one file in favor of the other.
    util.concurrent, like nearly all our packages, has two .gwt.xml files: one
    for prod and one for tests. However, unlike our other packages, as of this
    writing it has test supersource but no prod supersource.

    GWT happens to use the prod .gwt.xml, so it looks for no supersource for

    for details.

    The summary is that it ignores one file in favor of the other.
    util.concurrent, like nearly all our packages, has two .gwt.xml files: one
    for prod and one for tests. However, unlike our other packages, as of this
    writing it has test supersource but no prod supersource.

    GWT happens to use the prod .gwt.xml, so it looks for no supersource for

 * that every {@code Runnable} that is {@linkplain #add added} will be executed after {@link
 * #execute()} is called. Any {@code Runnable} added after the call to {@code execute} is still
 * guaranteed to execute. There is no guarantee, however, that listeners will be executed in the
 * order that they are added.
 *
 * <p>Exceptions thrown by a listener will be propagated up to the executor. Any exception thrown

FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE

    for details.

    The summary is that it ignores one file in favor of the other.
    util.concurrent, like nearly all our packages, has two .gwt.xml files: one
    for prod and one for tests. However, unlike our other packages, as of this
    writing it has test supersource but no prod supersource.

    GWT happens to use the prod .gwt.xml, so it looks for no supersource for