// may be cryptographically bound to the object's path the same bucket/object as during sealing
// must be provided. On success the ObjectKey contains the decrypted sealed key.
func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error {
	var unsealConfig sio.Config
	switch sealedKey.Algorithm {
	default:
		return Errorf("The sealing algorithm '%s' is not supported", sealedKey.Algorithm)
	case SealAlgorithm:

	// The returned value can no longer be modified once returned.
	// Should be set before calling Get().
	updateFn func() (T, error)

	// ttl for a cached value.
	ttl time.Duration

	opts Opts

	// Once can be used to initialize values for lazy initialization.
	// Should be set before calling Get().
	Once sync.Once

	// Managed values.
	valErr atomic.Pointer[struct {
		v T
		e error
	}]

			metrics[d.Endpoint] = madmin.DiskMetric{NDisks: 1, Offline: 1}
			continue
		}

		var dm madmin.DiskMetric
		dm.NDisks = 1
		if d.Healing {
			dm.Healing++
		}
		if d.Metrics != nil {
			dm.LifeTimeOps = make(map[string]uint64, len(d.Metrics.APICalls))
			for k, v := range d.Metrics.APICalls {
				if v != 0 {
					dm.LifeTimeOps[k] = v
				}
			}

	cmd.PersistentFlags().IntVar(&o.XdsPodPort, "xds-port", viper.GetInt("XDS-PORT"),
		"Istiod pod port")
	cmd.PersistentFlags().DurationVar(&o.Timeout, "timeout", time.Second*30,
		"The duration to wait before failing")
	cmd.PersistentFlags().StringVar(&o.XDSSAN, "authority", viper.GetString("AUTHORITY"),
		"XDS Subject Alternative Name (for example istiod.istio-system.svc)")

	// Cached value from Bitrot field
	cache struct {
		// -1: bitrot enabled, 0: bitrot disabled, > 0: bitrot cycle
		bitrotCycle time.Duration
	}
}

// BitrotScanCycle returns the configured cycle for the scanner healing
// -1 for not enabled
//
//	0 for contiunous bitrot scanning
//
// >0 interval duration between cycles
func (opts Config) BitrotScanCycle() (d time.Duration) {
	configMutex.RLock()
	defer configMutex.RUnlock()

		{"2010-02-03T04:11:30.23Z", time.Date(2010, 2, 3, 4, 11, 30, 230000000, time.UTC)},
		{"2010-02-03T04:11+08:00", time.Date(2010, 2, 3, 4, 11, 0, 0, beijing)},
		{"2010-02-03T04:11:30+08:00", time.Date(2010, 2, 3, 4, 11, 30, 0, beijing)},
		{"2010-02-03T04:11:30.23+08:00", time.Date(2010, 2, 3, 4, 11, 30, 230000000, beijing)},
		{"2010-02-03T04:11:30-08:00", time.Date(2010, 2, 3, 4, 11, 30, 0, fakeLosAngeles)},

}

// NewLRWMutex - initializes a new lsync RW mutex.
func NewLRWMutex() *LRWMutex {
	return &LRWMutex{}
}

// Lock holds a write lock on lm.
//
// If the lock is already in use, the calling go routine
// blocks until the mutex is available.
func (lm *LRWMutex) Lock() {
	const isWriteLock = true
	lm.lockLoop(context.Background(), lm.id, lm.source, math.MaxInt64, isWriteLock)
}

	"github.com/minio/minio/internal/logger"
	"github.com/minio/sio"
)

const (
	// SealAlgorithm is the encryption/sealing algorithm used to derive & seal
	// the key-encryption-key and to en/decrypt the object data.
	SealAlgorithm = "DAREv2-HMAC-SHA256"

	// InsecureSealAlgorithm is the legacy encryption/sealing algorithm used
	// to derive & seal the key-encryption-key and to en/decrypt the object data.

			b.Fatal(err)
		}
	}
}

func BenchmarkDecodeDiskInfoMsgp(b *testing.B) {
	v := DiskInfo{
		Total:     1000,
		Free:      1000,
		Used:      1000,
		FSType:    "xfs",
		RootDisk:  true,
		Healing:   true,
		Endpoint:  "http://localhost:9001/tmp/drive1",
		MountPath: "/tmp/drive1",
		ID:        "uuid",
		Error:     "",
	}
	var buf bytes.Buffer
	msgp.Encode(&buf, &v)

}

func (d *naughtyDisk) Endpoint() Endpoint {
	return d.disk.Endpoint()
}

func (d *naughtyDisk) Hostname() string {
	return d.disk.Hostname()
}

func (d *naughtyDisk) Healing() *healingTracker {
	return d.disk.Healing()
}

func (d *naughtyDisk) Close() (err error) {
	if err = d.calcError(); err != nil {
		return err
	}
	return d.disk.Close()
}

func (d *naughtyDisk) calcError() (err error) {