if (!validateConfiguration(context)) {
            context.logger.error(messageBuilderFactory
                    .builder()
                    .error("Maven Encryption is not configured, run `mvnenc init` first.")
                    .build());
            return ERROR;
        }
        return doExecute(context);
    }

     * Determines whether this session is currently in use.
     *
     * @return whether the session is in use
     */
    boolean isInUse();

    /**
     * Returns the current session key used for signing and encryption.
     *
     * @return the current session key
     * @throws CIFSException if the session key cannot be retrieved
     */
    byte[] getSessionKey() throws CIFSException;

    /**

            context.style = new AttributedStyle();
            context.addInHeader(
                    context.style.italic().bold().foreground(Colors.rgbColor("green")),
                    "Maven Encryption " + CLIReportingUtils.showVersionMinimal());
            context.addInHeader("Tool for secure password management on workstations.");
            context.addInHeader("This tool is part of Apache Maven 4 distribution.");

          "x-amz-restore": "ongoing-request=false, expiry-date=Sat, 27 Feb 2021 00:00:00 GMT",
...
```

### Encrypted/Object locked objects

        setPrivateField(response, "commonCapabilities", 0);
        assertFalse(response.isDFSSupported());
    }

    @Test
    @DisplayName("Should check encryption support")
    void testIsEncryptionSupported() throws Exception {
        // Given
        setPrivateField(response, "supportsEncryption", true);

        // Then

        return dgst.digest();
    }

    /**
     * Create encryption context for SMB3 encrypted communication
     *
     * @param sessionKey the session key from GSS-API authentication
     * @param preauthHash the pre-authentication integrity hash (SMB 3.1.1 only)
     * @return encryption context
     * @throws CIFSException if encryption is not supported or fails
     */

            }
        }

        return serverKeys.toArray(new KerberosKey[0]);
    }

    /**
     * Retrieves a specific Kerberos key by key type.
     *
     * @param keyType the encryption type of the key to retrieve
     * @return the KerberosKey with the specified type, or null if not found
     */
    public KerberosKey getKey(int keyType) {
        KerberosKey serverKey = null;

package crypto

import (
	"bytes"
	"crypto/md5"
	"encoding/base64"
	"net/http"

	xhttp "github.com/minio/minio/internal/http"
)

// RemoveSensitiveHeaders removes confidential encryption
// information - e.g. the SSE-C key - from the HTTP headers.
// It has the same semantics as RemoveSensitiveEntries.
func RemoveSensitiveHeaders(h http.Header) {
	h.Del(xhttp.AmzServerSideEncryptionCustomerKey)

buckets needs to have [object locking](https://docs.min.io/community/minio-object-store/administration/object-management/object-retention.html) enabled. Similarly objects encrypted on the server side, will be replicated if destination also supports encryption.

Replication status can be seen in the metadata on the source and destination objects. On the source side, the `X-Amz-Replication-Status` changes from `PENDING` to `COMPLETED` or `FAILED` after replication attempt either succeeded or...

    /**
     * Session flag indicating this is a null/anonymous session
     */
    public static final int SMB2_SESSION_FLAGS_IS_NULL = 0x2;

    /**
     * Session flag indicating data encryption is required for this session
     */
    public static final int SMB2_SESSION_FLAG_ENCRYPT_DATA = 0x4;

    private int sessionFlags;
    private byte[] blob;

    /**