/**
     * @return the selectedDialect
     */
    @Override
    public DialectVersion getSelectedDialect() {
        return this.selectedDialect;
    }

    /**
     * Gets the encryption cipher selected for SMB3 encryption.
     *
     * @return the selectedCipher
     */
    public int getSelectedCipher() {
        return this.selectedCipher;
    }

    /**

				continue
			}
			if _, ok := object.UserMetadata["X-Amz-Server-Side-Encryption-Customer-Algorithm"]; ok {
				log.Println("SKIPPED: Objects encrypted with SSE-C do not have md5sum as ETag:", objFullPath(object))
				continue
			}
			if v, ok := object.UserMetadata["X-Amz-Server-Side-Encryption"]; ok && v == "aws:kms" {

    /** Authorization data type: Relevant */
    int AUTH_DATA_RELEVANT = 1;
    /** Authorization data type: PAC */
    int AUTH_DATA_PAC = 128;

    /** DES encryption type identifier */
    int DES_ENC_TYPE = 3;
    /** RC4 encryption type identifier */
    int RC4_ENC_TYPE = 23;
    /** RC4 algorithm name */
    String RC4_ALGORITHM = "ARCFOUR";
    /** HMAC algorithm name */
    String HMAC_ALGORITHM = "HmacMD5";

    int NTLMSSP_NEGOTIATE_VERSION = 0x2000000;

    /**
     * Indicates that 128-bit encryption is supported.
     */
    int NTLMSSP_NEGOTIATE_128 = 0x20000000;

    /**
     * Request explicit key exchange
     */
    int NTLMSSP_NEGOTIATE_KEY_EXCH = 0x40000000;

    /**
     * Indicates that 56-bit encryption is supported.
     */
    int NTLMSSP_NEGOTIATE_56 = 0x80000000;

    /**
     * Sets the DES encryption key
     * @param key the 8-byte DES key
     */
    public void setKey(final byte[] key) {

        // CHECK PAROTY TBD
        deskey(key, true, encryptKeys);
        deskey(key, false, decryptKeys);
    }

    // Turn an 8-byte key into internal keys.
    private void deskey(final byte[] keyBlock, final boolean encrypting, final int[] KnL) {

		Code:           "InvalidArgument",
		Description:    "Server Side Encryption with AWS KMS managed key requires HTTP header x-amz-server-side-encryption : aws:kms",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrIncompatibleEncryptionMethod: {
		Code:           "InvalidArgument",
		Description:    "Server Side Encryption with Customer provided key is incompatible with the encryption method specified",
		HTTPStatusCode: http.StatusBadRequest,

type RestoreRequestType string

const (
	// SelectRestoreRequest specifies select request. This is the only valid value
	SelectRestoreRequest RestoreRequestType = "SELECT"
)

// Encryption specifies encryption setting on restored bucket
type Encryption struct {
	EncryptionType sse.Algorithm `xml:"EncryptionType"`
	KMSContext     string        `xml:"KMSContext,omitempty"`
	KMSKeyID       string        `xml:"KMSKeyId,omitempty"`
}

    }

    /**
     * Test encryption context performance without synchronization bottlenecks
     */
    @Test
    public void testEncryptionContextPerformance() throws Exception {
        // Create mock encryption context for testing (simplified)
        // Note: This tests the atomic operations without actual encryption

        int threadCount = 8;
        int operationsPerThread = 500;

    }

    /**
     * Derives the SMB3 encryption key from the session key using the appropriate KDF for the dialect.
     *
     * @param dialect the SMB dialect version
     * @param sessionKey the base session key
     * @param preauthIntegrity the pre-authentication integrity hash (for SMB 3.1.1) or null
     * @return derived encryption key
     */

         "Effect":"Deny",
         "Principal":"*",
         "Action":"s3:PutObject",
         "Resource":"arn:aws:s3:::multi-key-poc/*",
         "Condition":{
            "Null":{
               "s3:x-amz-server-side-encryption-aws-kms-key-id":"true"
            }
         }
      }
   ]