sseS3 := crypto.S3.IsEncrypted(objInfo.UserDefined)
	if !sseKMS && !sseS3 { // neither sse-s3 nor sse-kms disallowed
		return errInvalidEncryptionParameters
	}
	if sseKMS && r.Encryption.Type == sses3 { // previously encrypted with sse-kms, now sse-s3 disallowed
		return errInvalidEncryptionParameters
	}
	versioned := globalBucketVersioningSys.PrefixEnabled(srcBucket, srcObject)

## **2. Prerequisites**

pkg crypto, const SHA512_224 = 14
pkg crypto, const SHA512_224 Hash
pkg crypto, const SHA512_256 = 15
pkg crypto, const SHA512_256 Hash
pkg crypto, type Decrypter interface { Decrypt, Public }
pkg crypto, type Decrypter interface, Decrypt(io.Reader, []uint8, DecrypterOpts) ([]uint8, error)
pkg crypto, type Decrypter interface, Public() PublicKey
pkg crypto, type DecrypterOpts interface {}

				return
			}

			wantSize := int64(-1)
			if actualSize >= 0 {
				info := ObjectInfo{Size: actualSize}
				wantSize = info.EncryptedSize()
			}

			// do not try to verify encrypted content/
			hashReader, err = hash.NewReader(ctx, reader, wantSize, "", "", actualSize)
			if err != nil {
				writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
				return
			}

				fmt.Fprint(h, meta.TransitionStatus)
				fmt.Fprint(h, meta.TransitionTier)
				fmt.Fprint(h, meta.TransitionedObjName)
				fmt.Fprint(h, meta.TransitionVersionID)
			}

			// If metadata says encrypted, ask for it in quorum.
			if etyp, ok := crypto.IsEncrypted(meta.Metadata); ok {
				fmt.Fprint(h, etyp)
			}

			// If compressed, look for compressed FileInfo only
			if meta.IsCompressed() {

    server.enqueue(
      MockResponse
        .Builder()
        .inTunnel()
        .build(),
    )
    server.enqueue(
      MockResponse(body = "encrypted response from the origin server"),
    )
    val hostnameVerifier = RecordingHostnameVerifier()
    client =
      client
        .newBuilder()
        .sslSocketFactory(

  * More reliable kube-up/kube-down
  * Enable ICMP Type 3 Code 4 for ELBs
  * ARP caching fix
  * Use /dev/xvdXX names
  * ELB:
    * ELB proxy protocol support 
	* mixed plaintext/encrypted ports support in ELBs
    * SSL support for ELB listeners
  * Allow VPC CIDR to be specified (experimental)
  * Fix problems with >2 security groups
* GCP:
  * Enable using gcr.io as a Docker registry mirror.

		Versioned:                  dstOpts.Versioned,
		VersionID:                  dstOpts.VersionID,
		MTime:                      dstOpts.MTime,
		NoLock:                     true,
		EncryptFn:                  dstOpts.EncryptFn,
		WantChecksum:               dstOpts.WantChecksum,
		WantServerSideChecksumType: dstOpts.WantServerSideChecksumType,
	}

pkg crypto/cipher, method (StreamWriter) Write([]uint8) (int, error)
pkg crypto/cipher, type Block interface { BlockSize, Decrypt, Encrypt }
pkg crypto/cipher, type Block interface, BlockSize() int
pkg crypto/cipher, type Block interface, Decrypt([]uint8, []uint8)
pkg crypto/cipher, type Block interface, Encrypt([]uint8, []uint8)
pkg crypto/cipher, type BlockMode interface { BlockSize, CryptBlocks }

- github.com/armon/go-radix: [7fddfc3](https://github.com/armon/go-radix/tree/7fddfc3)
- github.com/bgentry/speakeasy: [v0.1.0](https://github.com/bgentry/speakeasy/tree/v0.1.0)
- github.com/bketelsen/crypt: [5cbc8cc](https://github.com/bketelsen/crypt/tree/5cbc8cc)
- github.com/cenkalti/backoff/v4: [v4.1.3](https://github.com/cenkalti/backoff/v4/tree/v4.1.3)
- github.com/cespare/xxhash: [v1.1.0](https://github.com/cespare/xxhash/tree/v1.1.0)