*/
    public static final String ISO_DATETIME_FORMAT = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";

    /**
     * The feature for secure processing in XML.
     */
    public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing";

    /**
     * The feature for external general entities in XML.
     */

	Endpoint         string
	Secure           bool
	Err              error
}

func (rs *replStat) endpoint() string {
	scheme := "http"
	if rs.Secure {
		scheme = "https"
	}
	return scheme + "://" + rs.Endpoint
}

func (rs *replStat) set(arn string, n int64, duration time.Duration, status replication.StatusType, opType replication.Type, endpoint string, secure bool, err error) {
	rs.Endpoint = endpoint

	// transfer rate for small uploads
	XferRateSml *XferStats `json:"smallTransferRate" msg:"st"`
	// Endpoint is the replication target endpoint
	Endpoint string `json:"-"`
	// Secure is true if the replication target endpoint is secure
	Secure bool `json:"-"`
}

func (sr *SRStats) update(st replStat, dID string) {
	sr.lock.Lock()
	defer sr.lock.Unlock()
	srs, ok := sr.M[dID]
	if !ok {
		srs = &SRStatus{

	}

	// Check that the LDAP sts cred is actually working.
	minioClient, err := minio.New(s.endpoint, &minio.Options{
		Creds:     cr.NewStaticV4(value.AccessKeyID, value.SecretAccessKey, value.SessionToken),
		Secure:    s.secure,
		Transport: s.TestSuiteCommon.client.Transport,
	})
	if err != nil {
		c.Fatalf("Error initializing client: %v", err)
	}

	// Validate that the client from sts creds can access the bucket.

     */
    public void secureWipeKeys() {
        if (this.encryptionKey != null) {
            // Multi-pass secure wipe for enhanced security
            SecureKeyManager.secureWipe(this.encryptionKey);
            this.encryptionKey = null;
        }
        if (this.decryptionKey != null) {
            // Multi-pass secure wipe for enhanced security
            SecureKeyManager.secureWipe(this.decryptionKey);

import okhttp3.internal.intersect

/**
 * Specifies configuration for the socket connection that HTTP traffic travels through. For `https:`
 * URLs, this includes the TLS version and cipher suites to use when negotiating a secure
 * connection.
 *
 * The TLS versions configured in a connection spec are only be used if they are also enabled in the
 * SSL socket. For example, if an SSL socket does not have TLS 1.3 enabled, it will not be used even

     * Determines if the search parameter cookie should be secure based on configuration and request.
     *
     * @param request The HTTP request
     * @return true if the cookie should have the secure flag set
     */
    protected boolean isSearchParameterCookieSecure(final HttpServletRequest request) {
        final FessConfig fessConfig = ComponentUtil.getFessConfig();
        final String secure = fessConfig.getCookieSearchParameterSecure();

			if err != nil {
				logger.Fatal(fmt.Errorf("invalid arguments passed to --ftp=%s (%v)", arg, err), "unable to start FTP server")
			}
		}
	}

	// Verify if only partial inputs are given for FTP(secure)
	{
		if tlsPrivateKey == "" && tlsPublicCert != "" {
			logger.Fatal(fmt.Errorf("invalid TLS arguments provided missing private key --ftp=\"tls-private-key=path/to/private.key\""), "unable to start FTP server")
		}

go 1.23.0

toolchain go1.24.8

require (
	github.com/klauspost/compress v1.17.11
	github.com/klauspost/filepathx v1.1.1
	github.com/minio/colorjson v1.0.8
	github.com/minio/madmin-go/v3 v3.0.88
	github.com/secure-io/sio-go v0.3.1
	github.com/tinylib/msgp v1.2.5
)

require (
	github.com/cespare/xxhash/v2 v2.3.0 // indirect
	github.com/fatih/color v1.18.0 // indirect
	github.com/mattn/go-colorable v0.1.14 // indirect

import (
	"bytes"
	"context"
	"crypto/rand"
	"encoding/binary"
	"errors"
	"fmt"
	"io"

	jsoniter "github.com/json-iterator/go"
	"github.com/minio/minio/internal/kms"
	"github.com/secure-io/sio-go"
	"github.com/secure-io/sio-go/sioutil"
)

// EncryptBytes encrypts the plaintext with a key managed by KMS.
// The context is bound to the returned ciphertext.
//
// The same context must be provided when decrypting the