<And><Prefix>key-prefix</Prefix><Tag><Key>key1</Key><Value>value1</Value></Tag><Tag><Key>key2</Key><Value>value2</Value></Tag></And></Filter><Destination><Bucket>arn:aws:s3:::destinationbucket</Bucket></Destination></Rule></ReplicationConfiguration>`,
			prefix:         "testdir/",

        assertEquals("three", pom.getValue(prefix + "stringParams/stringParam[3]"));
        assertEquals("four", pom.getValue(prefix + "stringParams/stringParam[4]"));
        assertEquals("key1", pom.getValue(prefix + "propertiesParam/property[1]/name"));
        assertEquals("key2", pom.getValue(prefix + "propertiesParam/property[2]/name"));
    }

    /* MNG-3864*/
    @Test

			expectedValidationErr: errLifecycleNoRule,
		},
		{ // Valid lifecycle config
			inputConfig: `<LifecycleConfiguration>
					  <Rule>
					  <Filter>
					  <And><Tag><Key>key1</Key><Value>val1</Value><Key>key2</Key><Value>val2</Value></Tag></And>
		                          </Filter>
		                          <Expiration><Days>3</Days></Expiration>
		                          </Rule>

# Signing key for Gradle artifacts

Below is the public PGP key used to sign all Gradle artifacts.

The key ID is `E2F38302C8075E3D` and its fingerprint is `1BD97A6A154E7810EE0BC832E2F38302C8075E3D`.
You can also find the key in the [Gradle website](https://gradle.org/keys/) and on [public key servers](https://keys.openpgp.org/search?q=maven-publishing%40gradle.com).

## Verification instructions

### Importing the key

	}
	return NewBuiltin(keyID, key)
}

// NewBuiltin returns a single-key KMS that derives new DEKs from the
// given key.
func NewBuiltin(keyID string, key []byte) (*KMS, error) {
	if len(key) != 32 {
		return nil, errors.New("kms: invalid key length " + strconv.Itoa(len(key)))
	}
	return &KMS{
		Type:       Builtin,
		DefaultKey: keyID,
		conn: secretKey{
			keyID: keyID,
			key:   key,
		},

}

// SealedKey represents a sealed object key. It can be stored
// at an untrusted location.
type SealedKey struct {
	Key       [64]byte // The encrypted and authenticated object-key.
	IV        [32]byte // The random IV used to encrypt the object-key.
	Algorithm string   // The sealing algorithm used to encrypt the object key.
}

// Seal encrypts the ObjectKey using the 256 bit external key and IV. The sealed

		t.Fatal("Unmarshal: ", err)
	} else if len(jk.Keys) != 2 {
		t.Fatalf("Expected 2 keys, got %d", len(jk.Keys))
	}

	keys := make([]crypto.PublicKey, len(jk.Keys))
	for ii, jks := range jk.Keys {
		var err error
		keys[ii], err = jks.DecodePublicKey()
		if err != nil {
			t.Fatalf("Failed to decode key %d: %v", ii, err)
		}
	}

	//nolint:gocritic
	if key0, ok := keys[0].(*ecdsa.PublicKey); !ok {

        key8[2] = (byte) (((key7[1] & 0x03) << 5 | (key7[2] & 0xff) >> 3 & 0xff) & 0xff);
        key8[3] = (byte) (((key7[2] & 0x07) << 4 | (key7[3] & 0xff) >> 4 & 0xff) & 0xff);
        key8[4] = (byte) (((key7[3] & 0x0F) << 3 | (key7[4] & 0xff) >> 5 & 0xff) & 0xff);
        key8[5] = (byte) (((key7[4] & 0x1F) << 2 | (key7[5] & 0xff) >> 6 & 0xff) & 0xff);
        key8[6] = (byte) (((key7[5] & 0x3F) << 1 | (key7[6] & 0xff) >> 7 & 0xff) & 0xff);

Harshavardhana <******@****.***> 1620513629 -0700

         "Effect":"Deny",
         "Principal":"*",
         "Action":"s3:PutObject",
         "Resource":"arn:aws:s3:::multi-key-poc/*",
         "Condition":{
            "StringNotEquals":{
               "s3:x-amz-server-side-encryption-aws-kms-key-id":"minio-default-key"
            }
         }
      }
   ]