aws s3api --endpoint-url=https://localhost:9001 put-object --checksum-algorithm SHA256 --checksum-sha256 "${OBJ_CHKSUM}" --bucket test-bucket --key obj --body /tmp/data/obj --no-verify-ssl --profile enterprise

split -n 10 /tmp/data/mpartobj
CREATE_MPART_OUT=$(aws s3api --endpoint-url=https://localhost:9001 create-multipart-upload --bucket test-bucket --key mpartobj --checksum-algorithm SHA256 --no-verify-ssl --profile enterprise)

            assertNull(context.getSalt());
            assertEquals(4, context.size()); // Only header
        }

        @ParameterizedTest
        @DisplayName("Should encode with different hash algorithm counts")
        @ValueSource(ints = { 0, 1, 2, 5, 10 })
        void testEncodeWithDifferentHashAlgoCounts(int count) {
            int[] hashAlgos = new int[count];
            for (int i = 0; i < count; i++) {

	{file: "myobject", offset: 1, length: 120, algorithm: SHA256, expError: errFileCorrupt},     // 4
	{file: "myobject", offset: 3, length: 1100, algorithm: SHA256, expError: nil},               // 5
	{file: "myobject", offset: 2, length: 100, algorithm: SHA256, expError: errFileCorrupt},     // 6
	{file: "myobject", offset: 1000, length: 1001, algorithm: SHA256, expError: nil},            // 7

keystore.type.compat=true
package.access=sun.misc.,\
               sun.reflect.
package.definition=sun.misc.,\
                   sun.reflect.
security.overridePropertiesFile=true
ssl.KeyManagerFactory.algorithm=PKIX
ssl.TrustManagerFactory.algorithm=PKIX
networkaddress.cache.negative.ttl=10
krb5.kdc.bad.policy = tryLast
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224

)

const (
	// SealAlgorithm is the encryption/sealing algorithm used to derive & seal
	// the key-encryption-key and to en/decrypt the object data.
	SealAlgorithm = "DAREv2-HMAC-SHA256"

	// InsecureSealAlgorithm is the legacy encryption/sealing algorithm used
	// to derive & seal the key-encryption-key and to en/decrypt the object data.
	// This algorithm should not be used for new objects because its key derivation

	if err != nil {
		t.Fatal(err)
	}

                    cipherAlgorithm);
            inver = InvertibleCryptographer.createBlowfishCipher(fessConfig.getAppCipherKey());
        } else if ("des".equalsIgnoreCase(cipherAlgorithm)) {
            logger.warn("DES cipher is deprecated due to its 56-bit key size vulnerability. Please consider migrating to AES. algorithm={}",
                    cipherAlgorithm);

	sealedKey := key.Seal(extKey[:], iv, "SSE-S3", "bucket", "object")
	sealedKey.Algorithm = InsecureSealAlgorithm
	if err := key.Unseal(extKey[:], sealedKey, "SSE-S3", "bucket", "object"); err == nil {
		t.Errorf("'%s' test succeeded but it should fail because the legacy algorithm was used", sealedKey.Algorithm)
	}
}

var derivePartKeyTest = []struct {
	PartID  uint32
	PartKey string
}{

- *If total drives has many common divisors the algorithm chooses the minimum amounts of erasure sets possible for a erasure set size of any N*.  In the example with 1024 drives - 4, 8, 16 are GCD factors. With 16 drives we get a total of 64 possible sets, with 8 drives we get a total of 128 possible sets, with 4 drives we get a total of 256 possible sets. So algorithm automatically chooses 64 sets, which is *16* 64 = 1024* drives in total.

	AmzServerSideEncryptionCustomerAlgorithm     = AmzServerSideEncryption + "-Customer-Algorithm"
	AmzServerSideEncryptionCustomerKey           = AmzServerSideEncryption + "-Customer-Key"
	AmzServerSideEncryptionCustomerKeyMD5        = AmzServerSideEncryption + "-Customer-Key-Md5"
	AmzServerSideEncryptionCopyCustomerAlgorithm = "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm"