// Name is the name of the master key used to generate
	// the data key.
	Name string

	// AssociatedData is optional data that is cryptographically
	// associated with the generated data key. The same data
	// must be provided when decrypting an encrypted data key.
	//
	// Typically, associated data is some metadata about the
	// data key. For example, the name of the object for which
	// the data key is used.
	AssociatedData Context

## Quick Start

	"github.com/minio/pkg/v3/console"
)

type scanStatus uint8

const (
	scanStateNone scanStatus = iota
	scanStateStarted
	scanStateSuccess
	scanStateError

	// Time in which the initiator of a scan must have reported back.
	metacacheMaxRunningAge = time.Minute

	// Max time between client calls before dropping an async cache listing.
	metacacheMaxClientWait = 3 * time.Minute

A major advantage of certificate-based authentication compared to other STS authentication methods, like OpenID Connect or LDAP/AD, is that client authentication works without any additional/external component that must be constantly available. Therefore, certificate-based authentication may provide better availability / lower operational complexity.

  public CustomCipherSuites() throws GeneralSecurityException {
    // Configure cipher suites to demonstrate how to customize which cipher suites will be used for
    // an OkHttp request. In order to be selected a cipher suite must be included in both OkHttp's
    // connection spec and in the SSLSocket's enabled cipher suites array. Most applications should
    // not customize the cipher suites list.
    List<CipherSuite> customCipherSuites = asList(

      +  "KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n"
      +  "-----END CERTIFICATE-----");

  private final OkHttpClient client;

  public CustomTrust() {
    // This implementation just embeds the PEM files in Java strings; most applications will
    // instead read this from a resource file that gets bundled with the application.

    HandshakeCertificates certificates = new HandshakeCertificates.Builder()

   * framing. Ignore the socket completely until the server is shut down.
   */
  object StallSocketAtStart : SocketPolicy

  /**
   * Read the request but don't respond to it. Just keep the socket open. For testing read response
   * header timeout issue.
   */
  object NoResponse : SocketPolicy

  /**
   * Fail HTTP/2 requests without processing them by sending [http2ErrorCode].
   */

   * if the returned {@link Iterable} contains duplicate elements. Implementations of such
   * algorithms should document their behavior in the presence of duplicates.
   *
   * <p>The elements of the returned {@code Iterable} must each be:
   *
   * <ul>
   *   <li>Non-null
   *   <li>Usable as {@code Map} keys (see the Guava User Guide's section on <a

 *   new MySubtypeTests().testAllDeclarations();
 * }
 * }</pre>
 *
 * The calls to {@link #isSubtype} and {@link #notSubtype} tells the framework what assertions need
 * to be made.
 *
 * <p>The declaration methods must be public.
 */
@AndroidIncompatible // only used by android incompatible tests.
abstract class SubtypeTester implements Cloneable {

  /** Annotates a public method that declares subtype assertion. */

    bits += signifRounded;
    /*
     * If signifRounded == 2^53, we'd need to set all of the significand bits to zero and add 1 to
     * the exponent. This is exactly the behavior we get from just adding signifRounded to bits
     * directly. If the exponent is MAX_DOUBLE_EXPONENT, we round up (correctly) to
     * Double.POSITIVE_INFINITY.
     */
    bits |= x.signum() & SIGN_MASK;