}
	files.OptimizeSize()
	zipInfo, err := files.Serialize()
	if err != nil {
		return nil, err
	}
	at := archiveType
	zipInfoStr := string(zipInfo)
	if opts.EncryptFn != nil {
		at = archiveTypeEnc
		zipInfoStr = string(opts.EncryptFn(archiveTypeEnc, zipInfo))
	}
	srcInfo.UserDefined[archiveTypeMetadataKey] = at
	popts := ObjectOptions{
		MTime:     srcInfo.ModTime,
		VersionID: srcInfo.VersionID,

	return key, err
}

// EncryptSinglePart encrypts an io.Reader which must be the
// body of a single-part PUT request.
func EncryptSinglePart(r io.Reader, key ObjectKey) io.Reader {
	r, err := sio.EncryptReader(r, sio.Config{MinVersion: sio.Version20, Key: key[:]})
	if err != nil {
		logger.CriticalIf(context.Background(), errors.New("Unable to encrypt io.Reader using object key"))
	}
	return r
}

	exit_1
fi

# Stat the SSEC objects from source site
echo "Stat minio1/test-bucket/encrypted"
./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json
stat_out1=$(./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json)
src_obj1_etag=$(echo "${stat_out1}" | jq '.etag')

1a) Send encrypted data key and master key ID to KMS.
1b) Receive decrypted data key.
2)  Decrypt encrypted object key with the KEK derived from the data key.
3a) Receive new plain data key from the KMS using the master key ID of the server config.
3b) Receive encrypted form of the data key from the KMS.
4)  Derive a new KEK from the new data key and re-encrypt the OEK with it.

    /**
     * Stores a file authentication configuration.
     * The parameters are encrypted before storage for security.
     *
     * @param fileAuthentication the file authentication configuration to store
     */
    public void store(final FileAuthentication fileAuthentication) {
        fileAuthentication.setParameters(ParameterUtil.encrypt(fileAuthentication.getParameters()));

    }

    /**
     * Stores a web configuration.
     * Configuration parameters are encrypted before storage.
     *
     * @param webConfig The web configuration to store
     */
    public void store(final WebConfig webConfig) {
        webConfig.setConfigParameter(ParameterUtil.encrypt(webConfig.getConfigParameter()));
        webConfigBhv.insertOrUpdate(webConfig, op -> {

	exit_1
fi

# Stat the SSEC objects from source site
echo "Stat minio1/test-bucket/encrypted"
./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json
stat_out1=$(./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json)
src_obj1_etag=$(echo "${stat_out1}" | jq '.etag')

        String encrypted = context.reader.readLine("Enter the password to decrypt: ");
        if (secDispatcher.isAnyEncryptedString(encrypted)) {
            context.terminal.writer().println(secDispatcher.decrypt(encrypted));
            return OK;
        } else {
            context.terminal.writer().println(messageBuilderFactory.builder().error("Malformed encrypted string"));
            return BAD_OPERATION;

		}
	}
}

var ssecIsEncryptedTests = []struct {
	Metadata  map[string]string
	Encrypted bool
}{
	{Encrypted: false, Metadata: map[string]string{MetaMultipart: ""}},                             // 0
	{Encrypted: false, Metadata: map[string]string{MetaIV: ""}},                                    // 1
	{Encrypted: false, Metadata: map[string]string{MetaAlgorithm: ""}},                             // 2

Harshavardhana <******@****.***> 1699046298 -0700