Although S3A claims to support server-side S3 encryption (and does, if you set the option), we don't have any test to verify this. Of course, as the encryption is transparent, it's hard to test.
Here's what I propose
- a test which sets encryption = AES256; expects things to work as normal.
- a test which sets encyption = DES and expects any operation creating a file or directory to fail with a 400 "bad request" error