//	   if err != nil {
//	   }
//	}
//	ETag = ETag.Format()
func (e ETag) Format() ETag {
	if !e.IsEncrypted() {
		return e
	}
	return e[len(e)-16:]
}

var _ Tagger = ETag{} // compiler check

// ETag returns the ETag itself.
//
// By providing this method ETag implements
// the Tagger interface.
func (e ETag) ETag() ETag { return e }

		{[]CompletePart{{ETag: "wrong-md5-hash-string"}}, "0deb8cb07527b4b2669c861cb9653607-1", ""},

		// Single CompletePart with valid MD5 hash string.
		{[]CompletePart{{ETag: "cf1f738a5924e645913c984e0fe3d708"}}, "10dc1617fbcf0bd0858048cb96e6bd77-1", ""},

		// Multiple CompletePart with valid MD5 hash string.

	// We must not use the http.Header().Set method here because some (broken)
	// clients expect the ETag header key to be literally "ETag" - not "Etag" (case-sensitive).
	// Therefore, we have to set the ETag directly as map entry.
	if objInfo.ETag != "" && !del {
		w.Header()[xhttp.ETag] = []string{`"` + objInfo.ETag + `"`}
	}

	// Set the relevant version ID as part of the response header.

		ETag:       "",
		ShouldFail: true, // ETag prefix is not a valid hex value
	},
	{
		ObjectKey:  [32]byte{},
		ObjectInfo: ObjectInfo{ETag: "16516b396f0f4d4f2a0e7177557bec4-1-2"},
		ETag:       "",
		ShouldFail: true, // ETag contains multiple: -
	},
}

func TestDecryptETag(t *testing.T) {
	for i, test := range decryptETagTests {

		etag = commonETag(etags, quorum)

		if etag != "" { // allow this fallback only if a non-empty etag is found.
			for index, e := range etags {
				if partsMetadata[index].IsValid() && e == etag {
					onlineDisks[index] = disks[index]
				} else {
					onlineDisks[index] = nil
				}
			}
			return onlineDisks, modTime, etag
		}
	}

		// This should fail even without quorum issues, but with quorum failure
		// we can't verify the ETag at all.
		opts := ObjectOptions{
			UserDefined: map[string]string{
				xhttp.IfMatch: "wrong-etag-12345",
			},
			HasIfMatch: true,
			CheckPrecondFn: func(oi ObjectInfo) bool {
				// Precondition fails if ETags don't match
				return oi.ETag != "wrong-etag-12345"
			},
		}

	return partKey
}

// SealETag seals the etag using the object key.
// It does not encrypt empty ETags because such ETags indicate
// that the S3 client hasn't sent an ETag = MD5(object) and
// the backend can pick an ETag value.
func (key ObjectKey) SealETag(etag []byte) []byte {
	if len(etag) == 0 { // don't encrypt empty ETag - only if client sent ETag = MD5(object)
		return etag
	}
	var buffer bytes.Buffer

		// Test Case 3: if-match with wrong ETag
		// Even if the ETag doesn't match, we should still get read quorum error
		// because we can't read the object to check the condition.
		opts := ObjectOptions{
			UserDefined: map[string]string{
				xhttp.IfMatch: "wrong-etag",
			},
			CheckPrecondFn: func(oi ObjectInfo) bool {
				// Precondition fails if ETag doesn't match

// generates CopyObjectResponse from etag and lastModified time.
func generateCopyObjectResponse(etag string, lastModified time.Time) CopyObjectResponse {
	return CopyObjectResponse{
		ETag:         "\"" + etag + "\"",
		LastModified: amztime.ISO8601Format(lastModified.UTC()),
	}
}

// generates CopyObjectPartResponse from etag and lastModified time.

			if _, ok := crypto.IsEncrypted(batch[i].UserDefined); ok {
				ETag, err := etag.Parse(batch[i].ETag)
				if err != nil {
					return err
				}
				if SSES3SinglePartObjects[i] {
					ETag, err = etag.Decrypt(keys[0][:], ETag)
					if err != nil {
						return err
					}
					keys = keys[1:]
				}
				batch[i].ETag = ETag.Format().String()
			}
		}
		objects = objects[N:]
	}
	return nil