exit 1
fi

got_checksum=$(./mc cat myminio/versioned/dsync/drwmutex.go | md5sum)
if [ "${expected_checksum}" != "${got_checksum}" ]; then
	echo "BUG: decommission failed on encrypted objects: expected ${expected_checksum} got ${got_checksum}"
	exit 1
fi

./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned

if [ "${expected_checksum}" != "${got_checksum}" ]; then
	echo "BUG: decommission failed on encrypted objects: expected ${expected_checksum} got ${got_checksum}"
	exit 1
fi

got_checksum_1=$(./mc cat myminio/versioned-1/dsync/drwmutex.go | md5sum)
if [ "${expected_checksum}" != "${got_checksum_1}" ]; then
	echo "BUG: decommission failed on encrypted objects: expected ${expected_checksum} got ${got_checksum_1}"
	exit 1
fi

	exit 1
fi

got_checksum=$(./mc cat myminio/versioned/dsync/drwmutex.go | md5sum)
if [ "${expected_checksum}" != "${got_checksum}" ]; then
	echo "BUG: decommission failed on encrypted objects: expected ${expected_checksum} got ${got_checksum}"
	exit 1
fi

./mc ls -r myminio/versioned >decommissioned_ns.txt
./mc ls -r --versions myminio/versioned >decommissioned_ns_versions.txt

        byte[] encrypted = storage.encryptCredentials(plaintext);
        assertNotNull(encrypted, "Encrypted long password should not be null");
        assertTrue(encrypted.length > plaintext.length, "Encrypted data should be larger due to IV and auth tag");

        char[] decrypted = storage.decryptCredentials(encrypted);
        assertArrayEquals(plaintext, decrypted, "Decrypted long password should match original");

        long sessionId = 0x123456789ABCDEF0L;

        // When - Encrypt
        byte[] encrypted = context.encryptMessage(plaintext, sessionId);

        // Then - Verify encrypted message structure
        assertNotNull(encrypted, "Encrypted message should not be null");
        assertTrue(encrypted.length > plaintext.length, "Encrypted message should be larger than plaintext");

        assertNotNull(cryptographer);

        String plainText = "Hello, World!";
        String encrypted = cryptographer.encrypt(plainText);
        assertNotNull(encrypted);
        assertFalse(plainText.equals(encrypted));

        String decrypted = cryptographer.decrypt(encrypted);
        assertEquals(plainText, decrypted);
    }

    public void test_invertibleCryptography_withEmptyString() {

        Set<String> roleSet;
        boolean encrypted;
        String value;

        encrypted = false;
        value = "";
        roleSet = decodedRoleList(roleQueryHelperImpl, value, encrypted);
        assertEquals(0, roleSet.size());

        encrypted = false;
        value = "role1";
        roleSet = decodedRoleList(roleQueryHelperImpl, value, encrypted);
        assertEquals(0, roleSet.size());

	exit_1
fi

# Stat the SSEC objects from source site
echo "Stat minio1/test-bucket/encrypted"
./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json
stat_out1=$(./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json)
src_obj1_etag=$(echo "${stat_out1}" | jq '.etag')

- Delete one/some master keys. From a security standpoint, this is equal to erasing all SSE-S3 encrypted objects protected by these master keys. All these objects are lost forever as they cannot be decrypted. Especially deleting all master keys at the KMS is equivalent to secure erasing all SSE-S3 encrypted objects.

        for (String testStr : testStrings) {
            String encrypted = cipher.encrypt(testStr);
            String decrypted = cipher.decrypt(encrypted);
            assertEquals("Failed for: " + testStr, testStr, decrypted);
        }
    }

    // Test provider as CookieResourceProvider interface
    public void test_asInterface() {