Name:     "bar",
			Linkname: "PAX4/PAX4/long-linkpath-name",
			ModTime:  time.Unix(0, 0),
			Typeflag: '2',
			PAXRecords: map[string]string{
				"linkpath": "PAX4/PAX4/long-linkpath-name",
			},
			Format: FormatPAX,
		}},
	}, {
		// Both BSD and GNU tar truncate long names at first NUL even
		// if there is data following that NUL character.
		// This is reasonable as GNU long names are C-strings.

		return key, ErrMissingCustomerKeyMD5
	}

	clientKey, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCopyCustomerKey))
	if err != nil || len(clientKey) != 32 { // The client key must be 256 bits long
		return key, ErrInvalidCustomerKey
	}
	keyMD5, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCopyCustomerKeyMD5))
	if md5Sum := md5.Sum(clientKey); err != nil || !bytes.Equal(md5Sum[:], keyMD5) {

}

func operatorDumpCmd(rootArgs *RootArgs, odArgs *operatorDumpArgs) *cobra.Command {
	return &cobra.Command{
		Use:   "dump",
		Short: "Dumps the Istio operator controller manifest.",
		Long:  "The dump subcommand dumps the Istio operator controller manifest.",
		Args:  cobra.ExactArgs(0),
		PreRunE: func(cmd *cobra.Command, args []string) error {

}

func profileDiffCmd(pfArgs *profileDiffArgs) *cobra.Command {
	return &cobra.Command{
		Use:   "diff <profile|file1.yaml> <profile|file2.yaml>",
		Short: "Diffs two Istio configuration profiles",
		Long:  "The diff subcommand displays the differences between two Istio configuration profiles.",
		Example: `  # Profile diff by providing yaml files
  istioctl profile diff manifests/profiles/default.yaml manifests/profiles/demo.yaml

	}
	return hex.EncodeToString(e)
}

// IsEncrypted reports whether the ETag is encrypted.
func (e ETag) IsEncrypted() bool {
	// An encrypted ETag must be at least 32 bytes long.
	// It contains the encrypted ETag value + an authentication
	// code generated by the AEAD cipher.
	//
	// Here is an incorrect implementation of IsEncrypted:
	//

		},
		// Keys and input order of k=v is same.
		{
			input: `connection_string="host=localhost port=2832" comment="really long comment"`,
			keys:  []string{"connection_string", "comment"},
			expectedFields: map[string]struct{}{
				`connection_string="host=localhost port=2832"`: {},
				`comment="really long comment"`:                {},
			},
		},
		// Keys with spaces in between
		{

		// It was verified to work with GNU tar 1.27.1 and BSD tar 3.1.2.
		//  dd if=/dev/zero bs=1G count=16 >> writer-big-long.tar
		//  gnutar -xvf writer-big-long.tar
		//  bsdtar -xvf writer-big-long.tar
		//
		// This file is in PAX format.
		file: "testdata/writer-big-long.tar",
		tests: []testFnc{
			testHeader{Header{
				Typeflag: TypeReg,
				Name:     strings.Repeat("longname/", 15) + "16gig.txt",

		return key, ErrMissingCustomerKeyMD5
	}

	clientKey, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCustomerKey))
	if err != nil || len(clientKey) != 32 { // The client key must be 256 bits long
		return key, ErrInvalidCustomerKey
	}
	keyMD5, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCustomerKeyMD5))
	if md5Sum := md5.Sum(clientKey); err != nil || !bytes.Equal(md5Sum[:], keyMD5) {

			errLineTooLong,
			nil,
			nil,
		},
		// Test - 2 - unexpected end of the reader.
		{
			bufio.NewReader(readers[1]),
			io.ErrUnexpectedEOF,
			nil,
			nil,
		},
		// Test - 3 - line too long bigger than 4k+1
		{
			bufio.NewReader(readers[2]),
			errLineTooLong,
			nil,
			nil,
		},
		// Test - 4 - parse the chunk reader properly.
		{
			bufio.NewReader(readers[3]),
			nil,

var tarinsecurepath = godebug.New("tarinsecurepath")

var (
	ErrHeader          = errors.New("archive/tar: invalid tar header")
	ErrWriteTooLong    = errors.New("archive/tar: write too long")
	ErrFieldTooLong    = errors.New("archive/tar: header field too long")
	ErrWriteAfterClose = errors.New("archive/tar: write after close")
	ErrInsecurePath    = errors.New("archive/tar: insecure file path")