A couple more thoughts on this. There are still a couple cases where the decryption key is not verified (unless we persist something new for user-meta) even though the same object key is used for both body and headers at this point.
The on 'X-Object-Sysmeta-Crypto-Etag-Mac' only exists if the body was encrypted at PUT time.
So, if the body was unencrypted, but there was a POST later with encrypted headers, the key used for those headers could not be verified.
Secondly, there will be no way to verify the container key when decrypting etags on a container listing.
A couple more thoughts on this. There are still a couple cases where the decryption key is not verified (unless we persist something new for user-meta) even though the same object key is used for both body and headers at this point.
The on 'X-Object- Sysmeta- Crypto- Etag-Mac' only exists if the body was encrypted at PUT time.
So, if the body was unencrypted, but there was a POST later with encrypted headers, the key used for those headers could not be verified.
Secondly, there will be no way to verify the container key when decrypting etags on a container listing.