private MessageDigest digest;
    private byte[] macSigningKey;
    private boolean bypass = false;
    private int updates;
    private int signSequence;

    /**
     * Constructs a new signing digest with the specified MAC signing key.
     *
     * @param macSigningKey the MAC signing key for message authentication
     * @param bypass whether to bypass MAC signing
     * @throws SmbException if MD5 algorithm is not available
     */

     */
    @Override
    public String[] assistClientInvokeNames() {
        return DEFAULT_CLIENT_INVOKE_NAMES;
    }

    /**
     * Assists bypass invoke names for DBFlute behavior invocation.
     *
     * @return array of default bypass invoke names
     */
    @Override
    public String[] assistByPassInvokeNames() {
        return DEFAULT_BYPASS_INVOKE_NAMES;
    }

    @Override

```

See <https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html> for AWS S3 spec on object locking and permissions required for object retention and governance bypass overrides.

### Set legal hold on an object

PutObject API allows setting legal hold using `x-amz-object-lock-legal-hold` header.

```sh

# - MSYS2 + curl, git, patch, vim, unzip, zip
# - Python 3.12.3
# - Bazelisk 1.19.0
# - JDK 21 (Azul Zulu)

FROM mcr.microsoft.com/windows/servercore:ltsc2019

SHELL ["powershell.exe", "-ExecutionPolicy", "Bypass", "-Command", \
       "$ErrorActionPreference='Stop'; $ProgressPreference='SilentlyContinue';$VerbosePreference = 'Continue';"]

# This should only be necessary when running on A GCP VM, on a default

import org.apache.maven.model.Plugin;
import org.apache.maven.model.PluginExecution;
import org.apache.maven.plugin.MojoExecution;

/**
 * A stub implementation that assumes an empty lifecycle to bypass interaction with the plugin manager and to avoid
 * plugin artifact resolution from repositories.
 *
 */
@Deprecated
public class EmptyLifecycleExecutor implements LifecycleExecutor {

    @Override

 * tests focus on the contract that implementations should honour and the
 * interaction with {@link SmbFile} instances. The tests make heavy use of
 * Mockito to guarantee that implementation classes do not inadvertently
 * bypass the filter logic.
 */
public class SmbFileFilterTest {

    /**
     * A minimal implementation that accepts every {@link SmbFile}.
     */
    private final SmbFileFilter ALWAYSACTIVE = new SmbFileFilter() {

in handling your report.

Please, provide a detailed explanation of the issue. In particular, outline the type of the security
issue (DoS, authentication bypass, information disclose, ...) and the assumptions you're making (e.g. do
you need access credentials for a successful exploit).

        KerberosKey kdcKey = new KerberosKey(null, keyBytes, PacSignature.HMAC_SHA1_96_AES256, 1);
        keys.put(PacSignature.ETYPE_AES256_CTS_HMAC_SHA1_96, kdcKey);

        // Mock Pac construction to bypass complex validation
        try (MockedConstruction<Pac> pacMock = Mockito.mockConstruction(Pac.class, (mock, context) -> {
            // Setup mock behavior
            PacLogonInfo mockLogonInfo = Mockito.mock(PacLogonInfo.class);

		},
		{
			SQL:           "create table users (name, age, height, actived, bytes, create_at, update_at, deleted_at, email, role, pass) values (@p1, @p2, @p3, @p4, @p5, @p6, @p7, @p8, @p9, @p10, @p11)",
			NumericRegexp: regexp.MustCompile(`@p(\d+)`),

Whenever you need the client to pass information in the request and you don't know how to, you can search (Google) how to do it in `httpx`, or even how to do it with `requests`, as HTTPX's design is based on Requests' design.

Then you just do the same in your tests.

E.g.:

* To pass a *path* or *query* parameter, add it to the URL itself.
* To pass a JSON body, pass a Python object (e.g. a `dict`) to the parameter `json`.