{
			queryParams: map[string]string{
				"Expires":        "60",
				"Signature":      "badsignature",
				"AWSAccessKeyId": accessKey,
			},
			expected: ErrExpiredPresignRequest,
		},
		// (4) Should error when the signature does not match.
		{
			queryParams: map[string]string{
				"Expires":        fmt.Sprintf("%d", now.Unix()+60),
				"Signature":      "badsignature",
				"AWSAccessKeyId": accessKey,
			},

	if aec != ErrNone {
		return psv, aec
	}

	// Save signature.
	preSignV4Values.Signature, aec = parseSignature("Signature=" + query.Get(xhttp.AmzSignature))
	if aec != ErrNone {
		return psv, aec
	}

	// Return structured form of signature query string.
	return preSignV4Values, ErrNone
}

// Parses signature version '4' header of the following form.
//

	}
	// List of readers used.
	readers := []io.Reader{
		// Test - 1
		bytes.NewReader([]byte("1000;chunk-signature=111123333333333333334444211\r\n")),
		// Test - 2
		bytes.NewReader([]byte("1000;")),
		// Test - 3
		bytes.NewReader(fmt.Appendf(nil, "%4097d", 1)),
		// Test - 4
		bytes.NewReader([]byte("1000;chunk-signature=111123333333333333334444211\r\n")),
	}
	testCases := []testCase{
		// Test - 1 - small bufio reader.
		{

			extractedSignedHeaders[http.CanonicalHeaderKey(header)] = r.TransferEncoding
		case "content-length":
			// Signature-V4 spec excludes Content-Length from signed headers list for signature calculation.
			// But some clients deviate from this rule. Hence we consider Content-Length for signature
			// calculation to be compatible with such clients.
			extractedSignedHeaders.Set(header, strconv.FormatInt(r.ContentLength, 10))

     */
    @Override
    public boolean verifySignature(final byte[] buffer, final int i, final int size) {
        // observed too that signatures on error responses are sometimes wrong??
        // Looks like the failure case also is just reflecting back the signature we sent

        // with SMB3's negotiation validation it's no longer possible to ignore this (on the validation response)

    SmbResourceLocator other;

    @Mock
    DfsReferralData referral;

    // Reflection-based API checks ensure the interface contract is as expected
    @Test
    @DisplayName("Type hierarchy and method signatures are correct")
    void typeAndSignatures() throws Exception {
        Class<?> clazz = SmbResourceLocatorInternal.class;

        // Assert it's an interface and extends the right superinterface

    }

    /**
     * Gets the signature or authentication tag for the encrypted message
     *
     * @return the signature/authentication tag
     */
    public byte[] getSignature() {
        return this.signature;
    }

    /**
     * Sets the signature or authentication tag for the encrypted message
     *
     * @param signature
     *            the signature/authentication tag to set
     */

        }
        final byte[] signature = digest();
        for (int i = 0; i < 8; i++) {
            if (signature[i] != data[offset + SmbConstants.SIGNATURE_OFFSET + i]) {
                if (LogStream.level >= 2) {
                    log.println("signature verification failure");
                    Hexdump.hexdump(log, signature, 0, 8);

    }

    /**
     * Returns the server signature used to validate PAC integrity.
     * @return the server signature
     */
    public PacSignature getServerSignature() {
        return this.serverSignature;
    }

    /**
     * Returns the KDC signature used to validate PAC authenticity.
     * @return the KDC signature
     */
    public PacSignature getKdcSignature() {

  val extensions: List<Extension>,
) {
  /**
   * Returns the standard name of this certificate's signature algorithm as specified by
   * [Signature.getInstance]. Typical values are like "SHA256WithRSA".
   */
  val signatureAlgorithmName: String
    get() {
      return when (signature.algorithm) {
        ObjectIdentifiers.SHA256_WITH_RSA_ENCRYPTION -> "SHA256WithRSA"