TestAuthenticationChain chain3 = new TestAuthenticationChain();
        chain1.changePasswordResult = true;
        chain2.changePasswordResult = true;
        chain3.changePasswordResult = true;

        authenticationManager.addChain(chain1);
        authenticationManager.addChain(chain2);
        authenticationManager.addChain(chain3);

   * Since Quantiles provides a fluent-style API, each test covers a chain of methods resulting in
   * the computation of one or more quantiles (or in an error) rather than individual methods. The
   * tests are divided into three sections:
   * 1. Tests on a hardcoded dataset for chains starting with median(), quartiles(), and scale(10);
   * 2. Tests on hardcoded datasets include non-finite values for chains starting with scale(10);

   * Since Quantiles provides a fluent-style API, each test covers a chain of methods resulting in
   * the computation of one or more quantiles (or in an error) rather than individual methods. The
   * tests are divided into three sections:
   * 1. Tests on a hardcoded dataset for chains starting with median(), quartiles(), and scale(10);
   * 2. Tests on hardcoded datasets include non-finite values for chains starting with scale(10);

      }
    }
  }

  /**
   * Not checking the CA bit created a vulnerability in old OkHttp releases. It is exploited by
   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *
   * The victim's gets a non-CA certificate signed by a CA, and pins the CA root and/or
   * intermediate. This is business as usual.
   *

    assertFailsToDecode(base64(), "Wf2!", "Unrecognized character: !");
    // This sentence just isn't base64() encoded.
    assertFailsToDecode(base64(), "let's not talk of love or chains!");
    // A 4n+1 length string is never legal base64().
    assertFailsToDecode(base64(), "12345", "Invalid input length 5");
    // These have a combination of invalid length, unrecognized characters and wrong padding.

     * By explicitly registering classes, we prevent deserialization of arbitrary classes
     * which could lead to remote code execution vulnerabilities through gadget chains.
     * </p>
     *
     * @param kryo the Kryo instance to register classes with
     */
    protected void registerClasses(final Kryo kryo) {
        // Primitive types and wrappers

        assertEquals(block.useUnicode, next.useUnicode, "useUnicode must be propagated");
        assertTrue(next.writeParamCalls > 0, "chained SMB parameter words should be written");
        assertTrue(next.writeBytesCalls > 0, "chained SMB bytes should be written");
    }

    @Test
    @DisplayName("decode basic AndX block with no chaining")
    void testDecodeBasicNoAndx() {

/**
 * Enhanced Pre-Authentication Integrity Service for SMB 3.1.1.
 *
 * Provides comprehensive pre-authentication integrity protection against
 * downgrade attacks by maintaining cryptographic hash chains of all
 * negotiation and session setup messages.
 */
public class PreauthIntegrityService {

    private static final Logger log = LoggerFactory.getLogger(PreauthIntegrityService.class);

              // this has 2 benefits
              // 1. for long chains of futures strung together with setFuture we consume less stack
              // 2. we avoid allocating Cancellation objects at every level of the cancellation
              //    chain
              // We can only do this for Trusted, because Trusted implementations of cancel do

import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.jspecify.annotations.Nullable;

/**
 * A {@link ListenableFuture} that supports fluent chains of operations. For example:
 *
 * {@snippet :
 * ListenableFuture<Boolean> adminIsLoggedIn =
 *     FluentFuture.from(usersDatabase.getAdminUser())
 *         .transform(User::getId, directExecutor())