testBuffer[8] = 0x01; // Revision
        testBuffer[9] = 0x01; // Sub-authority count
        testBuffer[10] = 0x00; // Identifier authority
        testBuffer[11] = 0x00;
        testBuffer[12] = 0x00;
        testBuffer[13] = 0x00;
        testBuffer[14] = 0x00;
        testBuffer[15] = 0x01;
        testBuffer[16] = 0x00; // Sub-authority
        testBuffer[17] = 0x00;
        testBuffer[18] = 0x00;

        byte[] data = new byte[] { 0x01, 0x00, 0x00, 0x00, // sidSize = 1
                0x01, // revision
                0x01, // sub-authority count
                0x00, 0x00, 0x00, 0x00, 0x00, 0x01, // authority
                0x00, 0x00, 0x00, 0x00 // sub-authority 1
        };
        PacDataInputStream pdis = createInputStream(data);
        SID sid = pdis.readSid();
        assertEquals("S-1-1-0", sid.toString());

        testBuffer[21] = 0x03; // sub-authority count
        testBuffer[22] = 0x00; // identifier authority
        testBuffer[23] = 0x00;
        testBuffer[24] = 0x00;
        testBuffer[25] = 0x00;
        testBuffer[26] = 0x00;
        testBuffer[27] = 0x05;
        SMBUtil.writeInt4(21, testBuffer, 28); // sub-authority 1
        SMBUtil.writeInt4(1000, testBuffer, 32); // sub-authority 2

        }
        return value;
    }

    /**
     * Gets the Entra ID authority URL from configuration.
     * Uses new entraid.authority key with fallback to legacy aad.authority.
     * @return The authority URL.
     */
    protected String getAuthority() {
        String value = ComponentUtil.getFessConfig().getSystemProperty(ENTRAID_AUTHORITY);

 * ```
 *
 * In this example the HTTP client already knows and trusts the last certificate, "Entrust Root
 * Certification Authority - G2". That certificate is used to verify the signature of the
 * intermediate certificate, "Entrust Certification Authority - L1M". The intermediate certificate
 * is used to verify the signature of the "www.squareup.com" certificate.
 *

        }

        @Test
        @DisplayName("Textual constructor with hex identifier authority")
        void testTextualConstructorHexAuthority() throws Exception {
            // Arrange: 0x5 == decimal 5 results in decimal authority in toString
            SID sid = new SID("S-1-0x000000000005-21-99");

            // Act
            String s = sid.toString();

        public byte revision;
        /** The number of sub-authorities in the SID */
        public byte sub_authority_count;
        /** The identifier authority value (6 bytes) */
        public byte[] identifier_authority;
        /** The array of sub-authority values */
        public int[] sub_authority;

        @Override
        public void encode(NdrBuffer _dst) throws NdrException {
            _dst.align(4);

			logger.Fatal(fmt.Errorf("invalid arguments passed, trusted user certificate authority public key file is not accessible: %v", err), "unable to start SFTP server")
		}

		globalSFTPTrustedCAPubkey, _, _, _, err = ssh.ParseAuthorizedKey(keyBytes)
		if err != nil {
			logger.Fatal(fmt.Errorf("invalid arguments passed, trusted user certificate authority public key file is not parseable: %v", err), "unable to start SFTP server")
		}
	}

 */

package jcifs.dcerpc.msrpc;

import java.io.IOException;

import jcifs.dcerpc.DcerpcHandle;
import jcifs.dcerpc.rpc;
import jcifs.smb.SmbException;

/**
 * LSA policy handle for Local Security Authority operations.
 */
public class LsaPolicyHandle extends rpc.policy_handle implements AutoCloseable {

    private final DcerpcHandle handle;
    private boolean opened;

    /**

certificate authorities of the host platform. This strategy maximizes connectivity, but it is subject to certificate authority attacks such as the [2011 DigiNotar attack](https://www.computerworld.com/article/2510951/cybercrime-hacking/hackers-spied-on-300-000-iranians-using-fake-google-certificate.html). It also assumes your HTTPS servers’ certificates are signed by a certificate authority.

Use [CertificatePinner](https://square.github.io/okhttp/5.x/okhttp/okhttp3/-certificate-pinner/) to restrict...