}

		// Verify response the V2 signed HTTP request.
		// initialize HTTP NewRecorder, this records any mutations to response writer inside the handler.
		recV2 := httptest.NewRecorder()
		// construct HTTP request for PUT bucket policy endpoint.

		// verify response for V2 signed HTTP request.

        @Test
        @DisplayName("Should return true when signed flag is not set")
        void testVerifyNoSignedFlag() {
            // Don't set the signed flag
            SMBUtil.writeInt4(0x00000000, data, 16);

            boolean result = digest.verify(data, 0, data.length, 0, msg);

            assertTrue(result, "Should return true when signed flag is not set");
        }

        @Test

            final int index = offset + SIGNATURE_OFFSET;
            for (int i = 0; i < SIGNATURE_LENGTH; i++) {
                data[index + i] = 0;
            }

            // set signed flag
            final int oldFlags = SMBUtil.readInt4(data, offset + 16);
            final int flags = oldFlags | ServerMessageBlock2.SMB2_FLAGS_SIGNED;
            SMBUtil.writeInt4(flags, data, offset + 16);

     */
    @Override
    public final boolean isError() {
        return this.error;
    }

    /**
     * Checks whether this SMB2 response packet has been signed.
     *
     * @return whether the packet has been signed.
     */
    public boolean isSigned() {
        return (getFlags() & SMB2_FLAGS_SIGNED) != 0;
    }

    /**
     * {@inheritDoc}
     *

			partNumberMarker: "",
			maxParts:         "",
			expectedErr:      noSuchUploadErr,
		},
	}

	// string to represent V2 signed HTTP request.
	reqV2Str := "V2 Signed HTTP request"
	// string to represent V4 signed HTTP request.
	reqV4Str := "V4 Signed HTTP request"
	// Collection of HTTP request and ResponseRecorder and request type string.
	type inputReqRec struct {
		req     *http.Request

  public static boolean isPowerOfTwo(long x) {
    return x > 0 & (x & (x - 1)) == 0;
  }

  /**
   * Returns 1 if {@code x < y} as unsigned longs, and 0 otherwise. Assumes that x - y fits into a
   * signed long. The implementation is branch-free, and benchmarks suggest it is measurably faster
   * than the straightforward ternary expression.
   */
  @VisibleForTesting
  static int lessThanBranchFree(long x, long y) {

// Excerpts from @lsegal - https://github.com/aws/aws-sdk-js/issues/659#issuecomment-120477258
//
//	User-Agent:
//
//	    This is ignored from signing because signing this causes problems with generating pre-signed URLs
//	    (that are executed by other agents) or when customers pass requests through proxies, which may
//	    modify the user-agent.
//
//	Authorization:
//
//	    Is skipped for obvious reasons

}

func getReqAccessKeyV2(r *http.Request) (auth.Credentials, bool, APIErrorCode) {
	if accessKey := r.Form.Get(xhttp.AmzAccessKeyID); accessKey != "" {
		return checkKeyValid(r, accessKey)
	}

	// below is V2 Signed Auth header format, splitting on `space` (after the `AWS` string).
	// Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature
	authFields := strings.Split(r.Header.Get(xhttp.Authorization), " ")
	if len(authFields) != 2 {

```

It is not encrypted, so, anyone could recover the information from the contents.

But it's signed. So, when you receive a token that you emitted, you can verify that you actually emitted it.

        // Given
        byte[] buffer = new byte[512];
        int bodyStart = 0;
        int dataLength = 10;
        // Use a large but safe offset value that fits in signed byte range (120)
        int dataOffsetValue = 120;

        // Write structure
        SMBUtil.writeInt2(17, buffer, bodyStart);
        buffer[bodyStart + 2] = (byte) dataOffsetValue;