// Test with a negative value, expecting it to be masked to a positive byte
        NdrSmall ndrSmall = new NdrSmall(-1); // -1 & 0xFF = 255
        assertEquals(255, ndrSmall.value, "Negative value should be masked to its unsigned byte equivalent.");
    }

    @Test
    void testConstructor_overflowValue() {
        // Test with a value exceeding byte range, expecting it to be masked

        }

        @Test
        @DisplayName("Should handle masked value round-trip correctly")
        void testMaskedValueRoundTrip() throws NdrException {
            // Given: Original value that gets masked
            int originalValue = 300; // Will be masked to 44
            int maskedValue = originalValue & 0xFF; // 44
            NdrShort ndrShort1 = new NdrShort(originalValue);

        NdrShort ns = new NdrShort(input);
        // NdrShort masks to 0xFF (8 bits) in its constructor
        int expected = input & 0xFF;
        assertEquals(expected, ns.value, "value should be masked to 0xFF before storing");
    }

    /**
     * Round-trip encode/decode for a selection of representative values.
     */
    @ParameterizedTest
    @ValueSource(ints = { 0, 42, 255, -1, 128 })

        trans2FindFirst2 = new Trans2FindFirst2(mockConfig, "\\test", "*.*", searchAttributes, 10, 1024);

        // Verify attributes are masked with 0x37
        int expectedAttributes = searchAttributes & 0x37;

        // Write parameters to verify the masked value is used
        byte[] buffer = new byte[100];
        int written = trans2FindFirst2.writeParametersWireFormat(buffer, 0);

    val isMasked = b1 and B1_FLAG_MASK != 0
    if (isMasked == isClient) {
      // Masked payloads must be read on the server. Unmasked payloads must be read on the client.
      throw ProtocolException(
        if (isClient) {
          "Server-sent frames must not be masked."
        } else {
          "Client-sent frames must be masked."
        },
      )
    }

    /**
     * The small integer value (0-255)
     */
    public int value;

    /**
     * Constructs an NdrSmall with the specified value
     * @param value the small integer value (will be masked to 0-255 range)
     */
    public NdrSmall(final int value) {
        this.value = value & 0xFF;
    }

    @Override
    public void encode(final NdrBuffer dst) throws NdrException {

                masked.put(entry.getKey(), "****");
            } else if (value instanceof String) {
                masked.put(entry.getKey(), maskSensitiveData((String) value));
            } else {
                masked.put(entry.getKey(), value);
            }
        }

        return masked;
    }

    private String maskUsername(String username) {

            });
        }
        return itemList;
    }

    /**
     * Checks if a property value should be masked for security reasons.
     *
     * @param key the property key to check
     * @return true if the value should be masked, false otherwise
     */
    protected static boolean isMaskedValue(final String key) {
        return "http.proxy.password".equals(key) //

    /**
     * The small integer value (0-255)
     */
    public int value;

    /**
     * Constructs an NdrSmall with the specified value
     * @param value the small integer value (will be masked to 0-255 range)
     */
    public NdrSmall(final int value) {
        this.value = value & 0xFF;
    }

    @Override
    public void encode(final NdrBuffer dst) throws NdrException {

    client.webSocket!!.close(1000, "Hello")
    server.processNextFrame()
    // Not closed until close reply is received.
    assertThat(client.closed).isFalse()

    // Manually write an invalid masked close frame.
    server.sink.write("888760b420bb635c68de0cd84f".decodeHex()).emit()
    client.processNextFrame() // Detects error, disconnects immediately since close already sent.
    client.webSocket!!.finishReader()