}

    /**
     * Gets the common capabilities negotiated between client and server.
     *
     * @return the common/negotiated capabilities
     */
    public final int getCommonCapabilities() {
        return this.commonCapabilities;
    }

    /**
     * Gets the initial security blob for authentication negotiation.
     *
     * @return initial security blob
     */

    private byte[] preauthSalt;

    /**
     * Constructs an SMB2 negotiate request with the specified configuration and security mode.
     *
     * @param config the configuration for this request
     * @param securityMode the security mode flags for negotiation
     */
    public Smb2NegotiateRequest(final Configuration config, final int securityMode) {

import jcifs.Configuration;
import jcifs.internal.SMBProtocolDecodingException;
import jcifs.internal.util.SMBUtil;

/**
 * SMB 3.1.1 Compression Capabilities negotiate context.
 *
 * This context is used during SMB2 negotiation to negotiate compression
 * algorithms for SMB3 data compression support.
 */
public class CompressionNegotiateContext implements NegotiateContextRequest, NegotiateContextResponse {

            log.debug("Secure negotiation failure");
            throw new CIFSException("Mismatched attributes validating negotiate info");
        }

        log.debug("Secure negotiation OK");
    }

    /**
     * @param transport
     * @return
     * @throws SmbException
     */

    }

    /**
     * Test secure negotiation requirement for SMB3
     */
    @Test
    public void testSecureNegotiateRequired() throws CIFSException {
        BaseConfiguration config = new BaseConfiguration(true);

        // Verify secure negotiate is required for SMB3
        assertTrue("Secure negotiate should be required for SMB3", config.isRequireSecureNegotiate());
    }

    protected boolean useNtStatus = true;
    /** Whether to use extended security negotiation */
    protected boolean useExtendedSecurity = true;
    /** Force use of extended security negotiation */
    protected boolean forceExtendedSecurity = false;
    /** Whether to negotiate only SMB2 or higher protocols */
    protected boolean smb2OnlyNegotiation = false;

        // Mock the negotiation response
        when(negotiationResponse.isSigningRequired()).thenReturn(false);
        when(negotiationResponse.isSigningNegotiated()).thenReturn(false);
        when(negotiationResponse.canReuse(any(CIFSContext.class), anyBoolean())).thenReturn(true);

        // Use reflection to set the negotiated response

package jcifs.internal.smb2.nego;

import jcifs.Configuration;
import jcifs.internal.SMBProtocolDecodingException;
import jcifs.internal.util.SMBUtil;

/**
 * SMB2 Encryption Negotiate Context.
 *
 * This negotiate context is used in SMB 3.x to negotiate
 * encryption capabilities and cipher suites.
 *
 * @author mbechler
 */
public class EncryptionNegotiateContext implements NegotiateContextRequest, NegotiateContextResponse {

            assertTrue(true, "Negotiate context data length validation exists in code (max 1024 bytes)");
        } catch (SMBProtocolDecodingException e) {
            // If exception thrown, validation is working
            assertTrue(e.getMessage().contains("Invalid negotiate context data length") || e.getMessage().contains("Buffer too small")

/**
 * Enhanced Pre-Authentication Integrity Service for SMB 3.1.1.
 *
 * Provides comprehensive pre-authentication integrity protection against
 * downgrade attacks by maintaining cryptographic hash chains of all
 * negotiation and session setup messages.
 */
public class PreauthIntegrityService {

    private static final Logger log = LoggerFactory.getLogger(PreauthIntegrityService.class);

    // Hash algorithm constants