throw new IOException( "Invalid SecurityDescriptor" );

            aces = new ACE[numAces];
            for (int i = 0; i < numAces; i++) {
                aces[i] = new ACE();
                bufferIndex += aces[i].decode(buffer, bufferIndex);
            }
        } else {
            aces = null;
        }

        return bufferIndex - start;
    }
    public String toString() {

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <tt>WNET\alice</tt> tries to open a file

        byte[] keybytes = key.getEncoded();
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keybytes, "AES"), new IvParameterSpec(ZERO_IV, 0, ZERO_IV.length));
        if ( constant.length != cipher.getBlockSize() ) {
            constant = expandNFold(constant, cipher.getBlockSize());

    /**
     * Context type
     */
    public static final int NEGO_CTX_ENC_TYPE = 0x2;

    /**
     * AES 128 CCM
     */
    public static final int CIPHER_AES128_CCM = 0x1;

    /**
     * AES 128 GCM
     */
    public static final int CIPHER_AES128_GCM = 0x2;

    private int[] ciphers;


    /**
     * 
     * @param config

            this.aces = new ACE[numAces];
            for ( int i = 0; i < numAces; i++ ) {
                this.aces[ i ] = new ACE();
                bufferIndex += this.aces[ i ].decode(buffer, bufferIndex, len - bufferIndex);
            }
        }
        else {
            this.aces = null;
        }

        return bufferIndex - start;
    }

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <tt>WNET\alice</tt> tries to open a file

    }


    private void processAces ( ACE[] aces, boolean resolveSids ) throws IOException {
        String server = this.fileLocator.getServerWithDfs();
        int ai;

        if ( resolveSids ) {
            SID[] sids = new SID[aces.length];
            for ( ai = 0; ai < aces.length; ai++ ) {
                sids[ ai ] = aces[ ai ].getSID();
            }

     * <tt>S-X-Y-Z</tt> strings of fragments of).
     * <p>
     * Alternatively <tt>getSecurity(true)</tt> may be used to resolve all
     * SIDs together and detect network failures.
     * 
     * @return array of ACEs
     * @throws IOException
     */
    ACE[] getSecurity () throws IOException;


    /**
     * Return an array of Access Control Entry (ACE) objects representing

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <tt>WNET\alice</tt> tries to open a file

        if (info502.security_descriptor != null) {
            SecurityDescriptor sd;
            sd = new SecurityDescriptor(info502.security_descriptor, 0, info502.sd_size);
            return sd.aces;
        }
        return null;
    }