passwordField.setAccessible(true);

        // Verify password exists before wipe
        char[] passwordBefore = (char[]) passwordField.get(authenticator);
        assertNotNull(passwordBefore, "Password should exist before wipe");
        assertArrayEquals(testPassword.toCharArray(), passwordBefore, "Password should match before wipe");

        // Wipe the password
        authenticator.secureWipePassword();

    }

    /**
     * Remove and securely wipe a session key
     *
     * @param sessionId unique session identifier
     */
    public void removeSessionKey(String sessionId) {
        checkNotClosed();

        // Remove from memory maps
        SecretKey secretKey = sessionKeys.remove(sessionId);
        byte[] rawKey = rawKeys.remove(sessionId);

        // Wipe the raw key bytes
        if (rawKey != null) {

        // Create threads that try to wipe or access password
        for (int i = 0; i < threadCount; i++) {
            final int index = i;
            new Thread(() -> {
                try {
                    startLatch.await();

                    if (index % 3 == 0) {
                        // Some threads wipe password
                        auth.secureWipePassword();

        // Securely wipe the modified session key
        SecureKeyManager.secureWipe(modifiedSessionKey);

        // Rotate keys using existing method
        rotateKeys(newEncryptionKey, newDecryptionKey);

        log.info("Automatic key rotation completed for session: {} (rotation count: {})", sessionId, rotationCount);
    }

    /**
     * Securely wipe encryption keys from memory
     */

        @DisplayName("Should not allow operations after secure wipe")
        void testNoOperationsAfterWipe() throws GeneralSecurityException {
            byte[] sessionKey = new byte[16];
            Arrays.fill(sessionKey, (byte) 0xDD);

            Smb2SigningDigest digest = new Smb2SigningDigest(sessionKey, Smb2Constants.SMB2_DIALECT_0300, new byte[0]);

            // Wipe the key
            digest.secureWipeKey();

            }
            return true; // Signature verification succeeded
        } finally {
            this.signingLock.unlock();
        }
    }

    /**
     * Securely wipe signing key from memory
     */
    public void secureWipeKey() {
        this.signingLock.lock();
        try {
            if (this.signingKey != null) {

        // When
        context.secureWipeKeys();

        // Then - keys should be wiped (we can't directly access them, but method should complete)
        assertDoesNotThrow(() -> context.secureWipeKeys(), "Should handle multiple wipe calls");
    }

    @Test
    @DisplayName("Should detect when key rotation is needed based on bytes encrypted")

            System.arraycopy(ciphertext, 0, result, GCM_IV_SIZE, ciphertext.length);

            return result;

        } finally {
            // Securely wipe plaintext bytes - guaranteed by try-finally
            if (plaintextBytes != null) {
                SecureKeyManager.secureWipe(plaintextBytes);
            }
        }
    }

    }

    /**
     * Securely wipes the password from memory
     */
    public void secureWipePassword() {
        if (this.password != null) {
            // Multi-pass secure wipe of password char array
            Arrays.fill(this.password, '\0');
            Arrays.fill(this.password, '\uFFFF');

        } else {
            char[] passwordChars = this.auth.getPasswordAsCharArray();
            if (passwordChars != null) {
                passwordString = new String(passwordChars);
                // Securely wipe the char array immediately after use
                java.util.Arrays.fill(passwordChars, '\0');
            }
        }

        return new Type3Message(this.transportContext, msg2, this.targetName, passwordString,