@Test
    @DisplayName("reauthenticate throws CIFSException when underlying call fails")
    void reauthenticate_throws() throws CIFSException {
        doThrow(new CIFSException("reauth failed")).when(session).reauthenticate();
        CIFSException ex = assertThrows(CIFSException.class, () -> session.reauthenticate());
        assertTrue(ex.getMessage().contains("failed"));

                    request.setDigest(getDigest());
                }

                if (request instanceof RequestWithPath rpath) {
                    ((RequestWithPath) request).setFullUNCPath(getTargetDomain(), getTargetHost(), rpath.getFullUNCPath());
                }

                try {
                    if (log.isTraceEnabled()) {
                        log.trace("Request " + request);

    }

    @Test
    @DisplayName("Should derive unique keys for different preauth values")
    void testDeriveKeys_UniquePreauthValues() {
        // Given
        byte[] preauth1 = new byte[64];
        byte[] preauth2 = new byte[64];
        new SecureRandom().nextBytes(preauth1);
        new SecureRandom().nextBytes(preauth2);
        int dialect = Smb2Constants.SMB2_DIALECT_0311;

        // When

            }
        }
        final NtlmAuthenticator auth = NtlmAuthenticator.getDefault();
        if (auth != null) {
            final NtlmPasswordAuthenticator newAuth =
                    NtlmAuthenticator.requestNtlmPasswordAuthentication(auth, locationHint, error instanceof SmbAuthException s ? s : null);
            if (newAuth != null) {
                this.creds = newAuth;
                return true;
            }
        }

            if (enforceIntegrity) {
                throw new CIFSException("No preauth integrity context found for session: " + sessionId);
            }
            log.warn("No preauth integrity context for session {}, skipping update", sessionId);
            return;
        }

        if (!context.isValid()) {
            throw new CIFSException("Preauth integrity context is invalid for session: " + sessionId);
        }

    }

    /**
     * Test that pre-auth hash is reset on error
     */
    @Test
    @DisplayName("Pre-auth integrity hash should reset on error")
    void testPreauthHashResetOnError() throws Exception {
        // Setup invalid SMB2 state to trigger error
        setPrivateField(transport, "smb2", false);

        // Try to update preauth hash - should fail and reset

    // Secure key management
    private SecureKeyManager keyManager;
    private String sessionId;
    private volatile boolean closed = false;

    // Store session key and preauth hash for key rotation
    private byte[] sessionKey;
    private byte[] preauthIntegrityHash;
    private int rotationCount = 0;

    // Key rotation tracking - use atomic for lock-free operations

        CIFSException last = null;
        final RequestWithPath rpath = request instanceof RequestWithPath r ? r : null;
        final String savedPath = rpath != null ? rpath.getPath() : null;
        final String savedFullPath = rpath != null ? rpath.getFullUNCPath() : null;

        final String fullPath = "\\" + loc.getServer() + "\\" + loc.getShare() + loc.getUNCPath();

    private int[] hashAlgos;
    private byte[] salt;

    /**
     * Constructs a preauth integrity negotiate context with the specified parameters.
     *
     * @param config the SMB configuration
     * @param hashAlgos the supported hash algorithms
     * @param salt the salt value for preauth integrity
     */

        void testDifferentContextTypes() {
            PreauthIntegrityNegotiateContext preauth = new PreauthIntegrityNegotiateContext();
            EncryptionNegotiateContext encryption = new EncryptionNegotiateContext();

            assertNotEquals(preauth.getContextType(), encryption.getContextType());
            assertEquals(0x1, preauth.getContextType());
            assertEquals(0x2, encryption.getContextType());
        }