case 1:
            // NTLMv1 - deprecated and insecure
            log.warn("NTLMv1 LM response is deprecated and insecure. Consider using NTLMv2.");
            return NtlmUtil.getPreNTLMResponse(tc, getPasswordAsCharArray(), chlng);
        case 2:
            // NTLMv1 with NTLM response - still insecure
            log.warn("NTLMv1 NTLM response is deprecated and insecure. Consider using NTLMv2.");

        // Then
        assertNotNull(nonce1, "First secure nonce should not be null");
        assertNotNull(nonce2, "Second secure nonce should not be null");
        assertFalse(Arrays.equals(nonce1, nonce2), "Secure nonces should be different");
        assertTrue(nonce1.length > 0, "Secure nonce should have proper length");
    }

    @Test
    @DisplayName("Should handle concurrent secure nonce generation safely")

    }

    /**
     * Test secure negotiation requirement for SMB3
     */
    @Test
    public void testSecureNegotiateRequired() throws CIFSException {
        BaseConfiguration config = new BaseConfiguration(true);

        // Verify secure negotiate is required for SMB3
        assertTrue("Secure negotiate should be required for SMB3", config.isRequireSecureNegotiate());
    }

     */
    public void secureWipeKeys() {
        if (this.encryptionKey != null) {
            // Multi-pass secure wipe for enhanced security
            SecureKeyManager.secureWipe(this.encryptionKey);
            this.encryptionKey = null;
        }
        if (this.decryptionKey != null) {
            // Multi-pass secure wipe for enhanced security
            SecureKeyManager.secureWipe(this.decryptionKey);

        // We can't directly test if password is wiped since auth is out of scope,
        // but the close() method should have been called
    }

    /**
     * Test secure memory clearing in close()
     */
    @Test
    @DisplayName("Test secure memory clearing on close")
    public void testCloseSecurelyClearsMemory() {
        char[] testPassword = "CloseTestPass123!".toCharArray();

     */
    public static final String ISO_DATETIME_FORMAT = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";

    /**
     * The feature for secure processing in XML.
     */
    public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing";

    /**
     * The feature for external general entities in XML.
     */

     * @param max maximum protocol version
     */
    protected void initProtocolVersions(final DialectVersion min, final DialectVersion max) {
        // Default to SMB2 minimum for security - SMB1 is deprecated and insecure
        this.minVersion = min != null ? min : DialectVersion.SMB202;
        this.maxVersion = max != null ? max : DialectVersion.SMB311;

        if (this.minVersion.atLeast(this.maxVersion)) {

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Secure credential storage with encryption at rest.
 *
 * Provides secure storage of passwords and other sensitive credentials
 * using AES-GCM encryption with PBKDF2 key derivation.
 *
 * Features:
 * - Encrypts credentials at rest using AES-256-GCM
 * - Uses PBKDF2 for key derivation from master password
 * - Secure wiping of sensitive data
 * - Thread-safe operations

#                                                     Tomcat
#                                                     ------
tomcat.URIEncoding = UTF-8
tomcat.useBodyEncodingForURI = true
#tomcat.secure=false
#tomcat.scheme=http
#tomcat.bindAddress=127.0.0.1
#tomcat.proxyPort=

            log.debug("Secure negotiation does not apply");
            return;
        }

        final Smb2NegotiateResponse nego = (Smb2NegotiateResponse) trans.getNegotiateResponse();
        if (nego.getSelectedDialect().atLeast(DialectVersion.SMB311)) {
            // have preauth integrity instead
            log.debug("Secure negotiation does not apply, is SMB3.1");
            return;