* with the server, including security requirements like message signing.
 *
 * @author mbechler
 */
public interface SmbNegotiationRequest {

    /**
     * Checks whether SMB message signing is enforced by the client.
     *
     * @return whether SMB signing is enforced
     */
    boolean isSigningEnforced();

     * @param tc
     *            context to use
     * @param auth
     *            credentials
     * @param doSigning
     *            whether signing is requested
     */
    public NtlmContext(final CIFSContext tc, final NtlmPasswordAuthenticator auth, final boolean doSigning) {
        this.transportContext = tc;
        this.auth = auth;

     * @param doSigning whether to enable message signing
     */
    public NtlmContext(final NtlmPasswordAuthentication auth, final boolean doSigning) {
        this.auth = auth;
        this.ntlmsspFlags =
                ntlmsspFlags | NtlmFlags.NTLMSSP_REQUEST_TARGET | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2 | NtlmFlags.NTLMSSP_NEGOTIATE_128;
        if (doSigning) {
            this.ntlmsspFlags |=

        assertFalse(result);
        verify(negotiationResponse).canReuse(null, false);
    }

    @Test
    @DisplayName("Test signing state combinations")
    void testSigningStateCombinations() {
        // Test all combinations of signing states

        // Signing disabled
        when(negotiationResponse.isSigningEnabled()).thenReturn(false);
        when(negotiationResponse.isSigningRequired()).thenReturn(false);

    class NegotiationConstants {

        @Test
        @DisplayName("Signing enabled flag should be 0x0001")
        void testSigningEnabledFlag() {
            assertEquals(0x0001, Smb2Constants.SMB2_NEGOTIATE_SIGNING_ENABLED, "Signing enabled flag must be 0x0001");
        }

        @Test
        @DisplayName("Signing required flag should be 0x0002")
        void testSigningRequiredFlag() {

        assertTrue(context.isEstablished());
        assertArrayEquals(serverChallenge, context.getServerChallenge());
        // Signing key may or may not be generated depending on flags negotiation
        // The context negotiates flags with server, so we can't guarantee signing key
    }

    @Test
    void testInitSecContext_state2_withoutSigning() throws Exception {

    /**
     * Whether the server requires encrypted passwords.
     */
    public boolean encryptedPasswords;
    /**
     * Whether message signing is enabled.
     */
    public boolean signaturesEnabled;
    /**
     * Whether message signing is required.
     */
    public boolean signaturesRequired;
    /**
     * Maximum number of virtual circuits.
     */
    public int maxNumberVcs;
    /**

 * operations during SMB authentication.
 *
 * @author mbechler
 */
public interface SSPContext {

    /**
     * Gets the signing key for the session.
     * @return the signing key for the session
     * @throws CIFSException if an error occurs retrieving the signing key
     */
    byte[] getSigningKey() throws CIFSException;

    /**
     * Checks whether the security context is established.

 *
 * @author mbechler
 */
public interface SmbResourceLocatorInternal extends SmbResourceLocator {

    /**
     * Determines whether SMB signing should be enforced for connections to this resource.
     *
     * @return whether to enforce the use of signing on connection to this resource
     */
    boolean shouldForceSigning();

    /**

     * @throws CIFSException if an error occurs retrieving the buffer size
     */
    int getMaximumBufferSize() throws CIFSException;

    /**
     * Checks if SMB message signing is active for this session
     * @return whether the session uses SMB signing
     * @throws CIFSException if a general CIFS error occurs
     * @throws SmbException if an SMB-specific error occurs
     */
    boolean areSignaturesActive() throws CIFSException;