// Arrange
        int offset = 0;
        int length = testData.length;

        // Act
        signingDigest.sign(testData, offset, length, request, response);

        // Assert
        verify(signingDigest, times(1)).sign(testData, offset, length, request, response);
    }

    @Test
    @DisplayName("Test sign method with different offsets")
    void testSignWithDifferentOffsets() {

        byte[] expected = hex("8846F7EAEE8FB117AD06BDD830B7586C");

        // Act
        byte[] actual = NtlmUtil.getNTHash(password);

        // Assert
        assertArrayEquals(expected, actual, "NT hash must match known test vector");
    }

    @Test
    @DisplayName("getNTHash: verify different passwords produce different hashes")

    void toString_rendersHex(byte[] input, String expected) {
        // Arrange
        SecurityBlob blob = new SecurityBlob(input);

        // Act
        String actual = blob.toString();

        // Assert
        assertEquals(expected, actual, "Hex string should match expected format");
    }

    // Ensures a default-constructed blob starts empty and stable across APIs
    @Test

    @DisplayName("Edge: null is not an instance of the interface")
    void testNullIsNotInstance() {
        // Assert
        assertFalse(SessionSetupHandler.class.isInstance(null));
    }

    @Test
    @DisplayName("Invalid: looking up constructor on interface fails")
    void testNoConstructorLookup() {
        // Act & Assert: interfaces have no constructors

            // Arrange
            SmbFile parent = new SmbFile(url);

            // Act + Assert
            SmbException ex = assertThrows(SmbException.class, () -> SmbEnumerationUtil.doShareEnum(parent, "*", 0, null, null));

            // Assert message indicates which validation failed
            if (expectDirSlashMsg) {

    @DisplayName("byte[] ctor: empty token throws PACDecodingException with clear message")
    void byteArrayConstructor_emptyToken_throws() {
        // Arrange
        byte[] empty = new byte[0];

        // Act + Assert
        PACDecodingException ex = assertThrows(PACDecodingException.class, () -> new KerberosApRequest(empty, new KerberosKey[0]));
        assertTrue(ex.getMessage().contains("Empty kerberos ApReq"));
    }

    @Test

    void defaultConstructor_hasNullMessageAndCause_andDefaultStatus() {
        // Arrange & Act
        SMBSignatureValidationException ex = new SMBSignatureValidationException();

        // Assert
        assertNull(ex.getMessage(), "Default ctor should not set a message");
        assertNull(ex.getCause(), "Default ctor should not set a cause");

        // Arrange
        StaticJAASConfiguration cfg = new StaticJAASConfiguration();

        // Act
        AppConfigurationEntry[] entries = cfg.getAppConfigurationEntry("ignored");

        // Assert
        assertNotNull(entries, "Entries array should not be null");
        assertEquals(1, entries.length, "Exactly one entry is expected");
        AppConfigurationEntry e = entries[0];

            // Assert
            assertEquals("S-1-5-21-99", s);
            assertEquals(99, sid.getRid());
        }

        @Test
        @DisplayName("Textual constructor invalid format throws SmbException")
        void testTextualConstructorInvalid() {
            // Arrange
            String bad = "S-1"; // fewer than 3 tokens

            // Act + Assert

        when(mockConnection.getRequestProperty("Accept")).thenReturn("application/json");

        // Act
        ntlmConnection = new NtlmHttpURLConnection(mockConnection, mockCifsContext);

        // Assert
        assertEquals("GET", ntlmConnection.getRequestMethod());
        assertTrue(ntlmConnection.getAllowUserInteraction());
        assertTrue(ntlmConnection.getDoInput());
        assertTrue(ntlmConnection.getDoOutput());