<property name="cookieKey">"fessRoles"</property>
		<property name="encryptedCookieValue">true</property>
		<property name="cipher">
			<component class="org.codelibs.core.crypto.CachedCipher">
				<property name="key">"1234567890123456"</property>
			</component>
		</property>
		<property name="valueSeparator">"\\n"</property>
		<property name="roleSeparator">","</property>
		 -->

            this.opad[i] = (byte) (key[i] ^ OPAD);
        }
        for (int i = length; i < BLOCK_LENGTH; i++) {
            this.ipad[i] = IPAD;
            this.opad[i] = OPAD;
        }

        this.md5 = Crypto.getMD5();
        engineReset();
    }

    private HMACT64(final HMACT64 hmac) throws CloneNotSupportedException {
        super("HMACT64");
        this.ipad = hmac.ipad;
        this.opad = hmac.opad;

- **Concurrent Utilities** (`org.codelibs.core.concurrent`) - Thread-safe collections and concurrency helpers using modern concurrent APIs
- **Crypto & Security** (`org.codelibs.core.crypto`, `org.codelibs.core.security`) - Basic cryptographic utilities, message digest operations, and secure random generation

import static org.junit.jupiter.api.Assertions.assertThrows;

import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;

import org.junit.jupiter.api.Test;

/**
 * Tests for the PacMac class.
 */

import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**

			<artifactId>tika-parser-code-module</artifactId>
			<version>${tika.version}</version>
		</dependency>
		<dependency>
			<groupId>org.apache.tika</groupId>
			<artifactId>tika-parser-crypto-module</artifactId>
			<version>${tika.version}</version>
		</dependency>
		<dependency>
			<groupId>org.apache.tika</groupId>
			<artifactId>tika-parser-digest-commons</artifactId>

         * techinque that NTLMv2 specifically thwarts. A real NTLM Filter would
         * need to do a NETLOGON RPC that JCIFS will likely never implement
         * because it requires a lot of extra crypto not used by CIFS.
         */
        Config.setProperty("jcifs.smb1.smb.lmCompatibility", "0");
        Config.setProperty("jcifs.smb1.smb.client.useExtendedSecurity", "false");

import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.when;

import java.security.GeneralSecurityException;
import java.util.Arrays;

import javax.crypto.ShortBufferException;

import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.params.ParameterizedTest;

import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.codelibs.core.crypto.CachedCipher;
import org.codelibs.core.lang.StringUtil;
import org.codelibs.fess.app.service.AccessTokenService;
import org.codelibs.fess.entity.SearchRequestParams.SearchRequestType;

         * technique that NTLMv2 specifically thwarts. A real NTLM Filter would
         * need to do a NETLOGON RPC that JCIFS will likely never implement
         * because it requires a lot of extra crypto not used by CIFS.
         */
        p.setProperty("jcifs.smb.lmCompatibility", "0");
        p.setProperty("jcifs.smb.client.useExtendedSecurity", "false");