/*
           * When we block access to AtomicReferenceFieldUpdater, we can't even reflect on
           * AbstractFuture, since it declares methods that use that type in their signatures.
           */
          && !method.getName().equals("testFutures_nullChecks")) {
        suite.addTest(
            TestSuite.createTest(

    .heldCertificate(serverCertificate, intermediateCertificate.certificate())
    .build();
```

The client only needs to know the trusted root certificate. It checks the server's certificate by
validating the signatures within the chain.

```java
HandshakeCertificates clientCertificates = new HandshakeCertificates.Builder()
    .addTrustedCertificate(rootCertificate.certificate())
    .build();

          issuerUniqueID = null,
          subjectUniqueID = null,
          extensions = extensions(),
        )

      // Signature.
      val signature =
        Signature.getInstance(tbsCertificate.signatureAlgorithmName).run {
          initSign(issuerKeyPair.private)
          update(CertificateAdapters.tbsCertificate.toDer(tbsCertificate).toByteArray())
          sign().toByteString()

        assertTrue(result); // Signature mismatch expected
    }

    @Test
    @DisplayName("Test verify method with invalid signature")
    void testVerifyWithInvalidSignature() {
        SMB1SigningDigest digest = new SMB1SigningDigest(testMacSigningKey);
        byte[] data = new byte[100];

        // Set invalid signature
        for (int i = 0; i < 8; i++) {

            fail("Should be able to access protected constructor: " + e.getMessage());
        }
    }

    public void test_static_method_signatures() {
        // Verify all public static methods exist with correct signatures
        try {
            // printThreadDump()
            java.lang.reflect.Method printMethod = ThreadDumpUtil.class.getMethod("printThreadDump");

        if (!this.useNTSmbs) {
            log.debug("No support for NT SMBs");
        }

        // there seems to be a bug with some servers that causes corruption if using signatures +
        // CAP_LARGE_WRITE
        if (th.hasCapability(SmbConstants.CAP_LARGE_WRITEX) && !th.areSignaturesActive()) {
            this.writeSizeFile = Math.min(th.getConfig().getSendBufferSize() - 70, 0xFFFF - 70);

If you want to play with JWT tokens and see how they work, check <a href="https://jwt.io/" class="external-link" target="_blank">https://jwt.io</a>.

## Install `PyJWT` { #install-pyjwt }

        serverData.sessKey = 0x12345678;
        serverData.scapabilities = 0x8000F3FD; // Various capabilities
        serverData.oemDomainName = "WORKGROUP";
        serverData.securityMode = 0x0F; // User + encrypt passwords + signatures
        serverData.security = 1; // User level
        serverData.encryptedPasswords = true;
        serverData.signaturesEnabled = true;
        serverData.signaturesRequired = false;

        if (log.isDebugEnabled() && trans.isSigningOptional() && !loc.isIPC() && !this.ctx.getConfig().isSigningEnforced()) {
            log.debug("Signatures for file enabled but not required " + this);
        }

        if (referral != null) {
            t.markDomainDfs();
        }

        try {
            if (log.isTraceEnabled()) {

            }

            // there seems to be a bug with some servers that causes corruption if using signatures + CAP_LARGE_WRITE
            if (th.hasCapability(SmbConstants.CAP_LARGE_WRITEX) && !th.areSignaturesActive()) {
                this.writeSize = Math.min(th.getConfig().getSendBufferSize() - 70, 0xFFFF - 70);
            }