this.integrity = integrity;
        }

        @Override
        public byte[] getSigningKey() throws CIFSException {
            if (this.signingKey == null) {
                throw new CIFSException("signing key not available");
            }
            return this.signingKey.clone();
        }

        @Override
        public boolean isEstablished() {
            return this.established;
        }

    }

    @Test
    @DisplayName("Should create new connection when force signing differs")
    void testNoReuseWithDifferentSigning() throws Exception {
        // Given: An existing connection without signing enforced
        SmbTransportImpl initial = pool.getSmbTransport(ctx, address, 445, false, false);

        // Mock the negotiation response

 *
 * Certificates are signed by other certificates and a sequence of them is called a certificate
 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their

                if (request.getDigest() != null) {
                    /* success - install the signing digest */
                    setDigest(request.getDigest());
                } else if (!anonymous && isSignatureSetupRequired()) {
                    throw new SmbException("Signing required but no session key available");
                }

                setSessionSetup(response);

 * [Ok2Curl](https://github.com/mrmike/Ok2Curl): Convert OkHttp requests into curl logs.
 * [OkHttp AWS Signer](https://github.com/babbel/okhttp-aws-signer): AWS V4 signing algorithm for OkHttp requests
 * [okhttp-digest](https://github.com/rburgst/okhttp-digest): A digest authenticator for OkHttp.

    /**
    * Indicates datagram authentication.
    */
    int NTLMSSP_NEGOTIATE_DATAGRAM_STYLE = 0x00000040;

    /**
    * Indicates that the LAN Manager session key should be used for
    * signing and sealing authenticated communication.
    */
    int NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080;

    /**
     * Indicates support for NetWare authentication.
     */
    int NTLMSSP_NEGOTIATE_NETWARE = 0x00000100;

            verify(transportPool).getSmbTransport(context, TEST_HOST, DEFAULT_PORT, true, false);
        }

        @Test
        @DisplayName("Should get transport by name with forced signing")
        void testGetSmbTransportByNameForceSigning() throws UnknownHostException, IOException {
            // Given

            if (LogStream.level >= 3) {
                SmbTransport.log.println("""
                        Default credentials (jcifs.smb1.smb1.client.username/password)\
                         not specified. SMB signing may not work propertly.\
                          Skipping DC interrogation.""");
            }
        } else {
            final SmbSession ssn = trans.getSmbSession(NtlmPasswordAuthentication.DEFAULT);

     * @param targetDomain the target domain for authentication
     * @param host the target host
     * @param initialToken initial authentication token, if any
     * @param doSigning whether message signing should be enabled
     * @return a new SSP authentication context
     * @throws SmbException if context creation fails
     */

                 * junk. We need to bump up the wordCount here so that this method returns
                 * the correct number of bytes for signing purposes. Otherwise we get a
                 * signing verification failure.
                 */
                if (command == SMB_COM_NT_CREATE_ANDX && ((SmbComNTCreateAndXResponse) this).isExtended) {
                    wordCount += 8;