if (super.equals(obj)) {
            if (!(obj instanceof final NtlmPasswordAuthentication ntlm)) {
                return !this.areHashesExternal();
            }
            if (this.areHashesExternal() && ntlm.areHashesExternal()) {
                return Arrays.equals(this.ansiHash, ntlm.ansiHash) && Arrays.equals(this.unicodeHash, ntlm.unicodeHash);
                /*

import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;

/**
 * Test suite for jcifs.https.Handler class.
 * Tests HTTPS URL stream handler functionality with NTLM authentication support.
 */
@DisplayName("HTTPS Handler Tests")
class HandlerTest {

    private Handler handler;

    @BeforeEach
    void setUp() {
        handler = new Handler(null);
    }

     * potential NTLM fallback (if the server does not support kerberos).
     *
     * @param subject
     *            represents the user who perform Kerberos authentication. Should at least contain a TGT for the user.
     * @param domain
     *            domain for NTLM fallback
     * @param username
     *            user for NTLM fallback
     * @param password

                if (hashesExternal && ntlm.hashesExternal) {
                    return Arrays.equals(ansiHash, ntlm.ansiHash) && Arrays.equals(unicodeHash, ntlm.unicodeHash);
                    /* This still isn't quite right. If one npa object does not have external
                     * hashes and the other does then they will not be considered equal even

     * The NTLMSSP "preamble".
     */
    protected static final byte[] NTLMSSP_SIGNATURE =
            { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M', (byte) 'S', (byte) 'S', (byte) 'P', (byte) 0 };

    /**
     * NTLM version
     */
    protected static final byte[] NTLMSSP_VERSION = { 6, 1, 0, 0, 0, 0, 0, 15 };

    /**
     * NTLMSSP Type 1 message identifier.
     */
    protected static final int NTLMSSP_TYPE1 = 0x1;

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).flushBuffer();
    }

    /**
     * Test doGet with NTLM authentication for directory listing
     * This test verifies the authentication flow without actual network operations
     */
    @Test

- **Secure Key Management**: Proper key derivation and nonce generation

### Core Features
- **Per-context configuration**: No global state, each context encapsulates configuration
- **Authentication**: NTLM, Kerberos, SPNEGO unified subsystem
- **SLF4J Logging**: Comprehensive logging throughout the codebase
- **Resource Management**: AutoCloseable patterns for file handles and connections

        return principal.getName();
    }

    @Override
    public Principal getUserPrincipal() {
        return principal;
    }

    @Override
    public String getAuthType() {
        return "NTLM";
    }

        return this.principal.getName();
    }

    @Override
    public Principal getUserPrincipal() {
        return this.principal;
    }

    @Override
    public String getAuthType() {
        return "NTLM";
    }

 */
package jcifs.ntlmssp.av;

import jcifs.internal.util.SMBUtil;

/**
 * NTLMSSP AV (Attribute-Value) pair representing flags information.
 * Contains flag values used in NTLM authentication attribute-value pairs.
 *
 * @author mbechler
 */
public class AvFlags extends AvPair {

    /**
     * Constructs an AV flags pair from raw bytes
     * @param raw the raw flag bytes
     */