/**
     * Indicates datagram authentication.
     */
    int NTLMSSP_NEGOTIATE_DATAGRAM_STYLE = 0x00000040;

    /**
     * Indicates that the LAN Manager session key should be used for
     * signing and sealing authenticated communication.
     */
    int NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080;

    /**
     * ??? According to spec this is a reserved bit and must be set to zero
     */

        default -> getNTLMResponse(password, challenge);
        };
    }

    /**
     * Returns the signing key for SMB signing.
     *
     * @param challenge the server challenge bytes
     * @return the signing key
     * @throws SmbException if an error occurs generating the signing key
     */
    public byte[] getSigningKey(final byte[] challenge) throws SmbException {
        switch (LM_COMPATIBILITY) {

	jwtgo "github.com/golang-jwt/jwt/v4"
	jsoniter "github.com/json-iterator/go"
	"github.com/minio/minio/internal/bpool"
)

// SigningMethodHMAC - Implements the HMAC-SHA family of signing methods signing methods
// Expects key type of []byte for both signing and validation
type SigningMethodHMAC struct {
	Name       string
	Hash       crypto.Hash
	HasherPool bpool.Pool[hash.Hash]
}

// Specific instances for HS256, HS384, HS512

            this.integrity = integrity;
        }

        @Override
        public byte[] getSigningKey() throws CIFSException {
            if (this.signingKey == null) {
                throw new CIFSException("signing key not available");
            }
            return this.signingKey.clone();
        }

        @Override
        public boolean isEstablished() {
            return this.established;
        }

                            transport.digest = request.digest;
                        }

                        connectionState = 2;

                        state = 0;

                        break;
                    case 20:
                        if (nctx == null) {

    }

    @Test
    @DisplayName("Should create new connection when force signing differs")
    void testNoReuseWithDifferentSigning() throws Exception {
        // Given: An existing connection without signing enforced
        SmbTransportImpl initial = pool.getSmbTransport(ctx, address, 445, false, false);

        // Mock the negotiation response

 * [Ok2Curl](https://github.com/mrmike/Ok2Curl): Convert OkHttp requests into curl logs.
 * [OkHttp AWS Signer](https://github.com/babbel/okhttp-aws-signer): AWS V4 signing algorithm for OkHttp requests
 * [okhttp-digest](https://github.com/rburgst/okhttp-digest): A digest authenticator for OkHttp.

 *
 * Certificates are signed by other certificates and a sequence of them is called a certificate
 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their

    /**
    * Indicates datagram authentication.
    */
    int NTLMSSP_NEGOTIATE_DATAGRAM_STYLE = 0x00000040;

    /**
    * Indicates that the LAN Manager session key should be used for
    * signing and sealing authenticated communication.
    */
    int NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080;

    /**
     * Indicates support for NetWare authentication.
     */
    int NTLMSSP_NEGOTIATE_NETWARE = 0x00000100;

     * @param initialToken initial authentication token, if any
     * @param doSigning whether message signing should be enabled
     * @return a new SSP authentication context
     * @throws SmbException if context creation fails
     */
    SSPContext createContext(CIFSContext tc, String targetDomain, String host, byte[] initialToken, boolean doSigning) throws SmbException;

    /**