class NegotiationConstants {

        @Test
        @DisplayName("Signing enabled flag should be 0x0001")
        void testSigningEnabledFlag() {
            assertEquals(0x0001, Smb2Constants.SMB2_NEGOTIATE_SIGNING_ENABLED, "Signing enabled flag must be 0x0001");
        }

        @Test
        @DisplayName("Signing required flag should be 0x0002")
        void testSigningRequiredFlag() {

tasks.withType<Sign>().configureEach { isEnabled = signArtifacts }

signing {
    useInMemoryPgpKeys(
        project.providers.environmentVariable("PGP_SIGNING_KEY").orNull,
        project.providers.environmentVariable("PGP_SIGNING_KEY_PASSPHRASE").orNull
    )
    publishing.publications.configureEach {
        if (signArtifacts) {
            signing.sign(this)
        }
    }
}

fun configureJavadocVariant() {

    // If the problem was a CertificateException from the X509TrustManager, do not retry.
    e is SSLHandshakeException && e.cause is CertificateException -> false

    // e.g. a certificate pinning error.
    e is SSLPeerUnverifiedException -> false

    // Retry for all other SSL failures.
    e is SSLException -> true

    else -> false

 * operations during SMB authentication.
 *
 * @author mbechler
 */
public interface SSPContext {

    /**
     * Gets the signing key for the session.
     * @return the signing key for the session
     * @throws CIFSException if an error occurs retrieving the signing key
     */
    byte[] getSigningKey() throws CIFSException;

    /**
     * Checks whether the security context is established.

        // only A, C, and E are whitelisted duplicates will occur. When scanning projects A, C, and E, those will be
        // added to 'filtered' as they are whitelisted. When scanning B and D, they are not whitelisted, and since
        // transitive is false, their downstream dependencies will be added to 'filtered'. E is a downstream dependency
        // of A, B, C, and D, so when scanning B and D, E will be added again 'filtered'.
        //

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

allprojects {
    tasks.withType(JavaCompile).configureEach {
        outputs.doNotCacheIf("CodeQL scanning", { true })
    }

 * certificate.
 *
 * Use of the chain cleaner is necessary to omit unexpected certificates that aren't relevant to
 * the TLS handshake and to extract the trusted CA certificate for the benefit of certificate
 * pinning.
 */
abstract class CertificateChainCleaner {
  @Throws(SSLPeerUnverifiedException::class)
  abstract fun clean(
    chain: List<Certificate>,
    hostname: String,
  ): List<Certificate>

  companion object {

     * @throws CIFSException if an error occurs retrieving the buffer size
     */
    int getMaximumBufferSize() throws CIFSException;

    /**
     * Checks if SMB message signing is active for this session
     * @return whether the session uses SMB signing
     * @throws CIFSException if a general CIFS error occurs
     * @throws SmbException if an SMB-specific error occurs
     */
    boolean areSignaturesActive() throws CIFSException;

     * Gets the session key after successful authentication
     *
     * @return the session key or null if not available
     */
    byte[] getSessionKey();

    /**
     * Gets the signing key for SMB2/3
     *
     * @return the signing key or null if not available
     */
    byte[] getSigningKey();

    /**
     * Validates authentication credentials
     *
     * @return true if credentials are valid
     */

 *
 * @author mbechler
 */
public interface SmbResourceLocatorInternal extends SmbResourceLocator {

    /**
     * Determines whether SMB signing should be enforced for connections to this resource.
     *
     * @return whether to enforce the use of signing on connection to this resource
     */
    boolean shouldForceSigning();

    /**