/**
 * Computes the effective certificate chain from the raw array returned by Java's built in TLS APIs.
 * Cleaning a chain returns a list of certificates where the first element is `chain[0]`, each
 * certificate is signed by the certificate that follows, and the last certificate is a trusted CA
 * certificate.
 *
 * Use of the chain cleaner is necessary to omit unexpected certificates that aren't relevant to

            final int index = offset + SIGNATURE_OFFSET;
            for (int i = 0; i < SIGNATURE_LENGTH; i++) {
                data[index + i] = 0;
            }

            // set signed flag
            final int oldFlags = SMBUtil.readInt4(data, offset + 16);
            final int flags = oldFlags | ServerMessageBlock2.SMB2_FLAGS_SIGNED;
            SMBUtil.writeInt4(flags, data, offset + 16);

     */
    @Override
    public final boolean isError() {
        return this.error;
    }

    /**
     * Checks whether this SMB2 response packet has been signed.
     *
     * @return whether the packet has been signed.
     */
    public boolean isSigned() {
        return (getFlags() & SMB2_FLAGS_SIGNED) != 0;
    }

    /**
     * {@inheritDoc}
     *

  (the latter if this is not a complete fix) to this comment
+ If referring to a repo other than `golang/go` you can use the
  `owner/repo#issue_number` syntax: `Fixes golang/tools#1234`
+ We do not use Signed-off-by lines in Go. Please don't add them.
  Our Gerrit server & GitHub bots enforce CLA compliance instead.

    }

  val basicConstraints: Extension
    get() {
      return tbsCertificate.extensions.first {
        it.id == ObjectIdentifiers.BASIC_CONSTRAINTS
      }
    }

  /** Returns true if the certificate was signed by [issuer]. */
  @Throws(SignatureException::class)
  fun checkSignature(issuer: PublicKey): Boolean {
    val signedData = CertificateAdapters.tbsCertificate.toDer(tbsCertificate)

        @Test
        @DisplayName("Should handle signed/unsigned integer boundaries")
        void shouldHandleSignedUnsignedBoundaries() {
            // Test that GENERIC_READ is the highest bit (0x80000000)
            assertEquals(0x80000000, ACE.GENERIC_READ, "GENERIC_READ should be 0x80000000");
            assertTrue(ACE.GENERIC_READ < 0, "GENERIC_READ should be negative when treated as signed int");

<!--- Link to relevant issues or forum discussions here -->

### Contributor Checklist
- [ ] [Review Contribution Guidelines](https://github.com/gradle/gradle/blob/master/CONTRIBUTING.md).
- [ ] Make sure that all commits are [signed off](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff) to indicate that you agree to the terms of [Developer Certificate of Origin](https://developercertificate.org/).

  "token_type": "Bearer",
  "expires_in": 3600
}
```

### 4. JWT Claims

The id_token received is a signed JSON Web Token (JWT). Use a JWT decoder to decode the id_token to access the payload of the token that includes following JWT claims:

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.dcerpc.ndr;

/**
 * NDR representation of a short integer (2-byte signed integer).
 */
public class NdrShort extends NdrObject {

    /**
     * The short integer value.
     */
    public int value;

    /**
     * Constructs an NdrShort with the specified value.
     *

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.smb1.dcerpc.ndr;

/**
 * NDR representation of a short integer (2-byte signed integer).
 */
public class NdrShort extends NdrObject {

    /**
     * The short integer value.
     */
    public int value;

    /**
     * Constructs an NdrShort with the specified value.
     *