mutated[0]++;
    assertTrue(Arrays.equals(original, hash.asBytes()));
  }

  private static void assertReadableBytes(HashCode hashCode) {
    assertTrue(hashCode.bits() >= 32); // sanity
    byte[] hashBytes = hashCode.asBytes();
    int totalBytes = hashCode.bits() / 8;

    for (int bytes = 0; bytes < totalBytes; bytes++) {
      byte[] bb = new byte[bytes];
      hashCode.writeBytesTo(bb, 0, bb.length);

        ace.flags = ACE.FLAGS_OBJECT_INHERIT | ACE.FLAGS_INHERITED;
        assertEquals("This folder and files", ace.getApplyToText());

        // Test with high bits set (should mask to relevant bits)
        ace.flags = 0xF0 | ACE.FLAGS_CONTAINER_INHERIT;
        assertEquals("This folder and subfolders", ace.getApplyToText());
    }

    @Test

     * This tests the underlying SMBUtil.readInt8 behavior.
     */
    @Test
    public void testGetTimestampNegative() {
        long expectedTimestamp = -1L; // Represents all bits set to 1 for an 8-byte long
        byte[] rawBytes = new byte[8];
        SMBUtil.writeInt8(expectedTimestamp, rawBytes, 0);
        AvTimestamp avTimestamp = new AvTimestamp(rawBytes);

        assertNotNull(type1Token);
        assertTrue(type1Token.length > 0);

        // Decode the token to verify its properties
        Type1Message type1Message = new Type1Message(type1Token);
        // Type1Message ORs default flags with provided flags; ensure expected bits are present
        assertTrue((type1Message.getFlags() & context.ntlmsspFlags) == context.ntlmsspFlags);

		return path.Base(path.Clean(fi.h.Name))
	}
	return path.Base(fi.h.Name)
}

// Mode returns the permission and mode bits for the headerFileInfo.
func (fi headerFileInfo) Mode() (mode fs.FileMode) {
	// Set file permission bits.
	mode = fs.FileMode(fi.h.Mode).Perm()

	// Set setuid, setgid and sticky bits.
	if fi.h.Mode&c_ISUID != 0 {
		mode |= fs.ModeSetuid
	}
	if fi.h.Mode&c_ISGID != 0 {
		mode |= fs.ModeSetgid

        return new AbstractIterator<Set<E>>() {
          final BitSet bits = new BitSet(index.size());

          @Override
          protected @Nullable Set<E> computeNext() {
            if (bits.isEmpty()) {
              bits.set(0, size);
            } else {
              int firstSetBit = bits.nextSetBit(0);
              int bitToFlip = bits.nextClearBit(firstSetBit);

  }

  @Throws(EOFException::class)
  private fun skipName(source: Buffer) {
    // 0 - 63 bytes
    var length = source.readByte().toInt()

    if (length < 0) {
      // compressed name pointer, first two bits are 1
      // drop second byte of compression offset
      source.skip(1)
    } else {
      while (length > 0) {
        // skip each part of the domain name
        source.skip(length.toLong())

 */
@ExtendWith(MockitoExtension.class)
public class SmbAuthExceptionTest {

    /**
     * Provide representative error codes for the int constructor.
     * - NT status code (high bits set)
     * - Success code (0)
     * - Non-NT small code to exercise default mapping to NT_STATUS_UNSUCCESSFUL
     */
    static Stream<Arguments> intErrorCodes() {

  var tag: Long,
  /**
   * If the constructed bit is set it indicates that the value is composed of other values that have
   * their own headers.
   *
   * This value is encoded in bit 6 of the first byte of each value.
   *
   * ```
   * 0bxx0xxxxx Primitive
   * 0bxx1xxxxx Constructed
   * ```
   */
  var constructed: Boolean,
  /** Length of the message in bytes, or -1L if its length is unknown at the time of encoding. */

Further any secret key (apart from the KMS-generated ones) is 256 bits long. The KMS-generated keys may be 256 bits but this depends on the KMS capabilities and configuration.