* @throws SmbException if an error occurs checking signing status
     */
    boolean isSigningEnforced() throws SmbException;

    /**
     * Gets the server's encryption key for authentication.
     *
     * @return the encryption key used by the server
     */
    byte[] getServerEncryptionKey();

    /**
     * Gets or creates an SMB session for the given context.
     *

    /**
    * Indicates that 128-bit encryption is supported.
    */
    int NTLMSSP_NEGOTIATE_128 = 0x20000000;

    /**
     * Indicates that key exchange is supported for session security.
     */
    int NTLMSSP_NEGOTIATE_KEY_EXCH = 0x40000000;

    /**
    * Indicates that 56-bit encryption is supported.
    */
    int NTLMSSP_NEGOTIATE_56 = 0x80000000;

    }

    @Test
    @DisplayName("Test log encryption")
    void testLogEncryption() {
        logger.logEncryption(true, "AES-128-GCM", "SMB3.1.1");

        Map<EventType, Long> stats = logger.getStatistics();
        assertEquals(Long.valueOf(1), stats.get(EventType.ENCRYPTION_ENABLED), "Should have 1 encryption event");
    }

    @Test
    @DisplayName("Test log security violation")

        when {
          message == "adding as trusted certificates" -> Type.Setup
          message == "Raw read" || message == "Raw write" -> Type.Encrypted
          message == "Plaintext before ENCRYPTION" || message == "Plaintext after DECRYPTION" -> Type.Plaintext
          message.startsWith("System property ") -> Type.Setup
          message.startsWith("Reload ") -> Type.Setup
          message == "No session to resume." -> Type.Handshake

     * negotiation, SMB encryption is not implemented yet.
     *
     * @return whether SMB encryption is enabled
     * @since 2.1
     */
    boolean isEncryptionEnabled();

    /**
     * Property {@code jcifs.smb.client.preferredCiphers} (string, default "AES_128_GCM,AES_128_CCM,AES_256_GCM,AES_256_CCM")
     *
     * @return preferred encryption cipher list in order of preference for SMB3 encryption

                                  'testbucket',
                                  'hosts',
                                  ExtraArgs={'ServerSideEncryption': 'AES256'})

# Upload with server side encryption, using temporary credentials
s3.meta.client.upload_file('/etc/hosts',
                           'testbucket',
                           'hosts',
                           ExtraArgs={'ServerSideEncryption': 'AES256'})

// while reading the object from another source.
// Notice: The S3 client can send secret keys in headers for encryption related jobs,
// the handler should ensure to remove these keys before sending them to the object layer.
// Currently these keys are:
//   - X-Amz-Server-Side-Encryption-Customer-Key
//   - X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key
func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Request) {

...
```

### Encrypted/Object locked objects

 */

package jcifs.dcerpc;

import jcifs.dcerpc.ndr.NdrBuffer;

/**
 * Interface for providing security services for DCE/RPC communications.
 * This interface abstracts authentication and encryption mechanisms.
 */
public interface DcerpcSecurityProvider {

    /**
     * Wraps outgoing DCERPC message data for security protection
     * @param outgoing the buffer containing data to be wrapped

	logger.LogOnceIf(ctx, "ilm", err, id, errKind...)
}

func encLogIf(ctx context.Context, err error, errKind ...any) {
	logger.LogIf(ctx, "encryption", err, errKind...)
}

func encLogOnceIf(ctx context.Context, err error, id string, errKind ...any) {
	logger.LogOnceIf(ctx, "encryption", err, id, errKind...)
}

func storageLogIf(ctx context.Context, err error, errKind ...any) {
	logger.LogIf(ctx, "storage", err, errKind...)