void testShareFlags() throws Exception {
            // Test encryption flag
            setPrivateField(response, "shareFlags", Smb2TreeConnectResponse.SMB2_SHAREFLAG_ENCRYPT_DATA);
            assertEquals(Smb2TreeConnectResponse.SMB2_SHAREFLAG_ENCRYPT_DATA, response.getShareFlags(), "Should handle encryption flag");

            // Test multiple flags

import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Secure key management for SMB encryption.
 * Provides centralized management of encryption keys with secure storage and cleanup.
 *
 * Features:
 * - Secure key storage with optional KeyStore integration
 * - Automatic key cleanup on close
 * - Thread-safe key management

                && this.server.encryptionKeyLength != 8 && ctx.getConfig().getLanManCompatibility() == 0) {
            log.warn("Unexpected encryption key length: " + this.server.encryptionKeyLength);
            return false;
        }

        if (req.isSigningEnforced() || this.server.signaturesRequired

     * Creates a byte array representing a Kerberos ticket for testing purposes.
     * @param version Kerberos version
     * @param realm Server realm
     * @param principalName Server principal name
     * @param encType Encryption type
     * @param encryptedData Encrypted data
     * @param unknownTag Optional unknown tag number to test error handling
     * @return A byte array representing the ticket
     * @throws IOException on encoding error

## `python-jose` installieren.

Wir müssen <abbr title="JOSE: JavaScript Object Signing and Encryption">`python-jose`</abbr> installieren, um die JWT-Tokens in Python zu generieren und zu verifizieren:

<div class="termy">

```console
$ pip install "python-jose[cryptography]"

---> 100%
```

</div>

 *
 *  * **A validity interval.** A certificate should not be used before its validity interval starts
 *    or after it ends.
 *
 *  * **A public key.** This cryptographic key is used for asymmetric encryption digital signatures.
 *    Note that the private key is not a part of the certificate!
 *
 *  * **A signature issued by another certificate's private key.** This mechanism allows a trusted

     * @return the transport context used
     */
    public abstract CIFSContext getTransportContext();

    /**
     * Gets the session key from the underlying SMB session for encryption
     * @return session key of the underlying smb session
     * @throws CIFSException if unable to retrieve the session key
     */
    public abstract byte[] getSessionKey() throws CIFSException;

    @Override

        SmbTransportImpl acquired = transport.acquire();
        assertSame(transport, acquired);
        transport.close(); // release once
    }

    @Test
    @DisplayName("Server encryption key is returned for SMB1 negotiation only")
    void serverEncryptionKey() {
        // No negotiation yet -> null
        assertNull(transport.getServerEncryptionKey());

        // SMB1 negotiation with server data

    }

    /**
     * Test large byte arrays
     */
    @Test
    @DisplayName("Test large byte arrays")
    public void testLargeByteArrays() {
        // Test with large encryption key
        byte[] largeKey = new byte[256];
        for (int i = 0; i < largeKey.length; i++) {
            largeKey[i] = (byte) (i % 256);
        }
        serverData.encryptionKey = largeKey;

    }

    /**
     * Constructs a signing digest from transport and authentication information
     *
     * @param transport
     *            The SMB transport containing server encryption key
     * @param auth
     *            The NTLM password authenticator containing user credentials
     * @throws SmbException
     *             If there is an error setting up the signing digest
     */