}

  /** Hasher that updates a message digest. */
  private static final class MessageDigestHasher extends AbstractByteHasher {
    private final MessageDigest digest;
    private final int bytes;
    private boolean done;

    private MessageDigestHasher(MessageDigest digest, int bytes) {
      this.digest = digest;
      this.bytes = bytes;
    }

    @Override

    protected byte[] engineDigest() {
        final byte[] digest = this.md5.digest();
        this.md5.update(this.opad);
        return this.md5.digest(digest);
    }

    @Override
    protected int engineDigest(final byte[] buf, final int offset, final int len) {
        final byte[] digest = this.md5.digest();
        this.md5.update(this.opad);
        this.md5.update(digest);
        try {

    protected byte[] engineDigest() {
        final byte[] digest = md5.digest();
        md5.update(opad);
        return md5.digest(digest);
    }

    @Override
    protected int engineDigest(final byte[] buf, final int offset, final int len) {
        final byte[] digest = md5.digest();
        md5.update(opad);
        md5.update(digest);
        try {
            return md5.digest(buf, offset, len);
        } catch (final Exception ex) {

 * token68:
 *
 * ```
 * WWW-Authenticate: Digest foo=bar
 * WWW-Authenticate: Digest foo=
 * ```
 *
 * Similarly, the first line has one challenge and the second line has two challenges:
 *
 * ```
 * WWW-Authenticate: Digest ,foo=bar
 * WWW-Authenticate: Digest ,foo
 * ```
 */
fun Headers.parseChallenges(headerName: String): List<Challenge> {

client = TestClient(app)


def test_security_http_digest():
    response = client.get("/users/me", headers={"Authorization": "Digest foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Digest", "credentials": "foobar"}


def test_security_http_digest_no_credentials():
    response = client.get("/users/me")

    /**
     * Get an MD4 message digest instance.
     * @return MD4 digest instance
     */
    public static MessageDigest getMD4() {
        try {
            return MessageDigest.getInstance("MD4", getProvider());
        } catch (final NoSuchAlgorithmException e) {
            throw new CIFSUnsupportedCryptoException(e);
        }
    }

    /**
     * Get an MD5 message digest instance.
     * @return MD5 digest instance

     */
    int encode(byte[] dst, int dstIndex);

    /**
     * Sets the signing digest for this message.
     *
     * @param digest the signing digest to set
     */
    void setDigest(SMBSigningDigest digest);

    /**
     * Gets the signing digest for this message.
     *
     * @return the signing digest
     */
    SMBSigningDigest getDigest();

    /**

        assertEquals(expectedEncodeLength, response.encode(dst, dstIndex));

        // Test digest methods
        doNothing().when(response).setDigest(digest);
        when(response.getDigest()).thenReturn(digest);
        response.setDigest(digest);
        assertEquals(digest, response.getDigest());

        // Test mid methods
        long mid = 123456L;

    - name: Update the RBE Configs
      run: |
        function map() {
          # The "digest" that allows us to pull an image is not the digest as
          # returned by the API, but a sha256sum of the entire chunk of image
          # metadata. gcr.io helpfully includes it in the header of the response
          # as docker-content-digest: sha256:[digest]. Note we use egrep to
          # match exactly sha256:<hash> because curl may include a ^M symbol at

    }

    @Test
    @DisplayName("isSignatureSetupRequired depends on digest and negotiate flags")
    void testIsSignatureSetupRequired() throws Exception {
        SmbSessionImpl session = newSession();

        // Case 1: digest already set -> false
        SMBSigningDigest dg = mock(SMBSigningDigest.class);
        setField(session, "digest", dg);
        assertFalse(session.isSignatureSetupRequired());