}
        final byte[] signature = digest();
        for (int i = 0; i < 8; i++) {
            if (signature[i] != data[offset + SmbConstants.SIGNATURE_OFFSET + i]) {
                if (LogStream.level >= 2) {
                    log.println("signature verification failure");
                    Hexdump.hexdump(log, signature, 0, 8);

    @Test
    @DisplayName("Should set and get signature")
    void testSignature() {
        // Given
        byte[] signature = new byte[16];
        new SecureRandom().nextBytes(signature);

        // When
        transformHeader.setSignature(signature);

        // Then
        assertArrayEquals(signature, transformHeader.getSignature());
    }

    @Test

 */
package jcifs.pac;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;

/**
 * Represents a PAC signature structure containing checksum type and data.
 * This class parses and holds signature information from Kerberos PAC data,
 * supporting various checksum algorithms including HMAC-MD5 and HMAC-SHA1 with AES.
 */
public class PacSignature {

    /**

     */
    void sign(byte[] data, int offset, int length, CommonServerMessageBlock request, CommonServerMessageBlock response);

    /**
     * Performs MAC signature verification. This calculates the signature
     * of the SMB and compares it to the signature field on the SMB itself.
     *
     * @param data
     *            The data.
     * @param offset
     *            The starting offset at which the SMB header begins.

```

### Verifying signatures

Once you've downloaded a Gradle JAR file or a distribution and its corresponding signature file (with a `.asc` extension), you can verify its authenticity against the public key.

For example, to verify the signature of `plugin-publish-plugin-2.0.0.jar` and its signature file `plugin-publish-plugin-2.0.0.jar.asc`, use this command:

```bash

  // For now, we'll keep the standard ones and allow modules to add more
  androidSignature(library("signature-android-apilevel21")) { artifact { type = "signature" } }
  jvmSignature(library("codehaus-signature-java18")) { artifact { type = "signature" } }

  "lintChecks"(library("androidx-lint-gradle"))
}

configure<com.android.build.api.dsl.Lint> {
  xmlReport = true
  checkDependencies = true
}

        }
        final byte[] signature = digest();
        for (int i = 0; i < 8; i++) {
            if (signature[i] != data[offset + SmbConstants.SIGNATURE_OFFSET + i]) {
                if (log.isDebugEnabled()) {
                    log.debug("signature verification failure"); //$NON-NLS-1$
                    log.debug("Expect: " + Hexdump.toHexString(signature, 0, 8));

            throw new IllegalArgumentException("Signature field exceeds data buffer size");
        }

        // Use fine-grained locking for better concurrency
        this.signingLock.lock();
        try {
            if (this.closed) {
                throw new IllegalStateException("SigningDigest is closed");
            }

            // zero out signature field

ENV CGO_ENABLED=0

# Install curl and minisign
RUN apk add -U --no-cache ca-certificates && \
    apk add -U --no-cache curl && \
    go install aead.dev/minisign/cmd/minisign@v0.2.1

# Download minio binary and signature files
RUN curl -s -q https://dl.min.io/server/minio/hotfixes/linux-${TARGETARCH}/archive/minio.${RELEASE} -o /go/bin/minio && \

	req.URL.RawQuery = query.Encode()

	// Save signature finally.
	req.URL.RawQuery += "&Signature=" + url.QueryEscape(signature)
	return nil
}

// Sign given request using Signature V2.
func signRequestV2(req *http.Request, accessKey, secretKey string) error {
	signer.SignV2(*req, accessKey, secretKey, false)
	return nil
}

// Sign given request using Signature V4.