* and access mask are considered. If the ACE is a "deny"
 * ACE and <i>any</i> of the desired access bits match bits in the access
 * mask of the ACE, the whole access check fails. If the ACE is an "allow"
 * ACE and <i>all</i> of the bits in the desired access bits match bits in
 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)

        // Act – serialise and parse back
        byte[] bytes = original.toByteArray();
        NegTokenTarg roundTrip = new NegTokenTarg(bytes);

        // Assert – all getters match the original values
        assertEquals(NegTokenTarg.ACCEPT_COMPLETED, roundTrip.getResult(), "result should roundtrip");
        assertEquals(mech, roundTrip.getMechanism(), "mechanism should roundtrip");

	if req.Name != s.keyID {
		return ErrNotSupported
	}
	return ErrKeyExists
}

// GenerateKey decrypts req.Ciphertext. The key name req.Name must match the key
// name of the secretKey.
//
// The returned DEK is encrypted using AES-GCM and the ciphertext format is compatible
// with KES and MinKMS.

| Token           | String  | Yes      | Token to be authenticated by identity plugin                         |
| RoleArn         | String  | Yes      | Must match the Role ARN generated for the identity plugin            |
| DurationSeconds | Integer | No       | Duration of validity of generated credentials. Must be at least 900. |

 *
 * To perform server authentication:
 *
 *  * The server's handshake certificates must have a [held certificate][HeldCertificate] (a
 *    certificate and its private key). The certificate's subject alternative names must match the
 *    server's hostname. The server must also have is a (possibly-empty) chain of intermediate
 *    certificates to establish trust from a root certificate to the server's certificate. The root

import org.apache.maven.project.ProjectBuildingException;
import org.apache.maven.project.ProjectBuildingResult;

/*

- test projects for each of these
- how to categorize the problems so that the id of the problem can be match to a page with descriptive help and the test
  project
- nice little sample projects that could be run in the core as well as integration tests

All Possible Errors

     * they are filtered locally by the default accept method).
     *
     * @param wildcard the wildcard pattern for matching file names (e.g., "*.txt")
     * @param attributes the DOS file attributes to match (e.g., ATTR_DIRECTORY)
     */
    public DosFileFilter(final String wildcard, final int attributes) {
        this.wildcard = wildcard;
        this.attributes = attributes;
    }

        });
        if (!keptAccessors.isEmpty()) {
            String formattedLeft = CollectionUtils.join("\n", keptAccessors.keySet());
            throw new RuntimeException("The following accessors were upgraded, but didn't match any removed/changed method:\n\n" + formattedLeft);
        }

        // Find accessors that were removed but shouldn't be

        // Arrange
        SecurityBlob blob = new SecurityBlob(input);

        // Act
        String actual = blob.toString();

        // Assert
        assertEquals(expected, actual, "Hex string should match expected format");
    }

    // Ensures a default-constructed blob starts empty and stable across APIs
    @Test
    @DisplayName("Default constructor yields empty state")
    void defaultConstructor_initialState() {

		if err != nil {
			return nil, err
		}
		// Make sure we have record.Key is empty
		// this can only happen when record.Key
		// has bucket entry with exact prefix
		// match any record.Key which do not
		// match the prefixes we skip them.
		for _, record := range records {
			if record.Key != "" {
				continue
			}
			srvRecords = append(srvRecords, record)
		}
	}
	if len(srvRecords) == 0 {