import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/**
 * Security-focused test cases for NtlmPasswordAuthenticator to verify timing attack resistance.
 */
public class NtlmPasswordAuthenticatorTimingAttackTest {

    private static final int TIMING_ITERATIONS = 1000;

 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.internal.smb1;

import java.security.MessageDigest;
import java.util.Date;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import jcifs.Configuration;
import jcifs.SmbConstants;
import jcifs.internal.CommonServerMessageBlock;

import static org.mockito.Mockito.atLeastOnce;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.when;

import java.security.GeneralSecurityException;
import java.util.Arrays;

import javax.crypto.ShortBufferException;

import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;

                    "DH2Q", // Durable handle request V2
                    "DH2C", // Durable handle reconnect V2
                    "ExtA", // Extended attributes
                    "SecD", // Security descriptor
                    "AppI" // App instance ID
            };

            for (String name : contextNames) {
                MockCreateContextRequest context = new MockCreateContextRequest(name);

     * for "Share Permissions" and another for "Security". These correspond to
     * the ACLs returned by {@code getShareSecurity} and {@code getSecurity}
     * respectively.
     * @param resolveSids Attempt to resolve the SIDs within each ACE form
     * their numeric representation to their corresponding account names.
     */
    /**
     * Returns the share security information for this share
     *

     * @throws IOException if an I/O error occurs
     */
    SID getOwnerUser(boolean resolve) throws IOException;

    /**
     * Return an array of Access Control Entry (ACE) objects representing
     * the security descriptor associated with this file or directory.
     * <p>
     * Initially, the SIDs within each ACE will not be resolved however when

    /**
     * Returns the user's domain name.
     * @return the domain name
     */
    public String getDomainName() {
        return this.domainName;
    }

    /**
     * Returns the user's Security Identifier (SID).
     * @return the user SID
     */
    public SID getUserSid() {
        return this.userSid;
    }

    /**
     * Returns the user's primary group SID.

package jcifs.util;

import java.util.regex.Pattern;

/**
 * Comprehensive input validation utility for SMB protocol implementation.
 * Provides validation methods to prevent buffer overflows, injection attacks,
 * and other security vulnerabilities.
 */
public final class InputValidator {

    private InputValidator() {
        // Utility class
    }

    // Maximum sizes for various SMB fields (based on protocol specifications)

 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs;

import java.net.InetAddress;
import java.security.SecureRandom;
import java.util.List;
import java.util.TimeZone;

/**
 *
 *
 * Implementors of this interface should extend {@link jcifs.config.BaseConfiguration} or

        assertTrue(stringRep.contains("DOMAIN"));
        assertTrue(stringRep.contains("WORKSTATION"));
    }

    @Test
    @DisplayName("Should handle extended security flags")
    void testExtendedSecurityFlags() {
        // Given
        int extendedFlags = NtlmFlags.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY;

        // When