/**
     * Determines whether this session is currently in use.
     *
     * @return whether the session is in use
     */
    boolean isInUse();

    /**
     * Returns the current session key used for signing and encryption.
     *
     * @return the current session key
     * @throws CIFSException if the session key cannot be retrieved
     */
    byte[] getSessionKey() throws CIFSException;

    /**

                if (b != 0) {
                    allZero = false;
                    break;
                }
            }
            assertFalse(allZero, "Signature should not be all zeros after signing");
        }

        @Test
        @DisplayName("Should set SMB2_FLAGS_SIGNED flag")
        void testSignSetsSignedFlag() {
            // Set initial flags without signed flag

        assertNotNull(contexts);
        assertEquals(0, contexts.length);
        assertNull(request.getPreauthSalt());
    }

    @Test
    @DisplayName("Should enforce signing when required flag is set")
    void testSigningEnforced() {
        // When
        request = new Smb2NegotiateRequest(mockConfig, Smb2Constants.SMB2_NEGOTIATE_SIGNING_REQUIRED);

        // Then

source; the stable versions have bugs that prevents the Go exec wrapper to install and run
apps.

Second, the Go exec wrapper must be told the developer account signing identity, the team
id and a provisioned bundle id to use. They're specified with the environment variables
GOIOS_DEV_ID, GOIOS_TEAM_ID and GOIOS_APP_ID. The detect.go program in this directory will

                 * junk. We need to bump up the wordCount here so that this method returns
                 * the correct number of bytes for signing purposes. Otherwise we get a
                 * signing verification failure.
                 */
                if (this.getCommand() == SMB_COM_NT_CREATE_ANDX && ((SmbComNTCreateAndXResponse) this).isExtended()

- To be able to reliably use S3 multipart APIs feature of the SDKs without re-inventing the wheel of pre-signing the each URL in multipart API. This is very tedious to implement with all the scenarios of fault tolerance that's already implemented by the client SDK. The general client SDKs don't support multipart with presigned URLs.

  }

  /**
   * Returns true if [toVerify] was signed by [signingCert]'s public key.
   *
   * @param minIntermediates the minimum number of intermediate certificates in [signingCert]. This
   *     is -1 if signing cert is a lone self-signed certificate.
   */
  private fun verifySignature(
    toVerify: X509Certificate,
    signingCert: X509Certificate,
    minIntermediates: Int,
  ): Boolean {

     *
     * @return whether to enable SMB signing (for everything), if available
     */
    boolean isSigningEnabled();

    /**
     *
     * Property {@code jcifs.smb.client.ipcSigningEnforced} (boolean, default true)
     *
     * @return whether to enforce SMB signing for IPC connections
     */
    boolean isIpcSigningEnforced();

    /**
     *

	stringToSign := alg +
		cr.seedDate.Format(iso8601Format) + "\n" +
		getScope(cr.seedDate, cr.region) + "\n" +
		cr.seedSignature + "\n" +
		emptySHA256 + "\n" +
		hashedChunk

	// Get hmac signing key.
	signingKey := getSigningKey(cr.cred.SecretKey, cr.seedDate, cr.region, serviceS3)

	// Calculate signature.
	newSignature := getSignature(signingKey, stringToSign)

	return newSignature
}

    protected boolean forceUnicode = false;
    /** Whether SMB signing is preferred but not required */
    protected boolean signingPreferred = false;
    /** Whether SMB signing is enforced (required) */
    protected boolean signingEnforced = false;
    /** Whether to enforce signing for IPC connections */
    protected boolean ipcSigningEnforced = true;
    /** Whether SMB3 encryption is enabled */