verify(treeConnection, times(2)).isSame(otherConn);
    }

    @Test
    @DisplayName("Buffer sizes and signing flags from negotiate response")
    void bufferSizesAndSigning() throws Exception {
        // Validate buffer sizes and signing flag are read from negotiate response
        SmbNegotiationResponse nego = mock(SmbNegotiationResponse.class);

            yield new byte[0];
        }
        };
    }

    /**
     * Get the signing key for this authentication
     *
     * @param tc the CIFS context
     * @param chlng the server challenge
     * @return the signing key
     * @throws SmbException if an SMB error occurs
     * @throws GeneralSecurityException if a security error occurs
     */

time="2020-07-12T20:45:50Z" level=info msg="config response types accepted: [code token id_token]"
time="2020-07-12T20:45:50Z" level=info msg="config using password grant connector: local"
time="2020-07-12T20:45:50Z" level=info msg="config signing keys expire after: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="config id tokens valid for: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="listening (http) on 0.0.0.0:5556"
```

### Configure MinIO server with Dex

source; the stable versions have bugs that prevents the Go exec wrapper to install and run
apps.

Second, the Go exec wrapper must be told the developer account signing identity, the team
id and a provisioned bundle id to use. They're specified with the environment variables
GOIOS_DEV_ID, GOIOS_TEAM_ID and GOIOS_APP_ID. The detect.go program in this directory will

        assertNotNull(contexts);
        assertEquals(0, contexts.length);
        assertNull(request.getPreauthSalt());
    }

    @Test
    @DisplayName("Should enforce signing when required flag is set")
    void testSigningEnforced() {
        // When
        request = new Smb2NegotiateRequest(mockConfig, Smb2Constants.SMB2_NEGOTIATE_SIGNING_REQUIRED);

        // Then

                 * junk. We need to bump up the wordCount here so that this method returns
                 * the correct number of bytes for signing purposes. Otherwise we get a
                 * signing verification failure.
                 */
                if (this.getCommand() == SMB_COM_NT_CREATE_ANDX && ((SmbComNTCreateAndXResponse) this).isExtended()

	stringToSign := alg +
		cr.seedDate.Format(iso8601Format) + "\n" +
		getScope(cr.seedDate, cr.region) + "\n" +
		cr.seedSignature + "\n" +
		emptySHA256 + "\n" +
		hashedChunk

	// Get hmac signing key.
	signingKey := getSigningKey(cr.cred.SecretKey, cr.seedDate, cr.region, serviceS3)

	// Calculate signature.
	newSignature := getSignature(signingKey, stringToSign)

	return newSignature
}

  }

  /**
   * Returns true if [toVerify] was signed by [signingCert]'s public key.
   *
   * @param minIntermediates the minimum number of intermediate certificates in [signingCert]. This
   *     is -1 if signing cert is a lone self-signed certificate.
   */
  private fun verifySignature(
    toVerify: X509Certificate,
    signingCert: X509Certificate,
    minIntermediates: Int,
  ): Boolean {

- To be able to reliably use S3 multipart APIs feature of the SDKs without re-inventing the wheel of pre-signing the each URL in multipart API. This is very tedious to implement with all the scenarios of fault tolerance that's already implemented by the client SDK. The general client SDKs don't support multipart with presigned URLs.

     *
     * @return whether to enable SMB signing (for everything), if available
     */
    boolean isSigningEnabled();

    /**
     *
     * Property {@code jcifs.smb.client.ipcSigningEnforced} (boolean, default true)
     *
     * @return whether to enforce SMB signing for IPC connections
     */
    boolean isIpcSigningEnforced();

    /**
     *