byte[] salt = new byte[64];
            SecureRandom random = new SecureRandom();

            for (int i = 0; i < hashAlgos.length; i++) {
                hashAlgos[i] = random.nextInt(65536);
            }
            random.nextBytes(salt);

            PreauthIntegrityNegotiateContext original = new PreauthIntegrityNegotiateContext(mockConfig, hashAlgos, salt);

            // Encode

        assertNotNull(testConfig.getRandom());
        assertNotNull(testConfig.getLocalTimezone());

        // Check PID is set
        assertTrue(testConfig.getPid() >= 0);
        assertTrue(testConfig.getPid() < 65536);

        // Check machine ID
        assertNotNull(testConfig.getMachineId());
        assertEquals(32, testConfig.getMachineId().length);

        // Check native OS

    }

    private static Stream<Arguments> provideInt4TestValues() {
        return Stream.of(Arguments.of(0), Arguments.of(1), Arguments.of(255), Arguments.of(256), Arguments.of(65535), Arguments.of(65536),
                Arguments.of(0x7FFFFFFF), Arguments.of(0xFFFFFFFF));
    }

    @Test
    @DisplayName("readInt2 should correctly read 16-bit integer")
    void testReadInt2() {

  @Test fun validateCompactTableInvariants() {
    // Less than 16,834 bytes, because we binary search on a 14-bit index.
    assertThat(compactTable.sections.length).isLessThan(1 shl 14)

    // Less than 65,536 bytes, because we binary search on a 14-bit index with a stride of 4 bytes.
    assertThat(compactTable.ranges.length).isLessThan((1 shl 14) * 4)

    // Less than 16,384 chars, because we index on a 14-bit index in the ranges table.

        bufferIndex += 8;
        int tzOffset = SMBUtil.readInt2(buffer, bufferIndex);
        // tzOffset is signed!
        if (tzOffset > Short.MAX_VALUE) {
            tzOffset = -1 * (65536 - tzOffset);
        }
        this.server.serverTimeZone = tzOffset;
        bufferIndex += 2;
        this.server.encryptionKeyLength = buffer[bufferIndex++] & 0xFF;

        return bufferIndex - start;

            assertEquals(16, result3);
        }

        @Test
        @DisplayName("Should handle maximum name length")
        void testMaximumNameLength() {
            byte[] maxName = new byte[65536]; // 64KB
            Arrays.fill(maxName, (byte) 'M');
            TestCreateContextRequest request = new TestCreateContextRequest(maxName);

            assertArrayEquals(maxName, request.getName());

        @Test
        @DisplayName("Should decode large value correctly")
        void testDecodeLargeValue() throws NdrException {
            // Given: NdrShort and mock returning large value
            int largeValue = 65535;
            NdrShort ndrShort = new NdrShort(0);
            when(mockBuffer.dec_ndr_short()).thenReturn(largeValue);

            // When: Decoding the value
            ndrShort.decode(mockBuffer);

		{":0", nil},
		{"localhost", nil},
		{"", fmt.Errorf("invalid argument")},
		{"example.org:54321", fmt.Errorf("host in server address should be this server")},
		{":-10", fmt.Errorf("port must be between 0 to 65535")},
	}

	for _, testCase := range testCases {
		t.Run("", func(t *testing.T) {
			err := CheckLocalServerAddr(testCase.serverAddr)
			switch {
			case testCase.expectedErr == nil:
				if err != nil {

{* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,56:57,60:61,70:76] *}

/// note

If you check the new (fake) database `fake_users_db`, you will see how the hashed password looks like now: `"$argon2id$v=19$m=65536,t=3,p=4$wagCPXjifgvUFBzq4hqe3w$CYaIb8sB+wtD+Vu/P4uod1+Qof8h+1g7bbDlBID48Rc"`.

///

## Handle JWT tokens { #handle-jwt-tokens }

Import the modules installed.

secret key (apart from the KMS-generated ones) is 256 bits long. The KMS-generated keys may be 256 bits but this depends on the KMS capabilities and configuration.

The *Secure Channel* splits the object content into chunks of a fixed size of `65536` bytes. The last chunk may be smaller to avoid adding additional overhead and is treated specially to prevent truncation attacks. The nonce value is 96 bits long and generated randomly per object / multi-part part. The *Secure Channel* supports plaintexts...