* Perform automatic key rotation using the stored session key following SMB3 key derivation
     *
     * @throws GeneralSecurityException if key rotation fails
     */
    private void performAutomaticKeyRotation() throws GeneralSecurityException {
        if (sessionKey == null) {
            throw new GeneralSecurityException("Session key not available for automatic rotation");
        }

     * @throws SmbException if an SMB protocol error occurs
     * @throws GeneralSecurityException if a security error occurs during authentication
     */
    public SmbComSessionSetupAndX(final CIFSContext tc, final SmbComNegotiateResponse negotiated, final ServerMessageBlock andx,
            final Object cred) throws SmbException, GeneralSecurityException {
        super(tc.getConfig(), SMB_COM_SESSION_SETUP_ANDX, andx);

     * @param context key derivation context
     * @param length desired key length in bytes
     * @return derived key
     * @throws GeneralSecurityException if key derivation fails
     */
    public byte[] deriveKey(byte[] baseKey, String label, byte[] context, int length) throws GeneralSecurityException {
        checkNotClosed();

        // Simple KDF implementation (should be replaced with proper KDF like HKDF)

     * @return the hash for the given challenge
     * @throws GeneralSecurityException if a security error occurs
     * @deprecated NTLMv1 is insecure. Use NTLMv2 (LM compatibility level 3 or higher)
     */
    @Deprecated
    public byte[] getAnsiHash(CIFSContext tc, byte[] chlng) throws GeneralSecurityException {
        int compatibility = tc.getConfig().getLanManCompatibility();

import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;

        void testConstructorSmb202() throws GeneralSecurityException {
            Smb2SigningDigest digest = new Smb2SigningDigest(sessionKey, Smb2Constants.SMB2_DIALECT_0202, null);
            assertNotNull(digest);
        }

        @Test
        @DisplayName("Should create digest for SMB 2.1 with HmacSHA256")
        void testConstructorSmb210() throws GeneralSecurityException {

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

@file:JvmName("Certificates")

package okhttp3.tls

import java.security.GeneralSecurityException
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate
import okio.Buffer
import okio.ByteString
import okio.ByteString.Companion.toByteString

/**

import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.Mockito.when;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;

import javax.security.auth.kerberos.KerberosKey;

import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.BERTags;

        encrypted[encrypted.length - 1] ^= 0xFF;

        // Should throw exception due to authentication tag failure
        assertThrows(GeneralSecurityException.class, () -> {
            storage.decryptCredentials(encrypted);
        }, "Should throw GeneralSecurityException when decrypting tampered data");

        // Clean up
        Arrays.fill(plaintext, '\0');
    }

    @Test

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.tls.internal.der

import java.math.BigInteger
import java.security.GeneralSecurityException
import java.security.PublicKey
import java.security.Signature
import java.security.SignatureException
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate
import okio.Buffer