});
    }

    @Test
    public void testSmb1MessageSizeTooLarge() throws Exception {
        assertThrows(SmbException.class, () -> {
            validator.validateMessageSize(65536, true);
        });
    }

    @Test
    public void testSmb2MessageSizeTooLarge() throws Exception {
        assertThrows(SmbException.class, () -> {

secret key (apart from the KMS-generated ones) is 256 bits long. The KMS-generated keys may be 256 bits but this depends on the KMS capabilities and configuration.

The *Secure Channel* splits the object content into chunks of a fixed size of `65536` bytes. The last chunk may be smaller to avoid adding additional overhead and is treated specially to prevent truncation attacks. The nonce value is 96 bits long and generated randomly per object / multi-part part. The *Secure Channel* supports plaintexts...

    }

    @Test
    @DisplayName("Test large buffer handling")
    void testLargeBufferHandling() {
        // Arrange
        byte[] largeBuffer = new byte[65536]; // 64KB buffer

        // Act & Assert
        assertEquals(0, response.writeSetupWireFormat(largeBuffer, 0));
        assertEquals(0, response.writeParametersWireFormat(largeBuffer, 32768));

                new Smb2IoctlRequest(context.getConfig(), Smb2IoctlRequest.FSCTL_QUERY_NETWORK_INTERFACE_INFO, new byte[16] // Reserved/Unused file ID
                );
        request.setMaxOutputResponse(65536);
        request.setFlags(Smb2IoctlRequest.SMB2_O_IOCTL_IS_FSCTL);

        // Note: This IOCTL must be sent on an existing session
        // The actual sending would need integration with the session's transport

    }

    @Test
    @DisplayName("Should handle maximum buffer size")
    void testMaximumBufferSize() throws Exception {
        // Given - large buffer with many notifications
        byte[] buffer = new byte[65536];
        int offset = 0;

        setHeaderStart(response, 64);

        // Calculate space for notifications
        int notificationSize = 32; // Each notification
        int notificationCount = 100;

            assertEquals(8192, samr.ACB_TRUSTED_FOR_DELEGATION);
            assertEquals(16384, samr.ACB_NOT_DELEGATED);
            assertEquals(32768, samr.ACB_USE_DES_KEY_ONLY);
            assertEquals(65536, samr.ACB_DONT_REQUIRE_PREAUTH);
        }

        @Test
        @DisplayName("Should define correct SE_GROUP constants")
        void testSEGroupConstants() {
            // Verify all SE_GROUP constants

        final int negotiateContextOffset = SMBUtil.readInt4(buffer, bufferIndex);
        bufferIndex += 4;

        // Validate security buffer parameters
        if (securityBufferLength < 0 || securityBufferLength > 65536) { // 64KB max for security buffer
            throw new SMBProtocolDecodingException("Invalid security buffer length: " + securityBufferLength + " (must be 0-65536)");
        }
        if (securityBufferOffset < 0) {

        Smb2IoctlRequest request = new Smb2IoctlRequest();
        request.setCtlCode(FSCTL_QUERY_NETWORK_INTERFACE_INFO);
        request.setFileId(new byte[16]);  // Use session ID
        request.setMaxOutputResponse(65536);
        
        Smb2IoctlResponse response = (Smb2IoctlResponse) session.send(request);
        
        if (response.isSuccess()) {
            parseNetworkInterfaces(response.getOutputData());
        }

    public static final int ACB_USE_DES_KEY_ONLY = 32768;
    /** Account control bit flag: Pre-authentication is not required */
    public static final int ACB_DONT_REQUIRE_PREAUTH = 65536;

    /**
     * SAMR CloseHandle operation for closing an opened SAM handle.
     * This operation releases resources associated with the handle.
     */
    public static class SamrCloseHandle extends DcerpcMessage {

    @BeforeEach
    void setUp() {
        MockitoAnnotations.openMocks(this);
        when(mockConfig.isUseUnicode()).thenReturn(true);
        when(mockConfig.getMaximumBufferSize()).thenReturn(65536);
    }

    @Test
    @DisplayName("Test constructor initializes with config and expectInfoClass")
    void testConstructor() {
        byte expectInfoClass = Smb2QueryDirectoryRequest.FILE_BOTH_DIRECTORY_INFO;