* @param targetDomain the target domain for authentication
     * @param host the target host
     * @param initialToken initial authentication token, if any
     * @param doSigning whether message signing should be enabled
     * @return a new SSP authentication context
     * @throws SmbException if context creation fails
     */

		return auth.Credentials{}, s3Err
	}

	r := &http.Request{Header: formValues}
	cred, _, s3Err := checkKeyValid(r, credHeader.accessKey)
	if s3Err != ErrNone {
		return cred, s3Err
	}

	// Get signing key.
	signingKey := getSigningKey(cred.SecretKey, credHeader.scope.date, credHeader.scope.region, serviceS3)

	// Get signature.
	newSignature := getSignature(signingKey, formValues.Get("Policy"))

                if (b != 0) {
                    allZero = false;
                    break;
                }
            }
            assertFalse(allZero, "Signature should not be all zeros after signing");
        }

        @Test
        @DisplayName("Should set SMB2_FLAGS_SIGNED flag")
        void testSignSetsSignedFlag() {
            // Set initial flags without signed flag

                 * junk. We need to bump up the wordCount here so that this method returns
                 * the correct number of bytes for signing purposes. Otherwise we get a
                 * signing verification failure.
                 */
                if (command == SMB_COM_NT_CREATE_ANDX && ((SmbComNTCreateAndXResponse) this).isExtended) {
                    wordCount += 8;

        assertTrue(encryptionEnabled, "Should delegate encryption setting");
        assertFalse(signingPreferred, "Should delegate signing preferred setting");
        assertTrue(signingEnforced, "Should delegate signing enforced setting");
        assertTrue(ipcSigningEnforced, "Should delegate IPC signing enforced setting");
        assertTrue(firstExtendedSecurityCall, "First call should return true");

            yield new byte[0];
        }
        };
    }

    /**
     * Get the signing key for this authentication
     *
     * @param tc the CIFS context
     * @param chlng the server challenge
     * @return the signing key
     * @throws SmbException if an SMB error occurs
     * @throws GeneralSecurityException if a security error occurs
     */

        assertNotNull(contexts);
        assertEquals(0, contexts.length);
        assertNull(request.getPreauthSalt());
    }

    @Test
    @DisplayName("Should enforce signing when required flag is set")
    void testSigningEnforced() {
        // When
        request = new Smb2NegotiateRequest(mockConfig, Smb2Constants.SMB2_NEGOTIATE_SIGNING_REQUIRED);

        // Then

    private String[] dialects;

    /**
     * Creates a new SMB1 negotiate request to establish protocol parameters.
     *
     * @param config the CIFS configuration
     * @param signingEnforced whether SMB signing is enforced
     */
    public SmbComNegotiate(final Configuration config, final boolean signingEnforced) {
        super(config, SMB_COM_NEGOTIATE);
        this.signingEnforced = signingEnforced;

    /**
     * Determines whether this session is currently in use.
     *
     * @return whether the session is in use
     */
    boolean isInUse();

    /**
     * Returns the current session key used for signing and encryption.
     *
     * @return the current session key
     * @throws CIFSException if the session key cannot be retrieved
     */
    byte[] getSessionKey() throws CIFSException;

    /**

        verify(treeConnection, times(2)).isSame(otherConn);
    }

    @Test
    @DisplayName("Buffer sizes and signing flags from negotiate response")
    void bufferSizesAndSigning() throws Exception {
        // Validate buffer sizes and signing flag are read from negotiate response
        SmbNegotiationResponse nego = mock(SmbNegotiationResponse.class);