"github.com/minio/minio/internal/logger"
	"github.com/minio/sio"
)

const (
	// SealAlgorithm is the encryption/sealing algorithm used to derive & seal
	// the key-encryption-key and to en/decrypt the object data.
	SealAlgorithm = "DAREv2-HMAC-SHA256"

	// InsecureSealAlgorithm is the legacy encryption/sealing algorithm used
	// to derive & seal the key-encryption-key and to en/decrypt the object data.

                if (request.getDigest() != null) {
                    /* success - install the signing digest */
                    setDigest(request.getDigest());
                } else if (!anonymous && isSignatureSetupRequired()) {
                    throw new SmbException("Signing required but no session key available");
                }

                setSessionSetup(response);

		}
		gotResp <- struct{}{}
	}()

	<-gotCall
	remote.debugMsg(debugKillOutbound)
	local.debugMsg(debugKillOutbound)
	errFatal(remoteConn.WaitForConnect(t.Context()))

	<-gotResp
	// Killing should cancel the context on the request.
	<-gotCall
}

func TestShouldConnect(t *testing.T) {
	var c Connection
	var cReverse Connection

            verify(transportPool).getSmbTransport(context, TEST_HOST, DEFAULT_PORT, true, false);
        }

        @Test
        @DisplayName("Should get transport by name with forced signing")
        void testGetSmbTransportByNameForceSigning() throws UnknownHostException, IOException {
            // Given

            if (LogStream.level >= 3) {
                SmbTransport.log.println("""
                        Default credentials (jcifs.smb1.smb1.client.username/password)\
                         not specified. SMB signing may not work propertly.\
                          Skipping DC interrogation.""");
            }
        } else {
            final SmbSession ssn = trans.getSmbSession(NtlmPasswordAuthentication.DEFAULT);

    private Smb3KeyDerivation() {
    }

    /**
     * Derives the SMB3 signing key from the session key using the appropriate KDF for the dialect.
     *
     * @param dialect the SMB dialect version
     * @param sessionKey the base session key
     * @param preauthIntegrity the pre-authentication integrity hash (for SMB 3.1.1) or null
     * @return derived signing key
     */

		return auth.Credentials{}, s3Err
	}

	r := &http.Request{Header: formValues}
	cred, _, s3Err := checkKeyValid(r, credHeader.accessKey)
	if s3Err != ErrNone {
		return cred, s3Err
	}

	// Get signing key.
	signingKey := getSigningKey(cred.SecretKey, credHeader.scope.date, credHeader.scope.region, serviceS3)

	// Get signature.
	newSignature := getSignature(signingKey, formValues.Get("Policy"))

    }

    @Test
    @DisplayName("Should fail validation when signing enforced but not enabled")
    void testIsValidSigningEnforcedButNotEnabled() throws Exception {
        // Given
        setResponseAsReceived(response);
        when(mockRequest.isSigningEnforced()).thenReturn(true);
        setPrivateField(response, "securityMode", 0); // No signing

        // When

---
name: Bug report
about: Create a report to help us improve
title: ''
labels: bug
assignees: ''

---

(_Please see [discuss.codelibs.org](https://discuss.codelibs.org/c/FessEN/8) before filing a bug._)

**Describe the bug**
A clear and concise description of what the bug is.

**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

     * @param targetDomain the target domain for authentication
     * @param host the target host
     * @param initialToken initial authentication token, if any
     * @param doSigning whether message signing should be enabled
     * @return a new SSP authentication context
     * @throws SmbException if context creation fails
     */