private PacSignature serverSignature;
    private PacSignature kdcSignature;

    /**
     * Constructs and validates a PAC from raw data using provided Kerberos keys.
     * @param data the raw PAC data bytes
     * @param keys map of Kerberos keys for signature validation
     * @throws PACDecodingException if the PAC data is malformed or signature validation fails
     */

    }
    server
      .url("/b")
      .toUrl()
      .openConnection()
      .getInputStream() // Should succeed.
  }

  /**
   * Throttle the request body by sleeping 500ms after every 3 bytes. With a 6-byte request, this
   * should yield one sleep for a total delay of 500ms.
   */
  @Test
  fun throttleRequest() {
    assumeNotWindows()
    server.enqueue(
      MockResponse()

        SMBUtil.writeInt4(0, buffer, dataOffset + 64);
        // ShortNameLength
        buffer[dataOffset + 68] = 0;
        // Reserved
        buffer[dataOffset + 69] = 0;
        // ShortName (24 bytes)
        for (int i = 0; i < 24; i++) {
            buffer[dataOffset + 70 + i] = 0;
        }
        // FileName
        "test".getBytes(StandardCharsets.UTF_16LE);

    /**
     * Test decode with truncated data
     */
    @Test
    @DisplayName("Decode should handle truncated data")
    void testDecodeTruncatedData() {
        byte[] truncatedData = new byte[3]; // Less than 4 bytes

        CIFSException exception = assertThrows(CIFSException.class, () -> {
            AvPairs.decode(truncatedData);
        });

	w, err := zstd.NewWriter(bc)
	if err != nil {
		return nil, nil, err
	}

	if _, err = io.Copy(w, io.TeeReader(reader, b)); err != nil {
		return nil, nil, err
	}

	w.Close()
	return bc.Bytes(), b.Bytes(), nil
}

const (
	// Update this whenever the official minisign pubkey is rotated.
	defaultMinisignPubkey = "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav"
)

  }

  @GwtIncompatible // Shorts.fromByteArray, Shorts.toByteArray
  public void testByteArrayRoundTrips() {
    Random r = new Random(5);
    byte[] b = new byte[Shorts.BYTES];

    // total overkill, but, it takes 0.1 sec so why not...
    for (int i = 0; i < 10000; i++) {
      short num = (short) r.nextInt();
      assertThat(Shorts.fromByteArray(Shorts.toByteArray(num))).isEqualTo(num);

            mappingOffset = mappingsBuffer.length
            mappingsBuffer.append(mappedTo)
          } else {
            mappingOffset = mappingIndex
          }

          // Write the range bytes.
          val b1 = mappedTo.length
          val b2 = (mappingOffset and 0x3f80) shr 7
          val b3 = mappingOffset and 0x7f
          rangesBuffer.writeByte(b1)
          rangesBuffer.writeByte(b2)

            if (data == null) {
                throw new CIFSException("data is null");
            }
            // Trivial MIC: 1-byte sum of all unsigned bytes
            int sum = 0;
            for (byte b : data) {
                sum = (sum + (b & 0xFF)) & 0xFF;
            }
            return new byte[] { (byte) sum };
        }

        @Override

Wenn die Passwörter nicht übereinstimmen, geben wir denselben Fehler zurück.

#### Passwort-Hashing

„Hashing“ bedeutet: Konvertieren eines Inhalts (in diesem Fall eines Passworts) in eine Folge von Bytes (ein schlichter String), die wie Kauderwelsch aussieht.

Immer wenn Sie genau den gleichen Inhalt (genau das gleiche Passwort) übergeben, erhalten Sie genau den gleichen Kauderwelsch.

Si los passwords no coinciden, devolvemos el mismo error.

#### Hashing de passwords

"Hacer hash" significa: convertir algún contenido (un password en este caso) en una secuencia de bytes (solo un string) que parece un galimatías.

Siempre que pases exactamente el mismo contenido (exactamente el mismo password) obtienes exactamente el mismo galimatías.

Pero no puedes convertir del galimatías al password.