import org.apache.maven.api.annotations.Nonnull;
import org.apache.maven.api.cli.Options;

/**
 * Defines the options specific to the Maven encryption tool.
 * This interface extends the general {@link Options} interface, adding encryption-specific configuration options.
 *
 * @since 4.0.0
 */
@Experimental
public interface EncryptOptions extends Options {
    /**

 * under the License.
 */

/**
 * Provides the API for the Maven Password Encryption tool ({@code mvnenc}).
 *
 * <p>This package contains interfaces and classes for the password encryption tool,
 * which helps secure sensitive information in Maven settings and configuration files.</p>
 *
 * <p>Key features include:</p>
 * <ul>
 *   <li>Password encryption and decryption</li>
 *   <li>Master password management</li>

* Nginx
* HAProxy

## Let's Encrypt { #lets-encrypt }

Avant Let's Encrypt, ces **certificats HTTPS** étaient vendus par des tiers de confiance.

Le processus d'acquisition de l'un de ces certificats était auparavant lourd, nécessitait pas mal de paperasses et les certificats étaient assez chers.

Mais ensuite, **[Let's Encrypt](https://letsencrypt.org/)** a été créé.

    void setUp() throws NoSuchAlgorithmException {
        // Mock Crypto.getMD5() to return our mockMd5 instance
        // This requires Mockito 3.4.0+ for MockedStatic
        // For simplicity, we'll assume Crypto.getMD5() is static and mock it.
        // If it's not static, we'd need to inject it or mock the class that provides it.
        try (MockedStatic<Crypto> mockedCrypto = mockStatic(Crypto.class)) {

import jcifs.smb1.util.LogStream;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>
 * Read <a href="../../../ntlmhttpauth.html">jCIFS NTLM HTTP Authentication and the Network Explorer Servlet</a> for complete details.
 */

    /**
     * Kerberos encryption type for ARCFOUR-HMAC (RC4-HMAC).
     */
    public static final int ETYPE_ARCFOUR_HMAC = 23;
    /**
     * Kerberos encryption type for AES-128 CTS mode with HMAC-SHA1-96.
     */
    public static final int ETYPE_AES128_CTS_HMAC_SHA1_96 = 17;
    /**
     * Kerberos encryption type for AES-256 CTS mode with HMAC-SHA1-96.
     */

import java.util.concurrent.locks.ReentrantLock;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import jcifs.internal.CommonServerMessageBlock;
import jcifs.internal.SMBSigningDigest;
import jcifs.internal.util.SMBUtil;
import jcifs.util.Crypto;

/**
 * SMB2/SMB3 message signing digest implementation.
 *

    eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
    0vdXcDazv/wor3ElhVsT/h5/WrQ8
    -----END CERTIFICATE-----
    """.trimIndent().decodeCertificatePem()

  // CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
  val letsEncryptCertificateAuthority =
    """
    -----BEGIN CERTIFICATE-----
    MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/

                        nameBuilder.append('/');
                    }
                }
                this.serverPrincipalName = nameBuilder.toString();
                break;
            case 3:// Encrypted part
                ASN1Sequence encSequence = ASN1Util.as(ASN1Sequence.class, tagged);
                ASN1Integer encType = ASN1Util.as(ASN1Integer.class, ASN1Util.as(ASN1TaggedObject.class, encSequence, 0));

        serverData.sessKey = 0x12345678;
        serverData.scapabilities = 0x8000F3FD; // Various capabilities
        serverData.oemDomainName = "WORKGROUP";
        serverData.securityMode = 0x0F; // User + encrypt passwords + signatures
        serverData.security = 1; // User level
        serverData.encryptedPasswords = true;
        serverData.signaturesEnabled = true;
        serverData.signaturesRequired = false;