* This class currently pins a certificate's Subject Public Key Info as described on
 * [Adam Langley's Weblog][langley]. Pins are either base64 SHA-256 hashes as in
 * [HTTP Public Key Pinning (HPKP)][rfc_7469] or SHA-1 base64 hashes as in Chromium's
 * [static certificates][static_certificates].
 *
 * ## Setting up Certificate Pinning
 *

        original_header_info = original_header_permalinks[header_no]

        if header_info["hashes"] != original_header_info["hashes"]:
            raise ValueError(
                "Header levels do not match between document and original document"
                f" (found {header_info['hashes']}, expected {original_header_info['hashes']})"
                f" for header №{header_no + 1} in line {header_info['line_no']}"
            )

     */

    void testGetNTHash_differentPasswords() {
        // Arrange
        String password1 = "password";
        String password2 = "Password";

        // Act
        byte[] hash1 = NtlmUtil.getNTHash(password1);
        byte[] hash2 = NtlmUtil.getNTHash(password2);

        // Assert

 * </ul>
 *
 * <h3>Providing input to a hash function</h3>
 *
 * <p>The primary way to provide the data that your hash function should act on is via a {@link
 * Hasher}. Obtain a new hasher from the hash function using {@link #newHasher}, "push" the relevant
 * data into it using methods like {@link Hasher#putBytes(byte[])}, and finally ask for the {@code
 * HashCode} when finished using {@link Hasher#hash}. (See an {@linkplain #newHasher example} of

import jcifs.smb1.smb1.SmbAuthException;
import jcifs.smb1.smb1.SmbSession;
import jcifs.smb1.util.Base64;
import jcifs.smb1.util.LogStream;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>

If your database is stolen, the thief won't have your users' plaintext passwords, only the hashes.

So, the thief won't be able to try to use that password in another system (as many users use the same password everywhere, this would be dangerous).

## Install `pwdlib` { #install-pwdlib }

pwdlib is a great Python package to handle password hashes.

It supports many secure hashing algorithms and utilities to work with them.

}

// HashBorrower keeps track of borrowed hashers and allows to return them all.
type HashBorrower struct {
	pool     *bpool.Pool[hash.Hash]
	borrowed []hash.Hash
}

// Borrow a single hasher.
func (h *HashBorrower) Borrow() hash.Hash {
	hasher := h.pool.Get()
	h.borrowed = append(h.borrowed, hasher)
	hasher.Reset()
	return hasher
}

        int key2 = key1 ^ (1 << i);
        // get hashes
        int hash1 = function.hashInt(key1).asInt();
        int hash2 = function.hashInt(key2).asInt();
        // test whether the hash values have same output bits
        same |= ~(hash1 ^ hash2);
        // test whether the hash values have different output bits
        diff |= hash1 ^ hash2;

        count++;

import jcifs.smb.SmbAuthException;
import jcifs.smb.SmbException;
import jcifs.smb.SmbSessionInternal;
import jcifs.smb.SmbTransportInternal;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>