// Test the method directly
        char[] password1 = "testpassword".toCharArray();
        char[] password2 = "testpassword".toCharArray();
        char[] password3 = "testpassworX".toCharArray();

        Boolean result1 = (Boolean) constantTimeMethod.invoke(null, password1, password2);
        Boolean result2 = (Boolean) constantTimeMethod.invoke(null, password1, password3);

        return ntResponse;
    }

    /**
     * Generates the NTOWFv1 hash for the given password.
     *
     * @param password the password to hash
     * @return the NTOWFv1 hash bytes
     */
    public static byte[] nTOWFv1(final String password) {
        if (password == null) {
            throw new RuntimeException("Password parameter is required");
        }
        try {
            final MD4 md4 = new MD4();

        return hmac.digest();
    }

    /**
     * Generates the NT password hash for the given password.
     *
     * @param password the password to hash
     * @return nt password hash
     */
    public static byte[] getNTHash(final String password) {
        if (password == null) {
            throw new NullPointerException("Password parameter is required");
        }

     * from memory.
     *
     * @return the password as a char array
     */
    public char[] getPasswordAsCharArray() {
        checkNotClosed();
        return this.password != null && this.password.length > 0 ? this.password.clone() : this.password == null ? null : new char[0];
    }

    /**
     * Securely wipes the password from memory
     */

     * the supplied password.
     *
     * @param type2 The Type-2 message.
     * @param password The password.
     * @return A <code>byte[]</code> containing the LanManager response.
     */
    public static byte[] getLMResponse(final Type2Message type2, final String password) {
        if (type2 == null || password == null) {
            return null;
        }

        byte[] actual = NtlmUtil.getNTHash(password);

        // Assert
        assertArrayEquals(expected, actual, "NT hash must match known test vector");
    }

    @Test
    @DisplayName("getNTHash: verify different passwords produce different hashes")
    void testGetNTHash_differentPasswords() {
        // Arrange
        String password1 = "password";
        String password2 = "Password";

        // Act

        NtlmPasswordAuthenticator auth2 = new NtlmPasswordAuthenticator("DOMAIN", "user", password2);
        NtlmPasswordAuthenticator auth3 = new NtlmPasswordAuthenticator("DOMAIN", "user", password3);

        // Test equality with same password
        assertEquals(auth1, auth2);
        assertEquals(auth1.hashCode(), auth2.hashCode());

        // Test inequality with different password

     * @param targetName
     *            SPN of the target system, optional
     * @param passwordHash
     *            The NT password hash, takes precedence over password (which is no longer required unless legacy LM
     *            authentication is needed)
     * @param password
     *            The password to use when constructing the response.
     * @param domain
     *            The domain in which the user has an account.

        String password = "testpassword";
        String domain = "TESTDOMAIN";
        String username = "testuser";
        String workstation = "TESTWS";
        int flags = NtlmFlags.NTLMSSP_NEGOTIATE_UNICODE | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM;

        // When
        Type3Message type3 = new Type3Message(createMockContext(), type2, null, password, domain, username, workstation, flags);

        // Then

        try {
            String username = "testuser";
            String password = "testpass";
            server = startFtpServer(FTP_PORT, username, password);
            Map<String, Object> params = new HashMap<String, Object>();
            FtpAuthentication auth = new FtpAuthentication();
            auth.setUsername(username);
            auth.setPassword(password);