* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like pwdlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.
* ...etc.

 * @since 11.0
 */
@Beta
public interface Hasher extends PrimitiveSink {
  @CanIgnoreReturnValue
  @Override
  Hasher putByte(byte b);

  @CanIgnoreReturnValue
  @Override
  Hasher putBytes(byte[] bytes);

  @CanIgnoreReturnValue
  @Override
  Hasher putBytes(byte[] bytes, int off, int len);

  @CanIgnoreReturnValue
  @Override
  Hasher putBytes(ByteBuffer bytes);

  @CanIgnoreReturnValue

    void testGetNTHash_differentPasswords() {
        // Arrange
        String password1 = "password";
        String password2 = "Password";

        // Act
        byte[] hash1 = NtlmUtil.getNTHash(password1);
        byte[] hash2 = NtlmUtil.getNTHash(password2);

        // Assert

	// https://github.com/dchest/siphash#usage
	k0, k1 := binary.LittleEndian.Uint64(id[0:8]), binary.LittleEndian.Uint64(id[8:16])
	sum64 := siphash.Hash(k0, k1, []byte(key))
	return int(sum64 % uint64(cardinality))
}

// hashOrder - hashes input key to return consistent
// hashed integer slice. Returned integer order is salted
// with an input key. This results in consistent order.

 * </ul>
 *
 * <h3>Providing input to a hash function</h3>
 *
 * <p>The primary way to provide the data that your hash function should act on is via a {@link
 * Hasher}. Obtain a new hasher from the hash function using {@link #newHasher}, "push" the relevant
 * data into it using methods like {@link Hasher#putBytes(byte[])}, and finally ask for the {@code
 * HashCode} when finished using {@link Hasher#hash}. (See an {@linkplain #newHasher example} of

specific versions. This is necessary to ensure reproducibility of the build.
The pinned versions of the full transitive closure of TensorFlow's dependencies
together with their corresponding hashes are specified in
`requirements_lock_<python version>.txt` files (e.g.
`requirements_lock_3_12.txt` for `Python 3.12`).

To update the lock files, make sure

  # Repack the wheel. When repacking, the wheel would be automatically tagged
  # with the new tag we provided in ${whl_tag}. Repacking also regnerates the
  # RECORD file which contains hashes of all included files.
  python3 -m wheel pack "${pkg_name}"
done

# Switch back to the original working directory. This is needed to ensure that
# cleanup steps at the end of the script works as expected.
popd

import jcifs.smb1.smb1.SmbAuthException;
import jcifs.smb1.smb1.SmbSession;
import jcifs.smb1.util.Base64;
import jcifs.smb1.util.LogStream;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>

If your database is stolen, the thief won't have your users' plaintext passwords, only the hashes.

So, the thief won't be able to try to use that password in another system (as many users use the same password everywhere, this would be dangerous).

## Install `pwdlib` { #install-pwdlib }

pwdlib is a great Python package to handle password hashes.

It supports many secure hashing algorithms and utilities to work with them.

}

// HashBorrower keeps track of borrowed hashers and allows to return them all.
type HashBorrower struct {
	pool     *bpool.Pool[hash.Hash]
	borrowed []hash.Hash
}

// Borrow a single hasher.
func (h *HashBorrower) Borrow() hash.Hash {
	hasher := h.pool.Get()
	h.borrowed = append(h.borrowed, hasher)
	hasher.Reset()
	return hasher
}