import org.bouncycastle.crypto.DerivationParameters;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.generators.KDFCounterBytesGenerator;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KDFCounterParameters;

/**
 * SMB3 SP800-108 Counter Mode Key Derivation
 *
 * @author mbechler
 *
 */
public final class Smb3KeyDerivation {

                    md4.update(responseKeyNT);
                    final byte[] userSessionKey = md4.digest();

                    final HMACT64 hmac = new HMACT64(userSessionKey);
                    hmac.update(sessionNonce);
                    final byte[] ntlm2SessionKey = hmac.digest();

                    if ((getFlags() & NTLMSSP_NEGOTIATE_KEY_EXCH) != 0) {
                        masterKey = new byte[16];

    /** DES encryption type identifier */
    int DES_ENC_TYPE = 3;
    /** RC4 encryption type identifier */
    int RC4_ENC_TYPE = 23;
    /** RC4 algorithm name */
    String RC4_ALGORITHM = "ARCFOUR";
    /** HMAC algorithm name */
    String HMAC_ALGORITHM = "HmacMD5";
    /** Size of confounder in bytes */
    int CONFOUNDER_SIZE = 8;
    /** Size of checksum in bytes */
    int CHECKSUM_SIZE = 16;

import org.mockito.MockedStatic;

class PacTest {

    private Map<Integer, KerberosKey> keys;

    @BeforeEach
    void setUp() {
        keys = new HashMap<>();
        // Use ARCFOUR-HMAC encryption type (23) which matches KERB_CHECKSUM_HMAC_MD5
        KerberosKey serverKey = new KerberosKey(new KerberosPrincipal("******@****.***"), "serverKey1234567".getBytes(),
                PacSignature.ETYPE_ARCFOUR_HMAC, 1);

                md4.update(passwordHash);
                final byte[] userSessionKey = md4.digest();

                final MessageDigest hmac = Crypto.getHMACT64(userSessionKey);
                hmac.update(sessionNonce);
                final byte[] ntlm2SessionKey = hmac.digest();

                if (getFlag(NTLMSSP_NEGOTIATE_KEY_EXCH)) {
                    this.masterKey = new byte[16];

        assertFalse(Arrays.equals(viaPassword, differentDomain), "Different domain should produce a different key");
    }

    @Test
    @DisplayName("computeResponse: HMAC(server||clientData) prepended to clientData")
    void testComputeResponse_basic() {
        // Arrange
        byte[] key = hex("0102030405060708090A0B0C0D0E0F10");
        byte[] serverChallenge = hex("1122334455667788");

    @ValueSource(strings = { "AES encryption not supported", "Missing Bouncy Castle provider", "Invalid key length for AES-128",
            "RC4 cipher not available in this JVM", "DES encryption is deprecated and not supported", "HMAC-SHA256 algorithm not found",
            "RSA key generation failed: key size not supported" })
    void testMessageConstructorWithCryptoMessages(String message) {
        // Given & When

            m = Mac.getInstance(this.algorithmName, this.provider);
        } else {
            m = Mac.getInstance(this.algorithmName);
        }
        m.init(new SecretKeySpec(this.signingKey, "HMAC"));
        return m;
    }

    /**
     * {@inheritDoc}
     *
     * @see jcifs.internal.SMBSigningDigest#sign(byte[], int, int, jcifs.internal.CommonServerMessageBlock,

   * Returns a hash function implementing the Message Authentication Code (MAC) algorithm, using the
   * MD5 (128 hash bits) hash function and the given secret key.
   *
   * <p>If you are designing a new system that needs HMAC, prefer {@link #hmacSha256} or other
   * future-proof algorithms <a
   * href="https://datatracker.ietf.org/doc/html/rfc6151#section-2.3">over {@code hmacMd5}</a>.
   *
   * @param key the secret key

        keys.put(PacSignature.ETYPE_ARCFOUR_HMAC, hmacKey);
        keys.put(PacSignature.ETYPE_AES128_CTS_HMAC_SHA1_96, aes128Key);
        keys.put(PacSignature.ETYPE_AES256_CTS_HMAC_SHA1_96, aes256Key);

        // Test HMAC-MD5
        byte[] mac1 = PacMac.calculateMac(PacSignature.KERB_CHECKSUM_HMAC_MD5, keys, TEST_DATA);
        assertNotNull(mac1);
        assertEquals(16, mac1.length);

        // Test AES128