session.addAssistantMessage("Assistant 2");
        session.addUserMessage("User 3");
        session.addAssistantMessage("Assistant 3");
        assertEquals(6, session.getMessageCount());

        // Trimming to 3 would start at index 3 (assistant), so it should go back to index 2 (user)
        session.trimHistory(3);

        final List<ChatMessage> messages = session.getMessages();
        assertEquals(4, messages.size());

    assertThat(CharMatcher.any().collapseFrom("ab", '_')).isEqualTo("_");
    assertThat(CharMatcher.any().collapseFrom("abcd", '_')).isEqualTo("_");
  }

  public void testTrimFrom() {
    // trimming -
    doTestTrimFrom("-", "");
    doTestTrimFrom("x-", "x");
    doTestTrimFrom("-x", "x");
    doTestTrimFrom("--", "");
    doTestTrimFrom("x--", "x");
    doTestTrimFrom("--x", "x");

            buf.append(value).append("\n");
        }
        return buf.toString();
    }

    /**
     * Checks if the buffer contains a line that matches the specified value (after trimming).
     *
     * @param value the value to search for in the buffered lines
     * @return true if a matching line is found, false otherwise
     */
    public boolean contains(final String value) {

		// needed.
		// String might contain trimming spaces, which
		// needs to be trimmed.
		res, ok := strToInt(strings.TrimSpace(x))
		if !ok {
			return 0, errCastFailure("could not parse as int")
		}
		return res, nil
	case []byte:
		// Parse as number, truncate floating point if
		// needed.
		// String might contain trimming spaces, which
		// needs to be trimmed.

/**
 * Security-focused test cases for NtlmPasswordAuthenticator to verify timing attack resistance.
 */
public class NtlmPasswordAuthenticatorTimingAttackTest {

    private static final int TIMING_ITERATIONS = 1000;
    private static final double TIMING_TOLERANCE = 2.0; // 200% tolerance - JVM timing is inherently variable for timing variations

    @BeforeEach
    public void setUp() {

          // Four byte characters
          FOUR_BYTE_ROUNDTRIPPABLE_CHARACTERS;

  /** Tests that round tripping of all two byte permutations work. */
  @GwtIncompatible // java.nio.charset.Charset
  public void testIsWellFormed_1Byte() {
    testBytes(1, EXPECTED_ONE_BYTE_ROUNDTRIPPABLE_COUNT);
  }

  /** Tests that round tripping of all two byte permutations work. */
  @GwtIncompatible // java.nio.charset.Charset

    # Bir hata döndür
    ...
```

Ancak `secrets.compare_digest()` kullanarak, "timing attacks" denilen bir saldırı türüne karşı güvenli olursunuz.

### Timing Attacks { #timing-attacks }

Peki "timing attack" nedir?

Bazı saldırganların kullanıcı adı ve şifreyi tahmin etmeye çalıştığını düşünelim.

    # Devuelve algún error
    ...
```

Pero al usar `secrets.compare_digest()` será seguro contra un tipo de ataques llamados "timing attacks".

### Timing attacks { #timing-attacks }

¿Pero qué es un "timing attack"?

Imaginemos que algunos atacantes están tratando de adivinar el nombre de usuario y la contraseña.

    # Einen Error zurückgeben
    ...
```

Aber durch die Verwendung von `secrets.compare_digest()` ist dieser Code sicher vor einer Art von Angriffen, die „Timing-Angriffe“ genannt werden.

### Timing-Angriffe { #timing-attacks }

Aber was ist ein „Timing-Angriff“?

Stellen wir uns vor, dass einige Angreifer versuchen, den Benutzernamen und das Passwort zu erraten.

    # Return some error
    ...
```

Porém, ao utilizar o `secrets.compare_digest()`, isso estará seguro contra um tipo de ataque chamado "timing attacks".

### Ataques de Temporização { #timing-attacks }

Mas o que é um "timing attack"?

Vamos imaginar que alguns invasores estão tentando adivinhar o usuário e a senha.

E eles enviam uma requisição com um usuário `johndoe` e uma senha `love123`.