auth.close(); // Should still not throw
        assertTrue(auth.isClosed());
    }

    /**
     * Test secure password wiping with multi-threaded access
     */
    @Test
    @DisplayName("Test secure password wiping under concurrent access")
    public void testConcurrentSecureWipe() throws InterruptedException {

 *
 * Features:
 * - Secure key storage with optional KeyStore integration
 * - Automatic key cleanup on close
 * - Thread-safe key management
 * - Key derivation utilities
 * - Memory wiping capabilities
 */
public class SecureKeyManager implements AutoCloseable {

    private static final Logger log = LoggerFactory.getLogger(SecureKeyManager.class);

 *
 * Features:
 * - Encrypts credentials at rest using AES-256-GCM
 * - Uses PBKDF2 for key derivation from master password
 * - Secure wiping of sensitive data
 * - Thread-safe operations
 * - Protection against timing attacks
 */
public class SecureCredentialStorage implements AutoCloseable, Destroyable {

    private static final Logger log = LoggerFactory.getLogger(SecureCredentialStorage.class);

    }

    /**
     * Returns the password as a secure char array. This is the preferred method
     * for accessing the password as it allows secure wiping of the password
     * from memory.
     *
     * @return the password as a char array
     */
    public char[] getPasswordAsCharArray() {
        checkNotClosed();

* Edit the text of the PR title to start in "imperative", like giving an order. So, instead of `Adding support for teleporting` use `Add support for teleporting`.

    expected_content = (data_path / "translated_doc_expected.md").read_text("utf-8")
    assert fixed_content == expected_content

    assert "Fixing multiline code blocks in" in result.output

				// Next loop will catch it.
			case <-pingTimer:
				if !m.doPing(respHandler) {
					return
				}
				goto sendResp
			}
		case <-pingTimer:
			if !m.doPing(respHandler) {
				return
			}
		}
	}
}

// doPing checks last ping time and sends another ping.
func (m *muxClient) doPing(respHandler chan<- Response) (ok bool) {
	m.respMu.Lock()
	if m.closed {

        // Context and credentials wiring - used by most tests
        when(cifsContext.getCredentials()).thenReturn(credentials);
        when(credentials.unwrap(CredentialsInternal.class)).thenReturn(credentialsInternal);
        when(credentialsInternal.clone()).thenReturn(credentialsInternal);

        // Transport wiring - used by most tests
        when(transport.acquire()).thenReturn(transport);

## About security, APIs, and docs { #about-security-apis-and-docs }

Hiding your documentation user interfaces in production *shouldn't* be the way to protect your API.

That doesn't add any extra security to your API, the *path operations* will still be available where they are.

If there's a security flaw in your code, it will still exist.

    # Return some error
    ...
```

Porém, ao utilizar o `secrets.compare_digest()`, isso estará seguro contra um tipo de ataque chamado "timing attacks".

### Ataques de Temporização { #timing-attacks }

Mas o que é um "timing attack"?

Vamos imaginar que alguns invasores estão tentando adivinhar o usuário e a senha.

E eles enviam uma requisição com um usuário `johndoe` e uma senha `love123`.