while (i < end) {
          keyIndex %= keyLength // Reassign to prevent overflow breaking counter.

          // Byte xor is experimental in Kotlin so we coerce bytes to int, xor them
          // and convert back to byte.
          val bufferInt: Int = buffer[i].toInt()
          val keyInt: Int = key[keyIndex].toInt()
          buffer[i] = (bufferInt xor keyInt).toByte()

          i++
          keyIndex++
        }

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

##### Why use password hashing

If your database is stolen, the thief won't have your users' plaintext passwords, only the hashes.

-------
This code is under the [Apache License, Version 2.0, January 2004][license].

See the [`NOTICE`](./NOTICE) file for required notices and attributions.

Donations
---------
Do you like Apache Maven? Then [donate back to the ASF](https://www.apache.org/foundation/contributing.html) to support the development.

Quick Build
-------
If you want to bootstrap Maven, you'll need:
- Java 17+
- Maven 3.6.3 or later

**decrypted HTTP requests** to the actual HTTP application running in the same server (the **FastAPI** application, in this case), take the **HTTP response** from the application, **encrypt it** using the appropriate **HTTPS certificate** and sending it back to the client using **HTTPS**. This server is often called a **<a href="https://en.wikipedia.org/wiki/TLS_termination_proxy" class="external-link" target="_blank">TLS Termination Proxy</a>**.

Some of the options you could use as a TLS Termination...

    settings1[Settings.MAX_CONCURRENT_STREAMS] = maxConcurrentStreams
    peer.sendFrame().settings(settings1)
    peer.acceptFrame() // ACK
    peer.sendFrame().ping(false, 2, 0)
    peer.acceptFrame() // PING
    peer.play()

    // Play it back.
    val connection =
      Http2Connection.Builder(true, TaskRunner.INSTANCE)
        .socket(peer.openSocket())

# Controllers

Istio has a variety of [controllers](https://kubernetes.io/docs/concepts/architecture/controller/), which basically watch some inputs and do something.
This can be reading from Kubernetes and writing other objects back, writing to proxies over XDS, etc.

Unfortunately, writing controllers is very error prone, even for seemingly simple cases.
To work around this, Istio has a variety of abstractions meant to make writing controllers easier.

## Clients

  // Status is filled in by the server with the user attributes.
  optional SelfSubjectReviewStatus status = 2;
}

// SelfSubjectReviewStatus is filled by the kube-apiserver and sent back to a user.
message SelfSubjectReviewStatus {
  // User attributes of the user making this request.
  // +optional
  optional k8s.io.api.authentication.v1.UserInfo userInfo = 1;
}

      this.streamId = streamId
      this.errorCode = errorCode
    }

    override fun ping(
      ack: Boolean,
      payload1: Int,
      payload2: Int,
    ) {
      check(type == -1)
      type = Http2.TYPE_PING
      this.ack = ack
      this.payload1 = payload1
      this.payload2 = payload2
    }

    override fun goAway(
      lastGoodStreamId: Int,

    ...
```

Python will have to compare the whole `stanleyjobso` in both `stanleyjobsox` and `stanleyjobson` before realizing that both strings are not the same. So it will take some extra microseconds to reply back "Incorrect username or password".

#### The time to answer helps the attackers

This example includes an extra *path operation* that simulates a long processing request with `time.sleep(sleep_time)`.

It will have the database connection open at the beginning and will just wait some seconds before replying back. And each new request will wait one second less.

This will easily let you test that your app with Peewee and FastAPI is behaving correctly with all the stuff about threads.