* {@link jcifs.config.DelegatingConfiguration} to get forward compatibility.
 *
 * @author mbechler
 *
 */
public interface Configuration {

    /**
     * Gets the secure random number generator for cryptographic operations
     *
     * @return random source to use
     */
    SecureRandom getRandom();

    /**
     *
     *

 * [CWAC-NetSecurity](https://github.com/commonsguy/cwac-netsecurity): Simplifying Secure Internet Access.
 * [Failsafe](https://failsafe.dev/okhttp/): Fault tolerance and resilience patterns.
 * [Flipper](https://fbflipper.com/): A desktop debugging platform for mobile developers.

    // System.setProperty("jdk.tls.server.enableSessionTicketExtension", "true")

    platform.assumeJdk9()
  }

  @Test
  fun testTlsv13Works() {
    // https://docs.oracle.com/en/java/javase/14/security/java-secure-socket-extension-jsse-reference-guide.html
    // TODO test jdk.tls.client.enableSessionTicketExtension
    // TODO check debugging information

    enableTls()

    server.enqueue(MockResponse(body = "abc"))

    val hostOnly: Boolean = cookie.hostOnly
    val domain: String = cookie.domain
    val path: String = cookie.path
    val httpOnly: Boolean = cookie.httpOnly
    val secure: Boolean = cookie.secure
    val matches: Boolean = cookie.matches("".toHttpUrl())
    val parsedCookie: Cookie? = Cookie.parse("".toHttpUrl(), "")
    val cookies: List<Cookie> = Cookie.parseAll("".toHttpUrl(), headersOf())
  }

 * com.google.common.base.FinalizableReference}.
 *
 * <p>While this class is public, we consider it to be *internal* and not part of our published API.
 * It is public so we can access it reflectively across class loaders in secure environments.
 *
 * <p>This class can't depend on other Guava code. If we were to load this class in the same class
 * loader as the rest of Guava, this thread would keep an indirect strong reference to the class

        byte[] hash1 = md5_1.digest(data);
        byte[] hash2 = md5_2.digest(data);

        // Then
        assertArrayEquals(hash1, hash2);
    }

    @Test
    @DisplayName("Should generate secure random bytes")
    void testSecureRandomGeneration() throws java.security.NoSuchAlgorithmException {
        // Given
        int length = 16;

        // When
        byte[] random1 = new byte[length];

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

- name: authx
  html_url: https://github.com/yezz123/authx
  stars: 978
  owner_login: yezz123
  owner_html_url: https://github.com/yezz123
- name: secure
  html_url: https://github.com/TypeError/secure
  stars: 942
  owner_login: TypeError
  owner_html_url: https://github.com/TypeError
- name: titiler
  html_url: https://github.com/developmentseed/titiler
  stars: 940

github.com/dchest/siphash v1.2.3 h1:QXwFc8cFOR2dSa/gE6o/HokBMWtLUaNDVd+22aKHeEA=
github.com/dchest/siphash v1.2.3/go.mod h1:0NvQU092bT0ipiFN++/rXm69QG9tVxLAlQHIXMPAkHc=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40=

many as necessary with `addSubjectAlternativeName()`. This mechanism also supports a very limited
form of wildcards `*.example.com` where the `*` must be first and doesn't match nested subdomains.

By default certificates use fast and secure 256-bit ECDSA keys. For interoperability with very old
clients use `HeldCertificate.Builder.rsa2048()`.

Download
--------

```kotlin
implementation("com.squareup.okhttp3:okhttp-tls:5.1.0")
```