}
        }

        public boolean isValid() {
            return isValid;
        }

        public void invalidate() {
            this.isValid = false;
            // Clear sensitive data
            synchronized (hashLock) {
                Arrays.fill(currentHash, (byte) 0);
            }
        }
    }

    /**

 *  Breaking: Move `gzip` from `RequestBody` to `Request.Builder`. This new API handles both
    compressing the request body and also adding the corresponding `Content-Encoding` header. Note
    that this function is sensitive to when it is called: the response body must be supplied before
    it can be compressed.

 *  Breaking: Remove `AddressPolicy`, `AsyncDns`, and `ConnectionListener` from the public API. We

        assertNotNull(decrypted, "Decrypted data should not be null");
        assertArrayEquals(plaintext, decrypted, "Decrypted should match original");

        // Clean up sensitive data
        Arrays.fill(plaintext, '\0');
        Arrays.fill(decrypted, '\0');
    }

    @Test
    public void testEncryptDecryptEmpty() throws Exception {
        char[] plaintext = new char[0];

        assertNull(doc.get("content_ja")); // content is not in langFields
    }

    public void test_getSupportedLanguage_caseInsensitive() {
        // Test that method is case sensitive (as per implementation)
        assertNull(languageHelper.getSupportedLanguage("JA"));
        assertNull(languageHelper.getSupportedLanguage("EN"));
        assertEquals("ja", languageHelper.getSupportedLanguage("ja"));

        dynamicTable[index] = entry
        headerCount++
        dynamicTableByteCount += delta
      }

      /**
       * This does not use "never indexed" semantics for sensitive headers.
       *
       * http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-12#section-6.2.3
       */
      @Throws(IOException::class)
      fun writeHeaders(headerBlock: List<Header>) {

   * is sent unencrypted to the proxy server, so tunnels include only the minimum set of headers.
   * This avoids sending potentially sensitive data like HTTP cookies to the proxy unencrypted.
   *
   * In order to support preemptive authentication we pass a fake "Auth Failed" response to the

    /** Prefix for regular expression patterns. */
    public static final String REGEXP = "regexp:";

    /** Prefix for case-sensitive regular expression patterns. */
    public static final String REGEXP_CASE = "regexpCase:";

    /** Prefix for case-insensitive regular expression patterns. */
    public static final String REGEXP_IGNORE_CASE = "regexpIgnoreCase:";

    exchange?.hasFailure == true &&
      exchangeFinder!!.routePlanner.hasNext(exchange?.connection)

  /**
   * Returns a string that describes this call. Doesn't include a full URL as that might contain
   * sensitive information.
   */
  private fun toLoggableString(): String =
    (
      (if (isCanceled()) "canceled " else "") +
        (if (forWebSocket) "web socket" else "call") +
        " to " + redactedUrl()
    )

            bytesEncrypted.addAndGet(message.length);

            return result;
        } catch (final Exception e) {
            // Clear sensitive data on error
            if (e instanceof CIFSException) {
                throw (CIFSException) e;
            }
            throw new CIFSException("Failed to encrypt message", e);
        }
    }

    assertEquals(0, logHandler.getStoredLogRecords().size());
  }

  public void testPartiallyConstructedManager_transitionAfterAddListenerBeforeStateIsReady() {
    // The implementation of this test is pretty sensitive to the implementation :( but we want to
    // ensure that if weird things happen during construction then we get exceptions.
    NoOpService service1 = new NoOpService();