}

    @Test
    @DisplayName("Should generate multiple unique nonces without collision")
    void testGenerateMultipleNoncesNoCollision() {
        // Given
        int count = 10000; // Test with larger number for collision detection
        Set<String> nonceSet = new HashSet<>();

        // When
        for (int i = 0; i < count; i++) {
            byte[] nonce = encryptionContext.generateNonce();

  } catch (_: NumberFormatException) {
    defaultValue
  }

/**
 * Returns this as a non-negative integer, or 0 if it is negative, or [Int.MAX_VALUE] if it is too
 * large, or [defaultValue] if it cannot be parsed.
 */
internal fun String?.toNonNegativeInt(defaultValue: Int): Int {
  try {
    val value = this?.toLong() ?: return defaultValue
    return when {
      value > Int.MAX_VALUE -> Int.MAX_VALUE

		// Return only true if the SSE header is specified and does not contain the SSE-S3 value
		return strings.ToUpper(h.Get(xhttp.AmzServerSideEncryption)) != xhttp.AmzEncryptionAES
	}
	return false
}

// ParseHTTP parses the SSE-KMS headers and returns the SSE-KMS key ID
// and the KMS context on success.
func (ssekms) ParseHTTP(h http.Header) (string, kms.Context, error) {
	if h == nil {
		return "", nil, ErrInvalidEncryptionMethod
	}

  /*
   * Cache the size for efficiency. Using a long lets us avoid the need for
   * overflow checking and ensures that size() will function correctly even if
   * the multiset had once been larger than Integer.MAX_VALUE.
   */
  private transient long size;

  /** Standard constructor. */
  protected AbstractMapBasedMultiset(Map<E, Count> backingMap) {
    checkArgument(backingMap.isEmpty());

		if actualErrCode == ErrNone {
			// validating the extracted/parsed credential fields.
			validateCredentialfields(t, i+1, testCase.expectedAuthField.Credential, parsedAuthField.Credential)

			// validating the extraction/parsing of signature field.
			if !compareSignatureV4(testCase.expectedAuthField.Signature, parsedAuthField.Signature) {

  }

  /**
   * Ignored due to incompatibilities between Android and Java on how non-ASCII subject alt names
   * are parsed. Android fails to parse these, which means we fall back to the CN. The RI does parse
   * them, so the CN is unused.
   */
  @Test fun verifyNonAsciiSubjectAlt() {
    // Expecting actual:
    //  ["bar.com", "花子.co.jp"]

        if (StringUtil.isNotBlank(roleName)) {
            roleNameList.add(roleName);
        }
    }

    /**
     * Parses the role set from a string.
     * @param value The string to parse.
     * @param encrypted Whether the string is encrypted.
     * @param roleSet The set of roles.
     */

    //                                                                           Attribute
    //                                                                           =========
    // keeping parsed request parameters, normal texts or uploaded files
    // keys are requested parameter names (treated as field name here)
    protected Map<String, Object> elementsAll; // lazy-loaded, then after not null

            throw new DictionaryException("Failed to parse " + path, e);
        }
    }

    /**
     * Reloads the stopwords dictionary from an input stream.
     *
     * @param updater An optional updater to apply changes.
     * @param in      The input stream to read the dictionary from.
     * @throws DictionaryException if the input stream cannot be parsed.
     */

        byte[] encrypted = storage.encryptCredentials(plaintext);
        assertNotNull(encrypted, "Encrypted long password should not be null");
        assertTrue(encrypted.length > plaintext.length, "Encrypted data should be larger due to IV and auth tag");

        char[] decrypted = storage.decryptCredentials(encrypted);
        assertArrayEquals(plaintext, decrypted, "Decrypted long password should match original");

        // Clean up