private int[] ciphers;

    /**
     * Constructs an encryption negotiate context.
     *
     * @param config the configuration (currently unused)
     * @param ciphers array of encryption cipher IDs to negotiate
     */
    public EncryptionNegotiateContext(final Configuration config, final int ciphers[]) {
        this.ciphers = ciphers;
    }

    /**

        cipher.setKey("mySecretKey");

        final String original = "";
        final String encrypted = cipher.encryptText(original);
        final String decrypted = cipher.decryptText(encrypted);

        assertThat(decrypted, is(original));
    }

    @Test
    public void testLongText() {
        final CachedCipher cipher = new CachedCipher();
        cipher.setKey("mySecretKey");

            final Cipher cipher = Cipher.getInstance(transformation);
            final GCMParameterSpec gcmSpec = new GCMParameterSpec(getAuthTagLength() * 8, nonce);

            cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, keySpec, gcmSpec);
            return cipher;
        } finally {
            // Guaranteed cleanup of all key material
            if (key != null) {

        void testConstructorWithConfigAndCiphers() {
            int[] ciphers = { EncryptionNegotiateContext.CIPHER_AES128_CCM, EncryptionNegotiateContext.CIPHER_AES128_GCM };

            EncryptionNegotiateContext context = new EncryptionNegotiateContext(mockConfig, ciphers);

            assertNotNull(context);
            assertArrayEquals(ciphers, context.getCiphers());
        }

		tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
	}
}

// TLSCiphersBackwardCompatible returns a list of supported
// TLS transport cipher suite IDs.
//
// In contrast to TLSCiphers, the list contains additional
// ciphers for backward compatibility. In particular, AES-CBC
// and non-ECDHE ciphers.
func TLSCiphersBackwardCompatible() []uint16 {
	return []uint16{
		tls.TLS_CHACHA20_POLY1305_SHA256, // TLS 1.3

            // Assert
            // Note: size() returns 4 + (2*ciphers.length) but encode only writes 2 + (2*ciphers.length)
            // This appears to be a bug in the implementation, but we test the actual behavior
            assertEquals(6, encodedSize); // actual encoded size: 2 bytes count + 2*2 bytes for ciphers
            assertEquals(2, buffer[0]); // cipher count (little endian)
            assertEquals(0, buffer[1]);

        void testConstructorWithParameters() {
            int[] ciphers = { EncryptionNegotiateContext.CIPHER_AES128_CCM, EncryptionNegotiateContext.CIPHER_AES128_GCM };

            context = new EncryptionNegotiateContext(mockConfig, ciphers);

            assertEquals(EncryptionNegotiateContext.NEGO_CTX_ENC_TYPE, context.getContextType());
            assertArrayEquals(ciphers, context.getCiphers());
        }

        @Test

with certificates and the privacy of data exchanged with strong ciphers.

When negotiating a connection to an HTTPS server, OkHttp needs to know which [TLS versions](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-tls-version/) and [cipher suites](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-cipher-suite/) to offer. A client that wants to maximize connectivity would include obsolete TLS versions and weak-by-design cipher suites. A strict client that wants to maximize security would...

  private val handshakeCertificates = platform.localhostHandshakeCertificates()

  /** Ciphers in order we observed directly on the socket. */
  private lateinit var handshakeEnabledCipherSuites: List<String>

  /** Ciphers in order we observed on sslSocketFactory defaults. */
  private lateinit var defaultEnabledCipherSuites: List<String>

  /** Ciphers in order we observed on sslSocketFactory supported. */

    @Test
    @DisplayName("Should return selected cipher")
    void testGetSelectedCipher() throws Exception {
        // Given
        setPrivateField(response, "selectedCipher", EncryptionNegotiateContext.CIPHER_AES128_GCM);

        // When
        int cipher = response.getSelectedCipher();

        // Then
        assertEquals(EncryptionNegotiateContext.CIPHER_AES128_GCM, cipher);
    }

    @Test