t.Parallel()
	q := dangerousSlice(t)
	if len(q) > 64 {
		// Only worry about when we're near the end of a page.
		q = q[len(q)-64:]
	}
	b := dangerousSlice(t)
	if len(b) > 256 {
		// Only worry about when we're near the end of a page.
		b = b[len(b)-256:]
	}
	for j := 1; j < len(q); j++ {
		q[j-1] = 1 // difference is only found on the last byte
		for i := range b {
			idx := Index(b[i:], q[:j])
			if idx != -1 {

                        while (buffer[bufferIndex + len] != (byte) 0x00 || buffer[bufferIndex + len + 1] != (byte) 0x00) {
                            len += 2;
                            if (len > 256) {
                                throw new RuntimeException("zero termination not found");
                            }
                        }

This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed because they have 
reached the end of their useful life.

Valid values: 

```
hmac-sha2-256******@****.***
******@****.***
hmac-sha2-256
hmac-sha2-512
hmac-sha1
hmac-sha1-96
```

### Certificate-based authentication

  }

  // goodFastHash(256) uses Murmur3_128. Use the same epsilon bounds.
  public void testGoodFastHash256() {
    HashTestUtils.check2BitAvalanche(Hashing.goodFastHash(256), 250, 0.20);
    HashTestUtils.checkAvalanche(Hashing.goodFastHash(256), 500, 0.17);
    HashTestUtils.checkNo2BitCharacteristics(Hashing.goodFastHash(256));
    HashTestUtils.checkNoFunnels(Hashing.goodFastHash(256));

    /**
     * Kerberos checksum type for HMAC-SHA1-96 with AES-128.
     */
    public static final int HMAC_SHA1_96_AES128 = 0x0000000F;
    /**
     * Kerberos checksum type for HMAC-SHA1-96 with AES-256.
     */
    public static final int HMAC_SHA1_96_AES256 = 0x00000010;

    /**
     * Kerberos encryption type for ARCFOUR-HMAC (RC4-HMAC).
     */
    public static final int ETYPE_ARCFOUR_HMAC = 23;
    /**

@DisplayName("CIFSUnsupportedCryptoException Tests")
class CIFSUnsupportedCryptoExceptionTest extends BaseTest {

    private static final String CRYPTO_ERROR_MESSAGE = "Unsupported cryptographic algorithm: AES-256-GCM";
    private static final String ALGORITHM_NAME = "AES-256-GCM";

    @Test
    @DisplayName("Default constructor should create exception with null message and cause")
    void testDefaultConstructor() {
        // Given & When

  verbose " - Running Downloader.java ..."
  "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
fi

# If specified, validate the SHA-256 sum of the Maven distribution zip file
if [ -n "${distributionSha256Sum-}" ]; then
  distributionSha256Result=false
  if [ "$MVN_CMD" = mvnd.sh ]; then
    echo "Checksum validation is not supported for maven-mvnd." >&2

- [PRF](#prf): HMAC-SHA-256
- [AEAD](#aead): AES-256-GCM if the CPU supports AES-NI, ChaCha20-Poly1305 otherwise. More specifically AES-256-GCM is only selected for X86-64 CPUs with AES-NI extension.

Further any secret key (apart from the KMS-generated ones) is 256 bits long. The KMS-generated keys may be 256 bits but this depends on the KMS capabilities and configuration.

import (
	"crypto/md5"
	"encoding/hex"

	"github.com/minio/minio/internal/hash/sha256"
)

// getSHA256Hash returns SHA-256 hash in hex encoding of given data.
func getSHA256Hash(data []byte) string {
	return hex.EncodeToString(getSHA256Sum(data))
}

// getSHA256Hash returns SHA-256 sum of given data.
func getSHA256Sum(data []byte) []byte {
	hash := sha256.New()
	hash.Write(data)
	return hash.Sum(nil)
}

    }

    @Test
    @DisplayName("Test context encoding")
    public void testEncoding() {
        byte[] buffer = new byte[256];
        int encodedSize = context.encode(buffer, 0);

        assertTrue(encodedSize > 8); // Minimum size: count + padding + flags + algorithms
        assertEquals(context.size(), encodedSize);
    }

    @Test