* The user ID is encrypted using the primary cipher and validated against the configuration.
     *
     * @param userCode the raw user ID to encrypt
     * @return the encrypted and validated user code, or null if invalid
     */
    protected String createUserCodeFromUserId(String userCode) {
        final FessConfig fessConfig = ComponentUtil.getFessConfig();
        final PrimaryCipher cipher = ComponentUtil.getPrimaryCipher();

ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1
```

`--sftp=cipher-algos=...` specifies the allowed cipher algorithms. 
If unspecified then a sensible default is used.

Valid values: 
```
aes128-ctr
aes192-ctr
aes256-ctr
******@****.***
******@****.***

    cipher suite. We accidentally specified a key size of 256, preventing that cipher suite from
    being selected for any TLS handshakes. We didn't notice because this cipher suite isn't
    supported on Android, Java, or Conscrypt.

    We removed this cipher suite and `TLS_AES_128_CCM_SHA256` from the restricted, modern, and

 * limitations under the License.
 */
package okhttp3.survey

import okhttp3.survey.types.Client
import okhttp3.survey.types.SuiteId

/**
 * Organizes information on SSL cipher suite inclusion and precedence for this spreadsheet.
 * https://docs.google.com/spreadsheets/d/1C3FdZSlCBq_-qrVwG1KDIzNIB3Hyg_rKAcgmSzOsHyQ/edit#gid=0
 */
class CipherSuiteSurvey(
  val clients: List<Client>,

            return false;
        }

        boolean valid = false;
        for (final int cipher : rec.getCiphers()) {
            if (cipher == ec.getCiphers()[0]) {
                valid = true;
            }
        }
        if (!valid) {
            log.error("Server returned invalid cipher selection");
            return false;
        }
        return true;
    }

    /**

        try {
            initProcesses.forEach(action);
        } finally {
            initProcesses.clear();
        }
    }

    /**
     * Gets a cached cipher by name.
     * @param cipherName The cipher name.
     * @return The cached cipher.
     */
    public static CachedCipher getCipher(final String cipherName) {
        return getComponent(cipherName);
    }

    /**

### Bug or Regression

- Add support for TLS 1.3 ciphers: TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256 and TLS_AES_256_GCM_SHA384. ([#90843](https://github.com/kubernetes/kubernetes/pull/90843), [@pjbgf](https://github.com/pjbgf)) [SIG API Machinery, Auth and Cluster Lifecycle]

    if (this::cache.isInitialized) {
      cache.delete()
    }
  }

  @Test
  fun corruptedCipher() {
    val response =
      testCorruptingCache {
        corruptMetadata {
          // mess with cipher suite
          it.replace("TLS_", "SLT_")
        }
      }

    assertThat(response.body.string()).isEqualTo("ABC.1") // cached
    assertThat(cache.requestCount()).isEqualTo(2)

  - andrew-propelauth
  - svix
  - zuplo-oss
  - zuplo
  - Kong
  - speakeasy-api
  - jess-render
  - blockbee-io
  - liblaber
  - render-sponsorships
  - renderinc
  - stainless-api
  - snapit-cypher
  - coderabbitai
  - permitio
  - LambdaTest-Inc
  - dribia
  - madisonredtfeldt
  - railwayapp

      ConnectionSpec
        .Builder(ConnectionSpec.MODERN_TLS)
        .cipherSuites(*arrayOf<CipherSuite>())
        .build()
    }.also { expected ->
      assertThat(expected.message)
        .isEqualTo("At least one cipher suite is required")
    }
  }

  @Test
  fun cleartextBuilder() {
    val cleartextSpec = ConnectionSpec.Builder(false).build()
    assertThat(cleartextSpec.isTls).isFalse()
  }

  @Test