* The user ID is encrypted using the primary cipher and validated against the configuration.
     *
     * @param userCode the raw user ID to encrypt
     * @return the encrypted and validated user code, or null if invalid
     */
    protected String createUserCodeFromUserId(String userCode) {
        final FessConfig fessConfig = ComponentUtil.getFessConfig();
        final PrimaryCipher cipher = ComponentUtil.getPrimaryCipher();

    private byte[] type1Bytes;

    private byte[] signKey;
    private byte[] verifyKey;
    private byte[] sealClientKey;
    private byte[] sealServerKey;

    private Cipher sealClientHandle;
    private Cipher sealServerHandle;

    /**
     * Creates a new NTLM security context with the specified parameters.
     * @param tc
     *            context to use
     * @param auth

                        /* RC4 was not added to Java until 1.5u7 so let's use our own for a little while longer ...
                        try {
                            Cipher rc4 = Cipher.getInstance("RC4");
                            rc4.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(ntlm2SessionKey, "RC4"));
                            rc4.update(masterKey, 0, 16, exchangedKey, 0);

 * limitations under the License.
 */
package okhttp3.survey

import okhttp3.survey.types.Client
import okhttp3.survey.types.SuiteId

/**
 * Organizes information on SSL cipher suite inclusion and precedence for this spreadsheet.
 * https://docs.google.com/spreadsheets/d/1C3FdZSlCBq_-qrVwG1KDIzNIB3Hyg_rKAcgmSzOsHyQ/edit#gid=0
 */
class CipherSuiteSurvey(
  val clients: List<Client>,

            return false;
        }

        boolean valid = false;
        for (final int cipher : rec.getCiphers()) {
            if (cipher == ec.getCiphers()[0]) {
                valid = true;
            }
        }
        if (!valid) {
            log.error("Server returned invalid cipher selection");
            return false;
        }
        return true;
    }

    /**

  - andrew-propelauth
  - svix
  - zuplo-oss
  - zuplo
  - Kong
  - speakeasy-api
  - jess-render
  - blockbee-io
  - liblaber
  - render-sponsorships
  - renderinc
  - stainless-api
  - snapit-cypher
  - coderabbitai
  - permitio
  - LambdaTest-Inc
  - dribia
  - madisonredtfeldt
  - railwayapp
  - subtotal
  - requestly

    cipher suite. We accidentally specified a key size of 256, preventing that cipher suite from
    being selected for any TLS handshakes. We didn't notice because this cipher suite isn't
    supported on Android, Java, or Conscrypt.

    We removed this cipher suite and `TLS_AES_128_CCM_SHA256` from the restricted, modern, and

├── collection/  # Enhanced collections (LruHashMap, CaseInsensitiveMap)
├── concurrent/  # Concurrency utilities
├── convert/     # Type conversion (*ConversionUtil)
├── crypto/      # Cipher & encryption (CachedCipher)
├── exception/   # Runtime exception wrappers
├── io/          # I/O & resource utilities
├── jar/         # JAR file utilities
├── lang/        # Reflection & language utilities

    if (this::cache.isInitialized) {
      cache.delete()
    }
  }

  @Test
  fun corruptedCipher() {
    val response =
      testCorruptingCache {
        corruptMetadata {
          // mess with cipher suite
          it.replace("TLS_", "SLT_")
        }
      }

    assertThat(response.body.string()).isEqualTo("ABC.1") // cached
    assertThat(cache.requestCount()).isEqualTo(2)

        try {
            initProcesses.forEach(action);
        } finally {
            initProcesses.clear();
        }
    }

    /**
     * Gets a cached cipher by name.
     * @param cipherName The cipher name.
     * @return The cached cipher.
     */
    public static CachedCipher getCipher(final String cipherName) {
        return getComponent(cipherName);
    }

    /**