pkg crypto/cipher, func NewGCMWithTagSize(Block, int) (AEAD, error)
pkg crypto/rsa, method (*PrivateKey) Size() int
pkg crypto/rsa, method (*PublicKey) Size() int
pkg crypto/tls, method (*ConnectionState) ExportKeyingMaterial(string, []uint8, int) ([]uint8, error)
pkg database/sql, method (IsolationLevel) String() string
pkg database/sql, type DBStats struct, Idle int
pkg database/sql, type DBStats struct, InUse int

                Console cons = System.console();
                char[] password = (cons == null) ? null : cons.readPassword("Password: ");
                if (password != null) {
                    // Cipher uses Strings
                    passwd = String.copyValueOf(password);

                    // Sun/Oracle advises to empty the char array
                    java.util.Arrays.fill(password, ' ');
                }

        .build()
    server.useHttps(serverCertificates.sslSocketFactory())
    executeSynchronously("/")
      .assertFailureMatches("(?s)Hostname localhost not verified.*")
  }

  /**
   * Anonymous cipher suites were disabled in OpenJDK because they're rarely used and permit
   * man-in-the-middle attacks. https://bugs.openjdk.java.net/browse/JDK-8212823
   */
  @Test
  fun anonCipherSuiteUnsupported() {

pkg crypto, type Decrypter interface, Decrypt(io.Reader, []uint8, DecrypterOpts) ([]uint8, error)
pkg crypto, type Decrypter interface, Public() PublicKey
pkg crypto, type DecrypterOpts interface {}
pkg crypto/cipher, func NewGCMWithNonceSize(Block, int) (AEAD, error)
pkg crypto/elliptic, type CurveParams struct, Name string
pkg crypto/rsa, method (*PrivateKey) Decrypt(io.Reader, []uint8, crypto.DecrypterOpts) ([]uint8, error)

pkg crypto/cipher, func NewOFB(Block, []uint8) Stream
pkg crypto/cipher, method (StreamReader) Read([]uint8) (int, error)
pkg crypto/cipher, method (StreamWriter) Close() error
pkg crypto/cipher, method (StreamWriter) Write([]uint8) (int, error)
pkg crypto/cipher, type Block interface { BlockSize, Decrypt, Encrypt }
pkg crypto/cipher, type Block interface, BlockSize() int

    server.protocolNegotiationEnabled = true
    server.protocols = client.protocols
  }

  /**
   * Used during tests that involve TLS connection fallback attempts. OkHttp includes the
   * TLS_FALLBACK_SCSV cipher on fallback connections. See [FallbackTestClientSocketFactory]
   * for details.
   */
  private fun suppressTlsFallbackClientSocketFactory() = FallbackTestClientSocketFactory(handshakeCertificates.sslSocketFactory())

### Bug or Regression

- Add support for TLS 1.3 ciphers: TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256 and TLS_AES_256_GCM_SHA384. ([#90843](https://github.com/kubernetes/kubernetes/pull/90843), [@pjbgf](https://github.com/pjbgf)) [SIG API Machinery, Auth and Cluster Lifecycle]

- Added a warning that TLS 1.3 ciphers are not configurable. ([#115399](https://github.com/kubernetes/kubernetes/pull/115399), [@3u13r](https://github.com/3u13r)) [SIG API Machinery and Node]

pkg archive/zip, type FileHeader struct, UncompressedSize //deprecated
pkg compress/flate, type ReadError //deprecated
pkg compress/flate, type WriteError //deprecated
pkg crypto/rc4, method (*Cipher) Reset //deprecated
pkg crypto/tls, const VersionSSL30 //deprecated
pkg crypto/tls, method (*Config) BuildNameToCertificate //deprecated
pkg crypto/tls, type Config struct, NameToCertificate //deprecated