"trustStore is",
            "Reload the trust store",
            "Reload trust certs",
            "Reloaded",
            "adding as trusted certificates",
            "Ignore disabled cipher suite",
            "Ignore unsupported cipher suite",
          ).joinToString(separator = "|"),
        )
        append(").*")
      },
    )

  private val testLogHandler =
    object : Handler() {

    if (this::cache.isInitialized) {
      cache.delete()
    }
  }

  @Test
  fun corruptedCipher() {
    val response =
      testCorruptingCache {
        corruptMetadata {
          // mess with cipher suite
          it.replace("TLS_", "SLT_")
        }
      }

    assertThat(response.body.string()).isEqualTo("ABC.1") // cached
    assertThat(cache.requestCount()).isEqualTo(2)

### SMB3 Encryption Support
- **SMB2 Transform Header**: Encrypted message wrapping
- **AES-CCM/GCM Support**: Both AES-128-CCM (SMB 3.0/3.0.2) and AES-128-GCM (SMB 3.1.1) cipher suites
- **Encryption Context**: Per-session encryption state management
- **Key Derivation**: SMB3 KDF implementation with dialect-specific parameters

      ConnectionSpec
        .Builder(ConnectionSpec.MODERN_TLS)
        .cipherSuites(*arrayOf<CipherSuite>())
        .build()
    }.also { expected ->
      assertThat(expected.message)
        .isEqualTo("At least one cipher suite is required")
    }
  }

  @Test
  fun cleartextBuilder() {
    val cleartextSpec = ConnectionSpec.Builder(false).build()
    assertThat(cleartextSpec.isTls).isFalse()
  }

  @Test

import org.dbflute.bhv.core.supplement.SequenceCacheHandler;
import org.dbflute.bhv.exception.BehaviorExceptionThrower;
import org.dbflute.bhv.exception.SQLExceptionHandlerFactory;
import org.dbflute.cbean.cipher.GearedCipherManager;
import org.dbflute.cbean.sqlclause.SqlClauseCreator;
import org.dbflute.dbmeta.DBMetaProvider;
import org.dbflute.dbway.DBDef;
import org.dbflute.jdbc.SQLExceptionDigger;

    private final int[] decryptKeys = new int[32];

    private final int[] tempInts = new int[2];

    /**
     * Creates a DES cipher instance without a key
     */
    public DES() {

    }

    // Constructor, byte-array key.
    /**
     * Creates a DES cipher instance with the specified key
     * @param key the DES key (7 or 8 bytes)
     */
    public DES(final byte[] key) {

    @NullAndEmptySource
    @ValueSource(strings = { "AES encryption not supported", "Missing Bouncy Castle provider", "Invalid key length for AES-128",
            "RC4 cipher not available in this JVM", "DES encryption is deprecated and not supported", "HMAC-SHA256 algorithm not found",
            "RSA key generation failed: key size not supported" })

		<property name="encryptedHeaderValue">true</property>
		<property name="cookieKey">"fessRoles"</property>
		<property name="encryptedCookieValue">true</property>
		<property name="cipher">
			<component class="org.codelibs.core.crypto.CachedCipher">
				<property name="key">"1234567890123456"</property>
			</component>
		</property>
		<property name="valueSeparator">"\\n"</property>

import org.dbflute.bhv.core.supplement.SequenceCacheHandler;
import org.dbflute.bhv.exception.BehaviorExceptionThrower;
import org.dbflute.bhv.exception.SQLExceptionHandlerFactory;
import org.dbflute.cbean.cipher.GearedCipherManager;
import org.dbflute.cbean.sqlclause.SqlClauseCreator;
import org.dbflute.dbmeta.DBMetaProvider;
import org.dbflute.dbway.DBDef;
import org.dbflute.jdbc.SQLExceptionDigger;

   * 3.0. For responses cached by preceding versions this returns [TlsVersion.SSL_3_0].
   */
  @get:JvmName("tlsVersion") val tlsVersion: TlsVersion,
  /** Returns the cipher suite used for the connection. */
  @get:JvmName("cipherSuite") val cipherSuite: CipherSuite,
  /** Returns a possibly-empty list of certificates that identify this peer. */