@Test
    public void test_getExtensionFromMimeType_png() {
        assertEquals(".png", generator.getExtensionFromMimeType("image/png"));
    }

    // Tests for BMP MIME types (multiple variants)
    @Test
    public void test_getExtensionFromMimeType_bmp() {
        assertEquals(".bmp", generator.getExtensionFromMimeType("image/bmp"));
    }

    @Test

arcfour256
arcfour128
arcfour
aes128-cbc
3des-cbc
```

`--sftp=mac-algos=...` specifies a default set of MAC algorithms in preference order.
This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed because they have 
reached the end of their useful life.

Valid values: 

```
******@****.***
******@****.***
hmac-sha2-256
hmac-sha2-512
hmac-sha1

import okio.ByteString
import okio.ForwardingSource
import okio.Source
import okio.buffer

/**
 * Streaming decoder of data encoded following Abstract Syntax Notation One (ASN.1). There are
 * multiple variants of ASN.1, including:
 *
 *  * DER: Distinguished Encoding Rules. This further constrains ASN.1 for deterministic encoding.
 *  * BER: Basic Encoding Rules.
 *

	VPGATHERDQ (BP)(X15*2), K1, Y15 // ERROR "index and destination registers should be distinct"
	VPGATHERDQ (BP)(Y20*2), K1, Z20 // ERROR "index and destination registers should be distinct"
	// Instructions without EVEX variant can't use High-16 registers.
	VADDSUBPD X20, X1, X2           // ERROR "invalid instruction"
	VADDSUBPS X0, X20, X2           // ERROR "invalid instruction"
	// Use of K0 for write mask (Yknot0).

        lenient().when(tree.isConnected()).thenReturn(connected);
        lenient().when(tree.isSMB2()).thenReturn(smb2);
    }

    @Test
    @DisplayName("Constructor with null tree throws NPE (byte[] fid variant)")
    void constructor_nullTree_byteArray_throwsNPE() {
        lenient().when(cfg.isTraceResourceUsage()).thenReturn(false);
        assertThrows(NullPointerException.class,

   * response code is 407 proxy unauthorized, this returns the "Proxy-Authenticate" challenges.
   * Otherwise this returns an empty list of challenges.
   *
   * If a challenge uses the `token68` variant instead of auth params, there is exactly one
   * auth param in the challenge at key null. Invalid headers and challenges are ignored.
   * No semantic validation is done, for example that `Basic` auth must have a `realm`

  }

  /**
   * Returns the identity function.
   *
   * <p><b>Discouraged:</b> Prefer using a lambda like {@code v -> v}, which is shorter and often
   * more readable.
   */
  // implementation is "fully variant"; E has become a "pass-through" type
  @SuppressWarnings("unchecked")
  public static <E extends @Nullable Object> Function<E, E> identity() {
    return (Function<E, E>) IdentityFunction.INSTANCE;
  }

	chacha20Poly1305ID,
	"aes128-ctr", "aes192-ctr", "aes256-ctr",
}

// supportedMACs specifies a default set of MAC algorithms in preference order.
// This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
// because they have reached the end of their useful life.
// https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.22.0:ssh/common.go;l=85
var supportedMACs = []string{

  }

  /**
   * Returns the identity function.
   *
   * <p><b>Discouraged:</b> Prefer using a lambda like {@code v -> v}, which is shorter and often
   * more readable.
   */
  // implementation is "fully variant"; E has become a "pass-through" type
  @SuppressWarnings("unchecked")
  public static <E extends @Nullable Object> Function<E, E> identity() {
    return (Function<E, E>) IdentityFunction.INSTANCE;
  }

    }

    /**
     * Checks if the current user has the specified action role or administrative privileges.
     *
     * @param role the role to check (supports both view and edit variants)
     * @return true if the user has the role or admin privileges, false otherwise
     */
    public static boolean hasActionRole(final String role) {
        final String[] roles;