assertNotNull(cryptographer);

        String plainText = "Hello, World!";
        String encrypted = cryptographer.encrypt(plainText);
        assertNotNull(encrypted);
        assertFalse(plainText.equals(encrypted));

        String decrypted = cryptographer.decrypt(encrypted);
        assertEquals(plainText, decrypted);
    }

    @Test
    public void test_invertibleCryptography_withEmptyString() {

                        if (id.equalsIgnoreCase(server.getId())) {
                            SettingsDecryptionResult result =
                                    settingsDecrypter.decrypt(new DefaultSettingsDecryptionRequest(server));
                            server = result.getServer();

                            AuthenticationInfo authInfo = new AuthenticationInfo();

            byte[] decryptedData = createDecryptedDataBytes(USER_PRINCIPAL_NAME, USER_REALM);
            mockedEncData.when(() -> KerberosEncData.decrypt(ENCRYPTED_DATA, kerberosKey, ENCRYPTION_TYPE)).thenReturn(decryptedData);
            when(kerberosKey.getKeyType()).thenReturn(ENCRYPTION_TYPE);

            KerberosTicket ticket = new KerberosTicket(validToken, (byte) 0, keys);

     */
    public Smb2EncryptionContext getEncryptionContext() {
        return this.encryptionContext;
    }

    /**
     * Encrypt a message using the session's encryption context
     *
     * @param message the message to encrypt
     * @return encrypted message with transform header
     * @throws CIFSException if encryption fails or is not enabled
     */

                    throw new PACDecodingException("Kerberos key not found for eType " + encType.getValue());
                }

                try {
                    byte[] decrypted = KerberosEncData.decrypt(crypt, serverKey, serverKey.getKeyType());
                    this.encData = new KerberosEncData(decrypted, keysByAlgo);
                } catch (GeneralSecurityException e) {

		return key, err
	}
	unsealKey, err := k.Decrypt(context.TODO(), &kms.DecryptRequest{
		Name:           keyID,
		Ciphertext:     kmsKey,
		AssociatedData: kms.Context{bucket: path.Join(bucket, object)},
	})
	if err != nil {
		return key, err
	}
	err = key.Unseal(unsealKey, sealedKey, s3.String(), bucket, object)
	return key, err
}

// UnsealObjectsKeys extracts and decrypts all sealed object keys

                            String data = line.substring(pos + 1).trim();
                            if (properyPattern.matcher(key).matches() && data.startsWith(CIPHER_PREFIX)) {
                                data = cipher.decrypt(data.substring(CIPHER_PREFIX.length()));
                            }
                            paramMap.put(key, data);
                        } else {
                            paramMap.put(key, StringUtil.EMPTY);

                Constants.CIPHER_PREFIX + ComponentUtil.getPrimaryCipher().encrypt(value));
    }

    default String getLdapAdminSecurityCredentials() {
        final String value = getSystemProperty(Constants.LDAP_ADMIN_SECURITY_CREDENTIALS);
        if (StringUtil.isNotBlank(value) && value.startsWith(Constants.CIPHER_PREFIX)) {
            return ComponentUtil.getPrimaryCipher().decrypt(value.substring(Constants.CIPHER_PREFIX.length()));
        }

		return key, err
	}
	if ctx == nil {
		ctx = kms.Context{bucket: path.Join(bucket, object)}
	} else if _, ok := ctx[bucket]; !ok {
		ctx[bucket] = path.Join(bucket, object)
	}
	unsealKey, err := k.Decrypt(context.TODO(), &kms.DecryptRequest{
		Name:           keyID,
		Ciphertext:     kmsKey,
		AssociatedData: ctx,
	})
	if err != nil {
		return key, err
	}

			return
		}
		writeSuccessResponseJSON(w, resp)
		return
	}

	// 2. Verify that we can indeed decrypt the (encrypted) key
	decryptedKey, err := GlobalKMS.Decrypt(ctx, &kms.DecryptRequest{
		Name:           key.KeyID,
		Ciphertext:     key.Ciphertext,
		AssociatedData: kmsContext,
	})
	if err != nil {