package com.mirth.connect.util;

import java.util.Arrays;
import java.util.LinkedHashSet;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.http.ssl.SSLContexts;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/mirth/connect/util/MirthSSLUtil.class */
public class MirthSSLUtil {
    public static final String KEY_SUPPORTED_PROTOCOLS = "supportedProtocols";
    public static final String KEY_SUPPORTED_CIPHER_SUITES = "supportedCipherSuites";
    public static final String KEY_ENABLED_CLIENT_PROTOCOLS = "enabledClientProtocols";
    public static final String KEY_ENABLED_SERVER_PROTOCOLS = "enabledServerProtocols";
    public static final String KEY_ENABLED_CIPHER_SUITES = "enabledCipherSuites";
    public static final String[] DEFAULT_HTTPS_CLIENT_PROTOCOLS = {"TLSv1.3", "TLSv1.2"};
    public static final String[] DEFAULT_HTTPS_SERVER_PROTOCOLS = {"TLSv1.3", "TLSv1.2", "SSLv2Hello"};
    public static final String[] DEFAULT_HTTPS_CIPHER_SUITES = {"TLS_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    private static Logger logger = LogManager.getLogger(MirthSSLUtil.class);

    public static String[] getSupportedHttpsProtocols() {
        return SSLContexts.createDefault().getSupportedSSLParameters().getProtocols();
    }

    public static String[] getSupportedHttpsCipherSuites() {
        return SSLContexts.createDefault().getSupportedSSLParameters().getCipherSuites();
    }

    public static String[] getEnabledHttpsProtocols(String[] strArr) {
        logger.debug("Requested SSL protocols: " + Arrays.toString(strArr));
        String[] protocols = SSLContexts.createDefault().getSupportedSSLParameters().getProtocols();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (String str : strArr) {
            if (ArrayUtils.contains(protocols, str)) {
                linkedHashSet.add(str);
            }
        }
        logger.debug("Enabled SSL protocols: " + String.valueOf(linkedHashSet));
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public static String[] getEnabledHttpsCipherSuites(String[] strArr) {
        logger.debug("Requested SSL cipher suites: " + Arrays.toString(strArr));
        String[] cipherSuites = SSLContexts.createDefault().getSupportedSSLParameters().getCipherSuites();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (String str : strArr) {
            if (ArrayUtils.contains(cipherSuites, str)) {
                linkedHashSet.add(str);
            }
        }
        logger.debug("Enabled SSL cipher suites: " + String.valueOf(linkedHashSet));
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }
}
