package com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.nio.ssl;

import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.ssl.TLS;
import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.ssl.TlsCiphers;
import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.net.NamedEndpoint;
import com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;

/* loaded from: input_file:WEB-INF/lib/docker-java-transport-zerodep-3.2.12.jar:com/github/dockerjava/zerodep/shaded/org/apache/hc/core5/http/nio/ssl/TlsSupport.class */
public final class TlsSupport {
    public static SSLSessionInitializer enforceStrongSecurity(final SSLSessionInitializer sSLSessionInitializer) {
        return new SSLSessionInitializer() { // from class: com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.http.nio.ssl.TlsSupport.1
            @Override // com.github.dockerjava.zerodep.shaded.org.apache.hc.core5.reactor.ssl.SSLSessionInitializer
            public void initialize(NamedEndpoint namedEndpoint, SSLEngine sSLEngine) {
                SSLParameters sSLParameters = sSLEngine.getSSLParameters();
                sSLParameters.setProtocols(TLS.excludeWeak(sSLParameters.getProtocols()));
                sSLParameters.setCipherSuites(TlsCiphers.excludeWeak(sSLParameters.getCipherSuites()));
                sSLEngine.setSSLParameters(sSLParameters);
                if (SSLSessionInitializer.this != null) {
                    SSLSessionInitializer.this.initialize(namedEndpoint, sSLEngine);
                }
            }
        };
    }
}
