package pl.ceph3us.base.common.crypto.ssl.trustmanager;

import ch.qos.logback.classic.Logger;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.StringTokenizer;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Marker;
import pl.ceph3us.base.common.logging.logger.DLogger;
import pl.ceph3us.base.common.utils.StackTraceInfo;

/* loaded from: classes.dex */
public class HostNameTrustManager implements X509TrustManager {
    private HostnameChecker _hostNameChecker;
    private final KeyStore _keystore;
    private Socket _socket;

    /* loaded from: classes.dex */
    private class HostnameChecker {
        private static final int ALTNAME_DNS = 2;
        private static final int ALTNAME_IP = 7;
        public static final byte TYPE_TLS = 1;
        private final HostnameChecker INSTANCE_TLS;
        private final byte checkType;

        private HostnameChecker(byte b2) {
            this.INSTANCE_TLS = new HostnameChecker((byte) 1);
            this.checkType = b2;
        }

        private boolean isIpAddress(String str) {
            return true;
        }

        private boolean isMatched(String str, String str2) {
            if (this.checkType == 1) {
                return matchAllWildcards(str, str2);
            }
            return false;
        }

        private boolean matchAllWildcards(String str, String str2) {
            String lowerCase = str.toLowerCase();
            String lowerCase2 = str2.toLowerCase();
            StringTokenizer stringTokenizer = new StringTokenizer(lowerCase, ".");
            StringTokenizer stringTokenizer2 = new StringTokenizer(lowerCase2, ".");
            if (stringTokenizer.countTokens() != stringTokenizer2.countTokens()) {
                return false;
            }
            while (stringTokenizer.hasMoreTokens()) {
                if (!matchWildCards(stringTokenizer.nextToken(), stringTokenizer2.nextToken())) {
                    return false;
                }
            }
            return true;
        }

        private void matchDNS(String str, X509Certificate x509Certificate) throws CertificateException {
            throw new CertificateException("No name matching " + str + " found");
        }

        private void matchIP(String str, X509Certificate x509Certificate) throws CertificateException {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames == null) {
                throw new CertificateException("No subject alternative names present");
            }
            for (List<?> list : subjectAlternativeNames) {
                if (((Integer) list.get(0)).intValue() == 7 && str.equalsIgnoreCase((String) list.get(1))) {
                    return;
                }
            }
            throw new CertificateException("No subject alternative ames matching IP address " + str + " found");
        }

        private boolean matchLeftmostWildcard(String str, String str2) {
            String lowerCase = str.toLowerCase();
            String lowerCase2 = str2.toLowerCase();
            int indexOf = lowerCase2.indexOf(".");
            int indexOf2 = lowerCase.indexOf(".");
            if (indexOf == -1) {
                indexOf = lowerCase2.length();
            }
            if (indexOf2 == -1) {
                indexOf2 = lowerCase.length();
            }
            if (matchWildCards(lowerCase.substring(0, indexOf2), lowerCase2.substring(0, indexOf))) {
                return lowerCase2.substring(indexOf).equals(lowerCase.substring(indexOf2));
            }
            return false;
        }

        private boolean matchWildCards(String str, String str2) {
            int indexOf = str2.indexOf(Marker.ANY_MARKER);
            if (indexOf == -1) {
                return str.equals(str2);
            }
            boolean z = true;
            while (indexOf != -1) {
                String substring = str2.substring(0, indexOf);
                str2 = str2.substring(indexOf + 1);
                int indexOf2 = str.indexOf(substring);
                if (indexOf2 == -1 || (z && indexOf2 != 0)) {
                    return false;
                }
                str = str.substring(indexOf2 + substring.length());
                indexOf = str2.indexOf(Marker.ANY_MARKER);
                z = false;
            }
            return str.endsWith(str2);
        }

        public HostnameChecker getInstance(byte b2) {
            if (b2 == 1) {
                return this.INSTANCE_TLS;
            }
            throw new IllegalArgumentException("Unknown check type: " + ((int) b2));
        }

        public void match(String str, X509Certificate x509Certificate) throws CertificateException {
            if (isIpAddress(str)) {
                matchIP(str, x509Certificate);
            } else {
                matchDNS(str, x509Certificate);
            }
        }
    }

    public HostNameTrustManager(KeyStore keyStore) {
        this._keystore = keyStore;
    }

    private static Logger getLogger() {
        return DLogger.get().getRootLogger();
    }

    private void iisServerTrusted(X509Certificate[] x509CertificateArr) {
        if (isStrictDebugEnabled()) {
            getLogger().warn(".. method {} in {} not implemented yet!", StackTraceInfo.getCurrentMethodName(), StackTraceInfo.getCurrentClassName());
        }
    }

    protected static boolean isStrictDebugEnabled() {
        return DLogger.get().isStrictDebugEnabled();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (x509CertificateArr != null) {
            if (isStrictDebugEnabled()) {
                getLogger().trace("Server certificate chain:");
                for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
                    getLogger().trace("X509Certificate[" + i2 + "]=" + x509CertificateArr[i2]);
                }
            }
        } else if (isStrictDebugEnabled()) {
            getLogger().debug("... Host Name Trust Manager checking server trusted from {}... ", StackTraceInfo.getInvokingClassName());
        }
        if (x509CertificateArr == null || x509CertificateArr.length != 1) {
            iisServerTrusted(x509CertificateArr);
            return;
        }
        try {
            x509CertificateArr[0].getSubjectAlternativeNames();
        } catch (CertificateException e2) {
            getLogger().error(e2.toString());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }

    public void setSocket(Socket socket) {
        this._socket = socket;
    }
}
