package com.sonicwall.mobileconnect.util;

import com.sonicwall.connect.util.CertDetails;
import com.sonicwall.mobileconnect.BuildConfig;
import com.sonicwall.mobileconnect.exception.ServerCertTrustException;
import com.sonicwall.mobileconnect.logging.Logger;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class MCX509TrustManager implements X509TrustManager, HostnameVerifier {
    private static final String TAG = "MCX509TrustManager";
    private static final Logger logger = Logger.getInstance();
    protected TrustManagerListener mListener = null;
    protected CertDetails mTrustedServerCertDetails = null;
    protected String mServerHostname = null;
    protected int mServerPort = -1;

    public static boolean verifyHost(String str, SSLSession sSLSession, TrustManagerListener trustManagerListener) {
        logger.logDebug(TAG, "verifying host name: " + str);
        if (HttpsURLConnection.getDefaultHostnameVerifier().verify(str, sSLSession)) {
            return true;
        }
        try {
            CertDetails createFromDerEncoded = CertDetails.createFromDerEncoded(sSLSession.getPeerCertificates()[0].getEncoded());
            if (createFromDerEncoded.isAcceptedForServer(str)) {
                return true;
            }
            if (trustManagerListener != null) {
                trustManagerListener.onFailVerifyHostname(str, createFromDerEncoded);
            }
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        logger.logDebug(TAG, "checkClientTrusted(...)");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String str2;
        logger.logDebug(TAG, "checkServerTrusted(...)");
        CertDetails createFromDerEncoded = CertDetails.createFromDerEncoded(x509CertificateArr[0].getEncoded());
        logger.logDebug(TAG, "checkServerTrusted: extracted: " + createFromDerEncoded);
        logger.logDebug(TAG, "checkServerTrusted: Verifying...");
        if (isServerTrustedBySystem(x509CertificateArr, str) || createFromDerEncoded.isAcceptedForAnyServer()) {
            this.mTrustedServerCertDetails = createFromDerEncoded;
            logger.logDebug(TAG, "checkServerTrusted: Verification successful");
            return;
        }
        logger.logDebug(TAG, "checkServerTrusted: Verification failed");
        String str3 = null;
        if (this.mServerHostname != null) {
            StringBuilder sb = new StringBuilder();
            sb.append(this.mServerHostname);
            if (this.mServerPort >= 0) {
                str2 = ":" + this.mServerPort;
            } else {
                str2 = BuildConfig.FLAVOR;
            }
            sb.append(str2);
            str3 = sb.toString();
        }
        throw new CertificateException("Certificate is not trusted", new ServerCertTrustException(str3, createFromDerEncoded));
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        logger.logDebug(TAG, "getAcceptedIssuers()");
        return new X509Certificate[0];
    }

    public CertDetails getTrustedServerCertDetails() {
        return this.mTrustedServerCertDetails;
    }

    protected boolean isServerTrustedBySystem(X509Certificate[] x509CertificateArr, String str) {
        X509TrustManager x509TrustManager = null;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
        } catch (Exception e) {
            logger.logError(TAG, e);
        }
        try {
            x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public void setListener(TrustManagerListener trustManagerListener) {
        this.mListener = trustManagerListener;
    }

    public void setServerHost(String str, int i) {
        this.mServerHostname = str;
        this.mServerPort = i;
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        return verifyHost(str, sSLSession, this.mListener);
    }
}
