package nl.altindag.ssl.hostnameverifier;

import java.nio.charset.StandardCharsets;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Optional;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.stream.Collector;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import nl.altindag.ssl.SSLFactory$$ExternalSyntheticBackport3;
import nl.altindag.ssl.util.internal.StringUtils;
import org.slf4j.Marker;

/* loaded from: classes4.dex */
public final class FenixHostnameVerifier implements HostnameVerifier {
    private static final int ALT_DNS_NAME = 2;
    private static final int ALT_IPA_NAME = 7;
    private static final HostnameVerifier INSTANCE = new FenixHostnameVerifier();

    private FenixHostnameVerifier() {
    }

    private String asciiToLowercase(String str) {
        return isAscii(str) ? str.toLowerCase(Locale.US) : str;
    }

    public static HostnameVerifier getInstance() {
        return INSTANCE;
    }

    private Optional<X509Certificate> getPeerCertificate(SSLSession sSLSession) {
        Optional<X509Certificate> empty;
        Stream stream;
        Stream filter;
        Stream filter2;
        Stream map;
        Optional<X509Certificate> findFirst;
        try {
            stream = Arrays.stream(sSLSession.getPeerCertificates());
            filter = stream.filter(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda12
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return SSLFactory$$ExternalSyntheticBackport3.m$1((Certificate) obj);
                }
            });
            filter2 = filter.filter(new FenixHostnameVerifier$$ExternalSyntheticLambda13(X509Certificate.class));
            map = filter2.map(new FenixHostnameVerifier$$ExternalSyntheticLambda14(X509Certificate.class));
            findFirst = map.findFirst();
            return findFirst;
        } catch (SSLPeerUnverifiedException unused) {
            empty = Optional.empty();
            return empty;
        }
    }

    private List<String> getSubjectAltNames(X509Certificate x509Certificate, final int i) {
        Optional ofNullable;
        Object orElseGet;
        Stream stream;
        Stream filter;
        Stream filter2;
        Stream filter3;
        Stream map;
        Stream filter4;
        Stream map2;
        Collector list;
        Object collect;
        try {
            ofNullable = Optional.ofNullable(x509Certificate.getSubjectAlternativeNames());
            orElseGet = ofNullable.orElseGet(new Supplier() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda7
                @Override // java.util.function.Supplier
                public final Object get() {
                    return Collections.emptyList();
                }
            });
            stream = ((Collection) orElseGet).stream();
            filter = stream.filter(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda8
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return SSLFactory$$ExternalSyntheticBackport3.m$1((List) obj);
                }
            });
            filter2 = filter.filter(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda9
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return FenixHostnameVerifier.lambda$getSubjectAltNames$1((List) obj);
                }
            });
            filter3 = filter2.filter(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda10
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return FenixHostnameVerifier.lambda$getSubjectAltNames$2(i, (List) obj);
                }
            });
            map = filter3.map(new Function() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda4
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    Object obj2;
                    obj2 = ((List) obj).get(1);
                    return obj2;
                }
            });
            final Class<String> cls = String.class;
            filter4 = map.filter(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda5
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return cls.isInstance(obj);
                }
            });
            final Class<String> cls2 = String.class;
            map2 = filter4.map(new Function() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda6
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return (String) cls2.cast(obj);
                }
            });
            list = Collectors.toList();
            collect = map2.collect(list);
            return (List) collect;
        } catch (CertificateParsingException unused) {
            return Collections.emptyList();
        }
    }

    private boolean isAscii(String str) {
        return StandardCharsets.US_ASCII.newEncoder().canEncode(str);
    }

    private boolean isHostnameInValid(String str) {
        return StringUtils.isBlank(str) || str.startsWith(".") || str.endsWith("..");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$getSubjectAltNames$1(List list) {
        return list.size() == 2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$getSubjectAltNames$2(int i, List list) {
        return (list.get(0) instanceof Integer) && ((Integer) list.get(0)).intValue() == i;
    }

    private boolean verify(String str, X509Certificate x509Certificate) {
        return HostnameCommon.canParseAsIpAddress(str) ? verifyIpAddress(str, x509Certificate) : verifyHostname(str, x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: verifyHostname, reason: merged with bridge method [inline-methods] */
    public boolean m2239xa44e1151(String str, String str2) {
        if (isHostnameInValid(str) || isHostnameInValid(str2)) {
            return false;
        }
        String absolute = toAbsolute(str);
        String absolute2 = toAbsolute(str2);
        String asciiToLowercase = asciiToLowercase(absolute);
        String asciiToLowercase2 = asciiToLowercase(absolute2);
        return !asciiToLowercase2.contains(Marker.ANY_MARKER) ? asciiToLowercase.equals(asciiToLowercase2) : verifyWildcardPattern(asciiToLowercase, asciiToLowercase2);
    }

    private boolean verifyHostname(final String str, X509Certificate x509Certificate) {
        Stream stream;
        boolean anyMatch;
        stream = getSubjectAltNames(x509Certificate, 2).stream();
        anyMatch = stream.anyMatch(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda11
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                return FenixHostnameVerifier.this.m2239xa44e1151(str, (String) obj);
            }
        });
        return anyMatch;
    }

    private boolean verifyIpAddress(String str, X509Certificate x509Certificate) {
        Stream stream;
        boolean anyMatch;
        final String canonicalHost = Hostnames.toCanonicalHost(str);
        if (canonicalHost == null) {
            return false;
        }
        stream = getSubjectAltNames(x509Certificate, 7).stream();
        anyMatch = stream.anyMatch(new Predicate() { // from class: nl.altindag.ssl.hostnameverifier.FenixHostnameVerifier$$ExternalSyntheticLambda15
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = canonicalHost.equals(Hostnames.toCanonicalHost((String) obj));
                return equals;
            }
        });
        return anyMatch;
    }

    private boolean verifyWildcardPattern(String str, String str2) {
        if (!str2.startsWith("*.") || str2.indexOf(Marker.ANY_MARKER, 1) != -1 || str.length() < str2.length() || "*.".equals(str2) || !str.endsWith(str2.substring(1))) {
            return false;
        }
        int length = str.length() - str2.length();
        return length <= 0 || str.lastIndexOf(".", length - 1) == -1;
    }

    String toAbsolute(String str) {
        if (str.endsWith(".")) {
            return str;
        }
        return str + ".";
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        boolean isPresent;
        Object obj;
        if (!isAscii(str)) {
            return false;
        }
        Optional<X509Certificate> peerCertificate = getPeerCertificate(sSLSession);
        isPresent = peerCertificate.isPresent();
        if (!isPresent) {
            return false;
        }
        obj = peerCertificate.get();
        return verify(str, (X509Certificate) obj);
    }
}
