package com.tawkon.data.lib.ssl;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class MatchDomainTrustManager implements X509TrustManager {
    private static final String TAG = MatchDomainTrustManager.class.getSimpleName();
    private X509Certificate[] acceptedIssuers;
    private X509TrustManager defaultTrustManager;
    private String domain;

    public MatchDomainTrustManager(String str) throws GeneralSecurityException, AssertionError {
        if (str == null) {
            throw new IllegalArgumentException("domain can not be null");
        }
        this.domain = str;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        X509TrustManager findX509TrustManager = findX509TrustManager(trustManagerFactory);
        this.defaultTrustManager = findX509TrustManager;
        if (findX509TrustManager == null) {
            throw new IllegalStateException("Couldn't find X509TrustManager");
        }
        ArrayList arrayList = new ArrayList();
        for (X509Certificate x509Certificate : this.defaultTrustManager.getAcceptedIssuers()) {
            arrayList.add(x509Certificate);
        }
        this.acceptedIssuers = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }

    private static X509TrustManager findX509TrustManager(TrustManagerFactory trustManagerFactory) {
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                return (X509TrustManager) trustManagers[i];
            }
        }
        return null;
    }

    private static ArrayList<String> getDomains(X509Certificate x509Certificate) {
        ArrayList<String> arrayList = new ArrayList<>();
        arrayList.add(getSubjectCN(x509Certificate));
        arrayList.addAll(getSubjectAlternativeDomains(x509Certificate));
        HashSet hashSet = new HashSet();
        hashSet.addAll(arrayList);
        arrayList.clear();
        arrayList.addAll(hashSet);
        return arrayList;
    }

    private static ArrayList<String> getSubjectAlternativeDomains(X509Certificate x509Certificate) {
        ArrayList<String> arrayList = new ArrayList<>();
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                Iterator<List<?>> it = subjectAlternativeNames.iterator();
                while (it.hasNext()) {
                    arrayList.add((String) it.next().get(1));
                }
            }
        } catch (CertificateParsingException e) {
            e.printStackTrace();
        }
        return arrayList;
    }

    private static String getSubjectCN(X509Certificate x509Certificate) {
        try {
            String str = x509Certificate.getSubjectDN().getName().split(",")[0];
            return str.substring(str.indexOf("=") + 1);
        } catch (StringIndexOutOfBoundsException unused) {
            return "";
        }
    }

    private static boolean verifyDomain(String str, String str2) {
        String[] split = str.split("\\.");
        String[] split2 = str2.split("\\.");
        if (split.length != split2.length) {
            return false;
        }
        for (int i = 0; i < split.length; i++) {
            if (!split[i].equals("*") && !split[i].equals(split2[i])) {
                return false;
            }
        }
        return true;
    }

    private static boolean wildcardTo(ArrayList<String> arrayList, String str) {
        Iterator<String> it = arrayList.iterator();
        while (it.hasNext()) {
            if (verifyDomain(it.next(), str)) {
                return true;
            }
        }
        return false;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z = false;
        for (int i = 0; i < x509CertificateArr.length && !z; i++) {
            z = wildcardTo(getDomains(x509CertificateArr[i]), this.domain);
        }
        if (!z) {
            throw new CertificateException("Client Listener domain or wildcard not present in X509 Chain");
        }
        this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.acceptedIssuers;
    }
}
