package com.novell.zapp.ssl;

import com.novell.zapp.framework.ConfigManager;
import com.novell.zapp.framework.logging.ZENLogger;
import com.novell.zapp.framework.utility.Constants;
import com.novell.zapp.framework.utility.ThreadWaitNotify;
import com.novell.zapp.framework.utility.ZENCertificateParameters;
import com.novell.zapp.plugins.ReversePlugin;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;

/* loaded from: classes17.dex */
public class ZAPPHostNameVerifier implements HostnameVerifier {
    private ConfigManager configManager = ConfigManager.getInstance();
    private static ZAPPHostNameVerifier instance = new ZAPPHostNameVerifier();
    public static ThreadWaitNotify threadWaitNotify = new ThreadWaitNotify();
    private static final String LOGGER_MODULE = ZAPPHostNameVerifier.class.getSimpleName();

    public static ZAPPHostNameVerifier getInstance() {
        return instance;
    }

    private X509Certificate getX509Certificate(Certificate[] certificateArr) {
        if (certificateArr == null || certificateArr.length <= 0) {
            return null;
        }
        Certificate certificate = certificateArr[0];
        if (certificate instanceof X509Certificate) {
            return (X509Certificate) certificate;
        }
        return null;
    }

    private X509Certificate getX509CertificateFromSSLSession(SSLSession sSLSession) {
        try {
            return getX509Certificate(sSLSession.getPeerCertificates());
        } catch (SSLPeerUnverifiedException e) {
            ZENLogger.debug(LOGGER_MODULE, "Exception obtaining peer certificate", e, new Object[0]);
            return null;
        }
    }

    private void promptHostNameMismatchToUser(X509Certificate x509Certificate) {
        ZENCertificateParameters details = new CertificateDetails(x509Certificate).getDetails();
        details.setHostnameMismatch(Constants.HOSTNAME_MISMATCH_MESSAGE);
        ReversePlugin.sendHostNameMismatchResult(details);
        threadWaitNotify.doWait();
        ZENLogger.debug(LOGGER_MODULE, "User has accepted the hostname mismatch in certificate", new Object[0]);
    }

    private void saveHostNameMatchedInSystemConfiguration(boolean z) {
        this.configManager.setBoolean(Constants.HOSTNAME_MATCHES_KEY, z);
    }

    private boolean verifyHostname(String str, X509Certificate x509Certificate) {
        if (this.configManager.retrieveBoolean(Constants.HOSTNAME_MATCHES_KEY, false)) {
            return true;
        }
        boolean matches = new HostNameValidator().matches(str, x509Certificate);
        saveHostNameMatchedInSystemConfiguration(matches);
        ZENLogger.debug(LOGGER_MODULE, String.format("HostName validator returned %s", Boolean.valueOf(matches)), new Object[0]);
        return matches;
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        X509Certificate x509CertificateFromSSLSession = getX509CertificateFromSSLSession(sSLSession);
        boolean verifyHostname = verifyHostname(str, x509CertificateFromSSLSession);
        if (verifyHostname) {
            return verifyHostname;
        }
        promptHostNameMismatchToUser(x509CertificateFromSSLSession);
        saveHostNameMatchedInSystemConfiguration(true);
        return true;
    }
}
