package tigase.halcyon.core.connector.socket;

import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.ListIterator;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import tigase.halcyon.core.logger.Logger;
import tigase.halcyon.core.logger.LoggerFactory;

/* compiled from: DefaultHostnameVerifier.kt */
@Metadata(mv = {1, 8, 0}, k = 1, xi = 48, d1 = {"��4\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\u0018��2\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\u0012\u0010\u0005\u001a\u0004\u0018\u00010\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0004J\u001a\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\u00062\b\u0010\f\u001a\u0004\u0018\u00010\u0006H\u0004J\u0018\u0010\r\u001a\u00020\n2\u0006\u0010\u000e\u001a\u00020\u00062\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\u0018\u0010\u0011\u001a\u00020\n2\u0006\u0010\u0012\u001a\u00020\u00062\u0006\u0010\u000f\u001a\u00020\u0013H\u0016R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0014"}, d2 = {"Ltigase/halcyon/core/connector/socket/DefaultHostnameVerifier;", "Ltigase/halcyon/core/connector/socket/XMPPHostnameVerifier;", "()V", "log", "Ltigase/halcyon/core/logger/Logger;", "extractCN", "", "principal", "Ljavax/security/auth/x500/X500Principal;", "match", "", "hostname", "altName", "validateCertificate", "domain", "certificate", "Ljava/security/cert/X509Certificate;", "verify", "domainName", "Ljava/security/cert/Certificate;", "halcyon-core"})
@SourceDebugExtension({"SMAP\nDefaultHostnameVerifier.kt\nKotlin\n*S Kotlin\n*F\n+ 1 DefaultHostnameVerifier.kt\ntigase/halcyon/core/connector/socket/DefaultHostnameVerifier\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n+ 3 ArraysJVM.kt\nkotlin/collections/ArraysKt__ArraysJVMKt\n*L\n1#1,85:1\n1855#2,2:86\n731#2,9:88\n37#3,2:97\n*S KotlinDebug\n*F\n+ 1 DefaultHostnameVerifier.kt\ntigase/halcyon/core/connector/socket/DefaultHostnameVerifier\n*L\n53#1:86,2\n77#1:88,9\n77#1:97,2\n*E\n"})
/* loaded from: input_file:tigase/halcyon/core/connector/socket/DefaultHostnameVerifier.class */
public final class DefaultHostnameVerifier implements XMPPHostnameVerifier {

    @NotNull
    private final Logger log = LoggerFactory.logger$default(LoggerFactory.INSTANCE, "tigase.halcyon.core.connector.socket.DefaultHostnameVerifier", false, 2, null);

    @Override // tigase.halcyon.core.connector.socket.XMPPHostnameVerifier
    public boolean verify(@NotNull String str, @NotNull Certificate certificate) {
        Intrinsics.checkNotNullParameter(str, "domainName");
        Intrinsics.checkNotNullParameter(certificate, "certificate");
        if (certificate instanceof X509Certificate) {
            return validateCertificate(str, (X509Certificate) certificate);
        }
        Logger.DefaultImpls.warning$default(this.log, null, new Function0<Object>() { // from class: tigase.halcyon.core.connector.socket.DefaultHostnameVerifier$verify$1
            @Nullable
            public final Object invoke() {
                return "Unsupported certificate type.";
            }
        }, 1, null);
        return false;
    }

    protected final boolean match(@NotNull String str, @Nullable String str2) {
        int length;
        int length2;
        Intrinsics.checkNotNullParameter(str, "hostname");
        if (str.length() == 0) {
            return false;
        }
        String str3 = str2;
        if (str3 == null || str3.length() == 0) {
            return false;
        }
        String lowerCase = str2.toLowerCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(lowerCase, "this as java.lang.String).toLowerCase(Locale.ROOT)");
        if (!StringsKt.contains$default(lowerCase, "*", false, 2, (Object) null)) {
            return Intrinsics.areEqual(str, lowerCase);
        }
        if (StringsKt.startsWith$default(lowerCase, "*.", false, 2, (Object) null) && StringsKt.regionMatches$default(str, 0, lowerCase, 2, lowerCase.length() - 2, false, 16, (Object) null)) {
            return true;
        }
        int indexOf$default = StringsKt.indexOf$default(lowerCase, '*', 0, false, 6, (Object) null);
        if (indexOf$default <= StringsKt.indexOf$default(lowerCase, '.', 0, false, 6, (Object) null) && StringsKt.regionMatches$default(str, 0, lowerCase, 0, indexOf$default, false, 16, (Object) null) && StringsKt.indexOf$default(str, '.', indexOf$default, false, 4, (Object) null) >= (length2 = str.length() - (length = lowerCase.length() - (indexOf$default + 1)))) {
            return StringsKt.regionMatches$default(str, length2, lowerCase, indexOf$default + 1, length, false, 16, (Object) null);
        }
        return false;
    }

    private final boolean validateCertificate(String str, X509Certificate x509Certificate) {
        List<List> filterNotNull;
        boolean z = false;
        Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        if (subjectAlternativeNames != null && (filterNotNull = CollectionsKt.filterNotNull(subjectAlternativeNames)) != null) {
            for (List list : filterNotNull) {
                Object obj = list.get(0);
                Intrinsics.checkNotNull(obj, "null cannot be cast to non-null type kotlin.Int");
                if (((Integer) obj).intValue() == 2) {
                    z = true;
                    Object obj2 = list.get(1);
                    Intrinsics.checkNotNull(obj2, "null cannot be cast to non-null type kotlin.String");
                    if (match(str, (String) obj2)) {
                        return true;
                    }
                }
            }
        }
        if (z) {
            return false;
        }
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        Intrinsics.checkNotNullExpressionValue(subjectX500Principal, "certificate.getSubjectX500Principal()");
        String extractCN = extractCN(subjectX500Principal);
        if (extractCN != null) {
            return match(str, extractCN);
        }
        return false;
    }

    @Nullable
    protected final String extractCN(@NotNull X500Principal x500Principal) {
        List emptyList;
        Intrinsics.checkNotNullParameter(x500Principal, "principal");
        String name = x500Principal.getName("RFC2253");
        Intrinsics.checkNotNullExpressionValue(name, "principal.getName(X500Principal.RFC2253)");
        List split = new Regex(",").split(name, 0);
        if (!split.isEmpty()) {
            ListIterator listIterator = split.listIterator(split.size());
            while (listIterator.hasPrevious()) {
                if (!(((String) listIterator.previous()).length() == 0)) {
                    emptyList = CollectionsKt.take(split, listIterator.nextIndex() + 1);
                    break;
                }
            }
        }
        emptyList = CollectionsKt.emptyList();
        for (String str : (String[]) emptyList.toArray(new String[0])) {
            Locale locale = Locale.getDefault();
            Intrinsics.checkNotNullExpressionValue(locale, "getDefault()");
            String lowerCase = str.toLowerCase(locale);
            Intrinsics.checkNotNullExpressionValue(lowerCase, "this as java.lang.String).toLowerCase(locale)");
            if (StringsKt.startsWith$default(lowerCase, "cn=", false, 2, (Object) null)) {
                String substring = str.substring(3);
                Intrinsics.checkNotNullExpressionValue(substring, "this as java.lang.String).substring(startIndex)");
                return substring;
            }
        }
        return null;
    }
}
