package com.sun.deploy.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.resources.ResourceManager;
import com.sun.deploy.ui.AppInfo;
import com.sun.deploy.ui.UIFactory;
import com.sun.deploy.util.Trace;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.HashSet;
import java.util.Iterator;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;

/* loaded from: input_file:com/sun/deploy/security/CertificateHostnameVerifier.class */
public final class CertificateHostnameVerifier implements HostnameVerifier {
    private static HashSet hashSet = new HashSet();

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        int indexOf;
        String message = ResourceManager.getMessage("https.dialog.unknown.host");
        try {
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            if (!(peerCertificates[0] instanceof X509Certificate)) {
                throw new SSLPeerUnverifiedException("");
            }
            String name = ((X509Certificate) peerCertificates[0]).getSubjectDN().getName();
            if (name != null && (indexOf = name.toUpperCase().indexOf("CN=")) != -1) {
                int indexOf2 = name.indexOf(",", indexOf);
                message = indexOf2 != -1 ? name.substring(indexOf + 3, indexOf2) : name.substring(indexOf + 3);
            }
            if (str.equalsIgnoreCase(message) || message.equals("*")) {
                return true;
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                Object[] objArr = (Object[]) it.next();
                if (objArr[0].toString().equalsIgnoreCase(str) && objArr[1].toString().equalsIgnoreCase(message)) {
                    return true;
                }
            }
            return showHostnameMismatchDialog(str, message);
        } catch (SSLPeerUnverifiedException e) {
            return false;
        }
    }

    private boolean showHostnameMismatchDialog(String str, String str2) {
        int i;
        String message = ResourceManager.getMessage("https.dialog.caption");
        String message2 = ResourceManager.getMessage("https.dialog.masthead");
        AppInfo appInfo = new AppInfo(0, str, str2, null, null, null, false, false, null, null);
        String message3 = ResourceManager.getMessage("security.dialog.signed.buttonContinue");
        String message4 = ResourceManager.getMessage("security.dialog.signed.buttonCancel");
        String[] strArr = {new MessageFormat(ResourceManager.getMessage("security.dialog.hostname.mismatch.sub")).format(new Object[]{str, str2})};
        if (Trace.isAutomationEnabled()) {
            Trace.msgSecurityPrintln("hostnameverifier.automation.ignoremismatch");
            i = 0;
        } else {
            i = Config.getBooleanProperty(Config.SEC_JSSE_HOST_WARN_KEY) ? UIFactory.showSecurityDialog(appInfo, message, message2, str2, null, false, false, message3, message4, strArr, null, false, null, -1, -1, false) : 0;
        }
        if (i == 0) {
            hashSet.add(new Object[]{str, str2});
        }
        return i == 0;
    }

    public static void reset() {
        hashSet.clear();
    }
}
