package com.archos.athome.lib.connect.ahs;

import android.util.Log;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.spongycastle.asn1.x500.RDN;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x500.style.IETFUtils;
import org.spongycastle.cert.jcajce.JcaX509CertificateHolder;

/* loaded from: classes.dex */
public class HostNameVerifier implements HostnameVerifier {
    private static final String CA_ORGANIZATIONAL_UNIT_NAME = "ArchosAtHome";
    private static final String CA_SERVER_ROLE = "server";
    private static final String TAG = "HostNameVerifier";
    private static final String CA_DOMAIN_COMPONENT_TLD = "com";
    private static final String CA_ARCHOS_DOMAIN_NAME = "archos";
    private static String[] dc = {CA_DOMAIN_COMPONENT_TLD, CA_ARCHOS_DOMAIN_NAME};

    private void dumpHttpsCert(Certificate[] certificateArr) {
        for (Certificate certificate : certificateArr) {
            Log.d(TAG, "Cert Type : " + certificate.getType());
            Log.d(TAG, "Cert Hash Code : " + certificate.hashCode());
            Log.d(TAG, "Cert Public Key Algorithm : " + certificate.getPublicKey().getAlgorithm());
            Log.d(TAG, "Cert Public Key Format : " + certificate.getPublicKey().getFormat());
            Log.d(TAG, "dump: " + certificate.toString());
        }
    }

    private boolean validate(X509Certificate x509Certificate) {
        RDN[] rDNs;
        try {
            X500Name subject = new JcaX509CertificateHolder(x509Certificate).getSubject();
            if (subject == null) {
                return false;
            }
            int i = 0;
            for (RDN rdn : subject.getRDNs(BCStyle.DC)) {
                if (!dc[i].equals(IETFUtils.valueToString(rdn.getFirst().getValue()))) {
                    return false;
                }
                i++;
            }
            return i == 2 && (rDNs = subject.getRDNs(BCStyle.OU)) != null && CA_ORGANIZATIONAL_UNIT_NAME.equals(IETFUtils.valueToString(rDNs[0].getFirst().getValue()));
        } catch (CertificateEncodingException e) {
            return false;
        }
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        Log.d(TAG, "Approving certificate for " + str);
        try {
            return validate((X509Certificate) sSLSession.getPeerCertificates()[0]);
        } catch (SSLPeerUnverifiedException e) {
            Log.e(TAG, "ssl exception", e);
            return false;
        }
    }
}
