package com.yumc.android.common.http.ssl;

import android.util.Log;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class CertificateUtil {
    private static final int ALTER_NAME_TYPE_DNS = 2;
    private static final String TAG = "CertificateUtil";

    public static Set<String> getAlternativeDNSNames(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return null;
        }
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                HashSet hashSet = new HashSet();
                for (List<?> list : subjectAlternativeNames) {
                    if (list != null && list.size() > 1 && list.get(0).equals(2)) {
                        Object obj = list.get(1);
                        if (obj instanceof String) {
                            hashSet.add((String) obj);
                        }
                    }
                }
                return hashSet;
            }
        } catch (CertificateParsingException e) {
            Log.e(TAG, e.getMessage(), e);
        }
        return null;
    }

    public static String getCommonName(X509Certificate x509Certificate) {
        X500Principal subjectX500Principal;
        String name;
        int indexOf;
        int i;
        char charAt;
        if (x509Certificate == null || (subjectX500Principal = x509Certificate.getSubjectX500Principal()) == null || (name = subjectX500Principal.getName()) == null || name.length() == 0 || (indexOf = name.indexOf("CN")) < 0 || indexOf >= name.length() || (i = indexOf + 3) >= name.length()) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        for (i = indexOf + 3; i < name.length() && (charAt = name.charAt(i)) != ','; i++) {
            sb.append(charAt);
        }
        return sb.toString();
    }

    public static boolean isCertificateDNSMatches(X509Certificate x509Certificate, String str) {
        Set<String> alternativeDNSNames = getAlternativeDNSNames(x509Certificate);
        if (alternativeDNSNames == null || alternativeDNSNames.size() == 0) {
            return false;
        }
        Iterator<String> it = alternativeDNSNames.iterator();
        while (it.hasNext()) {
            if (isDnsMatches(it.next(), str)) {
                return true;
            }
        }
        return false;
    }

    public static boolean isDnsMatches(String str, String str2) {
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0) {
            return false;
        }
        char[] charArray = str.toCharArray();
        char[] charArray2 = str2.toCharArray();
        int i = 0;
        while (i < charArray.length && i < charArray2.length) {
            char c = charArray[(charArray.length - 1) - i];
            if (c != charArray2[(charArray2.length - 1) - i]) {
                return c == '*';
            }
            if (c == '*') {
                return true;
            }
            i++;
        }
        return i == charArray.length;
    }
}
