package weblogic.security.utils;

import javax.net.ssl.SSLSocket;
import javax.net.ssl.impl.SSLSocketImpl;
import javax.security.cert.X509Certificate;
import weblogic.logging.Loggable;
import weblogic.security.SSL.HostnameVerification;
import weblogic.security.SSL.HostnameVerifier;
import weblogic.security.SSL.HostnameVerifierJSSE;
import weblogic.security.SecurityLogger;
import weblogic.security.X509;

/* loaded from: input_file:weblogic.jar:weblogic/security/utils/SSLWLSHostnameVerifier.class */
public class SSLWLSHostnameVerifier implements SSLHostnameVerifier {
    private static SSLWLSHostnameVerifier defaultVerifier = null;
    private HostnameVerifier verifier = null;
    private HostnameVerifierJSSE verifierJSSE = null;
    private String expectedName = null;

    public static SSLWLSHostnameVerifier getInstance() {
        if (defaultVerifier == null) {
            defaultVerifier = new SSLWLSHostnameVerifier();
        }
        return defaultVerifier;
    }

    public SSLWLSHostnameVerifier() {
        HostnameVerification.setup();
    }

    @Override // weblogic.security.utils.SSLHostnameVerifier
    public boolean hostnameValidationCallback(X509Certificate x509Certificate, SSLSocket sSLSocket, String str) {
        boolean z;
        try {
            boolean z2 = 3 <= SSLSetup.getDebugLevel();
            if (z2) {
                SSLSetup.debug(3, new StringBuffer().append("Performing hostname validation checks: ").append(str).toString());
            }
            X509 x509 = null;
            String str2 = null;
            if (x509Certificate != null) {
                x509 = SSLCertUtility.toX509(x509Certificate);
                str2 = x509.getSubject().getCommonName();
            }
            if (this.verifier != null) {
                z = this.verifier.verify(sSLSocket.getInetAddress(), x509) && this.verifier.verify(str, str2);
            } else if (this.verifierJSSE != null) {
                z = this.verifierJSSE.verify(str, str2);
            } else {
                z = HostnameVerification.verify(sSLSocket.getInetAddress(), x509) && HostnameVerification.verify(str, str2);
            }
            if (!z) {
                if (SSLSetup.logSSLRejections()) {
                    SSLSocketImpl sSLSocketImpl = (SSLSocketImpl) sSLSocket;
                    Loggable logHostnameVerificationErrorLoggable = SecurityLogger.logHostnameVerificationErrorLoggable(SSLSetup.getPeerName(sSLSocketImpl), str2, str);
                    logHostnameVerificationErrorLoggable.log();
                    sSLSocketImpl.setFailureDetails(logHostnameVerificationErrorLoggable.getMessage());
                }
                if (!z2) {
                    return false;
                }
                SSLSetup.debug(3, new StringBuffer().append("Hostname Verification failed for certificate with CommonName '").append(str2).append("' against hostname: ").append(str).toString());
                return false;
            }
            if (this.expectedName == null) {
                return true;
            }
            if (x509 == null) {
                if (SSLSetup.logSSLRejections()) {
                    SSLSocketImpl sSLSocketImpl2 = (SSLSocketImpl) sSLSocket;
                    Loggable logHostnameVerificationNoCertificateErrorLoggable = SecurityLogger.logHostnameVerificationNoCertificateErrorLoggable(SSLSetup.getPeerName(sSLSocketImpl2));
                    logHostnameVerificationNoCertificateErrorLoggable.log();
                    sSLSocketImpl2.setFailureDetails(logHostnameVerificationNoCertificateErrorLoggable.getMessage());
                }
                if (!z2) {
                    return false;
                }
                SSLSetup.debug(3, new StringBuffer().append("No identity certificate, cannot verify expected name: ").append(this.expectedName).toString());
                return false;
            }
            if (this.expectedName.equals(str2)) {
                return true;
            }
            if (SSLSetup.logSSLRejections()) {
                SSLSocketImpl sSLSocketImpl3 = (SSLSocketImpl) sSLSocket;
                Loggable logHostnameVerificationErrorLoggable2 = SecurityLogger.logHostnameVerificationErrorLoggable(SSLSetup.getPeerName(sSLSocketImpl3), str2, this.expectedName);
                logHostnameVerificationErrorLoggable2.log();
                sSLSocketImpl3.setFailureDetails(logHostnameVerificationErrorLoggable2.getMessage());
            }
            if (!z2) {
                return false;
            }
            SSLSetup.debug(3, new StringBuffer().append("Hostname Verification failed since certificate CommonName '").append(str2).append("' does not match expected name: ").append(this.expectedName).toString());
            return false;
        } catch (Exception e) {
            if (SSLSetup.logSSLRejections()) {
                SSLSocketImpl sSLSocketImpl4 = (SSLSocketImpl) sSLSocket;
                Loggable logHostnameVerificationExceptionErrorLoggable = SecurityLogger.logHostnameVerificationExceptionErrorLoggable(SSLSetup.getPeerName(sSLSocketImpl4));
                logHostnameVerificationExceptionErrorLoggable.log();
                sSLSocketImpl4.setFailureDetails(logHostnameVerificationExceptionErrorLoggable.getMessage());
            }
            SSLSetup.debug(1, e, "Hostname Verification error");
            return false;
        }
    }

    public void setExpectedName(String str) {
        this.expectedName = str;
    }

    public void setProgrammaticVerifier(HostnameVerifier hostnameVerifier) {
        this.verifier = hostnameVerifier;
    }

    public void setProgrammaticVerifierJSSE(HostnameVerifierJSSE hostnameVerifierJSSE) {
        this.verifierJSSE = hostnameVerifierJSSE;
    }
}
