package com.enterprisedt.net.ftp.ssl;

import a0.y;
import androidx.activity.result.d;
import com.enterprisedt.util.debug.Logger;
import java.util.Date;
import java.util.Vector;

/* loaded from: classes.dex */
public class SSLFTPStandardValidator implements SSLFTPValidator {
    public boolean hostNameCheckingEnabled;
    public SSLFTPCertificateStore rootCertificateStore;
    public String[] serverCommonNames;

    /* renamed from: a, reason: collision with root package name */
    private static Logger f13139a = Logger.getLogger("SSLFTPStandardValidator");

    /* renamed from: b, reason: collision with root package name */
    private static String f13140b = "*.";
    public static int MAX_CERTIFICATE_CHAIN_LENGTH = 4;

    public SSLFTPStandardValidator() {
        this.hostNameCheckingEnabled = true;
        this.serverCommonNames = null;
    }

    public SSLFTPStandardValidator(String str) {
        this.hostNameCheckingEnabled = true;
        this.serverCommonNames = r0;
        String[] strArr = {str};
    }

    public SSLFTPStandardValidator(boolean z9) {
        this.serverCommonNames = null;
        this.hostNameCheckingEnabled = z9;
    }

    public SSLFTPStandardValidator(String[] strArr) {
        this.hostNameCheckingEnabled = true;
        this.serverCommonNames = strArr;
    }

    private boolean a(String str, String str2) {
        boolean z9;
        if (!str.startsWith(f13140b)) {
            return str.toLowerCase().equals(str2.toLowerCase());
        }
        String[] split = str.substring(f13140b.length()).split("\\.");
        String[] split2 = str2.split("\\.");
        int length = split.length - 1;
        for (int length2 = split2.length - 1; length >= 0 && length2 >= 0; length2--) {
            if (!split[length].toLowerCase().equals(split2[length2].toLowerCase())) {
                z9 = false;
                break;
            }
            length--;
        }
        z9 = true;
        return z9 && length < 0;
    }

    public void a(SSLFTPCertificateStore sSLFTPCertificateStore) {
        this.rootCertificateStore = sSLFTPCertificateStore;
    }

    public boolean checkChainLength(int i10) {
        return i10 <= MAX_CERTIFICATE_CHAIN_LENGTH;
    }

    public boolean checkCommonName(String str, String str2) {
        if (!this.hostNameCheckingEnabled) {
            f13139a.debug("Ignoring common name check (disabled)");
            return true;
        }
        if (this.serverCommonNames == null) {
            return a(str, str2);
        }
        int i10 = 0;
        while (true) {
            String[] strArr = this.serverCommonNames;
            if (i10 >= strArr.length) {
                y.r("Common names supplied explicitly - CN was not checked against '", str2, "'", f13139a);
                return false;
            }
            if (a(str, strArr[i10])) {
                return true;
            }
            i10++;
        }
    }

    public boolean checkDateRange(Date date, Date date2) {
        Date date3 = new Date();
        return (date3.before(date) || date3.after(date2)) ? false : true;
    }

    @Override // com.enterprisedt.net.ftp.ssl.SSLFTPValidator
    public boolean validateServerCertificate(boolean z9, Vector vector, String str) throws SSLFTPException {
        if (!z9) {
            return false;
        }
        if (!checkChainLength(vector.size())) {
            throw new SSLFTPException("The server's certificate chain is too long");
        }
        SSLFTPCertificate sSLFTPCertificate = (SSLFTPCertificate) vector.lastElement();
        String commonName = sSLFTPCertificate.getSubjectName().getCommonName();
        if (!checkCommonName(commonName, str)) {
            throw new SSLFTPException(d.j("The CN (Common Name), ", commonName, ", on the server's certificate does not match its hostname, ", str, "."));
        }
        if (checkDateRange(sSLFTPCertificate.getValidityNotBefore(), sSLFTPCertificate.getValidityNotAfter())) {
            return true;
        }
        StringBuilder m10 = a5.d.m("The server's certificate is not currently valid.  It is valid from ");
        m10.append(sSLFTPCertificate.getValidityNotBefore());
        m10.append(" until ");
        m10.append(sSLFTPCertificate.getValidityNotAfter());
        m10.append(".  This computer indicates the current date/time is ");
        m10.append(new Date().toString());
        m10.append(".");
        throw new SSLFTPException(m10.toString());
    }
}
