package com.tibco.security.ssl;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.DN;
import java.security.Principal;

/* loaded from: input_file:com/tibco/security/ssl/DefaultHostNameVerifier.class */
public class DefaultHostNameVerifier implements HostNameVerifier {
    @Override // com.tibco.security.ssl.HostNameVerifier
    public void verify(Cert[] certArr, Cert cert, String str) throws AXSecurityException {
        if (str != null) {
            if (!certArr[0].getRDNFromSubject(DN.CN).equals(str)) {
                throw new AXSecurityException("server certificate did not match expected hostname " + str);
            }
            if (cert == null) {
                return;
            }
        }
        if (!cert.getSubjectDN().equals(certArr[0].getSubjectDN())) {
            throw new AXSecurityException("Client certificate DN (" + cert.getSubjectDN() + "\" does not match server SSL DN \"" + certArr[0].getSubjectDN() + ")");
        }
        Principal issuerDN = cert.getIssuerDN();
        Principal issuerDN2 = certArr[0].getIssuerDN();
        if (!issuerDN.equals(issuerDN2)) {
            throw new AXSecurityException("SSL client certificate CA DN \"" + issuerDN2 + "\" does not match trading partner SSL CA DN \"" + issuerDN + "\"");
        }
    }
}
