package com.netscape.admin.dirserv.panel;

import com.netscape.admin.dirserv.DSAdmin;
import com.netscape.admin.dirserv.DSAdminEvent;
import com.netscape.admin.dirserv.DSFramework;
import com.netscape.admin.dirserv.DSResourceModel;
import com.netscape.admin.dirserv.DSSchemaHelper;
import com.netscape.admin.dirserv.DSUtil;
import com.netscape.admin.dirserv.IDSAdminEventListener;
import com.netscape.admin.dirserv.IDSModel;
import com.netscape.management.client.console.ConsoleInfo;
import com.netscape.management.client.security.CipherPreferenceDialog;
import com.netscape.management.client.security.EncryptionOptions;
import com.netscape.management.client.util.Debug;
import com.netscape.management.client.util.ResourceSet;
import com.netscape.management.nmclf.SuiConstants;
import java.awt.Component;
import java.awt.Frame;
import java.awt.GridBagConstraints;
import java.awt.GridBagLayout;
import java.awt.GridLayout;
import java.awt.Insets;
import java.awt.event.ActionEvent;
import java.awt.event.ItemEvent;
import java.util.Enumeration;
import javax.swing.Box;
import javax.swing.ButtonGroup;
import javax.swing.JCheckBox;
import javax.swing.JFrame;
import javax.swing.JPanel;
import javax.swing.JRadioButton;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPException;

/* loaded from: input_file:114273-02/IPLTdscon/reloc/usr/iplanet/console5.1/java/jars/ds51.jar:com/netscape/admin/dirserv/panel/EncryptionPanel.class */
public class EncryptionPanel extends BlankPanel implements EncryptionOptions, IDSAdminEventListener, SuiConstants {
    private EncryptionConfigData _configData;
    private boolean _securityIsDomestic;
    private DSEntryBoolean _offDSEntry;
    private DSEntryBoolean _allowDSEntry;
    private DSEntryBoolean _requireDSEntry;
    private DSEntryBoolean _consoleSSLDSEntry;
    private com.netscape.management.client.security.EncryptionPanel _encrypt;
    private JPanel _encryptParent;
    private JRadioButton _rbOff;
    private JRadioButton _rbAllowed;
    private JRadioButton _rbRequired;
    private JCheckBox _cbConsoleSSL;
    private static ResourceSet _resource = DSUtil._resource;
    private static final String _section = "encryption";

    public EncryptionPanel(IDSModel iDSModel) {
        super(iDSModel, _section);
        this._helpToken = "configuration-system-encryption-help";
        this._refreshWhenSelect = false;
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public void init() {
        if (this._isInitialized) {
            return;
        }
        DSResourceModel dSResourceModel = (DSResourceModel) getModel();
        ConsoleInfo serverInfo = dSResourceModel.getServerInfo();
        ConsoleInfo consoleInfo = dSResourceModel.getConsoleInfo();
        if (dSResourceModel.getSelectedPage() != null) {
            ((DSFramework) dSResourceModel.getSelectedPage().getFramework()).getServerObject().addDSAdminEventListener(this);
        } else {
            Debug.println(0, "EncryptionPanel.init: can't listen to DSAdminEvent");
        }
        try {
            LDAPConnection lDAPConnection = serverInfo.getLDAPConnection();
            LDAPConnection lDAPConnection2 = consoleInfo.getLDAPConnection();
            String currentDN = consoleInfo.getCurrentDN();
            this._configData = new EncryptionConfigData();
            this._configData.readFromDirectory(lDAPConnection, lDAPConnection2, currentDN);
        } catch (LDAPException e) {
            Debug.println(0, "EncryptionPanel.init: failure while reading config data");
            if (Debug.getTrace()) {
                e.printStackTrace();
            }
        }
        this._encrypt = new com.netscape.management.client.security.EncryptionPanel(consoleInfo, (String) serverInfo.get("SIE"), (EncryptionOptions) this);
        this._encryptParent = new JPanel();
        this._rbOff = makeJRadioButton(_section, "clientAuth-off", true);
        this._rbAllowed = makeJRadioButton(_section, "clientAuth-allowed");
        this._rbRequired = makeJRadioButton(_section, "clientAuth-required");
        this._cbConsoleSSL = makeJCheckBox(_section, "consoleSSL");
        layoutComponents();
        this._offDSEntry = new DSEntryBoolean("off", this._rbOff);
        setComponentTable(this._rbOff, this._offDSEntry);
        this._allowDSEntry = new DSEntryBoolean("off", this._rbAllowed);
        setComponentTable(this._rbAllowed, this._allowDSEntry);
        this._requireDSEntry = new DSEntryBoolean("off", this._rbRequired);
        setComponentTable(this._rbRequired, this._requireDSEntry);
        this._consoleSSLDSEntry = new DSEntryBoolean("off", this._cbConsoleSSL);
        setComponentTable(this._cbConsoleSSL, this._consoleSSLDSEntry);
        switch (this._configData.clientAuth) {
            case 0:
            default:
                this._offDSEntry.fakeInitModel("on");
                this._allowDSEntry.fakeInitModel("off");
                this._requireDSEntry.fakeInitModel("off");
                break;
            case 1:
                this._offDSEntry.fakeInitModel("off");
                this._allowDSEntry.fakeInitModel("on");
                this._requireDSEntry.fakeInitModel("off");
                break;
            case 2:
                this._offDSEntry.fakeInitModel("off");
                this._allowDSEntry.fakeInitModel("off");
                this._requireDSEntry.fakeInitModel("on");
                break;
        }
        this._consoleSSLDSEntry.fakeInitModel(this._configData.sslConsoleOn ? "on" : "off");
        showAll();
        updateComponentState();
        this._isInitialized = true;
    }

    void layoutComponents() {
        this._myPanel.setLayout(new GridBagLayout());
        this._encryptParent.setLayout(new GridLayout());
        this._encryptParent.add("Center", this._encrypt);
        GridBagConstraints gridBagConstraints = new GridBagConstraints();
        gridBagConstraints.gridx = 0;
        gridBagConstraints.gridy = 0;
        gridBagConstraints.gridwidth = 1;
        gridBagConstraints.gridheight = 1;
        gridBagConstraints.weightx = 1.0d;
        gridBagConstraints.weighty = 0.0d;
        gridBagConstraints.fill = 2;
        gridBagConstraints.anchor = 18;
        gridBagConstraints.insets = new Insets(6, 6, 0, 6);
        gridBagConstraints.ipadx = 0;
        gridBagConstraints.ipady = 0;
        gridBagConstraints.insets.left += 2;
        gridBagConstraints.insets.right += 2;
        this._myPanel.add(this._encryptParent, gridBagConstraints);
        GroupPanel groupPanel = new GroupPanel(_resource.getString(_section, "clientAuth-title"), true);
        int componentSpace = UIFactory.getComponentSpace();
        groupPanel.setLayout(new GridLayout(4, 1, componentSpace, componentSpace / 2));
        groupPanel.add(this._rbOff);
        groupPanel.add(this._rbAllowed);
        groupPanel.add(this._rbRequired);
        groupPanel.add(this._cbConsoleSSL);
        gridBagConstraints.gridy++;
        gridBagConstraints.insets.left -= 2;
        gridBagConstraints.insets.right -= 2;
        this._myPanel.add(groupPanel, gridBagConstraints);
        Component createVerticalGlue = Box.createVerticalGlue();
        gridBagConstraints.gridy++;
        gridBagConstraints.weighty = 1.0d;
        this._myPanel.add(createVerticalGlue, gridBagConstraints);
        ButtonGroup buttonGroup = new ButtonGroup();
        buttonGroup.add(this._rbOff);
        buttonGroup.add(this._rbAllowed);
        buttonGroup.add(this._rbRequired);
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public void okCallback() {
        DSFramework dSFramework = (DSFramework) getModel().getSelectedPage().getFramework();
        JFrame jFrame = dSFramework.getJFrame();
        if (validateEntries()) {
            super.okCallback();
            try {
                ConsoleInfo serverInfo = getModel().getServerInfo();
                ConsoleInfo consoleInfo = getModel().getConsoleInfo();
                if (this._rbOff.isSelected()) {
                    this._configData.clientAuth = 0;
                } else if (this._rbAllowed.isSelected()) {
                    this._configData.clientAuth = 1;
                } else if (this._rbRequired.isSelected()) {
                    this._configData.clientAuth = 2;
                }
                this._configData.sslConsoleOn = this._cbConsoleSSL.isSelected();
                LDAPConnection lDAPConnection = serverInfo.getLDAPConnection();
                this._configData.writeToDirectory(lDAPConnection, consoleInfo.getLDAPConnection(), consoleInfo.getCurrentDN());
                if (this._configData.sslServerOn) {
                    dSFramework.getServerObject().setSecurityState(DSAdmin.SECURITY_ENABLE);
                } else {
                    dSFramework.getServerObject().setSecurityState(DSAdmin.SECURITY_DISABLE);
                }
                this._encrypt.setSaved();
                setDirty(false);
                resetAll();
                DSUtil.showInformationDialog((Component) jFrame, "requires-restart", (String) null);
                if (this._configData.sslServerOn && !DSUtil.isNT(consoleInfo)) {
                    PortConfigData portConfigData = new PortConfigData();
                    try {
                        portConfigData.readFromDirectory(lDAPConnection);
                        if (portConfigData.port >= 1024 && portConfigData.securePort < 1024) {
                            DSUtil.showInformationDialog((Component) jFrame, "confirm-sslport", Integer.toString(portConfigData.securePort), _section);
                        }
                    } catch (LDAPException e) {
                        Debug.println(0, new StringBuffer().append("EncryptionPanel.okCallback: caught ").append(e).toString());
                        Debug.println(0, "EncryptionPanel.okCallback: skipping the SSL port checking");
                    }
                }
            } catch (LDAPException e2) {
                Debug.println(new StringBuffer().append("LDAPEncryptionPanel.okCallback: exception ").append(e2).toString());
                if (Debug.getTrace()) {
                    e2.printStackTrace();
                }
                DSUtil.showLDAPErrorDialog(jFrame, e2, "111-title");
            }
        }
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public void resetCallback() {
        ConsoleInfo serverInfo = getModel().getServerInfo();
        ConsoleInfo consoleInfo = getModel().getConsoleInfo();
        try {
            this._configData.readFromDirectory(serverInfo.getLDAPConnection(), consoleInfo.getLDAPConnection(), consoleInfo.getCurrentDN());
        } catch (LDAPException e) {
            Debug.println(0, "EncryptionPanel.resetCallback: failure while reading config data");
            if (Debug.getTrace()) {
                e.printStackTrace();
            }
        }
        this._encrypt.reset();
        super.resetCallback();
        updateComponentState();
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public boolean refresh() {
        ConsoleInfo serverInfo = getModel().getServerInfo();
        ConsoleInfo consoleInfo = getModel().getConsoleInfo();
        try {
            this._configData.readFromDirectory(serverInfo.getLDAPConnection(), consoleInfo.getLDAPConnection(), consoleInfo.getCurrentDN());
        } catch (LDAPException e) {
            Debug.println(0, "EncryptionPanel.resetCallback: failure while reading config data");
            if (Debug.getTrace()) {
                e.printStackTrace();
            }
        }
        this._encryptParent.remove(this._encrypt);
        this._encrypt = new com.netscape.management.client.security.EncryptionPanel(consoleInfo, (String) serverInfo.get("SIE"), (EncryptionOptions) this);
        this._encryptParent.add("Center", this._encrypt);
        this._encryptParent.revalidate();
        return super.refresh();
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public void actionPerformed(ActionEvent actionEvent) {
        super.actionPerformed(actionEvent);
        setDirty(true);
    }

    @Override // com.netscape.admin.dirserv.panel.BlankPanel
    public void itemStateChanged(ItemEvent itemEvent) {
        super.itemStateChanged(itemEvent);
        if (itemEvent.getSource() == this._rbRequired) {
            boolean isSelected = this._rbRequired.isSelected();
            this._cbConsoleSSL.setEnabled(!isSelected);
            if (isSelected && this._cbConsoleSSL.isSelected()) {
                this._cbConsoleSSL.setSelected(false);
                DSUtil.showInformationDialog((Component) getModel().getFrame(), "confirm-clientauth", "", _section);
            }
        }
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void showCipherPreferenceDialog(String str) {
        JFrame frame = getModel().getFrame();
        Debug.println(4, new StringBuffer().append("EncryptionPanel.showCipherPreferenceDialog: cipher = ").append(str).toString());
        CipherPreferenceDialog cipherPreferenceDialog = new CipherPreferenceDialog((Frame) frame, (String) null, "-rsa_null_md5,-rsa_rc4_128_md5,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_des_sha,-rsa_fips_des_sha,-rsa_3des_sha,-rsa_fips_3des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null", "-tls_rsa_export1024_with_rc4_56_sha,-tls_rsa_export1024_with_des_cbc_sha");
        cipherPreferenceDialog.setCipherEnabled(CipherPreferenceDialog.SSL_V3, this._configData.cipherPrefs);
        cipherPreferenceDialog.setCipherEnabled(CipherPreferenceDialog.SSL_TLS, this._configData.cipherPrefs);
        cipherPreferenceDialog.showModal();
        if (cipherPreferenceDialog.isCancel()) {
            return;
        }
        this._configData.cipherPrefs = new StringBuffer().append(cipherPreferenceDialog.getCipherPreference(CipherPreferenceDialog.SSL_V3)).append(DSSchemaHelper.ALIAS_DELIMITER).append(cipherPreferenceDialog.getCipherPreference(CipherPreferenceDialog.SSL_TLS)).toString();
        setDirty(true);
        Debug.println(new StringBuffer().append("EncryptionPanel.showCipherPreferenceDialog: preferences = ").append(this._configData.cipherPrefs).toString());
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public boolean isSecurityEnabled() {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.isSecurityEnabled: _configData.sslServerOn = ").append(this._configData.sslServerOn).toString());
        return this._configData.sslServerOn;
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void securityEnabledChanged(boolean z) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.securityEnabledChanged: enable = ").append(z).toString());
        this._configData.sslServerOn = z;
        updateComponentState();
        setDirty(true);
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public boolean isCipherFamilyEnabled(String str) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.isCipherFamilyEnabled: cipher = ").append(str).toString());
        CipherSetup cipherSetup = (CipherSetup) this._configData.cipherSetupTable.get(str);
        return cipherSetup != null && cipherSetup.enabled;
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void cipherFamilyEnabledChanged(String str, boolean z) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.cipherFamilyEnabledChanged: cipher = ").append(str).append(", enabled = ").append(z).toString());
        findOrCreateCipherSetup(str).enabled = z;
        setDirty(true);
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public String getSelectedCertificate(String str) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.getSelectedCertificate: cipher = ").append(str).toString());
        CipherSetup cipherSetup = (CipherSetup) this._configData.cipherSetupTable.get(str);
        if (cipherSetup == null) {
            return null;
        }
        return cipherSetup.selectedCertificate;
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void selectedCertificateChanged(String str, String str2) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.selectedCertificateChanged: cipher = ").append(str).append(", cert = ").append(str2).toString());
        findOrCreateCipherSetup(str).selectedCertificate = str2;
        setDirty(true);
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public String getSelectedDevice(String str) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.getSelectedDevice: cipher = ").append(str).toString());
        CipherSetup cipherSetup = (CipherSetup) this._configData.cipherSetupTable.get(str);
        if (cipherSetup == null) {
            return null;
        }
        return cipherSetup.selectedDevice;
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void selectedDeviceChanged(String str, String str2) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.selectedDeviceChanged: cipher = ").append(str).append(", dev = ").append(str2).toString());
        findOrCreateCipherSetup(str).selectedDevice = str2;
        setDirty(true);
    }

    @Override // com.netscape.management.client.security.IEncryptionOptions
    public void setSecurityIsDomestic(boolean z) {
        Debug.println(4, new StringBuffer().append("EncryptionPanel.setSecurityIsDomestic: yes = ").append(z).toString());
        this._securityIsDomestic = z;
    }

    @Override // com.netscape.admin.dirserv.IDSAdminEventListener
    public void processDSAdminEvent(DSAdminEvent dSAdminEvent) {
        refresh();
    }

    private void setDirty(boolean z) {
        if (!z) {
            clearDirtyFlag();
        } else {
            setDirtyFlag();
            setValidFlag();
        }
    }

    private boolean validateEntries() {
        String str = null;
        if (this._rbOff.isSelected()) {
            this._configData.clientAuth = 0;
        } else if (this._rbAllowed.isSelected()) {
            this._configData.clientAuth = 1;
        } else if (this._rbRequired.isSelected()) {
            this._configData.clientAuth = 2;
        }
        if (this._configData.sslServerOn) {
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            Enumeration keys = this._configData.cipherSetupTable.keys();
            while (keys.hasMoreElements()) {
                CipherSetup cipherSetup = (CipherSetup) this._configData.cipherSetupTable.get(keys.nextElement());
                if (cipherSetup.enabled) {
                    i++;
                    if (cipherSetup.selectedDevice.length() == 0) {
                        i2++;
                    }
                    if (cipherSetup.selectedCertificate.length() == 0) {
                        i3++;
                    }
                }
            }
            if (i == 0) {
                str = "nosslpreferences";
            } else if (i2 >= 1) {
                str = "nosslfamily";
            } else if (i3 >= 1) {
                str = "nocertificate";
            }
        }
        if (str != null) {
            DSUtil.showErrorDialog((Component) getModel().getFrame(), str, "", _section);
        }
        return str == null;
    }

    private void updateComponentState() {
        this._rbOff.setEnabled(this._configData.sslServerOn);
        this._rbAllowed.setEnabled(this._configData.sslServerOn);
        this._rbRequired.setEnabled(this._configData.sslServerOn);
        this._cbConsoleSSL.setEnabled(this._configData.sslServerOn && !this._rbRequired.isSelected());
    }

    private CipherSetup findOrCreateCipherSetup(String str) {
        CipherSetup cipherSetup = (CipherSetup) this._configData.cipherSetupTable.get(str);
        if (cipherSetup == null) {
            cipherSetup = new CipherSetup();
            cipherSetup.family = str;
            this._configData.cipherSetupTable.put(cipherSetup.family, cipherSetup);
        }
        return cipherSetup;
    }
}
