package com.netscape.management.client.util;

import com.netscape.management.client.security.PromptForTrustDialog;
import java.io.ByteArrayInputStream;
import java.io.Serializable;
import java.net.InetAddress;
import java.net.Socket;
import javax.swing.SwingUtilities;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSocketFactory;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.AlreadyInitializedException;
import org.mozilla.jss.crypto.X509Certificate;
import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
import org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback;
import org.mozilla.jss.ssl.SSLSocket;

/* loaded from: input_file:117667-02/patchzip-d52diu.zip:nsclient.zip:java/mcc52.jar:com/netscape/management/client/util/JSS3SocketFactory.class */
public class JSS3SocketFactory implements Serializable, LDAPSocketFactory, SSLCertificateApprovalCallback {
    static final long serialVersionUID = -6926469178017736902L;
    private static boolean initialized = false;
    private static PromptForTrustDialog promptForTrustDialog = null;
    private String _lastHost;
    private int _lastPort;

    public JSS3SocketFactory() throws LDAPException {
        if (initialized) {
            return;
        }
        initialize(".");
    }

    public static void initialize(String str) throws LDAPException {
        if (initialized) {
            throw new LDAPException("JSS3SocketFactory is already initialized", 80);
        }
        try {
            initialized = true;
            CryptoManager.initialize(str);
        } catch (AlreadyInitializedException e) {
        } catch (Exception e2) {
            throw new LDAPException(new StringBuffer().append("Failed to initialize JSS3SocketFactory: ").append(e2.getMessage()).toString(), 80);
        }
    }

    public static void initialize(String str, String str2, String str3, String str4) throws LDAPException {
        if (initialized) {
            throw new LDAPException("JSS3SocketFactory is already initialized", 80);
        }
        try {
            initialized = true;
            CryptoManager.initialize(new CryptoManager.InitializationValues(str, str2, str3, str4));
        } catch (AlreadyInitializedException e) {
        } catch (Exception e2) {
            throw new LDAPException(new StringBuffer().append("Failed to initialize JSS3SocketFactory: ").append(e2.getMessage()).toString(), 80);
        }
    }

    @Override // netscape.ldap.LDAPSocketFactory
    public Socket makeSocket(String str, int i) throws LDAPException {
        this._lastHost = str;
        this._lastPort = i;
        try {
            SSLSocket sSLSocket = new SSLSocket(InetAddress.getByName(str), i, (InetAddress) null, 0, true, (SSLCertificateApprovalCallback) this, (SSLClientCertificateSelectionCallback) null);
            sSLSocket.forceHandshake();
            return sSLSocket;
        } catch (Exception e) {
            throw new LDAPException(new StringBuffer().append("SSL connection to ").append(str).append(":").append(i).append(", ").append(e.getMessage()).toString(), 91);
        }
    }

    @Override // org.mozilla.jss.ssl.SSLCertificateApprovalCallback
    public boolean approve(X509Certificate x509Certificate, SSLCertificateApprovalCallback.ValidityStatus validityStatus) {
        boolean z = true;
        if (UtilConsoleGlobals.isServerAuthEnabled() && validityStatus.getReasons().hasMoreElements()) {
            java.security.cert.X509Certificate x509Certificate2 = null;
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(x509Certificate.getEncoded());
                while (byteArrayInputStream.available() > 0) {
                    x509Certificate2 = (java.security.cert.X509Certificate) UtilConsoleGlobals.getX509CertificateFactory().generateCertificate(byteArrayInputStream);
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            if (promptForTrustDialog == null) {
                promptForTrustDialog = new PromptForTrustDialog(null, x509Certificate2, validityStatus);
            } else {
                promptForTrustDialog.setCertificateInfo(x509Certificate2, validityStatus);
            }
            promptForTrustDialog.setServerName(new StringBuffer().append(this._lastHost).append(":").append(this._lastPort).toString());
            if (SwingUtilities.isEventDispatchThread()) {
                promptForTrustDialog.setVisible(true);
            } else {
                try {
                    SwingUtilities.invokeAndWait(new Runnable(this) { // from class: com.netscape.management.client.util.JSS3SocketFactory.1
                        private final JSS3SocketFactory this$0;

                        {
                            this.this$0 = this;
                        }

                        @Override // java.lang.Runnable
                        public void run() {
                            JSS3SocketFactory.promptForTrustDialog.setVisible(true);
                        }
                    });
                } catch (Exception e2) {
                    SwingUtilities.invokeLater(new Runnable(this) { // from class: com.netscape.management.client.util.JSS3SocketFactory.2
                        private final JSS3SocketFactory this$0;

                        {
                            this.this$0 = this;
                        }

                        @Override // java.lang.Runnable
                        public void run() {
                            JSS3SocketFactory.promptForTrustDialog.setVisible(false);
                        }
                    });
                }
            }
            z = promptForTrustDialog.isCertAccepted();
            if (z && !promptForTrustDialog.isAcceptedForOneSession()) {
                try {
                    String nickname = x509Certificate.getNickname();
                    CryptoManager.getInstance().importCertToPerm(x509Certificate, nickname == null ? x509Certificate.getSubjectDN().toString() : nickname).setSSLTrust(3);
                } catch (Exception e3) {
                    e3.printStackTrace();
                }
            }
        }
        return z;
    }
}
