package com.netscape.management.client.comm;

import com.netscape.management.client.security.PromptForTrustDialog;
import com.netscape.management.client.util.AbstractDialog;
import com.netscape.management.client.util.Debug;
import com.netscape.management.client.util.GridBagUtil;
import com.netscape.management.client.util.MultilineLabel;
import com.netscape.management.client.util.ResourceSet;
import com.netscape.management.client.util.SingleBytePasswordField;
import com.netscape.management.client.util.UtilConsoleGlobals;
import java.awt.Container;
import java.awt.GridBagLayout;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.cert.CertificateFactory;
import java.util.Enumeration;
import java.util.Vector;
import javax.swing.JComboBox;
import javax.swing.JLabel;
import javax.swing.SwingUtilities;
import org.apache.xpath.XPath;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.X509Certificate;
import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
import org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback;
import org.mozilla.jss.ssl.SSLSocket;
import org.mozilla.jss.util.Password;
import org.mozilla.jss.util.PasswordCallback;
import org.mozilla.jss.util.PasswordCallbackInfo;

/* loaded from: input_file:119165-01/patchzip-dps-5.2Patch3--WINNT.zip:nsclient.zip:java/mcc52.jar:com/netscape/management/client/comm/HttpsChannel.class */
public class HttpsChannel extends HttpChannel implements SSLCertificateApprovalCallback, SSLClientCertificateSelectionCallback, PasswordCallback {
    protected SSLSocket socket;
    static CryptoManager cryptoManager;
    static GetPasswordDialog getPasswordDialog = null;
    static SelectCertDialog selectCertDialog = null;
    static CertificateFactory cf;
    static ResourceSet resource;
    static final int MAX_PASSWORD_PROMPT = 10;
    int nthPrompt;
    private static PromptForTrustDialog promptForTrustDialog;

    /* loaded from: input_file:119165-01/patchzip-dps-5.2Patch3--WINNT.zip:nsclient.zip:java/mcc52.jar:com/netscape/management/client/comm/HttpsChannel$GetPasswordDialog.class */
    class GetPasswordDialog extends AbstractDialog {
        MultilineLabel enterPwdLabel;
        SingleBytePasswordField pwd;
        private final HttpsChannel this$0;

        public GetPasswordDialog(HttpsChannel httpsChannel) {
            super(null, HttpsChannel.i18n("getPwdDialogTitle"), true, 3);
            this.this$0 = httpsChannel;
            this.enterPwdLabel = new MultilineLabel();
            Container contentPane = getContentPane();
            contentPane.setLayout(new GridBagLayout());
            GridBagUtil.constrain(contentPane, this.enterPwdLabel, 0, 0, 1, 1, 1.0d, XPath.MATCH_SCORE_QNAME, 17, 2, 0, 0, 0, 0);
            this.pwd = new SingleBytePasswordField();
            GridBagUtil.constrain(contentPane, this.pwd, 0, 0 + 1, 1, 1, 1.0d, XPath.MATCH_SCORE_QNAME, 17, 2, 0, 0, 0, 0);
            pack();
        }

        @Override // java.awt.Component
        public void setVisible(boolean z) {
            pack();
            this.pwd.grabFocus();
            super.setVisible(z);
        }

        public void setPasswordInfo(PasswordCallbackInfo passwordCallbackInfo, boolean z) {
            if (z) {
                this.enterPwdLabel.setText(HttpsChannel.i18n("enterPwdAgainLabel", passwordCallbackInfo.getName()));
            } else {
                this.enterPwdLabel.setText(HttpsChannel.i18n("enterPwdLabel", passwordCallbackInfo.getName()));
            }
            Debug.println(passwordCallbackInfo.getName());
        }

        public Password getPassword() {
            return new Password(this.pwd.getText().toCharArray());
        }
    }

    /* loaded from: input_file:119165-01/patchzip-dps-5.2Patch3--WINNT.zip:nsclient.zip:java/mcc52.jar:com/netscape/management/client/comm/HttpsChannel$SelectCertDialog.class */
    class SelectCertDialog extends AbstractDialog {
        JComboBox certList;
        private final HttpsChannel this$0;

        public SelectCertDialog(HttpsChannel httpsChannel) {
            super(null, HttpsChannel.i18n("selectCertDialogTitle"), true, 3);
            this.this$0 = httpsChannel;
            this.certList = new JComboBox();
            Container contentPane = getContentPane();
            contentPane.setLayout(new GridBagLayout());
            GridBagUtil.constrain(contentPane, new JLabel(HttpsChannel.i18n("selectCertLabel")), 0, 0, 1, 1, 1.0d, XPath.MATCH_SCORE_QNAME, 17, 2, 0, 0, 0, 0);
            GridBagUtil.constrain(contentPane, this.certList, 0, 0 + 1, 1, 1, 1.0d, XPath.MATCH_SCORE_QNAME, 17, 2, 0, 0, 0, 0);
            pack();
        }

        public void setCertList(Vector vector) {
            this.certList.removeAllItems();
            Enumeration elements = vector.elements();
            while (elements.hasMoreElements()) {
                this.certList.insertItemAt(elements.nextElement(), 0);
            }
            try {
                this.certList.setSelectedIndex(0);
            } catch (Exception e) {
            }
        }

        public String getSelectedCert() {
            return this.certList.getSelectedItem().toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String i18n(String str) {
        return resource.getString("HttpsChannel", str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String i18n(String str, String str2) {
        return resource.getString("HttpsChannel", str, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpsChannel(Object obj, String str, HttpManager httpManager) {
        super(obj, str, httpManager);
        this.socket = null;
        this.nthPrompt = 0;
    }

    @Override // org.mozilla.jss.ssl.SSLCertificateApprovalCallback
    public boolean approve(X509Certificate x509Certificate, SSLCertificateApprovalCallback.ValidityStatus validityStatus) {
        boolean z = true;
        if (!UtilConsoleGlobals.isServerAuthEnabled()) {
            return true;
        }
        boolean hasMoreElements = validityStatus.getReasons().hasMoreElements();
        Debug.println(new StringBuffer().append("This certificate is ").append(hasMoreElements ? "not " : "").append("a trusted server Certificate").toString());
        java.security.cert.X509Certificate x509Certificate2 = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(x509Certificate.getEncoded());
            while (byteArrayInputStream.available() > 0) {
                x509Certificate2 = (java.security.cert.X509Certificate) cf.generateCertificate(byteArrayInputStream);
                Debug.println(x509Certificate2.toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (promptForTrustDialog == null) {
            promptForTrustDialog = new PromptForTrustDialog(null, x509Certificate2, validityStatus);
        } else {
            promptForTrustDialog.setCertificateInfo(x509Certificate2, validityStatus);
        }
        if (hasMoreElements) {
            if (SwingUtilities.isEventDispatchThread()) {
                promptForTrustDialog.setVisible(true);
            } else {
                try {
                    SwingUtilities.invokeAndWait(new Runnable(this) { // from class: com.netscape.management.client.comm.HttpsChannel.1
                        private final HttpsChannel this$0;

                        {
                            this.this$0 = this;
                        }

                        @Override // java.lang.Runnable
                        public void run() {
                            HttpsChannel.promptForTrustDialog.setVisible(true);
                        }
                    });
                } catch (Exception e2) {
                    SwingUtilities.invokeLater(new Runnable(this) { // from class: com.netscape.management.client.comm.HttpsChannel.2
                        private final HttpsChannel this$0;

                        {
                            this.this$0 = this;
                        }

                        @Override // java.lang.Runnable
                        public void run() {
                            HttpsChannel.promptForTrustDialog.setVisible(false);
                        }
                    });
                }
            }
            z = promptForTrustDialog.isCertAccepted();
            if (z && !promptForTrustDialog.isAcceptedForOneSession()) {
                try {
                    Debug.println("install cert");
                    String nickname = x509Certificate.getNickname();
                    Debug.println(new StringBuffer().append("nickname: ").append(nickname).toString());
                    Debug.println(new StringBuffer().append("dn:       ").append(x509Certificate.getSubjectDN().toString()).toString());
                    cryptoManager.importCertToPerm(x509Certificate, nickname == null ? x509Certificate.getSubjectDN().toString() : nickname).setSSLTrust(3);
                } catch (Exception e3) {
                    if (Debug.getTrace()) {
                        e3.printStackTrace();
                    }
                }
            }
            Debug.println(new StringBuffer().append("ACCEPTED:").append(z).toString());
        }
        return z;
    }

    @Override // org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback
    public String select(Vector vector) {
        if (selectCertDialog == null) {
            selectCertDialog = new SelectCertDialog(this);
        }
        Debug.println("HttpsChannel::select(...) - SELECT CERTIFICATE");
        selectCertDialog.setCertList(vector);
        selectCertDialog.setVisible(true);
        return selectCertDialog.isCancel() ? "" : selectCertDialog.getSelectedCert();
    }

    @Override // org.mozilla.jss.util.PasswordCallback
    public Password getPasswordFirstAttempt(PasswordCallbackInfo passwordCallbackInfo) throws PasswordCallback.GiveUpException {
        this.nthPrompt++;
        if (getPasswordDialog == null) {
            getPasswordDialog = new GetPasswordDialog(this);
        }
        Debug.println("HttpsChannel::getPasswordFirstAttempt(...) - PROMPT FOR PASSWORD");
        getPasswordDialog.setPasswordInfo(passwordCallbackInfo, false);
        getPasswordDialog.setVisible(true);
        return getPasswordDialog.getPassword();
    }

    @Override // org.mozilla.jss.util.PasswordCallback
    public Password getPasswordAgain(PasswordCallbackInfo passwordCallbackInfo) throws PasswordCallback.GiveUpException {
        this.nthPrompt++;
        Debug.println("HttpsChannel::getPasswordAgainAttempt(...) - PROMPT FOR PASSWORD");
        getPasswordDialog.setPasswordInfo(passwordCallbackInfo, true);
        getPasswordDialog.setVisible(true);
        if (this.nthPrompt > 10) {
            throw new PasswordCallback.GiveUpException();
        }
        return getPasswordDialog.getPassword();
    }

    @Override // com.netscape.management.client.comm.HttpChannel, com.netscape.management.client.comm.CommChannel
    public void open() throws IOException {
        cryptoManager.setPasswordCallback(this);
        try {
            this.nthPrompt = 0;
            Debug.println("CREATE JSS SSLSocket");
            this.socket = new SSLSocket(InetAddress.getByName(getHost()), getPort(), (InetAddress) null, 0, true, (SSLCertificateApprovalCallback) this, (SSLClientCertificateSelectionCallback) this);
            this.socket.setNeedClientAuth(true);
            this.socket.forceHandshake();
            super.socket = this.socket;
            this.bos = new BufferedOutputStream(this.socket.getOutputStream(), HttpChannel.defaultBufferLength);
            this.bis = new BufferedInputStream(this.socket.getInputStream(), HttpChannel.defaultBufferLength);
            Debug.println(new StringBuffer().append(this.name).append(" open> Ready").toString());
            this.thread = new Thread(this, this.tid.toString());
            this.thread.start();
        } catch (IOException e) {
            Debug.println("Unable to create ssl socket");
            if (Debug.getTrace()) {
                e.printStackTrace();
            }
            throw e;
        }
    }

    @Override // com.netscape.management.client.comm.HttpChannel, com.netscape.management.client.comm.CommChannel
    public void close() throws IOException {
        this.dead = true;
        Debug.println(new StringBuffer().append(this.name).append(" close i/o stream").toString());
        this.bos.close();
        this.bis.close();
        Debug.println(new StringBuffer().append(this.name).append(" close socket").toString());
        this.socket.close();
        this.socket = null;
        Debug.println(new StringBuffer().append(this.name).append(" close> Closed").toString());
        this.thread.stop();
    }

    static {
        try {
            resource = new ResourceSet("com.netscape.management.client.comm.HttpsChannel");
            UtilConsoleGlobals.initJSS();
            cf = UtilConsoleGlobals.getX509CertificateFactory();
            cryptoManager = CryptoManager.getInstance();
        } catch (Exception e) {
            e.printStackTrace();
        }
        promptForTrustDialog = null;
    }
}
