package com.tionsoft.meap.mas.tas.client.factory;

import com.tionsoft.meap.mas.tas.client.ssl.TasClientSslConfig;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SecureSslContextFactory {
    private static final String PROTOCOL = "TLS";
    private SSLContext mClientContext;

    public SSLContext getClientContext() {
        return this.mClientContext;
    }

    public boolean setSecureKeyStore(TasClientSslConfig tasClientSslConfig) {
        InputStream inCertFile;
        if (tasClientSslConfig == null) {
            return false;
        }
        String keyManagerAlgorithm = tasClientSslConfig.getKeyManagerAlgorithm();
        InputStream inputStream = null;
        try {
            try {
                inCertFile = tasClientSslConfig.getInCertFile();
            } catch (Exception e) {
                e = e;
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(tasClientSslConfig.getCertType());
            keyStore.load(inCertFile, tasClientSslConfig.getPasswd().toCharArray());
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory.getInstance(keyManagerAlgorithm).init(keyStore);
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.tionsoft.meap.mas.tas.client.factory.SecureSslContextFactory.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        if (x509Certificate != null && x509Certificate.getCriticalExtensionOIDs() != null) {
                            x509Certificate.getCriticalExtensionOIDs().remove("2.5.29.15");
                        }
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, null);
            if (inCertFile != null) {
                try {
                    inCertFile.close();
                } catch (IOException e2) {
                    e2.printStackTrace();
                }
            }
            this.mClientContext = sSLContext;
            return true;
        } catch (Exception e3) {
            e = e3;
            inputStream = inCertFile;
            throw new Error("Failed to initialize the client-side SSLContext", e);
        } catch (Throwable th2) {
            th = th2;
            inputStream = inCertFile;
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }
}
