package org.opensaml.xml.security.credential.criteria;

import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.security.x509.X509SubjectNameCriteria;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/XMLConnector.jar:lib/xmltooling-1.3.2-1.jar:org/opensaml/xml/security/credential/criteria/EvaluableX509SubjectNameCredentialCriteria.class */
public class EvaluableX509SubjectNameCredentialCriteria implements EvaluableCredentialCriteria {
    private final Logger log = LoggerFactory.getLogger(EvaluableX509SubjectNameCredentialCriteria.class);
    private X500Principal subjectName;

    public EvaluableX509SubjectNameCredentialCriteria(X509SubjectNameCriteria x509SubjectNameCriteria) {
        if (x509SubjectNameCriteria == null) {
            throw new NullPointerException("Criteria instance may not be null");
        }
        this.subjectName = x509SubjectNameCriteria.getSubjectName();
    }

    public EvaluableX509SubjectNameCredentialCriteria(X500Principal x500Principal) {
        if (x500Principal == null) {
            throw new IllegalArgumentException("Subject name may not be null");
        }
        this.subjectName = x500Principal;
    }

    @Override // org.opensaml.xml.security.EvaluableCriteria
    public Boolean evaluate(Credential credential) {
        if (credential == null) {
            this.log.error("Credential target was null");
            return null;
        }
        if (!(credential instanceof X509Credential)) {
            this.log.info("Credential is not an X509Credential, does not satisfy subject name criteria");
            return Boolean.FALSE;
        }
        X509Certificate entityCertificate = ((X509Credential) credential).getEntityCertificate();
        if (entityCertificate != null) {
            return Boolean.valueOf(entityCertificate.getSubjectX500Principal().equals(this.subjectName));
        }
        this.log.info("X509Credential did not contain an entity certificate, does not satisfy criteria");
        return Boolean.FALSE;
    }
}
