package org.opensaml.xml.security.credential.criteria;

import java.math.BigInteger;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.security.x509.X509IssuerSerialCriteria;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/open/security/xmltooling-1.1.1.jar:org/opensaml/xml/security/credential/criteria/EvaluableX509IssuerSerialCredentialCriteria.class */
public class EvaluableX509IssuerSerialCredentialCriteria implements EvaluableCredentialCriteria {
    private final Logger log = LoggerFactory.getLogger(EvaluableX509IssuerSerialCredentialCriteria.class);
    private X500Principal issuer;
    private BigInteger serialNumber;

    public EvaluableX509IssuerSerialCredentialCriteria(X509IssuerSerialCriteria x509IssuerSerialCriteria) {
        if (x509IssuerSerialCriteria == null) {
            throw new NullPointerException("Criteria instance may not be null");
        }
        this.issuer = x509IssuerSerialCriteria.getIssuerName();
        this.serialNumber = x509IssuerSerialCriteria.getSerialNumber();
    }

    public EvaluableX509IssuerSerialCredentialCriteria(X500Principal x500Principal, BigInteger bigInteger) {
        if (x500Principal == null || bigInteger == null) {
            throw new IllegalArgumentException("Issuer and serial number may not be null");
        }
        this.issuer = x500Principal;
        this.serialNumber = bigInteger;
    }

    @Override // org.opensaml.xml.security.EvaluableCriteria
    public Boolean evaluate(Credential credential) {
        if (credential == null) {
            this.log.error("Credential target was null");
            return null;
        }
        if (!(credential instanceof X509Credential)) {
            this.log.info("Credential is not an X509Credential, does not satisfy issuer name and serial number criteria");
            return Boolean.FALSE;
        }
        X509Certificate entityCertificate = ((X509Credential) credential).getEntityCertificate();
        if (entityCertificate == null) {
            this.log.info("X509Credential did not contain an entity certificate, does not satisfy criteria");
            return Boolean.FALSE;
        }
        if (entityCertificate.getIssuerX500Principal().equals(this.issuer)) {
            return Boolean.valueOf(entityCertificate.getSerialNumber().equals(this.serialNumber));
        }
        return false;
    }
}
