package org.opensaml.xml.security.credential.criteria;

import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.x509.X509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:wlp/lib/com.ibm.ws.org.opensaml.xmltooling.1.3.4_1.0.14.jar:org/opensaml/xml/security/credential/criteria/EvaluableX509CertSelectorCredentialCriteria.class */
public class EvaluableX509CertSelectorCredentialCriteria implements EvaluableCredentialCriteria {
    private final Logger log = LoggerFactory.getLogger(EvaluableX509CertSelectorCredentialCriteria.class);
    private X509CertSelector certSelector;

    public EvaluableX509CertSelectorCredentialCriteria(X509CertSelector x509CertSelector) {
        if (x509CertSelector == null) {
            throw new IllegalArgumentException("X509 cert selector may not be null");
        }
        this.certSelector = x509CertSelector;
    }

    @Override // org.opensaml.xml.security.EvaluableCriteria
    public Boolean evaluate(Credential credential) {
        if (credential == null) {
            this.log.error("Credential target was null");
            return null;
        }
        if (!(credential instanceof X509Credential)) {
            this.log.info("Credential is not an X509Credential, can not evaluate X509CertSelector criteria");
            return Boolean.FALSE;
        }
        X509Certificate entityCertificate = ((X509Credential) credential).getEntityCertificate();
        if (entityCertificate != null) {
            return Boolean.valueOf(this.certSelector.match(entityCertificate));
        }
        this.log.info("X509Credential did not contain an entity certificate, can not evaluate X509CertSelector criteria");
        return Boolean.FALSE;
    }
}
