package org.opensaml.security.trust.impl;

import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.annotation.Nonnull;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.x509.X509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/opensaml-security-impl-3.4.3.jar:org/opensaml/security/trust/impl/ExplicitX509CertificateTrustEvaluator.class */
public class ExplicitX509CertificateTrustEvaluator {
    private final Logger log = LoggerFactory.getLogger((Class<?>) ExplicitX509CertificateTrustEvaluator.class);

    public boolean validate(@Nonnull X509Certificate x509Certificate, @Nonnull X509Certificate x509Certificate2) {
        return x509Certificate.equals(x509Certificate2);
    }

    public boolean validate(@Nonnull X509Certificate x509Certificate, @Nonnull Iterable<X509Certificate> iterable) {
        Iterator<X509Certificate> it = iterable.iterator();
        while (it.hasNext()) {
            if (x509Certificate.equals(it.next())) {
                return true;
            }
        }
        return false;
    }

    public boolean validate(@Nonnull X509Credential x509Credential, @Nonnull X509Credential x509Credential2) {
        X509Certificate entityCertificate = x509Credential.getEntityCertificate();
        X509Certificate entityCertificate2 = x509Credential2.getEntityCertificate();
        if (entityCertificate == null) {
            this.log.debug("Untrusted credential contained no entity certificate, unable to evaluate");
            return false;
        }
        if (entityCertificate2 == null) {
            this.log.debug("Trusted credential contained no entity certificate, unable to evaluate");
            return false;
        }
        if (validate(entityCertificate, entityCertificate2)) {
            this.log.debug("Successfully validated untrusted credential against trusted certificate");
            return true;
        }
        this.log.debug("Failed to validate untrusted credential against trusted certificate");
        return false;
    }

    public boolean validate(@Nonnull X509Credential x509Credential, @Nonnull Iterable<Credential> iterable) {
        for (Credential credential : iterable) {
            if (!(credential instanceof X509Credential)) {
                this.log.debug("Skipping evaluation against trusted, non-X509Credential");
            } else if (validate(x509Credential, (X509Credential) credential)) {
                return true;
            }
        }
        return false;
    }
}
