package org.opensaml.security.x509.impl;

import java.security.GeneralSecurityException;
import java.security.cert.CertStore;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.opensaml.security.SecurityException;
import org.opensaml.security.x509.PKIXTrustEvaluator;
import org.opensaml.security.x509.PKIXValidationInformation;
import org.opensaml.security.x509.PKIXValidationOptions;
import org.opensaml.security.x509.X500DNHandler;
import org.opensaml.security.x509.X509Credential;
import org.slf4j.Logger;

/* loaded from: input_file:eap7/api-jars/opensaml-security-impl-3.1.1.jar:org/opensaml/security/x509/impl/CertPathPKIXTrustEvaluator.class */
public class CertPathPKIXTrustEvaluator implements PKIXTrustEvaluator {
    private final Logger log;
    private X500DNHandler x500DNHandler;
    private PKIXValidationOptions options;

    public CertPathPKIXTrustEvaluator();

    public CertPathPKIXTrustEvaluator(@Nonnull PKIXValidationOptions pKIXValidationOptions);

    @Override // org.opensaml.security.x509.PKIXTrustEvaluator
    @Nonnull
    public PKIXValidationOptions getPKIXValidationOptions();

    public void setPKIXValidationOptions(@Nonnull PKIXValidationOptions pKIXValidationOptions);

    @Nonnull
    public X500DNHandler getX500DNHandler();

    public void setX500DNHandler(@Nonnull X500DNHandler x500DNHandler);

    @Override // org.opensaml.security.x509.PKIXTrustEvaluator
    public boolean validate(@Nonnull PKIXValidationInformation pKIXValidationInformation, @Nonnull X509Credential x509Credential) throws SecurityException;

    protected PKIXBuilderParameters getPKIXBuilderParameters(@Nonnull PKIXValidationInformation pKIXValidationInformation, @Nonnull X509Credential x509Credential) throws GeneralSecurityException;

    protected boolean storeContainsCRLs(@Nonnull CertStore certStore);

    @Nonnull
    protected Integer getEffectiveVerificationDepth(@Nonnull PKIXValidationInformation pKIXValidationInformation);

    @Nullable
    protected Set<TrustAnchor> getTrustAnchors(@Nonnull PKIXValidationInformation pKIXValidationInformation);

    @Nonnull
    protected TrustAnchor buildTrustAnchor(@Nonnull X509Certificate x509Certificate);

    @Nonnull
    protected CertStore buildCertStore(@Nonnull PKIXValidationInformation pKIXValidationInformation, @Nonnull X509Credential x509Credential) throws GeneralSecurityException;

    protected void addCRLsToStoreMaterial(@Nonnull List<Object> list, @Nonnull Collection<X509CRL> collection, @Nonnull Date date);

    private void logCertPathDebug(@Nonnull PKIXCertPathBuilderResult pKIXCertPathBuilderResult, @Nonnull X509Certificate x509Certificate);
}
