package org.opensaml.ws.security.provider;

import java.util.LinkedHashSet;
import javax.servlet.ServletRequest;
import org.opensaml.ws.security.SecurityPolicyRule;
import org.opensaml.xml.security.x509.InternalX500DNHandler;
import org.opensaml.xml.security.x509.X500DNHandler;
import org.opensaml.xml.security.x509.X509Credential;

/* loaded from: input_file:org/opensaml/ws/security/provider/ClientCertAuthRuleFactory.class */
public class ClientCertAuthRuleFactory extends BaseTrustEngineRuleFactory<X509Credential, ServletRequest> {
    private CertificateNameOptions certNameOptions = newCertificateNameOptions();

    /* loaded from: input_file:org/opensaml/ws/security/provider/ClientCertAuthRuleFactory$CertificateNameOptions.class */
    public class CertificateNameOptions implements Cloneable {
        private boolean evaluateSubjectDN;
        private boolean evaluateSubjectCommonName;
        private LinkedHashSet<Integer> subjectAltNames = new LinkedHashSet<>();
        private X500DNHandler x500DNHandler = new InternalX500DNHandler();
        private String x500SubjectDNFormat = "RFC2253";

        protected CertificateNameOptions() {
        }

        public boolean evaluateSubjectCommonName() {
            return this.evaluateSubjectCommonName;
        }

        public boolean evaluateSubjectDN() {
            return this.evaluateSubjectDN;
        }

        public LinkedHashSet<Integer> getSubjectAltNames() {
            return this.subjectAltNames;
        }

        public X500DNHandler getX500DNHandler() {
            return this.x500DNHandler;
        }

        public String getX500SubjectDNFormat() {
            return this.x500SubjectDNFormat;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* renamed from: clone, reason: merged with bridge method [inline-methods] */
        public CertificateNameOptions m6clone() {
            try {
                CertificateNameOptions certificateNameOptions = (CertificateNameOptions) super.clone();
                certificateNameOptions.subjectAltNames = new LinkedHashSet<>();
                certificateNameOptions.subjectAltNames.addAll(this.subjectAltNames);
                certificateNameOptions.x500DNHandler = this.x500DNHandler.clone();
                return certificateNameOptions;
            } catch (CloneNotSupportedException e) {
                return null;
            }
        }
    }

    protected CertificateNameOptions newCertificateNameOptions() {
        return new CertificateNameOptions();
    }

    protected CertificateNameOptions getCertificateNameOptions() {
        return this.certNameOptions.m6clone();
    }

    @Override // org.opensaml.ws.security.provider.BaseTrustEngineRuleFactory, org.opensaml.ws.security.SecurityPolicyRuleFactory
    public SecurityPolicyRule<ServletRequest> createRuleInstance() {
        return new ClientCertAuthRule(getTrustEngine(), this.certNameOptions.m6clone());
    }

    public boolean evaluateSubjectCommonName() {
        return this.certNameOptions.evaluateSubjectCommonName;
    }

    public void setEvaluateSubjectCommonName(boolean z) {
        this.certNameOptions.evaluateSubjectCommonName = z;
    }

    public boolean evaluateSubjectDN() {
        return this.certNameOptions.evaluateSubjectDN;
    }

    public void setEvaluateSubjectDN(boolean z) {
        this.certNameOptions.evaluateSubjectDN = z;
    }

    public LinkedHashSet<Integer> getSubjectAltNames() {
        return this.certNameOptions.subjectAltNames;
    }

    public X500DNHandler getX500DNHandler() {
        return this.certNameOptions.x500DNHandler;
    }

    public void setX500DNHandler(X500DNHandler x500DNHandler) {
        if (x500DNHandler == null) {
            throw new IllegalArgumentException("X500DNHandler may not be null");
        }
        this.certNameOptions.x500DNHandler = x500DNHandler;
    }

    public String getX500SubjectDNFormat() {
        return this.certNameOptions.x500SubjectDNFormat;
    }

    public void setX500SubjectDNFormat(String str) {
        this.certNameOptions.x500SubjectDNFormat = str;
    }
}
