package com.google.step2.xmlsimplesign;

import java.security.cert.X509Certificate;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:WEB-INF/lib/step2-common-1.0.0-wso2v2.jar:com/google/step2/xmlsimplesign/CnConstraintCertValidator.class */
public abstract class CnConstraintCertValidator implements CertValidator {
    private static final Pattern CN_PATTERN = Pattern.compile("CN=([^,]+)");

    @Override // com.google.step2.xmlsimplesign.CertValidator
    public boolean matches(X509Certificate x509Certificate, String str) {
        String cnFromDn = getCnFromDn(x509Certificate.getSubjectX500Principal().getName());
        if (cnFromDn == null) {
            return false;
        }
        return cnFromDn.equals(getRequiredCn(str));
    }

    String getCnFromDn(String str) {
        Matcher matcher = CN_PATTERN.matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        return null;
    }

    protected abstract String getRequiredCn(String str);
}
