1 files changed, 24 insertions, 5 deletions

diff --git a/crypto/src/tls/OfferedPsks.cs b/crypto/src/tls/OfferedPsks.cs
index 14b6448b4..9eddd2e23 100644
--- a/crypto/src/tls/OfferedPsks.cs
+++ b/crypto/src/tls/OfferedPsks.cs
@@ -28,21 +28,35 @@ namespace Org.BouncyCastle.Tls
 
         private readonly IList m_identities;
         private readonly IList m_binders;
+        private readonly int m_bindersSize;
 
         public OfferedPsks(IList identities)
-            : this(identities, null)
+            : this(identities, null, -1)
         {
         }
 
-        private OfferedPsks(IList identities, IList binders)
+        private OfferedPsks(IList identities, IList binders, int bindersSize)
         {
             if (null == identities || identities.Count < 1)
                 throw new ArgumentException("cannot be null or empty", "identities");
             if (null != binders && identities.Count != binders.Count)
                 throw new ArgumentException("must be the same length as 'identities' (or null)", "binders");
+            if ((null != binders) != (bindersSize >= 0))
+                throw new ArgumentException("must be >= 0 iff 'binders' are present", "bindersSize");
 
             this.m_identities = identities;
             this.m_binders = binders;
+            this.m_bindersSize = bindersSize;
+        }
+
+        internal byte[] GetBinderForIdentity(PskIdentity matchIdentity)
+        {
+            for (int i = 0, count = m_identities.Count; i < count; ++i)
+            {
+                if (matchIdentity.Equals(m_identities[i]))
+                    return (byte[])m_binders[i];
+            }
+            return null;
         }
 
         public IList Binders
@@ -50,6 +64,11 @@ namespace Org.BouncyCastle.Tls
             get { return m_binders; }
         }
 
+        public int BindersSize
+        {
+            get { return m_bindersSize; }
+        }
+
         public IList Identities
         {
             get { return m_identities; }
@@ -168,8 +187,8 @@ namespace Org.BouncyCastle.Tls
             }
 
             IList binders = Platform.CreateArrayList();
+            int totalLengthBinders = TlsUtilities.ReadUint16(input);
             {
-                int totalLengthBinders = TlsUtilities.ReadUint16(input);
                 if (totalLengthBinders < 33)
                     throw new TlsFatalAlert(AlertDescription.decode_error);
 
@@ -177,13 +196,13 @@ namespace Org.BouncyCastle.Tls
                 MemoryStream buf = new MemoryStream(bindersData, false);
                 do
                 {
-                    byte[] binder = TlsUtilities.ReadOpaque8(input, 32);
+                    byte[] binder = TlsUtilities.ReadOpaque8(buf, 32);
                     binders.Add(binder);
                 }
                 while (buf.Position < buf.Length);
             }
 
-            return new OfferedPsks(identities, binders);
+            return new OfferedPsks(identities, binders, 2 + totalLengthBinders);
         }
     }
 }