1 files changed, 32 insertions, 0 deletions

diff --git a/crypto/src/tls/TlsExtensionsUtilities.cs b/crypto/src/tls/TlsExtensionsUtilities.cs
index 5a13d8d2e..e1db93016 100644
--- a/crypto/src/tls/TlsExtensionsUtilities.cs
+++ b/crypto/src/tls/TlsExtensionsUtilities.cs
@@ -53,6 +53,12 @@ namespace Org.BouncyCastle.Tls
         }
 
         /// <exception cref="IOException"/>
+        public static void AddCompressCertificateExtension(IDictionary extensions, int[] algorithms)
+        {
+            extensions[ExtensionType.compress_certificate] = CreateCompressCertificateExtension(algorithms);
+        }
+
+        /// <exception cref="IOException"/>
         public static void AddCookieExtension(IDictionary extensions, byte[] cookie)
         {
             extensions[ExtensionType.cookie] = CreateCookieExtension(cookie);
@@ -280,6 +286,13 @@ namespace Org.BouncyCastle.Tls
         }
 
         /// <exception cref="IOException"/>
+        public static int[] GetCompressCertificateExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.compress_certificate);
+            return extensionData == null ? null : ReadCompressCertificateExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"/>
         public static byte[] GetCookieExtension(IDictionary extensions)
         {
             byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.cookie);
@@ -580,6 +593,15 @@ namespace Org.BouncyCastle.Tls
         }
 
         /// <exception cref="IOException"/>
+        public static byte[] CreateCompressCertificateExtension(int[] algorithms)
+        {
+            if (TlsUtilities.IsNullOrEmpty(algorithms) || algorithms.Length > 127)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return TlsUtilities.EncodeUint16ArrayWithUint8Length(algorithms);
+        }
+
+        /// <exception cref="IOException"/>
         public static byte[] CreateCookieExtension(byte[] cookie)
         {
             if (TlsUtilities.IsNullOrEmpty(cookie) || cookie.Length >= (1 << 16))
@@ -995,6 +1017,16 @@ namespace Org.BouncyCastle.Tls
         }
 
         /// <exception cref="IOException"/>
+        public static int[] ReadCompressCertificateExtension(byte[] extensionData)
+        {
+            int[] algorithms = TlsUtilities.DecodeUint16ArrayWithUint8Length(extensionData);
+            if (algorithms.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            return algorithms;
+        }
+
+        /// <exception cref="IOException"/>
         public static byte[] ReadCookieExtension(byte[] extensionData)
         {
             return TlsUtilities.DecodeOpaque16(extensionData, 1);