Interface OpenSslCertificateCompressionAlgorithm


public interface OpenSslCertificateCompressionAlgorithm
Provides compression and decompression implementations for TLS Certificate Compression (RFC 8879).
  • Method Summary

    Modifier and Type
    Method
    Description
    int
    Return the ID for the compression algorithm provided for by a given implementation.
    byte[]
    compress(SSLEngine engine, byte[] uncompressedCertificate)
    Compress the given input with the specified algorithm and return the compressed bytes.
    byte[]
    decompress(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate)
    Decompress the given input with the specified algorithm and return the decompressed bytes.
  • Method Details

    • compress

      byte[] compress(SSLEngine engine, byte[] uncompressedCertificate) throws Exception
      Compress the given input with the specified algorithm and return the compressed bytes.
      Parameters:
      engine - the SSLEngine
      uncompressedCertificate - the uncompressed certificate
      Returns:
      the compressed form of the certificate
      Throws:
      Exception - thrown if an error occurs while compressing
    • decompress

      byte[] decompress(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate) throws Exception
      Decompress the given input with the specified algorithm and return the decompressed bytes.

      Implementation Security Considerations

      Implementations SHOULD bound the memory usage when decompressing the CompressedCertificate message.

      Implementations MUST limit the size of the resulting decompressed chain to the specified uncompressedLen, and they MUST abort the connection (throw an exception) if the size of the output of the decompression function exceeds that limit.

      Parameters:
      engine - the SSLEngine
      uncompressedLen - the expected length of the decompressed certificate that will be returned.
      compressedCertificate - the compressed form of the certificate
      Returns:
      the decompressed form of the certificate
      Throws:
      Exception - thrown if an error occurs while decompressing or output size exceeds uncompressedLen
    • algorithmId

      int algorithmId()
      Return the ID for the compression algorithm provided for by a given implementation.
      Returns:
      compression algorithm ID as specified by RFC8879.