commit 1cd6e0021f14d9f1b5015c8851781a0e07ffabec
author Hanno Becker <hanno.becker@arm.com> Tue Aug 10 13:27:10 2021 +0100
committer Hanno Becker <hanno.becker@arm.com> Tue Aug 10 13:55:43 2021 +0100
tree 6e059b12ccbf1efb06316895fc696948351f7fa6
parent 551265f8798eb843ee61063b34d42add44dd9bb7

Add experimental API for configuration of TLS 1.3 sig algs

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 923c671..e2fb9b6 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3933,6 +3933,22 @@
 {
     conf->sig_hashes = hashes;
 }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+/**
+ * \brief          Configure allowed signature algorithms for use in TLS 1.3
+ *
+ * \param conf     The SSL configuration to use.
+ * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms,
+ *                 with the most preferred algorithm listed first. Supported values
+ *                 are available as \c MBEDTLS_TLS13_SIG_XXX.
+ */
+void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
+                                const uint16_t* sig_algs )
+{
+    conf->tls13_sig_algs = sig_algs;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_ECP_C)