Remember suitable hash function for any signature algorithm. This commit changes `ssl_parse_signature_algorithms_ext` to remember one suitable ( := supported by client and by our config ) hash algorithm per signature algorithm. It also modifies the ciphersuite checking function `ssl_ciphersuite_match` to refuse a suite if there is no suitable hash algorithm. Finally, it adds the corresponding entry to the ChangeLog.

commit: 7e5437a972e287d7ec3e4ee7379e55fdca7250b3 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri Apr 28 17:15:26 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon May 15 11:50:11 2017 +0100
tree: 7835fc059f8af88158bb245de43382112d5602ec
parent: 1aa267cbc39316127e39cc7e63552e30a0a66764 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 495e02c..eb0cfdf 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -531,6 +531,7 @@
 /* Defined in ssl_internal.h */
 typedef struct mbedtls_ssl_transform mbedtls_ssl_transform;
 typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params;
+typedef struct mbedtls_ssl_sig_hash_set_t mbedtls_ssl_sig_hash_set_t;
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert;
 #endif
commit	7e5437a972e287d7ec3e4ee7379e55fdca7250b3	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri Apr 28 17:15:26 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon May 15 11:50:11 2017 +0100
tree	7835fc059f8af88158bb245de43382112d5602ec
parent	1aa267cbc39316127e39cc7e63552e30a0a66764 [diff] [blame]