Remember suitable hash function for any signature algorithm. This commit changes `ssl_parse_signature_algorithms_ext` to remember one suitable ( := supported by client and by our config ) hash algorithm per signature algorithm. It also modifies the ciphersuite checking function `ssl_ciphersuite_match` to refuse a suite if there is no suitable hash algorithm. Finally, it adds the corresponding entry to the ChangeLog.

commit: 7e5437a972e287d7ec3e4ee7379e55fdca7250b3 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri Apr 28 17:15:26 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon May 15 11:50:11 2017 +0100
tree: 7835fc059f8af88158bb245de43382112d5602ec
parent: 1aa267cbc39316127e39cc7e63552e30a0a66764 [diff] [blame]
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 8e7b794..931c1b3 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h

@@ -356,6 +356,7 @@
 
 #if defined(MBEDTLS_PK_C)
 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
 #endif
 
 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
commit	7e5437a972e287d7ec3e4ee7379e55fdca7250b3	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri Apr 28 17:15:26 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon May 15 11:50:11 2017 +0100
tree	7835fc059f8af88158bb245de43382112d5602ec
parent	1aa267cbc39316127e39cc7e63552e30a0a66764 [diff] [blame]