Remember suitable hash function for any signature algorithm. This commit changes `ssl_parse_signature_algorithms_ext` to remember one suitable ( := supported by client and by our config ) hash algorithm per signature algorithm. It also modifies the ciphersuite checking function `ssl_ciphersuite_match` to refuse a suite if there is no suitable hash algorithm. Finally, it adds the corresponding entry to the ChangeLog.

commit: c2b9d984e9c39b23fc4b8af7e46be5f0f751e5e5 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed May 10 16:37:21 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Wed May 24 10:47:54 2017 +0100
tree: a5cf1e83a6849c10c16dbebebb8e80efe9566ee5
parent: 98864d5c0b154eda7aeb2c2bffe7e7e1c97424bc [diff] [blame]
diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h
index f0519ca..2666b3b 100644
--- a/include/polarssl/ssl_ciphersuites.h
+++ b/include/polarssl/ssl_ciphersuites.h

@@ -290,6 +290,7 @@
 
 #if defined(POLARSSL_PK_C)
 pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
+pk_type_t ssl_get_ciphersuite_sig_alg( const ssl_ciphersuite_t *info );
 #endif
 
 int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
commit	c2b9d984e9c39b23fc4b8af7e46be5f0f751e5e5	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed May 10 16:37:21 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Wed May 24 10:47:54 2017 +0100
tree	a5cf1e83a6849c10c16dbebebb8e80efe9566ee5
parent	98864d5c0b154eda7aeb2c2bffe7e7e1c97424bc [diff] [blame]