New ctrls to retrieve supported signature algorithms and curves and

extensions to s_client and s_server to print out retrieved valued. Extend CERT structure to cache supported signature algorithm data.
author: steve <steve> 2012-03-06 14:28:19 +0000
committer: steve <steve> 2012-03-06 14:28:19 +0000
commit: a8a21a6972394c2f76894dce5e0b882998b3f410 (patch)
tree: 907951d6eaf802034249f1433e9f938f18aace0b /ssl/ssl_locl.h
parent: a2a0033acfff9b015de60ee138a08dd6370d6b07 (diff)
download: openssl-a8a21a6972394c2f76894dce5e0b882998b3f410.tar.gz
1 files changed, 18 insertions, 1 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index bdaca8bf4..ad5dc7104 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -506,6 +506,11 @@ typedef struct cert_st
 
 	CERT_PKEY pkeys[SSL_PKEY_NUM];
 
+	/* Array of pairs of NIDs for signature algorithm extension */
+	TLS_SIGALGS *sigalgs;
+	/* Size of above array */
+	size_t sigalgslen;
+
 	int references; /* >1 only if SSL_copy_session_id is used */
 	} CERT;
 
@@ -534,7 +539,19 @@ typedef struct sess_cert_st
 
 	int references; /* actually always 1 at the moment */
 	} SESS_CERT;
-
+/* Structure containing decoded values of signature algorithms extension */
+struct tls_sigalgs_st
+	{
+	/* NID of hash algorithm */
+	int hash_nid;
+	/* NID of signature algorithm */
+	int sign_nid;
+	/* Combined hash and signature NID */
+	int signandhash_nid;
+	/* Raw values used in extension */
+	unsigned char rsign;
+	unsigned char rhash;
+	};
 
 /*#define MAC_DEBUG	*/
author	steve <steve>	2012-03-06 14:28:19 +0000
committer	steve <steve>	2012-03-06 14:28:19 +0000
commit	a8a21a6972394c2f76894dce5e0b882998b3f410 (patch)
tree	907951d6eaf802034249f1433e9f938f18aace0b /ssl/ssl_locl.h
parent	a2a0033acfff9b015de60ee138a08dd6370d6b07 (diff)
download	openssl-a8a21a6972394c2f76894dce5e0b882998b3f410.tar.gz