Continuing TLS v1.2 support: add support for server parsing of

signature algorithms extension and correct signature format for server key exchange. All ciphersuites should now work on the server but no client support and no client certificate support yet.
author: Dr. Stephen Henson <steve@openssl.org> 2011-05-06 13:00:07 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-05-06 13:00:07 +0000
commit: 6b7be581e52761b2a0dc5dcf35214ff813b9f9f0 (patch)
tree: 7dddced56537e33ca1f45aa60d17edaee899ed3d /ssl/tls1.h
parent: c1847111248cc71091e169311e0f8ba4b9acf8f3 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 3593701305..35efebee59 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -234,6 +234,21 @@ extern "C" {
 #define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2	2
 #define TLSEXT_ECPOINTFORMAT_last			2
 
+/* Signature and hash algorithms from RFC 5246 */
+
+#define TLSEXT_signature_anonymous			0
+#define TLSEXT_signature_rsa				1
+#define TLSEXT_signature_dsa				2
+#define TLSEXT_signature_ecdsa				3
+
+#define TLSEXT_hash_none				0
+#define TLSEXT_hash_md5					1
+#define TLSEXT_hash_sha1				2
+#define TLSEXT_hash_sha224				3
+#define TLSEXT_hash_sha256				4
+#define TLSEXT_hash_sha384				5
+#define TLSEXT_hash_sha512				6
+
 #ifndef OPENSSL_NO_TLSEXT
 
 #define TLSEXT_MAXLEN_host_name 255
author	Dr. Stephen Henson <steve@openssl.org>	2011-05-06 13:00:07 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-05-06 13:00:07 +0000
commit	6b7be581e52761b2a0dc5dcf35214ff813b9f9f0 (patch)
tree	7dddced56537e33ca1f45aa60d17edaee899ed3d /ssl/tls1.h
parent	c1847111248cc71091e169311e0f8ba4b9acf8f3 (diff)