Implemented "signature algorithm" hello extension

author: Martin Willi <martin@revosec.ch> 2010-09-02 19:19:17 +0200
committer: Martin Willi <martin@revosec.ch> 2010-09-02 19:33:08 +0200
commit: 06109c471785e7bf09487e31c0a71cb325cc7926 (patch)
tree: 5841c95dbe6491db1e0e19d552c0a125c331ca0e /src/libtls/tls_peer.c
parent: 731611c52547d3d0b0cde11d4891d75ede64a586 (diff)
download: strongswan-06109c471785e7bf09487e31c0a71cb325cc7926.tar.bz2
strongswan-06109c471785e7bf09487e31c0a71cb325cc7926.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 3ee77d501..eb32651a8 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -445,6 +445,7 @@ static status_t send_client_hello(private_tls_peer_t *this,
 							tls_handshake_type_t *type, tls_writer_t *writer)
 {
 	tls_cipher_suite_t *suites;
+	tls_writer_t *extensions;
 	tls_version_t version;
 	int count, i;
 	rng_t *rng;
@@ -480,6 +481,13 @@ static status_t send_client_hello(private_tls_peer_t *this,
 	writer->write_uint8(writer, 1);
 	writer->write_uint8(writer, 0);
 
+	/* signature algorithms extension */
+	extensions = tls_writer_create(32);
+	extensions->write_uint16(extensions, TLS_EXT_SIGNATURE_ALGORITHMS);
+	this->crypto->get_signature_algorithms(this->crypto, extensions);
+	writer->write_data16(writer, extensions->get_buf(extensions));
+	extensions->destroy(extensions);
+
 	*type = TLS_CLIENT_HELLO;
 	this->state = STATE_HELLO_SENT;
 	this->crypto->append_handshake(this->crypto, *type, writer->get_buf(writer));
author	Martin Willi <martin@revosec.ch>	2010-09-02 19:19:17 +0200
committer	Martin Willi <martin@revosec.ch>	2010-09-02 19:33:08 +0200
commit	06109c471785e7bf09487e31c0a71cb325cc7926 (patch)
tree	5841c95dbe6491db1e0e19d552c0a125c331ca0e /src/libtls/tls_peer.c
parent	731611c52547d3d0b0cde11d4891d75ede64a586 (diff)
download	strongswan-06109c471785e7bf09487e31c0a71cb325cc7926.tar.bz2 strongswan-06109c471785e7bf09487e31c0a71cb325cc7926.tar.xz