Track the sigalgs used by ourselves and our peer.

Move the sigalg pointer from SSL_HANDSHAKE_TLS13 to SSL_HANDSHAKE, naming
it our_sigalg, adding an equivalent peer_sigalg. Adjust the TLSv1.3 code
that records our signature algorithm. Add code to record the signature
algorithm used by our peer.

Needed for upcoming API additions.

ok tb@

1 files changed, 6 insertions, 3 deletions

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 5f99c08cc9..200219c141 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.351 2021/06/23 11:12:33 tb Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.352 2021/06/27 19:23:51 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -444,9 +444,8 @@ typedef struct ssl_handshake_tls13_st {
         int use_legacy;
         int hrr;
 
-        /* Certificate and sigalg selected for use (static pointers). */
+        /* Certificate selected for use (static pointer). */
         const CERT_PKEY *cpk;
-        const struct ssl_sigalg *sigalg;
 
         /* Version proposed by peer server. */
         uint16_t server_version;
@@ -503,6 +502,10 @@ typedef struct ssl_handshake_st {
         /* Extensions seen in this handshake. */
         uint32_t extensions_seen;
 
+        /* Signature algorithms selected for use (static pointers). */
+        const struct ssl_sigalg *our_sigalg;
+        const struct ssl_sigalg *peer_sigalg;
+
         /* sigalgs offered in this handshake in wire form */
         uint8_t *sigalgs;
         size_t sigalgs_len;