ref: c3e1c158f62458f16e5b538f188bad14844d277d
parent: 8baa8593196a1848773eb8dff26b18cc519f0175
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Tue Sep 22 14:10:52 EDT 2015
libsec: implement dh parameter signature verification, stop lying about non-rsa ciphers, fix memory leaks in X509 code actually verify the diffie hellman parameter signature, this comes in two flavours. TLS1.2 uses X509 signature with a single hash specified by the signature algorithm field in the signature itself and pre TLS1.2 where md5+sha1 hashes of the signed blob are pkcs1 padded and encrypted with the rsa private key. stop advertizing non-rsa cipher suits (DSS and ECDSA), as we have not implmenented them. fix some memory leaks in X509 code while we'r at it.