summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/src/tls/TlsUtilities.cs7
-rw-r--r--crypto/test/src/tls/test/TlsTestClientImpl.cs8
-rw-r--r--crypto/test/src/tls/test/TlsTestConfig.cs4
3 files changed, 18 insertions, 1 deletions
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs

index 076aaf535..f6e509b7d 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -1068,10 +1068,15 @@ namespace Org.BouncyCastle.Tls
 
         public static IList GetDefaultSupportedSignatureAlgorithms(TlsContext context)
         {
+            return GetSupportedSignatureAlgorithms(context, DefaultSupportedSigAlgs);
+        }
+
+        public static IList GetSupportedSignatureAlgorithms(TlsContext context, IList candidates)
+        {
             TlsCrypto crypto = context.Crypto;
 
             IList result = Platform.CreateArrayList(DefaultSupportedSigAlgs.Count);
-            foreach (SignatureAndHashAlgorithm sigAndHashAlg in DefaultSupportedSigAlgs)
+            foreach (SignatureAndHashAlgorithm sigAndHashAlg in candidates)
             {
                 AddIfSupported(result, crypto, sigAndHashAlg);
             }
diff --git a/crypto/test/src/tls/test/TlsTestClientImpl.cs b/crypto/test/src/tls/test/TlsTestClientImpl.cs

index cb70dbc80..a15704af7 100644
--- a/crypto/test/src/tls/test/TlsTestClientImpl.cs
+++ b/crypto/test/src/tls/test/TlsTestClientImpl.cs
@@ -95,6 +95,14 @@ namespace Org.BouncyCastle.Tls.Tests
             return base.GetEarlyKeyShareGroups();
         }
 
+        protected override IList GetSupportedSignatureAlgorithms()
+        {
+            if (m_config.clientCHSigAlgs != null)
+                return TlsUtilities.GetSupportedSignatureAlgorithms(m_context, m_config.clientCHSigAlgs);
+
+            return base.GetSupportedSignatureAlgorithms();
+        }
+
         public override bool IsFallback()
         {
             return m_config.clientFallback;
diff --git a/crypto/test/src/tls/test/TlsTestConfig.cs b/crypto/test/src/tls/test/TlsTestConfig.cs

index a15d4e535..81784e3e3 100644
--- a/crypto/test/src/tls/test/TlsTestConfig.cs
+++ b/crypto/test/src/tls/test/TlsTestConfig.cs
@@ -45,6 +45,10 @@ namespace Org.BouncyCastle.Tls.Tests
         /// _claimed_ in the CertificateVerify (if one is sent), independently of what was actually used.</summary>
         public SignatureAndHashAlgorithm clientAuthSigAlgClaimed = null;
 
+        /// <summary>If TLS 1.2 or higher is negotiated, configures the set of supported signature algorithms in the
+        /// ClientHello. If null, uses a default set.</summary>
+        public IList clientCHSigAlgs = null;
+
         /// <summary>Control whether the client will call
         /// <see cref="TlsUtilities.CheckPeerSigAlgs(TlsContext, Crypto.TlsCertificate[])"/> to check the server
         /// certificate chain.</summary>
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-30 20:34:54 +0000