Offer P521 for signature_algorithms in client Hello

[WillChilds-Klein]

Issues:

n/a

Description of changes:

This change adds ECDSA P521 to our list of supported certificate verification algorithms in client Hello.

Call-outs:

n/a

Testing:

CI for automated tests. Manual test to confirm signature_algorithms extension contents before/after:

./build/tool/bssl s_client -connect kms.us-east-1.amazonaws.com:443

Client Hello before:

Client Hello after:

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[WillChilds-Klein]

Question for reviewers -- should we unify kVerifySignatureAlgorithms and kSignSignatureAlgorithms lists? I don't see a conceptual justification for the asymmetry.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 66.66667% with 1 line in your changes missing coverage. Please review.

Project coverage is 78.72%. Comparing base (eedef82) to head (ca392cc).
Report is 28 commits behind head on main.

Files with missing lines	Patch %	Lines
ssl/ssl_test.cc	66.66%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2572      +/-   ##
==========================================
- Coverage   78.90%   78.72%   -0.19%     
==========================================
  Files         640      645       +5     
  Lines      109766   110641     +875     
  Branches    15526    15649     +123     
==========================================
+ Hits        86612    87102     +490     
- Misses      22458    22839     +381     
- Partials      696      700       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.