hash algorithms used for signatures

[hannesm]

fixes #123

for @psafont I added val signature_algorithm : t -> ([ `RSA | `ECDSA ] * Nocrypto.Hash.hash) option to the Certificate, Signing_request, and CRL modules. Does this suite you well?

The (chain) validation functions now receive an optional hash_whitelist argument, which the signature algorithm must match. The default is any SHA-2 algorithm (SHA256/SHA384/SHA512, not SHA224 - seems to be rarely used, I could not see a reason to include it). The default for valid_ca{,s} is any hash algorithm (following what others are doing).

/cc @emillon @paurkedal for a quick round of review -- this certainly changes the behaviour of x509 & tls -- in a good way forward (rejecting weak algorithms by default).

[psafont]

This will work wonders, thank you!