Implementation of signature_algorithms_cert

[kriskwiatkowski]

Currently signature_algorithms_cert is implemented in a way that it's sent in a CH and CR, but never parsed when received. We use this extension in order to indicate that certificates with PSS padding are not supported (see #69 (comment)). This support has been added in (golang/go@8786750) which will be released in go 1.11.

• The parsing part will require some changes in a implementation responsible for certificate dispatching. Server (or client) will need to validate that chosen chain of certificates uses signature algorithms from signature_algorithms_cert list if it's received. There is an exception for root certificate, which needs to be taken into account.
• Implementation can't change semantics which custom GetCertificate function expects
• There is a case in which signature_algorithms and signature_algorithms_cert lists share some of the algorithms, but there is also rare corner case in which both lists could be disjoint. Implementation needs to take it into account (verification algorithm of leaf certificate doesn't need to be on a signature_algorithms_cert list)

Comments in this PR are valid only for TLS 1.3