2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-05 07:23:42 +01:00

Accept sha384 and sha512 signatures as well as sha256

This commit is contained in:
Julien Vehent 2014-10-17 11:08:32 -04:00
parent 5b32afaa1f
commit 28c6c2488b

View File

@ -143,7 +143,7 @@ def is_intermediate(results):
all_proto.append(proto)
if 'TLSv1' in conn['protocols']:
has_tls1 = True
if 'sha256WithRSAEncryption' not in conn['sigalg']:
if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']:
logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature')
has_sha256 = False
if conn['cipher'][0:2] == 'DHE':
@ -197,9 +197,9 @@ def is_modern(results):
for proto in conn['protocols']:
if proto not in all_proto:
all_proto.append(proto)
if 'sha256WithRSAEncryption' not in conn['sigalg']:
logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature')
inter = False
if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']:
logging.debug(conn['sigalg'][0] + ' is a not an modern signature')
modern = False
has_sha256 = False
if conn['cipher'][0:2] == 'DHE':
if conn['pfs'] != 'DH,2048bits':