From 28c6c2488b9ce2581b4096c3fa7b0a935178d2d8 Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Fri, 17 Oct 2014 11:08:32 -0400
Subject: [PATCH] Accept sha384 and sha512 signatures as well as sha256

---
 analyze.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/analyze.py b/analyze.py
index da958f1..600d0c0 100755
--- a/analyze.py
+++ b/analyze.py
@@ -143,7 +143,7 @@ def is_intermediate(results):
                 all_proto.append(proto)
         if 'TLSv1' in conn['protocols']:
             has_tls1 = True
-        if 'sha256WithRSAEncryption' not in conn['sigalg']:
+        if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']:
             logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature')
             has_sha256 = False
         if conn['cipher'][0:2] == 'DHE':
@@ -197,9 +197,9 @@ def is_modern(results):
         for proto in conn['protocols']:
             if proto not in all_proto:
                 all_proto.append(proto)
-        if 'sha256WithRSAEncryption' not in conn['sigalg']:
-            logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature')
-            inter = False
+        if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']:
+            logging.debug(conn['sigalg'][0] + ' is a not an modern signature')
+            modern = False
             has_sha256 = False
         if conn['cipher'][0:2] == 'DHE':
             if conn['pfs'] != 'DH,2048bits':