From 28c6c2488b9ce2581b4096c3fa7b0a935178d2d8 Mon Sep 17 00:00:00 2001 From: Julien Vehent Date: Fri, 17 Oct 2014 11:08:32 -0400 Subject: [PATCH] Accept sha384 and sha512 signatures as well as sha256 --- analyze.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/analyze.py b/analyze.py index da958f1..600d0c0 100755 --- a/analyze.py +++ b/analyze.py @@ -143,7 +143,7 @@ def is_intermediate(results): all_proto.append(proto) if 'TLSv1' in conn['protocols']: has_tls1 = True - if 'sha256WithRSAEncryption' not in conn['sigalg']: + if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']: logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature') has_sha256 = False if conn['cipher'][0:2] == 'DHE': @@ -197,9 +197,9 @@ def is_modern(results): for proto in conn['protocols']: if proto not in all_proto: all_proto.append(proto) - if 'sha256WithRSAEncryption' not in conn['sigalg']: - logging.debug(conn['sigalg'][0] + ' is a not an intermediate signature') - inter = False + if conn['sigalg'][0] not in ['sha256WithRSAEncryption', 'sha384WithRSAEncryption', 'sha512WithRSAEncryption']: + logging.debug(conn['sigalg'][0] + ' is a not an modern signature') + modern = False has_sha256 = False if conn['cipher'][0:2] == 'DHE': if conn['pfs'] != 'DH,2048bits':