From 55918f3afb2a094298f2a78a4c89feea03db89a2 Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Fri, 18 Sep 2015 12:36:26 -0400
Subject: [PATCH] Add OK/KO flags in terminal output

---
 cipherscan | 45 ++++++++++++++++++++++++++++++++++-----------
 1 file changed, 34 insertions(+), 11 deletions(-)

diff --git a/cipherscan b/cipherscan
index 74a8782..4a99ef6 100755
--- a/cipherscan
+++ b/cipherscan
@@ -750,27 +750,50 @@ display_results_in_terminal() {
         fi
     done|column -t
     echo
-    if [[ $different != "True" ]]; then
-        if [[ "$trusted" == "True" ]]; then
-            echo "Certificate: trusted, $pubkey bit, $sigalg signature"
-        else
-            echo "Certificate: UNTRUSTED, $pubkey bit, $sigalg signature"
+    pubkey_eval="KO"
+    if [[ ! -z $pubkey ]]; then
+        if (( $pubkey > 2047 )); then
+            pubkey_eval="OK"
         fi
+    fi
+    sigalg_eval="OK"
+    if [[ $sigalg =~ md5|sha1 ]]; then
+        sigalg_eval="KO"
+    fi
+    if [[ $trusted == "True" ]]; then
+        trusted="trusted [OK]"
+    else
+        trusted="untrusted [KO]"
+    fi
+    if [[ $different != "True" ]]; then
+        echo "Certificate: $trusted, $pubkey bit [$pubkey_eval], $sigalg signature [$sigalg_eval]"
         echo "TLS ticket lifetime hint: $tickethint"
     fi
     if [[ $ocspstaple == "True" ]]; then
-        echo "OCSP stapling: supported"
+        echo "OCSP stapling: supported [OK]"
     else
-        echo "OCSP stapling: not supported"
+        echo "OCSP stapling: not supported [KO]"
     fi
     if [[ $serverside == "True" ]]; then
-        echo "Cipher ordering: server"
+        echo "Cipher ordering: server [OK]"
     else
-        echo "Cipher ordering: client"
+        echo "Cipher ordering: client [KO]"
     fi
     if [[ $TEST_CURVES == "True" ]]; then
-        echo "Curves ordering: $curvesordering"
-        echo "Curves fallback: $fallback_supported"
+        if [[ $curvesordering == "server" ]]; then
+            curvesordering="$curvesordering [OK]"
+        else
+            if [[ $curvesordering == "" ]]; then
+                curvesordering="none"
+            fi
+            curvesordering="$curvesordering [KO]"
+        fi
+        if [[ $fallback_supported == "True" ]]; then
+            fallback_supported="$fallback_supported [OK]"
+        else
+            fallback_supported="$fallback_supported [KO]"
+        fi
+        echo "Curves ordering: $curvesordering - fallback: $fallback_supported"
     fi
 
     if [[ $TEST_TOLERANCE == "True" ]]; then