2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-12-26 12:43:42 +01:00

fix coloring of cert key sizes

a 2047 bit RSA certificate is just as secure as 2048 bit one (and
known good algorithms can very infrequently provide them when asked for
2048) so accept them too

DSA keys are bad in every case, so always red color them

ECDSA keys are OK above 256 bits
This commit is contained in:
Hubert Kario 2015-09-19 19:22:40 +02:00
parent 67c2a7cfe4
commit 8337fb7308

View File

@ -786,7 +786,7 @@ display_results_in_terminal() {
done|column -t
echo
if [[ ($sigalg =~ RSA && $pubkey -gt 2047) || ($sigalg =~ DSA && $pubkey -gt 255) ]]; then
if [[ ($sigalg =~ RSA && $pubkey -ge 2047) || ($sigalg =~ ECDSA && $pubkey -gt 255) ]]; then
pubkey="${c_green}${pubkey}${c_reset}"
else
pubkey="${c_red}${pubkey}${c_reset}"