Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Show SHA384 certificates as secure

Browse Source
This commit is contained in:
Laine Gholson 2015-11-26 13:53:35 -06:00
parent f76d07d43e
commit 7fee2fe29b
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
testssl.sh
View File

@ -2111,10 +2111,11 @@ run_server_defaults() {
case $sig_algo in
sha1WithRSAEncryption) pr_brownln "SHA1 with RSA" ;;
sha256WithRSAEncryption) pr_litegreenln "SHA256 with RSA" ;;
sha384WithRSAEncryption) pr_litegreenln "SHA384 with RSA" ;;
sha512WithRSAEncryption) pr_litegreenln "SHA512 with RSA" ;;
ecdsa-with-SHA256) pr_litegreenln "ECDSA with SHA256" ;;
md5*) pr_redln "MD5" ;;
*) outln "$algo" ;;
*) outln "$sig_algo" ;;
esac
# old, but interesting: https://blog.hboeck.de/archives/754-Playing-with-the-EFF-SSL-Observatory.html
@ -2167,7 +2168,7 @@ run_server_defaults() {
#FIXME: this is irritating and needs to be redone. Then also the wildcard match needs to be tested against "$cn_nosni"
elif [[ -z "$cn_nosni" ]]; then
out " (request w/o SNI didn't succeed";
[[ $algo =~ ecdsa ]] && out ", usual for EC certificates"
[[ $sig_algo =~ ecdsa ]] && out ", usual for EC certificates"
outln ")"
elif [[ "$cn_nosni" == "*no CN field*" ]]; then
outln ", (request w/o SNI: $cn_nosni)"