encrypt_secret: support OpenSSL 1.1.1

With OpenSSL, the format of 'openssl rsa -text' has changed a bit, now
the Public-Key is prefixed by RSA.

$ openssl rsa -text -pubin -in foo | head -n1
writing RSA key
RSA Public-Key: (4096 bit)

The change was introduce by this commit:
https://github.com/openssl/openssl/commit/9503ed8#diff-dbf726cfa20d03251a1eb72683972640R316

This patch ensures the bit length is still detected properly.

Change-Id: I1b956b207ac97a1ac700363605414834a81ad16a
This commit is contained in:
Gonéri Le Bouder 2018-10-17 14:10:53 -04:00
parent 849e26f5e7
commit 4df1d87519
No known key found for this signature in database
GPG Key ID: 049ED9B94765572E
1 changed files with 4 additions and 3 deletions

View File

@ -118,10 +118,11 @@ def main():
openssl_version = subprocess.check_output(
['openssl', 'version']).split()[1]
if openssl_version.startswith(b'0.'):
m = re.match(r'^Modulus \((\d+) bit\):$', output, re.MULTILINE)
key_length_re = r'^Modulus \((?P<key_length>\d+) bit\):$'
else:
m = re.match(r'^Public-Key: \((\d+) bit\)$', output, re.MULTILINE)
nbits = int(m.group(1))
key_length_re = r'^(|RSA )Public-Key: \((?P<key_length>\d+) bit\)$'
m = re.match(key_length_re, output, re.MULTILINE)
nbits = int(m.group('key_length'))
nbytes = int(nbits / 8)
max_bytes = nbytes - 42 # PKCS1-OAEP overhead
chunks = int(math.ceil(float(len(plaintext)) / max_bytes))