From 4df1d87519602d25dbe832d7e6ac3cb15e8b2ced Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gon=C3=A9ri=20Le=20Bouder?= <goneri@redhat.com>
Date: Wed, 17 Oct 2018 14:10:53 -0400
Subject: [PATCH] encrypt_secret: support OpenSSL 1.1.1

With OpenSSL, the format of 'openssl rsa -text' has changed a bit, now
the Public-Key is prefixed by RSA.

$ openssl rsa -text -pubin -in foo | head -n1
writing RSA key
RSA Public-Key: (4096 bit)

The change was introduce by this commit:
https://github.com/openssl/openssl/commit/9503ed8#diff-dbf726cfa20d03251a1eb72683972640R316

This patch ensures the bit length is still detected properly.

Change-Id: I1b956b207ac97a1ac700363605414834a81ad16a
---
 tools/encrypt_secret.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tools/encrypt_secret.py b/tools/encrypt_secret.py
index f755eb8f01..d3b0fb236e 100755
--- a/tools/encrypt_secret.py
+++ b/tools/encrypt_secret.py
@@ -118,10 +118,11 @@ def main():
         openssl_version = subprocess.check_output(
             ['openssl', 'version']).split()[1]
         if openssl_version.startswith(b'0.'):
-            m = re.match(r'^Modulus \((\d+) bit\):$', output, re.MULTILINE)
+            key_length_re = r'^Modulus \((?P<key_length>\d+) bit\):$'
         else:
-            m = re.match(r'^Public-Key: \((\d+) bit\)$', output, re.MULTILINE)
-        nbits = int(m.group(1))
+            key_length_re = r'^(|RSA )Public-Key: \((?P<key_length>\d+) bit\)$'
+        m = re.match(key_length_re, output, re.MULTILINE)
+        nbits = int(m.group('key_length'))
         nbytes = int(nbits / 8)
         max_bytes = nbytes - 42  # PKCS1-OAEP overhead
         chunks = int(math.ceil(float(len(plaintext)) / max_bytes))