diff options
| author | Gonéri Le Bouder <goneri@redhat.com> | 2018-10-17 14:10:53 -0400 |
|---|---|---|
| committer | Gonéri Le Bouder <goneri@redhat.com> | 2018-10-18 09:03:48 -0400 |
| commit | 4df1d87519602d25dbe832d7e6ac3cb15e8b2ced (patch) | |
| tree | 74614a53f7e84e8d50aa4124ed3554053ddfdc0e /tools | |
| parent | 849e26f5e77f6d1401b020dc7b4c627f9ea5ad93 (diff) | |
| download | zuul-4df1d87519602d25dbe832d7e6ac3cb15e8b2ced.tar.gz | |
encrypt_secret: support OpenSSL 1.1.1
With OpenSSL, the format of 'openssl rsa -text' has changed a bit, now
the Public-Key is prefixed by RSA.
$ openssl rsa -text -pubin -in foo | head -n1
writing RSA key
RSA Public-Key: (4096 bit)
The change was introduce by this commit:
https://github.com/openssl/openssl/commit/9503ed8#diff-dbf726cfa20d03251a1eb72683972640R316
This patch ensures the bit length is still detected properly.
Change-Id: I1b956b207ac97a1ac700363605414834a81ad16a
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/encrypt_secret.py | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/tools/encrypt_secret.py b/tools/encrypt_secret.py index f755eb8f0..d3b0fb236 100755 --- a/tools/encrypt_secret.py +++ b/tools/encrypt_secret.py @@ -118,10 +118,11 @@ def main(): openssl_version = subprocess.check_output( ['openssl', 'version']).split()[1] if openssl_version.startswith(b'0.'): - m = re.match(r'^Modulus \((\d+) bit\):$', output, re.MULTILINE) + key_length_re = r'^Modulus \((?P<key_length>\d+) bit\):$' else: - m = re.match(r'^Public-Key: \((\d+) bit\)$', output, re.MULTILINE) - nbits = int(m.group(1)) + key_length_re = r'^(|RSA )Public-Key: \((?P<key_length>\d+) bit\)$' + m = re.match(key_length_re, output, re.MULTILINE) + nbits = int(m.group('key_length')) nbytes = int(nbits / 8) max_bytes = nbytes - 42 # PKCS1-OAEP overhead chunks = int(math.ceil(float(len(plaintext)) / max_bytes)) |