From 7f9d7c452b64cd2c3980f135007ca2ce2ca264ac Mon Sep 17 00:00:00 2001
From: Ian Young <ian@iay.org.uk>
Date: Tue, 1 Feb 2011 14:00:58 +0000
Subject: [PATCH] Handle the new format OpenSSL 1.0.0c uses for public key
 size.

---
 build/check_authorities.pl | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/build/check_authorities.pl b/build/check_authorities.pl
index c033cdb7..e1c74032 100755
--- a/build/check_authorities.pl
+++ b/build/check_authorities.pl
@@ -76,13 +76,27 @@
 				$subject = $1;
 				print "   Subject: $subject\n" unless $subject eq $issuer;
 			}
-			if (/RSA Public Key: \((\d+) bit\)/) {
+			
+			#
+			# Extract the public key size.  This is displayed differently
+			# in different versions of OpenSSL.
+			#
+			if (/RSA Public Key: \((\d+) bit\)/) { # OpenSSL 0.9x
 				$pubSize = $1;
-				print "   Public key size: $pubSize\n";
+				# print "   Public key size: $pubSize\n";
 				if ($pubSize < 1024) {
-					print "      *** PUBLIC KEY TOO SHORT ***\n";
+					error('PUBLIC KEY TOO SHORT');
 				}
+				next;
+			} elsif (/^\s*Public-Key: \((\d+) bit\)/) { # OpenSSL 1.0
+				$pubSize = $1;
+				# print "   Public key size: $pubSize\n";
+				if ($pubSize < 1024) {
+					error('PUBLIC KEY TOO SHORT');
+				}
+				next;
 			}
+			
 			if (/Not After : (.*)$/) {
 				$notAfter = $1;
 				$days = (str2time($notAfter)-time())/86400.0;