internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-08 14:22:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix openssl_pkcs12 crash with cryptography backend when loading passphrase-protected files (#248)

Browse Source 
* Convert passphrase to bytes when loading PKCS#12 file with cryptography.

* Add tests with PKCS#12 passphrase.

* Add changelog fragment.
This commit is contained in:
Felix Fontein
2021-06-11 20:03:16 +02:00
committed by GitHub
parent cda2edf92c
commit 0df33de73e
4 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tests/integration/targets/openssl_pkcs12/tasks/impl.yml
View File

@@ -107,11 +107,12 @@
check_mode: true
register: p12_dumped_check_mode
- name: "({{ select_crypto_backend }}) Generate PKCS#12 file with multiple certs"
- name: "({{ select_crypto_backend }}) Generate PKCS#12 file with multiple certs and passphrase"
openssl_pkcs12:
select_crypto_backend: '{{ select_crypto_backend }}'
path: '{{ output_dir }}/ansible_multi_certs.p12'
friendly_name: abracadabra
passphrase: hunter3
privatekey_path: '{{ output_dir }}/ansible_pkey1.pem'
certificate_path: '{{ output_dir }}/ansible1.crt'
other_certificates:
@@ -120,11 +121,12 @@
state: present
register: p12_multiple_certs
- name: "({{ select_crypto_backend }}) Generate PKCS#12 file with multiple certs, again (idempotency)"
- name: "({{ select_crypto_backend }}) Generate PKCS#12 file with multiple certs and passphrase, again (idempotency)"
openssl_pkcs12:
select_crypto_backend: '{{ select_crypto_backend }}'
path: '{{ output_dir }}/ansible_multi_certs.p12'
friendly_name: abracadabra
passphrase: hunter3
privatekey_path: '{{ output_dir }}/ansible_pkey1.pem'
certificate_path: '{{ output_dir }}/ansible1.crt'
other_certificates:
@@ -133,11 +135,12 @@
state: present
register: p12_multiple_certs_idempotency
- name: "({{ select_crypto_backend }}) Dump PKCS#12 with multiple certs"
- name: "({{ select_crypto_backend }}) Dump PKCS#12 with multiple certs and passphrase"
openssl_pkcs12:
select_crypto_backend: '{{ select_crypto_backend }}'
src: '{{ output_dir }}/ansible_multi_certs.p12'
path: '{{ output_dir }}/ansible_parse_multi_certs.pem'
passphrase: hunter3
action: parse
state: present

2
tests/integration/targets/openssl_pkcs12/tests/validate.yml
View File

@@ -8,7 +8,7 @@
register: p12_validate_no_pkey
- name: '({{ select_crypto_backend }}) Validate PKCS#12 with multiple certs'
shell: "{{ openssl_binary }} pkcs12 -info -in {{ output_dir }}/ansible_multi_certs.p12 -nodes -passin pass:'' | grep subject"
shell: "{{ openssl_binary }} pkcs12 -info -in {{ output_dir }}/ansible_multi_certs.p12 -nodes -passin pass:'hunter3' | grep subject"
register: p12_validate_multi_certs
- name: '({{ select_crypto_backend }}) Validate PKCS#12 (assert)'