openssl_pkcs12: do not crash when there's no certificate and/or private key in existing PKCS#12 file (#109)

* Do not crash when PKCS#12 file contains no private key and/or main certificate.

* Add changelog fragment.

* Call getters only once each, check explicitly for None.

* Add test.

* Also 'parse' correctly PKCS#12 file with no private key.

plugins/modules/openssl_pkcs12.py

@@ -360,10 +360,12 @@ class Pkcs(OpenSSLObject):
                 pkcs12_content = pkcs12_fh.read()
             p12 = crypto.load_pkcs12(pkcs12_content,
                                      self.passphrase)
-            pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM,
-                                          p12.get_privatekey())
-            crt = crypto.dump_certificate(crypto.FILETYPE_PEM,
-                                          p12.get_certificate())
+            pkey = p12.get_privatekey()
+            if pkey is not None:
+                pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
+            crt = p12.get_certificate()
+            if crt is not None:
+                crt = crypto.dump_certificate(crypto.FILETYPE_PEM, crt)
             other_certs = []
             if p12.get_ca_certificates() is not None:
                 other_certs = [crypto.dump_certificate(crypto.FILETYPE_PEM,
@@ -444,7 +446,7 @@ def main():
                     changed = True
                 else:
                     pkey, cert, other_certs, friendly_name = pkcs12.parse()
-                    dump_content = '%s%s%s' % (to_native(pkey), to_native(cert), to_native(b''.join(other_certs)))
+                    dump_content = ''.join([to_native(pem) for pem in [pkey, cert] + other_certs if pem is not None])
                     pkcs12.write(module, to_bytes(dump_content))
 
             file_args = module.load_file_common_arguments(module.params)