internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-06 21:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
962 Commits 4 Branches 110 Tags
main
Commit Graph

26 Commits

Author SHA1 Message Date
Felix Fontein
55ae448036 openssl_csr*: fix crash for key_usage idempotency check (#935) 
* Fix crash for key_usage idempotency check.

* Add test.
 2025-07-17 19:37:46 +02:00
Felix Fontein
8792635bef Fix some ansible-lint issues (#907) 
* Fix fqcn[action-core].

* Fix fqcn[action].

* Fix jinja[spacing].
 2025-05-30 22:03:16 +02:00
Felix Fontein
8156468898 Add ansible-lint to CI (#886) 
* Enable ansible-lint.

* Fix broken task name.

* Fix command-instead-of-shell instances.

* Clean up tasks to eliminate command-instead-of-module.

* Skip yaml errors.

* Remove .stdout from versions.

* Avoid stdin.
 2025-05-03 14:42:41 +02:00
Felix Fontein
fbcb89f092 Support cryptography 3.3 (#882) 
* Re-add Debian Bullseye to CI.

* Support cryptography 3.3 as well.
 2025-05-02 21:42:06 +02:00
Felix Fontein
5231ac8f3f Remove support for cryptography < 3.4 (#878) 
* Stop passing backend to cryptography.

* Make public_bytes() fallback the default.

* Remove compatibility code for older cryptography versions.

* Require cryptography 3.4+.

* Restrict to cryptography >= 3.4 in integration tests.

* Remove Debian Bullseye from CI.

It only supports cryptography 3.3.

* Improve imports.

* Remove no longer existing conditional.
 2025-05-02 15:27:18 +02:00
Felix Fontein
33ef158b09 Fix linting errors. 2025-04-26 12:18:21 +02:00
Felix Fontein
a49711d383 openssl_privatekey*: add default value for cipher option (#794) 
* Add default value for 'cipher' option.
* Adjust tests.
* Add changelog fragment.
* Clarify that cipher is used only when passphrase is provided.
 2024-08-30 08:49:20 +01:00
Felix Fontein
2fb543b144 Normalize bools in tests. (#577) 2023-02-15 22:23:36 +01:00
Felix Fontein
ddfb18b609 openssl_csr: fix bad tests, avoid accepting invalid crl_distribution_points records (#560) 
* Improve error handling.

* Remove invalid tests.

* Add changelog fragment.

* Fix tests.

* Improve exception catching.

Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>

* Prevent empty full_name.

* Fix condition. Make sure errors are caught.

* Add more checks.

Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
 2023-01-02 14:52:59 +00:00
Felix Fontein
6bf3ef47e1 Move licenses to LICENSES/, use SPDX-License-Identifier, mention all licenses in galaxy.yml (#491) 
* Add SPDX license identifiers, mention all licenses in galaxy.yml.

* Add default copyright headers.

* Add headers for documents.

* Fix/add more copyright statements.

* Add copyright / license info for vendored code.

* Add extra sanity test.

* Add changelog fragment.

* Comment PSF-2.0 license out in galaxy.yml for now.

* Remove colon after 'Copyright'.

* Avoid colon after 'Copyright' in lint script.

* Mention correct filename.

* Add BSD-3-Clause.

* Improve lint script.

* Update README.

* Symlinks...
 2022-07-21 07:27:26 +02:00
Felix Fontein
7deb0a6db9 openssl_csr: extend tests to check for privatekey_content together with privatekey_passphrase (#490) 
* Extend tests to check for privatekey_content together with privatekey_passphrase.

* Also test privatekey_content for private keys without passphrases.
 2022-07-14 14:32:53 +02:00
Felix Fontein
589e7c72ef Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) 
* Allow to specify subject (for CSRs) and issuer (for CRLs) ordered.

* Forgot import.

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Fix typo.

* Simplify error handling, reject empty values outright.

* Document d497231e1c.

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
 2021-10-31 15:05:04 +01:00
Felix Fontein
838bdd711b Make Dirname (de)serialization conformant to RFC 4514 (#274) 
* Adjust dirName serialization to RFC 4514.

* Adjust deserialization to RFC 4514.

* Add changelog fragment.

* Use Unicode strings, and work around Python 2 and Python 3 differences and problems with old cryptography versions.

* Work with bytes, not Unicode strings, to handle escaping of Unicode endpoints correctly.
 2021-09-28 18:15:38 +02:00
Felix Fontein
f644db3c79 Remove PyOpenSSL backends (except for openssl_pkcs12) (#273) 
* Remove Ubuntu 16.04 (Xenial Xerus) from CI.

* Removing PyOpenSSL backend from everywhere but openssl_pkcs12.

* Remove PyOpenSSL support from module_utils that's not needed for openssl_pkcs12.

* Add changelog fragment.
 2021-09-28 17:46:35 +02:00
Felix Fontein
03427e35a7 Fix idempotency for non-ASCII string comparisons. (#271) 2021-09-14 07:06:35 +02:00
Felix Fontein
02ee3fb974 Improve CI (#268) 
* Remove superfluous remote_src.

* Use temp dir twice instead of output_dir.

* Use remote temp directory instead of output_dir.

* Fix syntax error.

* Add some fixes.

* Copy more files to remote.

* More fixes.

* Fixing ACME/'cloud' tests.

* Forgot when.

* Try to fix filters.

* Skip unnecessary steps.

* Avoid collision.
 2021-09-07 22:37:40 +02:00
Felix Fontein
d8ccebce60 openssl_csr: allow to specify CRL distribution endpoints (#167) 
* Improve error messages for name decoding (not all names appear in SANs).

* Refactor DN parsing, add relative DN parsing code.

* Allow to specify CRL distribution points.

* Add changelog fragment.

* Fix typo.

* Make sure value argument to x509.NameAttribute is a text.

* Update changelogs/fragments/167-openssl_csr-crl-distribution-points.yml

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

* Add example.

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
 2021-01-26 09:57:40 +01:00
Felix Fontein
4d8dcad190 Speed up tests (#153) 
* Improve openssh_* tests.

* Use 2048 instead of 4096 bit keys in many places.

ci_complete

* Parameterize default RSA key length for tests.

* Reduce default RSA key size to 1024.

ci_complete

* Fix error.

ci_complete

* Use variable more often.

* Use 2048 bits for RSA keys for certificates on RHEL8 and CentOS8.

ci_complete

* Fix missing constant.

ci_complete

* Print default key sizes.
 2020-12-04 13:08:14 +00:00
Felix Fontein
8e10e1e590 Always show current backend during tests in name:. (#118) 
* Always show current backend during tests.

* Remove double prefix.
 2020-10-09 11:10:53 +02:00
Andrew Klychkov
010b54f0af CI tests: add a note not to use tests as an example of writing roles (#111) 2020-09-25 09:25:48 +03:00
Felix Fontein
a2f36f426a openssl_csr: catch errors on bad SANs (#106) 
* Catch errors on bad SANs.

* Add changelog fragment.

* Adjust cryptography version and error message.
 2020-09-08 04:24:30 +00:00
Felix Fontein
84342fce4e openssl_csr: add support for name constraints extension (#92) 
* Add support for name constraints extension to openssl_csr.

* Linting.

* Add tests.

* Fix IP address general name handling.
 2020-08-18 12:23:37 +02:00
Felix Fontein
05b0bdbe0d Support arbitrary dotted notation for OIDs in cryptography backend (#91) 
* Support arbitrary dotted notation for OIDs in cryptography backend.

* Add test.

* Fix typos.

* Fix order.
 2020-07-21 15:33:05 +02:00
Jordan Borean
70683e540d Support otherName in subAltName in CSR for UTF8 strings (#53) 
* Support otherName in subAltName in CSR for UTF8 strings

* Remove uneeded docs and added changelog fragment

* Missed a merge conflict

* Fix up sanity issues and added test expectation

* Rename function
 2020-06-23 22:38:42 +02:00
Felix Fontein
cb384443e4 cryptography backend: parse dirName, RID and otherName names (#9) 2020-06-21 22:47:48 +02:00
Ansible Core Team
a9f45b4d5b Initial commit 2020-03-09 13:11:34 +00:00