openssl_certificate: fix passphrase handling for cryptography backend (#56155)

* Make sure passphrase is bytes string. * Fix typo. * Add more passphrase tests. * Fix test names. * Add changelog.
2026-05-07 22:02:50 +00:00 · 2019-05-08 05:58:15 +02:00
parent 193f69064f
commit 7a957ba64a
5 changed files with 75 additions and 5 deletions
--- a/lib/ansible/module_utils/crypto.py
+++ b/lib/ansible/module_utils/crypto.py
@@ -168,7 +168,7 @@ def load_privatekey(path, passphrase=None, check_passphrase=True, content=None,
        elif backend == 'cryptography':
            try:
                result = load_pem_private_key(priv_key_detail,
-                                              passphrase,
+                                              None if passphrase is None else to_bytes(passphrase),
                                              cryptography_backend())
            except TypeError as dummy:
                raise OpenSSLBadPassphraseError('Wrong or empty passphrase provided for private key')