2018-12-23 09:23:31 +00:00
|
|
|
---
|
2017-07-25 11:18:18 +00:00
|
|
|
- block:
|
|
|
|
- name: Generate privatekey
|
|
|
|
openssl_privatekey:
|
|
|
|
path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
|
2017-08-21 11:19:41 +00:00
|
|
|
- name: Generate publickey - PEM format
|
2017-07-25 11:18:18 +00:00
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
|
2017-08-21 11:19:41 +00:00
|
|
|
- name: Generate publickey - OpenSSH format
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey-ssh.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
format: OpenSSH
|
|
|
|
# cryptography.hazmat.primitives import serialization.Encoding.OpenSSH and
|
|
|
|
# cryptography.hazmat.primitives import serialization.PublicFormat.OpenSSH constants
|
|
|
|
# appeared in version 1.4 of cryptography
|
2017-11-27 22:58:08 +00:00
|
|
|
when: cryptography_version.stdout is version('1.4.0', '>=')
|
2017-08-21 11:19:41 +00:00
|
|
|
|
2017-11-28 08:38:47 +00:00
|
|
|
- name: Generate publickey - OpenSSH format - test idempotence (issue 33256)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey-ssh.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
format: OpenSSH
|
2017-11-28 18:26:45 +00:00
|
|
|
when: cryptography_version.stdout is version('1.4.0', '>=')
|
2017-11-28 08:38:47 +00:00
|
|
|
register: publickey_ssh_idempotence
|
|
|
|
|
2017-08-21 11:19:41 +00:00
|
|
|
- name: Generate publickey2 - standard
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey2.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
|
|
|
|
- name: Delete publickey2 - standard
|
|
|
|
openssl_publickey:
|
|
|
|
state: absent
|
|
|
|
path: '{{ output_dir }}/publickey2.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
|
|
|
|
- name: Generate privatekey3 - with passphrase
|
|
|
|
openssl_privatekey:
|
|
|
|
path: '{{ output_dir }}/privatekey3.pem'
|
|
|
|
passphrase: ansible
|
|
|
|
cipher: aes256
|
|
|
|
|
|
|
|
- name: Generate publickey3 - with passphrase protected privatekey
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey3.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey3.pem'
|
|
|
|
privatekey_passphrase: ansible
|
|
|
|
|
|
|
|
- name: Generate publickey3 - with passphrase protected privatekey - idempotence
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey3.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey3.pem'
|
|
|
|
privatekey_passphrase: ansible
|
|
|
|
register: publickey3_idempotence
|
|
|
|
|
2017-11-25 03:29:07 +00:00
|
|
|
- name: Generate empty file that will hold a public key (issue 33072)
|
|
|
|
file:
|
|
|
|
path: '{{ output_dir }}/publickey4.pub'
|
|
|
|
state: touch
|
|
|
|
|
|
|
|
- name: Generate publickey in empty existing file (issue 33072)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey4.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
|
2018-12-23 09:23:31 +00:00
|
|
|
- name: Generate privatekey 5 (ECC)
|
|
|
|
openssl_privatekey:
|
|
|
|
path: '{{ output_dir }}/privatekey5.pem'
|
|
|
|
type: ECC
|
|
|
|
curve: secp256k1
|
|
|
|
|
|
|
|
- name: Generate publickey 5 - PEM format
|
2019-03-30 14:38:43 +00:00
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey5.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
backup: yes
|
|
|
|
register: privatekey5_1
|
|
|
|
- name: Generate publickey 5 - PEM format (idempotent)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey5.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
backup: yes
|
|
|
|
register: privatekey5_2
|
|
|
|
- name: Generate publickey 5 - PEM format (different private key)
|
2018-12-23 09:23:31 +00:00
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey5.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey5.pem'
|
2019-03-30 14:38:43 +00:00
|
|
|
backup: yes
|
|
|
|
register: privatekey5_3
|
2018-12-23 09:23:31 +00:00
|
|
|
|
2019-03-08 16:21:18 +00:00
|
|
|
- name: Generate privatekey with password
|
|
|
|
openssl_privatekey:
|
|
|
|
path: '{{ output_dir }}/privatekeypw.pem'
|
|
|
|
passphrase: hunter2
|
|
|
|
cipher: auto
|
|
|
|
select_crypto_backend: cryptography
|
|
|
|
|
|
|
|
- name: Generate publickey - PEM format (failed passphrase 1)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey_pw1.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
privatekey_passphrase: hunter2
|
|
|
|
ignore_errors: yes
|
|
|
|
register: passphrase_error_1
|
|
|
|
|
|
|
|
- name: Generate publickey - PEM format (failed passphrase 2)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey_pw2.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
|
|
|
|
privatekey_passphrase: wrong_password
|
|
|
|
ignore_errors: yes
|
|
|
|
register: passphrase_error_2
|
|
|
|
|
|
|
|
- name: Generate publickey - PEM format (failed passphrase 3)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey_pw3.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
|
|
|
|
ignore_errors: yes
|
|
|
|
register: passphrase_error_3
|
|
|
|
|
2019-03-30 13:28:10 +00:00
|
|
|
- name: Create broken key
|
|
|
|
copy:
|
|
|
|
dest: "{{ output_dir }}/publickeybroken.pub"
|
|
|
|
content: "broken"
|
|
|
|
- name: Regenerate broken key
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickeybroken.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey5.pem'
|
|
|
|
register: output_broken
|
|
|
|
|
2019-03-30 14:38:43 +00:00
|
|
|
- name: Generate publickey - PEM format (for removal)
|
|
|
|
openssl_publickey:
|
|
|
|
path: '{{ output_dir }}/publickey_removal.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
- name: Generate publickey - PEM format (removal)
|
|
|
|
openssl_publickey:
|
|
|
|
state: absent
|
|
|
|
path: '{{ output_dir }}/publickey_removal.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
backup: yes
|
|
|
|
register: remove_1
|
|
|
|
- name: Generate publickey - PEM format (removal, idempotent)
|
|
|
|
openssl_publickey:
|
|
|
|
state: absent
|
|
|
|
path: '{{ output_dir }}/publickey_removal.pub'
|
|
|
|
privatekey_path: '{{ output_dir }}/privatekey.pem'
|
|
|
|
backup: yes
|
|
|
|
register: remove_2
|
|
|
|
|
2017-07-25 11:18:18 +00:00
|
|
|
- import_tasks: ../tests/validate.yml
|
|
|
|
|
2017-11-27 22:58:08 +00:00
|
|
|
when: pyopenssl_version.stdout is version('16.0.0', '>=')
|