-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add openssl_privatekey_info module #54845
Conversation
The test
The test
The test
The test
The test
The test
The test
|
a0e9468
to
41c19de
Compare
b58014a
to
7e3ddec
Compare
I had to access OpenSSL directly for getting information on pyOpenSSL private keys (newer versions allow to get hold of a ready_for_review |
@MarkusTeufelberger @Xyon @gdelpierre @japokorn @john-westcott-iv @lolcube @mgruener @thomwiggers As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add |
@MarkusTeufelberger I've added that check. I found out that |
df2da91
to
7e5e218
Compare
ffc69ab
to
f79173b
Compare
The test
|
f79173b
to
937b25b
Compare
937b25b
to
f5233f5
Compare
ready_for_review |
return True | ||
|
||
|
||
def _is_cryptography_key_consistent(key, key_public_data, key_private_data): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe these functions should go into module_utils/crypto
? Seem useful for CSRs and certificates (maybe even SSH keys?) too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You mean the ones above this? Makes sense. I've added a commit for this; I've kept _check_dsa_consistency
and _is_cryptography_key_consistent
, though, since they are (at the moment) private key specific, and the latter specific to cryptography
. We can still move them when we actually need them in other modules as well (and do some necessary generalizations then).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the ones that verify properties of private/public keys.
I'm not 100% sure what would happen in the selfsigned
and ownca
providers if used with a keypair that violates these specs, but I agreee, that can be fixed later.
Looks great. shipit |
@thomwiggers @MarkusTeufelberger thanks for reviewing! |
SUMMARY
Adds a new module
openssl_privatekey_info
module, similar toopenssl_certificate_info
in #54709.ISSUE TYPE
COMPONENT NAME
openssl_privatekey_info