Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openssl_privatekey: add support for Ed22519, Ed448, X25519 and X448 keys #54947

Merged
merged 1 commit into from
Apr 8, 2019
Merged

openssl_privatekey: add support for Ed22519, Ed448, X25519 and X448 keys #54947

merged 1 commit into from
Apr 8, 2019

Conversation

felixfontein
Copy link
Contributor

SUMMARY

As subject says. cryptography now supports all of them fully, it seems (i.e. including private key serialization).

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

openssl_privatekey

@ansibot
Copy link
Contributor

ansibot commented Apr 6, 2019

cc @MarkusTeufelberger @Shaps @Spredzy @Xyon @puiterwijk @resmo
click here for bot help

@ansibot ansibot added WIP This issue/PR is a work in progress. Nevertheless it was shared for getting input from peers. affects_2.8 This issue/PR affects Ansible v2.8 crypto Crypto community (ACME, openssl, letsencrypt) feature This issue/PR relates to a feature request. module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests. labels Apr 6, 2019
@felixfontein felixfontein changed the title [WIP] openssl_privatekey: add support for Ed22519, Ed448, X25519 and X448 keys openssl_privatekey: add support for Ed22519, Ed448, X25519 and X448 keys Apr 6, 2019
@felixfontein
Copy link
Contributor Author

The only CI node where a new enough cryptography is installed is OSX 10.11 (it has 2.6.1), and there it works smoothly:


02:30 TASK [openssl_privatekey : Test other type generation] *************************
02:30 changed: [testhost] => (item=X25519) => {"ansible_loop_var": "item", "changed": true, "filename": "/var/root/ansible_testing/privatekey-X25519.pem", "fingerprint": {"md5": "6f:ef:84:61:1d:2e:0d:6a:1b:ec:c7:d0:cc:21:cd:46", "sha1": "6e:6e:48:75:a7:8e:b2:82:be:68:0b:ac:da:44:1d:6a:98:fb:71:ff", "sha224": "cd:69:d6:38:97:62:c1:8a:7d:2e:03:03:60:76:a0:81:9d:d6:97:8f:f3:a2:35:47:a8:4d:0e:ff", "sha256": "c8:34:5a:9b:29:51:f7:9f:45:27:3b:6c:1c:77:a6:0b:7d:3a:8f:38:89:e3:28:3b:de:6f:6b:2e:cc:e4:9e:9f", "sha384": "4c:59:c9:c2:55:53:25:36:7d:0e:34:0f:ac:48:56:24:a0:88:05:01:a5:c4:f0:80:fb:7e:13:54:9f:05:a5:23:7f:7c:7a:94:41:7d:9a:48:57:87:e2:f9:e0:b8:09:07", "sha512": "91:e7:9c:c0:9c:28:59:6a:fc:e7:34:f8:3e:bf:90:fc:6b:b5:f1:e4:d7:1c:21:50:3e:c0:ae:57:5a:2c:39:6f:6d:b9:67:03:d3:9a:ae:84:3e:2e:cb:7f:a3:19:dc:37:7c:68:d6:a3:12:9a:0a:db:9a:d0:12:a4:cb:9c:37:e5"}, "item": {"min_version": "2.5", "type": "X25519"}, "size": 4096, "type": "X25519"}
02:31 changed: [testhost] => (item=Ed25519) => {"ansible_loop_var": "item", "changed": true, "filename": "/var/root/ansible_testing/privatekey-Ed25519.pem", "fingerprint": {"md5": "3b:1e:5e:2c:9c:d7:1e:16:db:4d:37:45:02:c5:80:99", "sha1": "9e:62:d5:15:70:a1:eb:22:09:8f:62:90:e8:91:3c:9a:ed:fb:b4:35", "sha224": "c7:4c:e7:13:a7:a6:9e:6a:21:bb:02:e0:9a:c8:da:21:e2:c7:44:3a:5f:2f:55:8b:60:a7:c9:b4", "sha256": "f6:4b:29:ea:d0:da:74:c5:00:fc:82:ef:c9:53:24:db:0c:c9:6c:f4:21:73:a0:00:a7:28:7c:82:79:02:55:b2", "sha384": "ab:06:91:0c:bf:99:20:15:e2:cc:66:a5:5c:fb:f6:c1:c3:75:79:e6:cf:8c:69:bc:c1:ce:0a:70:51:67:16:f2:38:39:f2:b8:32:4b:86:29:e0:55:0b:82:cb:fb:53:52", "sha512": "de:70:1f:50:fb:cd:74:fe:aa:ad:b4:4c:89:50:3e:69:56:99:17:21:2e:4f:b8:3a:76:cc:a8:ad:1e:07:0e:4a:07:48:10:08:5c:ef:8d:fe:d9:0b:e0:a3:c9:70:6d:d1:b1:20:e9:9e:f0:fe:49:98:b9:8b:62:1d:0a:36:2b:48"}, "item": {"min_version": "2.6", "type": "Ed25519"}, "size": 4096, "type": "Ed25519"}
02:31 changed: [testhost] => (item=Ed448) => {"ansible_loop_var": "item", "changed": true, "filename": "/var/root/ansible_testing/privatekey-Ed448.pem", "fingerprint": {"md5": "43:6e:be:a6:d1:01:b5:69:58:05:c4:42:b0:fb:e8:ac", "sha1": "d1:75:16:8b:b9:cb:b1:f4:c6:5c:7f:02:f2:85:ff:43:f6:61:d1:db", "sha224": "5d:21:95:7d:dd:5c:e2:64:93:7d:d1:10:d7:15:9a:f0:04:c0:c9:77:1a:5c:e7:a7:79:1e:de:fb", "sha256": "e8:5f:3f:b1:04:96:cf:4d:c8:40:fa:cc:b8:9d:28:0f:75:7b:39:20:b6:8e:25:fe:eb:93:8f:08:b0:fa:13:31", "sha384": "3a:e1:bd:c5:80:72:fe:ce:6a:b8:f6:25:22:aa:7f:38:e9:c3:26:a0:77:6f:81:d6:9b:69:0d:62:43:8d:ea:03:38:e1:63:f2:29:70:6d:44:06:8c:68:d0:c3:ce:d0:b0", "sha512": "6c:f6:a0:cf:e2:f6:45:67:1c:78:4d:0b:97:72:70:5d:b3:83:49:76:de:ea:ae:95:76:b4:df:88:32:07:53:c9:4c:c3:67:4b:d1:44:f7:7f:6a:17:e4:38:56:3e:ca:f6:24:04:3a:99:12:d5:b0:46:16:3c:c9:1f:a1:4c:42:ec"}, "item": {"min_version": "2.6", "type": "Ed448"}, "size": 4096, "type": "Ed448"}
02:32 changed: [testhost] => (item=X448) => {"ansible_loop_var": "item", "changed": true, "filename": "/var/root/ansible_testing/privatekey-X448.pem", "fingerprint": {"md5": "7c:d7:cb:39:69:e4:78:30:92:da:0f:8d:11:d6:5a:c4", "sha1": "13:15:c0:9f:69:f2:e9:0d:c2:5e:86:b0:42:04:79:e4:6d:3b:e4:b3", "sha224": "eb:0b:1f:f9:a8:c0:37:24:8f:19:58:4b:9e:0d:13:d3:e6:13:03:a4:03:25:20:b0:59:fd:7f:aa", "sha256": "fc:35:36:76:73:cb:36:a8:71:77:19:1a:d3:4c:b1:4e:75:94:7b:08:0b:7b:88:8e:26:16:0e:0d:57:41:0c:38", "sha384": "4b:cb:4e:3f:e8:3e:63:fc:b7:13:75:92:7d:dd:83:ba:4d:ec:a4:cf:8a:4b:35:97:30:64:ac:5e:b2:26:f3:75:07:b4:68:d8:80:86:67:d9:ed:4d:bc:ca:69:cd:80:c6", "sha512": "b7:6a:00:af:cd:d0:c7:0e:88:54:b8:42:f8:94:43:0d:0a:c5:2a:aa:ac:29:7e:0f:c9:5a:9e:65:5a:17:60:3d:9e:33:3d:dc:e9:c6:85:ef:88:d4:ac:26:a8:77:bd:1e:28:99:90:17:69:ef:06:eb:c3:b2:eb:25:9e:df:eb:1b"}, "item": {"min_version": "2.6", "type": "X448"}, "size": 4096, "type": "X448"}

@ansibot ansibot added community_review In order to be merged, this PR must follow the community review workflow. and removed WIP This issue/PR is a work in progress. Nevertheless it was shared for getting input from peers. labels Apr 6, 2019
@MarkusTeufelberger
Copy link
Contributor

Looks good, thanks!

shipit

@ansibot ansibot added shipit This PR is ready to be merged by Core and removed community_review In order to be merged, this PR must follow the community review workflow. needs_triage Needs a first human triage before being processed. labels Apr 7, 2019
@felixfontein
Copy link
Contributor Author

Rebased to resolve conflicts. 3-way-merge removed them by itself, no manual interaction necessary. (Problem was that #54845 already contained a tiny subset the changes from this PR.)

@ansibot ansibot added community_review In order to be merged, this PR must follow the community review workflow. and removed shipit This PR is ready to be merged by Core labels Apr 8, 2019
@mkrizek mkrizek merged commit 221da3e into ansible:devel Apr 8, 2019
@felixfontein felixfontein deleted the openssl_privatekey-x-and-ed branch April 8, 2019 08:40
@felixfontein
Copy link
Contributor Author

@MarkusTeufelberger thanks again for reviewing!
@mkrizek also thanks again for merging!

@ansible ansible locked and limited conversation to collaborators Jul 25, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
affects_2.8 This issue/PR affects Ansible v2.8 community_review In order to be merged, this PR must follow the community review workflow. crypto Crypto community (ACME, openssl, letsencrypt) feature This issue/PR relates to a feature request. module This issue/PR relates to a module. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@felixfontein @ansibot @MarkusTeufelberger @mkrizek