Allow to select openssl_privatekey format

[bkmeneguello]

SUMMARY

Allow to specify a new "format" parameter in "openssl_privatekey". Today the output format is decided by a very simple heuristic which requires further commands to work properly.
I need, for example, to generate a RSA private key but in PKCS8 format. The current heuristic uses OpenSSH format for RSA keys and only uses PKCS8 for Ed25519 and similar. This makes me use a "command" with "openssl" to convert the generated key, which leads to idempotency problems and unnecessary complexity.

ISSUE TYPE

• Feature Idea

COMPONENT NAME

openssl_privatekey

ADDITIONAL INFORMATION

The current heuristic should be kept unless overwritten by user.

openssl_privatekey:
  path: /etc/ssl/private/ansible.com.pem
  format: pkcs8

The values allowed are pkcs1, raw and pkcs8

[ansibot]

Files identified in the description:

• lib/ansible/modules/crypto/openssl_privatekey.py

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibot]

cc @MarkusTeufelberger @Shaps @Spredzy @Xyon @felixfontein @puiterwijk @resmo
click here for bot help

[felixfontein]

That would mean there would be four values, the fourth being auto (or something like that), which would also be the default.

[MarkusTeufelberger]

Since I wondered what raw would even mean: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#serialization-formats raw is "A raw format used by X448 key exchange. It is a binary format and is invalid for other key types."

[felixfontein]

Not every key type will support every format. Also, I'm not sure what the PyOpenSSL backend will be able to do with this.

[MarkusTeufelberger]

I'd anyways propose to deprecate pyOpenSSL support starting with 2.9 (will have to be in there for a while longer), since Debian Jessie is EOL now. Ubuntu Xenial might keep us back on pyOpenSSL though. :-(

[felixfontein]

Yes, I wanted to propose that as well. We will still need it for some modules which have no other backend (or no corresponding code in cryptography they can use, like openssl_pkcs12), but for modules which have good cryptography support, let's really get rid of it!

[felixfontein]

(On pyOpenSSL deprecation: I've created a PR for that in #59907)

[felixfontein]

raw is only supported for the X448 key exchange, BTW (see https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.PrivateFormat.Raw). There can potentially be another option, encoding, which could be PEM (default) or DER.

[felixfontein]

If you want this feature in Ansible 2.9, there's some help needed: #60388 (comment)

[bkmeneguello]

Ok, the formal spec of PKCS#8 textual representation can be found here: https://tools.ietf.org/html/rfc7468#page-12
It defines the Encapsulation Boundary as five dashes ----- followed by the keyword BEGIN followed by the optional ENCRYPTED keyword followed by PRIVATE KEY and five more dashes -----, so:
-----BEGIN PRIVATE KEY----- or -----BEGIN ENCRYPTED PRIVATE KEY-----

For PKCS#1 there is no formal reference, but openssl convention is -----BEGIN RSA PRIVATE KEY-----

[felixfontein]

Hmm, so we only know when a key is definitely not PKCS#8. But if it starts with -----BEGIN PRIVATE KEY----- or -----BEGIN ENCRYPTED PRIVATE KEY-----, it could be both PKCS#1 or PKCS#8. And then there are raw keys. I'm not sure if a header-based detection is good enough. Maybe we have to look at the content?

[bkmeneguello]

Actually, this is how openssl do this job (by parsing PEM file header):
https://github.com/openssl/openssl/blob/16742672a0c1c99412bdb0ef59eaf750d32d38c4/crypto/pem/pem_lib.c#L123
https://github.com/openssl/openssl/blob/9fdcc21fdc9d148f78d9cd5be34030f38cc45812/include/openssl/pem.h#L26

[felixfontein]

It would also be nice to have support for JSON Web Keys, and being able to convert between different key formats (i.e. if everything fits but the key format, don't regenerate, but convert).