a-c-m
/
community.crypto
mirror of https://github.com/ansible-collections/community.crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openssl_csr: extend tests to check for privatekey_content together with privatekey_passphrase (#490) 

* Extend tests to check for privatekey_content together with privatekey_passphrase.

* Also test privatekey_content for private keys without passphrases.
pull/495/head
Felix Fontein 2022-07-14 14:32:53 +02:00 committed by GitHub
parent c106638648
commit 7deb0a6db9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tests/integration/targets/openssl_csr/tasks/impl.yml
View File

@ -4,6 +4,11 @@
path: '{{ remote_tmp_dir }}/privatekey.pem'
size: '{{ default_rsa_key_size }}'
- name: "({{ select_crypto_backend }}) Read privatekey"
slurp:
src: '{{ remote_tmp_dir }}/privatekey.pem'
register: privatekey
- name: "({{ select_crypto_backend }}) Generate CSR (check mode)"
openssl_csr:
path: '{{ remote_tmp_dir }}/csr.csr'
@ -28,7 +33,7 @@
- name: "({{ select_crypto_backend }}) Generate CSR (idempotent)"
openssl_csr:
path: '{{ remote_tmp_dir }}/csr.csr'
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
privatekey_content: '{{ privatekey.content | b64decode }}'
subject_ordered:
- commonName: www.ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
@ -264,6 +269,11 @@
select_crypto_backend: cryptography
size: '{{ default_rsa_key_size }}'
- name: "({{ select_crypto_backend }}) Read privatekey"
slurp:
src: '{{ remote_tmp_dir }}/privatekeypw.pem'
register: privatekeypw
- name: "({{ select_crypto_backend }}) Generate CSR with privatekey passphrase"
openssl_csr:
path: '{{ remote_tmp_dir }}/csr_pw.csr'
@ -272,6 +282,14 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: passphrase_1
- name: "({{ select_crypto_backend }}) Generate CSR with privatekey passphrase and private key content"
openssl_csr:
path: '{{ remote_tmp_dir }}/csr_pw.csr'
privatekey_content: '{{ privatekeypw.content | b64decode }}'
privatekey_passphrase: hunter2
select_crypto_backend: '{{ select_crypto_backend }}'
register: passphrase_1_content
- name: "({{ select_crypto_backend }}) Generate CSR (failed passphrase 1)"
openssl_csr:
path: '{{ remote_tmp_dir }}/csr_pw1.csr'

8
tests/integration/targets/openssl_csr/tests/validate.yml
View File

@ -132,7 +132,13 @@
- country_idempotent_3 is not changed
- country_fail_4 is failed
- name:
- name: "({{ select_crypto_backend }}) Validate idempotency of privatekey_passphrase"
assert:
that:
- passphrase_1 is changed
- passphrase_1_content is not changed
- name: "({{ select_crypto_backend }}) Validate private key passphrase errors"
assert:
that:
- passphrase_error_1 is failed