-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The attribute passphrase and cipher should be independent #793
Comments
This collection does not aim to be 100% compatible to OpenSSL (the name prefix Also the cipher is only used when a passphrase is specified (it's the cipher used to encrypt the key with the given passphrase). So Since we dropped the PyOpenSSL backend the only valid value for |
#794 implements the default value. |
(Actually with cryptography 38.0.0 it is possible to configure this a bit: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder - the only option of the returned builder that seems to affect regular private keys is |
SUMMARY
The openssl allow us to generate a private key using or not encrypted keys. But the following module is not allowing us the same support.
ISSUE TYPE
COMPONENT NAME
community.crypto.openssl_privatekey
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
NAME="openSUSE Leap"
VERSION="15.3"
ID="opensuse-leap"
ID_LIKE="suse opensuse"
VERSION_ID="15.3"
PRETTY_NAME="openSUSE Leap 15.3"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:opensuse:leap:15.3"
BUG_REPORT_URL="https://bugs.opensuse.org"
HOME_URL="https://www.opensuse.org/"
STEPS TO REPRODUCE
I always generated private key in bash.
However, I'm having difficulty converting this to task, as we apparently don't have the equivalent.
EXPECTED RESULTS
Notice that in the task I am informing passphrase field, but also omitting cipher field to be 100% equivalent to openssl. Unfortunately, there is a bond between these fields.
ACTUAL RESULTS
Notice that in the task I am must omit the passphrase field because it that works together with the cipher, even though this dependency does not exist in the equivalent openssl command.
Am I doing something wrong in the task or the task is it just like that?
Is it possible to revoke this dependency between the passphrase and cipher attributes?
The text was updated successfully, but these errors were encountered: