diff --git a/plugins/module_utils/crypto/cryptography_support.py b/plugins/module_utils/crypto/cryptography_support.py index 17a1910af..fde691997 100644 --- a/plugins/module_utils/crypto/cryptography_support.py +++ b/plugins/module_utils/crypto/cryptography_support.py @@ -14,7 +14,7 @@ import sys import traceback -from ansible.module_utils.common.text.converters import to_text, to_bytes +from ansible.module_utils.common.text.converters import to_text, to_bytes, to_native from ansible.module_utils.six.moves.urllib.parse import urlparse, urlunparse, ParseResult from ._asn1 import serialize_asn1_string_as_der @@ -138,7 +138,7 @@ def cryptography_get_extensions_from_cert(cert): der = backend._ffi.buffer(data.data, data.length)[:] entry = dict( critical=(crit == 1), - value=base64.b64encode(der), + value=to_native(base64.b64encode(der)), ) try: oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext)) @@ -155,7 +155,7 @@ def cryptography_get_extensions_from_cert(cert): for ext in cert.extensions: result[ext.oid.dotted_string] = dict( critical=ext.critical, - value=base64.b64encode(ext.value.public_bytes()), + value=to_native(base64.b64encode(ext.value.public_bytes())), ) return result @@ -198,7 +198,7 @@ def cryptography_get_extensions_from_csr(csr): der = backend._ffi.buffer(data.data, data.length)[:] entry = dict( critical=(crit == 1), - value=base64.b64encode(der), + value=to_native(base64.b64encode(der)), ) try: oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext)) @@ -215,7 +215,7 @@ def cryptography_get_extensions_from_csr(csr): for ext in csr.extensions: result[ext.oid.dotted_string] = dict( critical=ext.critical, - value=base64.b64encode(ext.value.public_bytes()), + value=to_native(base64.b64encode(ext.value.public_bytes())), ) return result diff --git a/plugins/module_utils/crypto/module_backends/certificate_info.py b/plugins/module_utils/crypto/module_backends/certificate_info.py index 8c13faaf2..a7beec6c1 100644 --- a/plugins/module_utils/crypto/module_backends/certificate_info.py +++ b/plugins/module_utils/crypto/module_backends/certificate_info.py @@ -171,7 +171,7 @@ def get_info(self, prefer_one_fingerprint=False): result['not_after'] = not_after.strftime(TIMESTAMP_FORMAT) result['expired'] = not_after < datetime.datetime.utcnow() - result['public_key'] = self._get_public_key_pem() + result['public_key'] = to_native(self._get_public_key_pem()) public_key_info = get_publickey_info( self.module, diff --git a/plugins/module_utils/crypto/module_backends/csr_info.py b/plugins/module_utils/crypto/module_backends/csr_info.py index fa9f95dc7..fc3d0d3dc 100644 --- a/plugins/module_utils/crypto/module_backends/csr_info.py +++ b/plugins/module_utils/crypto/module_backends/csr_info.py @@ -133,7 +133,7 @@ def get_info(self, prefer_one_fingerprint=False): result['name_constraints_critical'], ) = self._get_name_constraints() - result['public_key'] = self._get_public_key_pem() + result['public_key'] = to_native(self._get_public_key_pem()) public_key_info = get_publickey_info( self.module, diff --git a/plugins/module_utils/crypto/module_backends/privatekey_info.py b/plugins/module_utils/crypto/module_backends/privatekey_info.py index 5dd755ee3..d87b9c2be 100644 --- a/plugins/module_utils/crypto/module_backends/privatekey_info.py +++ b/plugins/module_utils/crypto/module_backends/privatekey_info.py @@ -214,7 +214,7 @@ def get_info(self, prefer_one_fingerprint=False): except OpenSSLObjectError as exc: raise PrivateKeyParseError(to_native(exc), result) - result['public_key'] = self._get_public_key(binary=False) + result['public_key'] = to_native(self._get_public_key(binary=False)) pk = self._get_public_key(binary=True) result['public_key_fingerprints'] = get_fingerprint_of_bytes( pk, prefer_one=prefer_one_fingerprint) if pk is not None else dict() diff --git a/plugins/plugin_utils/filter_module.py b/plugins/plugin_utils/filter_module.py new file mode 100644 index 000000000..ce58317e6 --- /dev/null +++ b/plugins/plugin_utils/filter_module.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright (c) 2022 Felix Fontein +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +# NOTE: THIS IS ONLY FOR FILTER PLUGINS! + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +from ansible.errors import AnsibleFilterError + + +class FilterModuleMock(object): + def __init__(self, params): + self.check_mode = True + self.params = params + self._diff = False + + def fail_json(self, msg, **kwargs): + raise AnsibleFilterError(msg) diff --git a/tests/integration/targets/openssl_publickey_info/tasks/main.yml b/tests/integration/targets/openssl_publickey_info/tasks/main.yml index f5f6f6c0f..b266086d1 100644 --- a/tests/integration/targets/openssl_publickey_info/tasks/main.yml +++ b/tests/integration/targets/openssl_publickey_info/tasks/main.yml @@ -42,10 +42,6 @@ - 3 - 4 -- name: Prepare result list - set_fact: - info_results: {} - - name: Running tests with cryptography backend include_tasks: impl.yml vars: diff --git a/tests/integration/targets/x509_crl/tasks/impl.yml b/tests/integration/targets/x509_crl/tasks/impl.yml index 35e30e160..c7a336237 100644 --- a/tests/integration/targets/x509_crl/tasks/impl.yml +++ b/tests/integration/targets/x509_crl/tasks/impl.yml @@ -54,7 +54,7 @@ path: '{{ remote_tmp_dir }}/ca-crl1.crl' register: crl_1_info_1 -- name: ({{select_crypto_backend}}) Read ca-crl1.crl +- name: Read ca-crl1.crl slurp: src: '{{ remote_tmp_dir }}/ca-crl1.crl' register: slurp @@ -110,7 +110,7 @@ revocation_date: 20191001000000Z register: crl_1_idem -- name: ({{select_crypto_backend}}) Read file +- name: Read file slurp: src: '{{ remote_tmp_dir }}/{{ item }}' loop: @@ -692,4 +692,4 @@ - Ed448 ignore_errors: yes - when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.6', '>=') + when: cryptography_version.stdout is version('2.6', '>=') diff --git a/tests/integration/targets/x509_crl/tasks/main.yml b/tests/integration/targets/x509_crl/tasks/main.yml index 08c5551f0..db785b089 100644 --- a/tests/integration/targets/x509_crl/tasks/main.yml +++ b/tests/integration/targets/x509_crl/tasks/main.yml @@ -85,13 +85,9 @@ register: certificate_infos - block: - - name: Running tests with cryptography backend + - name: Running tests include_tasks: impl.yml - vars: - select_crypto_backend: cryptography - import_tasks: ../tests/validate.yml - vars: - select_crypto_backend: cryptography when: cryptography_version.stdout is version('1.2', '>=') diff --git a/tests/integration/targets/x509_crl/tests/validate.yml b/tests/integration/targets/x509_crl/tests/validate.yml index 79ecb5cea..77e4aefae 100644 --- a/tests/integration/targets/x509_crl/tests/validate.yml +++ b/tests/integration/targets/x509_crl/tests/validate.yml @@ -189,7 +189,7 @@ - ed25519_ed448_crl.results[1] is failed - ed25519_ed448_crl_idempotence.results[0] is failed - ed25519_ed448_crl_idempotence.results[1] is failed - when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.6', '>=') and cryptography_version.stdout is version('2.8', '<') and ed25519_ed448_privatekey is not failed + when: cryptography_version.stdout is version('2.6', '>=') and cryptography_version.stdout is version('2.8', '<') and ed25519_ed448_privatekey is not failed - name: Verify Ed25519 and Ed448 tests (for cryptography >= 2.8) assert: @@ -200,4 +200,4 @@ - ed25519_ed448_crl_idempotence is succeeded - ed25519_ed448_crl_idempotence.results[0] is not changed - ed25519_ed448_crl_idempotence.results[1] is not changed - when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.8', '>=') and ed25519_ed448_privatekey is not failed + when: cryptography_version.stdout is version('2.8', '>=') and ed25519_ed448_privatekey is not failed