community / community.crypto / 2.18.0 / filter / openssl_privatekey_info Retrieve information from OpenSSL private keys | "added in version" 2.10.0 of community.crypto" Authors: Felix Fontein (@felixfontein)community.crypto.openssl_privatekey_info (2.18.0) — filter
Install with ansible-galaxy collection install community.crypto:==2.18.0
collections: - name: community.crypto version: 2.18.0
Provided an OpenSSL private keys, retrieve information.
This is a filter version of the M(community.crypto.openssl_privatekey_info) module.
- name: Show the Subject Alt Names of the CSR ansible.builtin.debug: msg: >- {{ ( lookup('ansible.builtin.file', '/path/to/cert.csr') | community.crypto.openssl_privatekey_info ).subject_alt_name | join(', ') }}
_input: description: - The content of the OpenSSL private key. required: true type: string passphrase: description: - The passphrase for the private key. type: str name_encoding: choices: - ignore - idna - unicode default: ignore description: - How to encode names (DNS names, URIs, email addresses) in return values. - V(ignore) will use the encoding returned by the backend. - V(idna) will convert all labels of domain names to IDNA encoding. IDNA2008 will be preferred, and IDNA2003 will be used if IDNA2008 encoding fails. - V(unicode) will convert all labels of domain names to Unicode. IDNA2008 will be preferred, and IDNA2003 will be used if IDNA2008 decoding fails. - B(Note) that V(idna) and V(unicode) require the L(idna Python library,https://pypi.org/project/idna/) to be installed. type: str return_private_key_data: default: false description: - Whether to return private key data. - Only set this to V(true) when you want private information about this key to be extracted. - B(WARNING:) you have to make sure that private key data is not accidentally logged! type: bool
_value: contains: private_data: description: - Private key data. Depends on key type. returned: success and when O(return_private_key_data) is set to V(true) type: dict public_data: contains: curve: description: - The curve's name for ECC. returned: When RV(_value.type=ECC) type: str exponent: description: - The RSA key's public exponent. returned: When RV(_value.type=RSA) type: int exponent_size: description: - The maximum number of bits of a private key. This is basically the bit size of the subgroup used. returned: When RV(_value.type=ECC) type: int g: description: - The C(g) value for DSA. - This is the element spanning the subgroup of the multiplicative group of the prime field used. returned: When RV(_value.type=DSA) type: int modulus: description: - The RSA key's modulus. returned: When RV(_value.type=RSA) type: int p: description: - The C(p) value for DSA. - This is the prime modulus upon which arithmetic takes place. returned: When RV(_value.type=DSA) type: int q: description: - The C(q) value for DSA. - This is a prime that divides C(p - 1), and at the same time the order of the subgroup of the multiplicative group of the prime field used. returned: When RV(_value.type=DSA) type: int size: description: - Bit size of modulus (RSA) or prime number (DSA). returned: When RV(_value.type=RSA) or RV(_value.type=DSA) type: int x: description: - The C(x) coordinate for the public point on the elliptic curve. returned: When RV(_value.type=ECC) type: int y: description: - For RV(_value.type=ECC), this is the C(y) coordinate for the public point on the elliptic curve. - For RV(_value.type=DSA), this is the publicly known group element whose discrete logarithm with respect to C(g) is the private key. returned: When RV(_value.type=DSA) or RV(_value.type=ECC) type: int description: - Public key data. Depends on key type. returned: success type: dict public_key: description: Private key's public key in PEM format. returned: success sample: '-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A...' type: str public_key_fingerprints: description: - Fingerprints of private key's public key. - For every hash algorithm available, the fingerprint is computed. returned: success sample: '{''sha256'': ''d4:b3:aa:6d:c8:04:ce:4e:ba:f6:29:4d:92:a3:94:b0:c2:ff:bd:bf:33:63:11:43:34:0f:51:b0:95:09:2f:63'', ''sha512'': ''f7:07:4a:f0:b0:f0:e6:8b:95:5f:f9:e6:61:0a:32:68:f1...' type: dict type: description: - The key's type. - One of V(RSA), V(DSA), V(ECC), V(Ed25519), V(X25519), V(Ed448), or V(X448). - Will start with V(unknown) if the key type cannot be determined. returned: success sample: RSA type: str description: - Information on the certificate. type: dict