Try SpotterProvide information for OpenSSL public keys
| "added in version" 1.7.0 of community.crypto"
Authors: Felix Fontein (@felixfontein)
Install with ansible-galaxy collection install community.crypto:==2.18.0
collections:
- name: community.crypto
version: 2.18.0This module allows one to query information on OpenSSL public keys.
It uses the cryptography python library to interact with OpenSSL.
- name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
community.crypto.openssl_privatekey:
path: /etc/ssl/private/ansible.com.pem
- name: Create public key from private key
community.crypto.openssl_publickey:
privatekey_path: /etc/ssl/private/ansible.com.pem
path: /etc/ssl/ansible.com.pub
- name: Get information on public key
community.crypto.openssl_publickey_info:
path: /etc/ssl/ansible.com.pub
register: result
- name: Dump information
ansible.builtin.debug:
var: result
path:
description:
- Remote absolute path where the public key file is loaded from.
type: path
content:
description:
- Content of the public key file.
- Either O(path) or O(content) must be specified, but not both.
type: str
select_crypto_backend:
choices:
- auto
- cryptography
default: auto
description:
- Determines which crypto backend to use.
- The default choice is V(auto), which tries to use C(cryptography) if available.
- If set to V(cryptography), will try to use the L(cryptography,https://cryptography.io/)
library.
type: str
fingerprints:
description:
- Fingerprints of public key.
- For every hash algorithm available, the fingerprint is computed.
returned: success
sample: '{''sha256'': ''d4:b3:aa:6d:c8:04:ce:4e:ba:f6:29:4d:92:a3:94:b0:c2:ff:bd:bf:33:63:11:43:34:0f:51:b0:95:09:2f:63'',
''sha512'': ''f7:07:4a:f0:b0:f0:e6:8b:95:5f:f9:e6:61:0a:32:68:f1...'
type: dict
public_data:
contains:
curve:
description:
- The curve's name for ECC.
returned: When RV(type=ECC)
type: str
exponent:
description:
- The RSA key's public exponent.
returned: When RV(type=RSA)
type: int
exponent_size:
description:
- The maximum number of bits of a private key. This is basically the bit size
of the subgroup used.
returned: When RV(type=ECC)
type: int
g:
description:
- The C(g) value for DSA.
- This is the element spanning the subgroup of the multiplicative group of the
prime field used.
returned: When RV(type=DSA)
type: int
modulus:
description:
- The RSA key's modulus.
returned: When RV(type=RSA)
type: int
p:
description:
- The C(p) value for DSA.
- This is the prime modulus upon which arithmetic takes place.
returned: When RV(type=DSA)
type: int
q:
description:
- The C(q) value for DSA.
- This is a prime that divides C(p - 1), and at the same time the order of the
subgroup of the multiplicative group of the prime field used.
returned: When RV(type=DSA)
type: int
size:
description:
- Bit size of modulus (RSA) or prime number (DSA).
returned: When RV(type=RSA) or RV(type=DSA)
type: int
x:
description:
- The C(x) coordinate for the public point on the elliptic curve.
returned: When RV(type=ECC)
type: int
y:
description:
- For RV(type=ECC), this is the C(y) coordinate for the public point on the
elliptic curve.
- For RV(type=DSA), this is the publicly known group element whose discrete
logarithm w.r.t. C(g) is the private key.
returned: When RV(type=DSA) or RV(type=ECC)
type: int
description:
- Public key data. Depends on key type.
returned: success
type: dict
type:
description:
- The key's type.
- One of V(RSA), V(DSA), V(ECC), V(Ed25519), V(X25519), V(Ed448), or V(X448).
- Will start with V(unknown) if the key type cannot be determined.
returned: success
sample: RSA
type: str