Anons79 Mini Shell

Directory : /lib/python2.7/site-packages/ansible/modules/crypto/
Upload File :
Current File : //lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyo

�
�Udac@`s�ddlmZmZmZeZidd6dgd6dd6ZdZd	Zd
Z	ddl
Z
ddlZddlZddl
mZdd
lmZddlmZmZddlmZmZdZdZdZy/ddlZdd
lmZeej�ZWn#ek
r(ej �Ze!Z"nXe#Z"dZ$y�ddl%Z%ddl&m'Z'ee%j�Z(yddl)Z%e#Z*Wnek
r�e!Z*nXyddl+Z%e#Z,Wnek
r�e!Z,nXyddl-Z%e#Z.Wnek
r�e!Z.nXyddl/Z%e#Z0Wnek
r"e!Z0nXWn#ek
rIej �Z$e!Z1nXe#Z1dZ2d�Z3d�Z4d�Z5dej6fd��YZ7de7fd��YZ8de7fd��YZ9d�Z:e;dkr�e:�ndS(i(tabsolute_importtdivisiontprint_functions1.1tmetadata_versiontpreviewtstatust	communitytsupported_bys�	
---
module: openssl_privatekey_info
version_added: '2.8'
short_description: Provide information for OpenSSL private keys
description:
    - This module allows one to query information on OpenSSL private keys.
    - In case the key consistency checks fail, the module will fail as this indicates a faked
      private key. In this case, all return variables are still returned. Note that key consistency
      checks are not available all key types; if none is available, C(none) is returned for
      C(key_is_consistent).
    - It uses the pyOpenSSL or cryptography python library to interact with OpenSSL. If both the
      cryptography and PyOpenSSL libraries are available (and meet the minimum version requirements)
      cryptography will be preferred as a backend over PyOpenSSL (unless the backend is forced with
      C(select_crypto_backend)). Please note that the PyOpenSSL backend was deprecated in Ansible 2.9
      and will be removed in Ansible 2.13.
requirements:
    - PyOpenSSL >= 0.15 or cryptography >= 1.2.3
author:
  - Felix Fontein (@felixfontein)
  - Yanis Guenane (@Spredzy)
options:
    path:
        description:
            - Remote absolute path where the private key file is loaded from.
        type: path
        required: true
    passphrase:
        description:
            - The passphrase for the private key.
        type: str
    return_private_key_data:
        description:
            - Whether to return private key data.
            - Only set this to C(yes) when you want private information about this key to
              leave the remote machine.
            - "WARNING: you have to make sure that private key data isn't accidentally logged!"
        type: bool
        default: no

    select_crypto_backend:
        description:
            - Determines which crypto backend to use.
            - The default choice is C(auto), which tries to use C(cryptography) if available, and falls back to C(pyopenssl).
            - If set to C(pyopenssl), will try to use the L(pyOpenSSL,https://pypi.org/project/pyOpenSSL/) library.
            - If set to C(cryptography), will try to use the L(cryptography,https://cryptography.io/) library.
            - Please note that the C(pyopenssl) backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13.
              From that point on, only the C(cryptography) backend will be available.
        type: str
        default: auto
        choices: [ auto, cryptography, pyopenssl ]

seealso:
- module: openssl_privatekey
sI
- name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  openssl_privatekey:
    path: /etc/ssl/private/ansible.com.pem

- name: Get information on generated key
  openssl_privatekey_info:
    path: /etc/ssl/private/ansible.com.pem
  register: result

- name: Dump information
  debug:
    var: result
s�
can_load_key:
    description: Whether the module was able to load the private key from disk
    returned: always
    type: bool
can_parse_key:
    description: Whether the module was able to parse the private key
    returned: always
    type: bool
key_is_consistent:
    description:
        - Whether the key is consistent. Can also return C(none) next to C(yes) and
          C(no), to indicate that consistency couldn't be checked.
        - In case the check returns C(no), the module will fail.
    returned: always
    type: bool
public_key:
    description: Private key's public key in PEM format
    returned: success
    type: str
    sample: "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A..."
public_key_fingerprints:
    description:
        - Fingerprints of private key's public key.
        - For every hash algorithm available, the fingerprint is computed.
    returned: success
    type: dict
    sample: "{'sha256': 'd4:b3:aa:6d:c8:04:ce:4e:ba:f6:29:4d:92:a3:94:b0:c2:ff:bd:bf:33:63:11:43:34:0f:51:b0:95:09:2f:63',
              'sha512': 'f7:07:4a:f0:b0:f0:e6:8b:95:5f:f9:e6:61:0a:32:68:f1..."
type:
    description:
        - The key's type.
        - One of C(RSA), C(DSA), C(ECC), C(Ed25519), C(X25519), C(Ed448), or C(X448).
        - Will start with C(unknown) if the key type cannot be determined.
    returned: success
    type: str
    sample: RSA
public_data:
    description:
        - Public key data. Depends on key type.
    returned: success
    type: dict
private_data:
    description:
        - Private key data. Depends on key type.
    returned: success and when I(return_private_key_data) is set to C(yes)
    type: dict
N(tLooseVersion(tcrypto(t
AnsibleModuletmissing_required_lib(t	to_nativetto_bytess1.2.3s0.15(t
serializationt1234cC`s�t�}t�}t|tjjjjj�r�d}|j|d<|j	�j
�j|d<|j	�j
�j|d<|j
�j|d<|j
�j|d<|j
�j|d<nt|tjjjjj�r\d}|j|d<|j�j�j|d<|j�j�j|d<|j�j�j|d<|j	�j
�j|d	<|j
�j|d
<natr�t|tjjjjj�r�d}n4tr�t|tjjjjj�r�d}ntr�t|tjjjjj �r�d
}n�t!rt|tjjjj"j#�rd}n�t|tjjjj$j%�r�d}|j	�j&j'|d<|j	�j
�j|d
<|j	�j
�j|d	<|j	�j&j|d<|j
�j(|d<ndj)t*|��}|||fS(NtRSAtsizetmodulustexponenttptqtDSAtgtytxtX25519tX448tEd25519tEd448tECCtcurvet
exponent_sizet
multipliers
unknown ({0})(+tdictt
isinstancetcryptographythazmatt
primitivest
asymmetrictrsat
RSAPrivateKeytkey_sizet
public_keytpublic_numberstntetprivate_numbersRRtdtdsat
DSAPrivateKeyt
parameterstparameter_numbersRRRtCRYPTOGRAPHY_HAS_X25519tx25519tX25519PrivateKeytCRYPTOGRAPHY_HAS_X448tx448tX448PrivateKeytCRYPTOGRAPHY_HAS_ED25519ted25519tEd25519PrivateKeytCRYPTOGRAPHY_HAS_ED448ted448tEd448PrivateKeytectEllipticCurvePrivateKeyRtnamet
private_valuetformatttype(tkeytkey_public_datatkey_private_datatkey_type((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt_get_cryptography_key_info�sF		

$	$	$	$	cC`s3|jd�}|jd�}|jd�}|jd�}|jd�}x-|||||fD]}|dkradSqaW|dks�||dkr�tS|dks�||kr�tS|d|dkr�tStj|||�dkr�tStj|||�|kr
tStj|�s+tj|�r/tStS(	NRRRRRiii(tgettNonetFalsetcrypto_utilstbinary_exp_modtquick_is_not_primetTrue(RHRIRRRRRtv((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt_check_dsa_consistency�s*cC`s�t|tjjjjj�r:t|jj	j
|j��St|tjjjjj
�r�t||�}|dk	rw|Sy%|jttjjjj��}Wntk
r�dSXy0|j�j|ttjjjj��tSWq�tjjk
r�tSXnt|tjjjjj�r�y:|jttjjjjjtjjjj���}Wntk
rkdSXyE|j�j|ttjjjjjtjjjj���tSWq�tjjk
r�tSXnt}trt|tjjjjj �rt}nt!r/t|tjjjj"j#�r/t}n|r�|jt�}y|j�j|t�tSWq�tjjk
r|tSXndS(N($R#R$R%R&R'R(R)tboolt_backendt_libt
RSA_check_keyt
_rsa_cdataR1R2RTRMtsigntSIGNATURE_TEST_DATAthashestSHA256tAttributeErrorR+tverifyRRt
exceptionstInvalidSignatureRNRARBtECDSAR;R<R=R>R?R@(RGRHRItresultt	signaturethas_simple_sign_function((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt_is_cryptography_key_consistents\%
1
+$	$	tPrivateKeyInfocB`sbeZd�Zd�Zd�Zejd��Zejd��Zejd��Z	d�Z
RS(cC`s_tt|�j|jddt|j�||_||_|jd|_|jd|_	dS(Ntpathtpresentt
passphrasetreturn_private_key_data(
tsuperRgt__init__tparamsRNt
check_modetbackendtmoduleRjRk(tselfRqRp((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRm?s

		cC`sdS(N((Rr((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pytgenerateLscC`sdS(N((Rr((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pytdumpPscC`sdS(N((Rrtbinary((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt_get_public_keyTscC`sdS(N((Rr((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt
_get_key_infoXscC`sdS(N((RrRHRI((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt_is_key_consistent\sc	
C`s�tdtdtdd�}y5t|jd��}|j�}WdQXt|d<Wn5ttfk
r�}|j	j
dt|�|�nXyYtj
ddd|d|jdk	r�t|j�n|jd	|j�|_t|d<Wn2tjk
r}|j	j
dt|�|�nX|jd
t�|d<|jd
t�}|dk	rYtj|�nt�|d<|j�\}}}||d
<||d<|jr�||d<n|j||�|d<|dtkr�t|d<|j	j
dd|�n|S(Ntcan_load_keyt
can_parse_keytkey_is_consistenttrbtmsgRhtcontentRjRpRuR+tpublic_key_fingerprintsRFtpublic_datatprivate_datas|Private key is not consistent! (See https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html)(R"RNRMtopenRhtreadRRtIOErrortOSErrorRqt	fail_jsonRROtload_privatekeyRjR
RpRGtOpenSSLObjectErrorRvtget_fingerprint_of_bytesRwRkRx(	RrRct
b_priv_key_fhtpriv_key_detailtexctpkRJRHRI((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pytget_info`sD	 	' (

	


(t__name__t
__module__RmRsRttabctabstractmethodRvRwRxR�(((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRg>s	
		tPrivateKeyInfoCryptographycB`s2eZdZd�Zd�Zd�Zd�ZRS(sAValidate the supplied private key, using the cryptography backendcC`stt|�j|d�dS(NR$(RlR�Rm(RrRq((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRm�scC`s7|jj�j|r!tjjn	tjjtjj�S(N(	RGR+tpublic_bytesRtEncodingtDERtPEMtPublicFormattSubjectPublicKeyInfo(RrRu((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRv�scC`s
t|j�S(N(RKRG(Rr((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRw�scC`st|j||�S(N(RfRG(RrRHRI((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRx�s(R�R�t__doc__RmRvRwRx(((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyR��s
			tPrivateKeyInfoPyOpenSSLcB`s;eZdZd�Zd�Zd�Zd�Zd�ZRS(s"validate the supplied private key.cC`stt|�j|d�dS(Nt	pyopenssl(RlR�Rm(RrRq((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRm�scC`s�y)tj|rtjntj|j�SWn�tk
r�yutj�}|rltjj||jj	�}ntjj
||jj	�}|dkr�tj�ntj|�SWq�tk
r�|j
jd�q�XnXdS(Nis�Your pyOpenSSL version does not support dumping public keys. Please upgrade to version 16.0 or newer, or use the cryptography backend.(R	tdump_publickeyt
FILETYPE_ASN1tFILETYPE_PEMRGR^t_new_mem_bufRWti2d_PUBKEY_biot_pkeytPEM_write_bio_PUBKEYt_raise_current_errort_bio_to_stringRqtwarn(RrRutbiotrc((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRv�s


cC`si|tjjjkrdStjjj|�}z ttjjj|�d�SWdtjjj	|�XdS(s(Convert OpenSSL BIGINT to Python integeriN(
tOpenSSLt_utiltffitNULLRMtlibt	BN_bn2hextinttstringtOPENSSL_free(Rrtbnthexstr((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt
bigint_to_int�s cC`s�t�}t�}|jj�}t}tj|kr@d}|jj�|d<y�tjj	j
|jj�}tjjj
|tjj	j�}tjjdkr�tjjjd�}tjjjd�}tjjjd�}	tjj	j||||	�|j|d�|d<|j|d�|d<|j|	d�|d<tjjjd�}
tjjjd�}tjj	j||
|�|j|
d�|d<|j|d�|d	<nn|j|j�|d<|j|j�|d<|j|j�|d<|j|j�|d<|j|j�|d	<t}Wqqtk
r<qqXn1tj|krYd
}|jj�|d<y�tjj	j|jj�}tjjj
|tjj	j�}tjjdkr�tjjjd�}
tjjjd�}tjjjd�}tjj	j||
||�|j|
d�|d<|j|d�|d	<|j|d�|d<tjjjd�}
tjjjd�}tjj	j ||
|�|j|
d�|d<|j|d�|d
<nn|j|j�|d<|j|j�|d	<|j|j!�|d<|j|j"�|d<|j|j#�|d
<t}Wqqtk
rUqqXndj$|jj��}|r�t%t&d�kr�t'r�t(|jj)��S|||fS(NRRis	BIGNUM **iRRRRRRRRs
unknown ({0})s16.1.0(*R"RGRFRRR	tTYPE_RSAtbitsR�R�R�tEVP_PKEY_get1_RSAR�R�tgctRSA_freetSSLtOPENSSL_VERSION_NUMBERtnewtRSA_get0_keyR�tRSA_get0_factorsR-R.R0RRRNR^tTYPE_DSAtEVP_PKEY_get1_DSAtDSA_freetDSA_get0_pqgtDSA_get0_keyRtpub_keytpriv_keyREtPYOPENSSL_VERSIONRtCRYPTOGRAPHY_FOUNDRKtto_cryptography_key(RrRHRItopenssl_key_typettry_fallbackRJRGR-R.R0RRRRR((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRw�s|		!

!

cC`s|jj�}tj|krJy|jj�SWqJtjk
rFtSXntj|kr�t||�}|dk	rx|Stj
|jtd�}tj�}|j
|j�ytj||td�tSWq�tjk
r�tSXnttd�krtrt|jj�||�SdS(Ntsha256s16.1.0(RGRFR	R�tchecktErrorRNR�RTRMRZR[tX509t
set_pubkeyR_RRR�RR�RfR�(RrRHRIR�RcRdtcert((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyRx%s*(R�R�R�RmRvR�RwRx(((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyR��s			
	acC`sStdtdtdddt�dtdddt�dtdd	d
t�dtddd
dd
dddg��dt�}y�tjj|jd�p�d}tjj|�s�|j	d|dd|�n|jd}|dkrat
o�ttt
�k}tottt�k}|r$d}n|r3d}n|dkra|j	ddjt
t��qan|dkr�ts�|j	dtdjt��dt�n|jddd�t|�}nI|dkrt
s�|j	dtdjt
��dt�nt|�}n|j�}|j|�Wn,tjk
rN}|j	dt|��nXdS(Nt
argument_specRhRFtrequiredRjtstrtno_logRkRUtdefaulttselect_crypto_backendtautotchoicesR$R�tsupports_check_modet.RCR}s>The directory %s does not exist or the file is not a directorys]Can't detect any of the required Python libraries cryptography (>= {0}) or PyOpenSSL (>= {1})spyOpenSSL >= {0}t	exceptionsKThe module is using the PyOpenSSL backend. This backend has been deprecatedtversions2.13scryptography >= {0}(R
R"RRRNtosRhtdirnameRntisdirR�R�tCRYPTOGRAPHY_VERSIONRtMINIMAL_CRYPTOGRAPHY_VERSIONtPYOPENSSL_FOUNDR�tMINIMAL_PYOPENSSL_VERSIONRERtPYOPENSSL_IMP_ERRt	deprecateR�tCRYPTOGRAPHY_IMP_ERRR�R�t	exit_jsonROR�R(Rqtbase_dirRptcan_use_cryptographytcan_use_pyopensslt
privatekeyRcR�((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pytmain@sP'		
		

t__main__(<t
__future__RRRRFt
__metaclass__tANSIBLE_METADATAt
DOCUMENTATIONtEXAMPLEStRETURNR�R�t	tracebacktdistutils.versionRtansible.module_utilsR	ROtansible.module_utils.basicR
Rtansible.module_utils._textRR
R�R�RMR�R�t__version__R�tImportErrort
format_excRNR�RRR�R$tcryptography.hazmat.primitivesRR�t0cryptography.hazmat.primitives.asymmetric.x25519R5t.cryptography.hazmat.primitives.asymmetric.x448R8t1cryptography.hazmat.primitives.asymmetric.ed25519R;t/cryptography.hazmat.primitives.asymmetric.ed448R>R�R[RKRTRft
OpenSSLObjectRgR�R�R�R�(((sR/usr/lib/python2.7/site-packages/ansible/modules/crypto/openssl_privatekey_info.pyt<module>s�


81














	'		7O�	8

Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]