Vh.RddlmZmZmZeZdZdZdZddl Z ddl m Z ddl m Z mZmZmZmZmZmZmZmZmZmZmZmZmZ ddlZddlmZ dd lmZejDZ#dZ$d Z&d Z'd Z(e'e(fZ)d Z*e+dk(re*yy#e $re!ZY4wxYw#e $re!Ze!ZdZ#e jJZ$YHwxYw))absolute_importdivisionprint_functionaJ module: crypto_info author: "Felix Fontein (@felixfontein)" short_description: Retrieve cryptographic capabilities version_added: 2.1.0 description: - Retrieve information on cryptographic capabilities. - The current version retrieves information on the L(Python cryptography library, https://cryptography.io/) available to Ansible modules, and on the OpenSSL binary C(openssl) found in the path. extends_documentation_fragment: - community.crypto.attributes - community.crypto.attributes.info_module - community.crypto.attributes.idempotent_not_modify_state options: {} z --- - name: Retrieve information community.crypto.crypto_info: account_key_src: /etc/pki/cert/private/account.key register: crypto_information - name: Show retrieved information ansible.builtin.debug: var: crypto_information a python_cryptography_installed: description: Whether the L(Python cryptography library, https://cryptography.io/) is installed. returned: always type: bool sample: true python_cryptography_import_error: description: Import error when trying to import the L(Python cryptography library, https://cryptography.io/). returned: when RV(python_cryptography_installed=false) type: str python_cryptography_capabilities: description: Information on the installed L(Python cryptography library, https://cryptography.io/). returned: when RV(python_cryptography_installed=true) type: dict contains: version: description: The library version. type: str curves: description: - List of all supported elliptic curves. - Theoretically this should be non-empty for version 0.5 and higher, depending on the libssl version used. type: list elements: str has_ec: description: - Whether elliptic curves are supported. - Theoretically this should be the case for version 0.5 and higher, depending on the libssl version used. type: bool has_ec_sign: description: - Whether signing with elliptic curves is supported. - Theoretically this should be the case for version 1.5 and higher, depending on the libssl version used. type: bool has_ed25519: description: - Whether Ed25519 keys are supported. - Theoretically this should be the case for version 2.6 and higher, depending on the libssl version used. type: bool has_ed25519_sign: description: - Whether signing with Ed25519 keys is supported. - Theoretically this should be the case for version 2.6 and higher, depending on the libssl version used. type: bool has_ed448: description: - Whether Ed448 keys are supported. - Theoretically this should be the case for version 2.6 and higher, depending on the libssl version used. type: bool has_ed448_sign: description: - Whether signing with Ed448 keys is supported. - Theoretically this should be the case for version 2.6 and higher, depending on the libssl version used. type: bool has_dsa: description: - Whether DSA keys are supported. - Theoretically this should be the case for version 0.5 and higher. type: bool has_dsa_sign: description: - Whether signing with DSA keys is supported. - Theoretically this should be the case for version 1.5 and higher. type: bool has_rsa: description: - Whether RSA keys are supported. - Theoretically this should be the case for version 0.5 and higher. type: bool has_rsa_sign: description: - Whether signing with RSA keys is supported. - Theoretically this should be the case for version 1.4 and higher. type: bool has_x25519: description: - Whether X25519 keys are supported. - Theoretically this should be the case for version 2.0 and higher, depending on the libssl version used. type: bool has_x25519_serialization: description: - Whether serialization of X25519 keys is supported. - Theoretically this should be the case for version 2.5 and higher, depending on the libssl version used. type: bool has_x448: description: - Whether X448 keys are supported. - Theoretically this should be the case for version 2.5 and higher, depending on the libssl version used. type: bool openssl_present: description: Whether the OpenSSL binary C(openssl) is installed and can be found in the PATH. returned: always type: bool sample: true openssl: description: Information on the installed OpenSSL binary. returned: when RV(openssl_present=true) type: dict contains: path: description: Path of the OpenSSL binary. type: str sample: /usr/bin/openssl version: description: The OpenSSL version. type: str sample: 1.1.1m version_output: description: The complete output of C(openssl version). type: str sample: 'OpenSSL 1.1.1m 14 Dec 2021\n' N) AnsibleModule)CRYPTOGRAPHY_HAS_DSACRYPTOGRAPHY_HAS_DSA_SIGNCRYPTOGRAPHY_HAS_ECCRYPTOGRAPHY_HAS_EC_SIGNCRYPTOGRAPHY_HAS_ED448CRYPTOGRAPHY_HAS_ED448_SIGNCRYPTOGRAPHY_HAS_ED25519CRYPTOGRAPHY_HAS_ED25519_SIGNCRYPTOGRAPHY_HAS_RSACRYPTOGRAPHY_HAS_RSA_SIGNCRYPTOGRAPHY_HAS_X448CRYPTOGRAPHY_HAS_X25519CRYPTOGRAPHY_HAS_X25519_FULLHAS_CRYPTOGRAPHY)UnsupportedAlgorithm) InternalError)) secp224r1 SECP224R1) secp256k1 SECP256K1) secp256r1 SECP256R1) secp384r1 SECP384R1) secp521r1 SECP521R1) secp192r1 SECP192R1) sect163k1 SECT163K1) sect163r2 SECT163R2) sect233k1 SECT233K1) sect233r1 SECT233R1) sect283k1 SECT283K1) sect283r1 SECT283R1) sect409k1 SECT409K1) sect409r1 SECT409R1) sect571k1 SECT571K1) sect571r1 SECT571R1)brainpoolP256r1BrainpoolP256R1)brainpoolP384r1BrainpoolP384R1)brainpoolP512r1BrainpoolP512R1ci}t|d<ts t|d<|St}|r ddlm}|j dt}|r ddl m }|j dt}|r/ ddl m }tr|j dn|jt }|r dd lm} | j dg} t&rddl} ddl} | j,j.j1} t2D]\} }| j,j4j6j8j:j=|}|sL | j,j4j6j8j?|| | jA| tD| t&tF||xrtH||xrtJtLtNtPtR||xrt|d }||d <|S#t $rYt$rd}YwxYw#t $rYt$rd}YwxYw#t $rYt$rd}YwxYw#t $rYt$rd}YwxYw#t$rYmtB$rYxwxYw) Npython_cryptography_installed python_cryptography_import_errorr)Ed25519PrivateKeyF)Ed448PrivateKey)X25519PrivateKey)X448PrivateKey)curvebackend)versioncurveshas_ec has_ec_sign has_ed25519has_ed25519_sign has_ed448has_ed448_signhas_dsa has_dsa_signhas_rsa has_rsa_sign has_x25519has_x25519_serializationhas_x448 python_cryptography_capabilities)*rCRYPTOGRAPHY_IMP_ERRr 1cryptography.hazmat.primitives.asymmetric.ed25519r@from_private_bytes ValueErrorrr /cryptography.hazmat.primitives.asymmetric.ed448rBr0cryptography.hazmat.primitives.asymmetric.x25519rCrgenerater.cryptography.hazmat.primitives.asymmetric.x448rDr cryptography.hazmat.backends,cryptography.hazmat.primitives.asymmetric.echazmatbackendsdefault_backendCURVES primitives asymmetricec__dict__getgenerate_private_keyappendCryptographyInternalErrorCRYPTOGRAPHY_VERSIONr rr rrrr)moduleresultrKr@rMrBrSrCrUrDrH cryptographyrF curve_nameconstructor_nameecclassinfos p/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/crypto/plugins/modules/crypto_info.pyadd_crypto_informationrvss F.>F *+ 5I12 *K    0 0 5 'I  W  . .s 3 )J  , 33C8!))+ %H  U  - -c 2 F+;%%..>>@,2  (J("))44??BBKKOO G  ''22==@@UU%iVMM*- *(%/"'I,I#C(C'1'1 $.$O3O D"26F -. Mq  # K   # I   # J   # H &,-  sxGG8&.HH2;AI G5' G54G58 H HH H/! H/.H/2 I > I  I  I'I'&I'c|jd}d|dui}||Sd|i}||d<|j|dg\}}}|dk(r-||d<|jdd}t|dkDr|d|d<|S) Nopensslopenssl_presentpathrGrversion_output) get_bin_path run_commandsplitlen)rnopenssl_binaryroopenssl_resultrcouterrpartss ruadd_openssl_informationrIs((3N>5F  N'F9%%~y&ABLBS Qw+.'( $" u:>(-aN9 % MrActid}i}tD]}|j|||jdi|y)NT) argument_specsupports_check_mode)rINFO_FUNCTIONSupdate exit_json)rnrofns rumainrfsE  FF F" bj!"FvrA__main__), __future__rrrtype __metaclass__ DOCUMENTATIONEXAMPLESRETURN tracebackansible.module_utils.basicrFansible_collections.community.crypto.plugins.module_utils.crypto.basicrrr r r r r rrrrrrrrpcryptography.exceptionsrrrl ImportError Exception __version__rmrW format_excrdrvrrr__name__rrArursA@  s j4$ <. W(33 .gT0  zFe .$-!.2$ )/9//1 2s/ B A::BBBBB&%B&