Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DER format - community.crypto.x509_certificate_info #603

Closed
msl0 opened this issue May 8, 2023 · 1 comment · Fixed by #622
Closed

DER format - community.crypto.x509_certificate_info #603

msl0 opened this issue May 8, 2023 · 1 comment · Fixed by #622
Labels
enhancement New feature or request

Comments

@msl0
Copy link
Contributor

msl0 commented May 8, 2023

SUMMARY

Currently only PEM format is supported for community.crypto.x509_certificate_info module, so when we try get info about certificate in DER format then we getting:

"msg": "Unable to load PEM file. See https://cryptography.io/en/latest/faq/#why-can-t-i-import-my-pem-file for more details. MalformedFraming"

I noticed community.crypto.x509_certificate_info module uses cryptography. Current code uses load_pem_x509_certificate method but there is a load_der_x509_certificate method in cryptography to load DER certificates.
It would be better than using openssl x509 -in cert.crt -inform der -text -noout command to get certificate info.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

community.crypto.x509_certificate_info

ADDITIONAL INFORMATION

community.crypto/plugins/module_utils/crypto/support.py

Line 207 in e4ebca0

return x509.load_pem_x509_certificate(cert_content, cryptography_backend())

https://cryptography.io/en/latest/x509/reference/#cryptography.x509.load_der_x509_certificate



      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @felixfontein
felixfontein




          added
  the 

  enhancement

  New feature or request
 label


      May 15, 2023

    

  



  

  

    
  


  

      

    @msl0
msl0



    mentioned this issue
    
      Jun 10, 2023
    





  


  

      
   Merged

  







  









      

  
      



  

  @msl0





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  Author


  


  

    

      

      
            msl0
  

      

      

      commented


        Jun 10, 2023


      
    


  





      


        


  
    

      
          
#622 adds support for certificates in DER format when using path parameter


- name: Get DER certificate info
  community.crypto.x509_certificate_info:
    path: certificate.der

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
          


  
    
  
  

    
  msl0 

      added a commit
        to msl0/community.crypto
      that referenced
      this issue

    
      Jun 11, 2023
    
    

      


  

    

      


  

      
        @msl0
  





      

        
          Added changelog fragment for ansible-collections#603
        


      


      

          

    
    
    

  

    


      


      

      


      
      

        
          967e27c
        
      

    

  




    

  




    

    


  


  
    
  
  

    
  felixfontein 

      added a commit
      that referenced
      this issue

    
      Jun 15, 2023
    
    

      


  

    

      


  

      
        @msl0
      
        @felixfontein
  





      

        
          Added support for certificates in DER format for `x509_certificate_in…
        

          
            
          

      


      

          

    
    
    

  

    


      


      

      


      
      

        
          9c07a83
        
      

    

  

    

      
…fo` module (#622)

* Added support for DER format

* Updated description

* Adjusted description

The content of the certificate cannot be in DER format due to an input encoding problem in the Ansible module, but it works fine when reading the certificate from a file

* Update support.py

* Added der_support_enabled flag for DER-format support

* Added changelog fragment for #603

* Fixed typo

* Fixed missing import

* Resolved issues found by static code analysis

* Update plugins/module_utils/crypto/support.py

Committed suggested change

Co-authored-by: Felix Fontein <felix@fontein.de>

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>

    




    

  




  

  

    
  


  

      

    @cyper85
cyper85



    mentioned this issue
    
      Jun 23, 2023
    





  


  

      
  
  Closed

  







  













  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    enhancement

  New feature or request








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




            
Successfully merging a pull request may close this issue.





    


  
          
      Added support for certificates in DER format for x509_certificate_info module

    
      msl0/community.crypto
    





    
  




        
      

    

  
      

  

    

      2 participants
    

    

        
          @felixfontein 
        
          @msl0