java_keystore: New ssl_backend option for cryptography (#2485) (#2513)

* Adding cryptography as a backend for OpenSSL operations

* Updating unit tests and adding changelog fragment

* Allowing private key password option when using unprotected key

* Incorporating suggestions from initial review

* Centralizing module exit path

(cherry picked from commit a385cbb11d)

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

tests/integration/targets/java_keystore/tasks/main.yml

@@ -9,12 +9,22 @@
     - name: Include tasks to create ssl materials on the controller
       include_tasks: prepare.yml
 
+- set_fact:
+    ssl_backends: ['openssl']
+
+- set_fact:
+    ssl_backends: "{{ ssl_backends + ['cryptography'] }}"
+  when: cryptography_version.stdout is version('3.0', '>=')
+
 - when: has_java_keytool
   block:
     - name: Include tasks to play with 'certificate' and 'private_key' contents
       include_tasks: tests.yml
       vars:
         remote_cert: false
+      loop: "{{ ssl_backends }}"
+      loop_control:
+        loop_var: ssl_backend
 
     - name: Include tasks to create ssl materials on the remote host
       include_tasks: prepare.yml
@@ -23,3 +33,6 @@
       include_tasks: tests.yml
       vars:
         remote_cert: true
+      loop: "{{ ssl_backends }}"
+      loop_control:
+        loop_var: ssl_backend

tests/integration/targets/java_keystore/tasks/tests.yml

@@ -23,6 +23,7 @@
     private_key_path: "{{ omit if not remote_cert else output_dir ~ '/' ~ (item.keyname | d(item.name)) ~ '.key' }}"
     private_key_passphrase: "{{ item.passphrase | d(omit) }}"
     password: changeit
+    ssl_backend: "{{ ssl_backend }}"
   loop: "{{ java_keystore_certs }}"
   check_mode: yes
   register: result_check