openssl: remove static dict for keyUsage (#30339)

keyUsage and extendedKeyUsage are currently statically limited via a
static dict defined in modules_utils/crypto.py. If one specify a value
that isn't in there, idempotency won't work.

Instead of having static dict, we uses keyUsage and extendedKyeUsage
values OpenSSL NID and compare those rather than comparing strings.

Fixes: https://github.com/ansible/ansible/issues/30316

test/integration/targets/openssl_csr/tasks/main.yml

@@ -9,6 +9,39 @@
         privatekey_path: '{{ output_dir }}/privatekey.pem'
         commonName: 'www.ansible.com'
 
+    # keyUsage longname and shortname should be able to be used
+    # interchangeably. Hence the long name is specified here
+    # but the short name is used to test idempotency for ipsecuser
+    # and vice-versa for biometricInfo
+    - name: Generate CSR with KU and XKU
+      openssl_csr:
+        path: '{{ output_dir }}/csr_ku_xku.csr'
+        privatekey_path: '{{ output_dir }}/privatekey.pem'
+        commonName: 'www.ansible.com'
+        keyUsage:
+          - digitalSignature
+          - keyAgreement
+        extendedKeyUsage:
+          - qcStatements
+          - DVCS
+          - IPSec User
+          - biometricInfo
+
+    - name: Generate CSR with KU and XKU (test idempotency)
+      openssl_csr:
+        path: '{{ output_dir }}/csr_ku_xku.csr'
+        privatekey_path: '{{ output_dir }}/privatekey.pem'
+        commonName: 'www.ansible.com'
+        keyUsage:
+          - digitalSignature
+          - keyAgreement
+        extendedKeyUsage:
+          - ipsecUser
+          - qcStatements
+          - DVCS
+          - Biometric Info
+      register: csr_ku_xku
+
     - import_tasks: ../tests/validate.yml
 
   when: pyopenssl_version.stdout|version_compare('0.15', '>=')