openssl_publickey: Do not fail on empty existing file (#33255)

Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.

This commits aims to ensure that the file is actually a publickey else
returns false for the check.

test/integration/targets/openssl_publickey/tasks/main.yml

@@ -48,6 +48,16 @@
         privatekey_passphrase: ansible
       register: publickey3_idempotence
 
+    - name: Generate empty file that will hold a public key (issue 33072)
+      file:
+        path: '{{ output_dir }}/publickey4.pub'
+        state: touch
+
+    - name: Generate publickey in empty existing file (issue 33072)
+      openssl_publickey:
+        path: '{{ output_dir }}/publickey4.pub'
+        privatekey_path: '{{ output_dir }}/privatekey.pem'
+
     - import_tasks: ../tests/validate.yml
 
   when: pyopenssl_version.stdout|version_compare('16.0.0', '>=')

test/integration/targets/openssl_publickey/tests/validate.yml

@@ -59,3 +59,19 @@
   assert:
     that:
       - not publickey3_idempotence|changed
+
+- name: Validate publickey4 (test - privatekey modulus)
+  shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem | openssl md5'
+  register: privatekey4_modulus
+  when: openssl_version.stdout|version_compare('0.9.8zh', '>=')
+
+- name: Validate publickey4 (test - publickey modulus)
+  shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey4.pub  | openssl md5'
+  register: publickey4_modulus
+  when: openssl_version.stdout|version_compare('0.9.8zh', '>=')
+
+- name: Validate publickey4 (assert)
+  assert:
+    that:
+      - publickey4_modulus.stdout == privatekey4_modulus.stdout
+  when: openssl_version.stdout|version_compare('0.9.8zh', '>=')