Enable integration tests for the crypto/ namespace (#26684)

Crypto namespace contains the openssl modules. It has no integration
testing as of now.

This commits aims to add integration tests for the crypto namespace.
This will make it easier to spot breaking changes in the future.

This tests currently apply to:

  * openssl_privatekey
  * openssl_publickey
  * openssl_csr

lib/ansible/module_utils/crypto.py

@@ -35,15 +35,12 @@ class OpenSSLObjectError(Exception):
     pass
 
 
-def get_fingerprint(path, passphrase):
+def get_fingerprint(path, passphrase=None):
     """Generate the fingerprint of the public key. """
 
     fingerprint = {}
 
-    privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM,
-                                        open(path, 'rb').read(),
-                                        passphrase)
-
+    privatekey = load_privatekey(path, passphrase)
     try:
         publickey = crypto.dump_publickey(crypto.FILETYPE_ASN1, privatekey)
         for algo in hashlib.algorithms:
@@ -63,10 +60,14 @@ def load_privatekey(path, passphrase=None):
     """Load the specified OpenSSL private key."""
 
     try:
-        privatekey_content = open(path, 'rb').read()
-        privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM,
-                                            privatekey_content,
-                                            passphrase)
+        if passphrase:
+            privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM,
+                                                open(path, 'rb').read(),
+                                                passphrase)
+        else:
+            privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM,
+                                                open(path, 'rb').read())
+
         return privatekey
     except (IOError, OSError) as exc:
         raise OpenSSLObjectError(exc)

lib/ansible/modules/crypto/openssl_csr.py

@@ -179,6 +179,7 @@ except ImportError:
 else:
     pyopenssl_found = True
 
+from ansible.module_utils import crypto as crypto_utils
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils._text import to_native
 
@@ -231,10 +232,11 @@ class CertificateSigningRequest(object):
             if self.subjectAltName is not None:
                 req.add_extensions([crypto.X509Extension(b"subjectAltName", False, self.subjectAltName.encode('ascii'))])
 
-            privatekey_content = open(self.privatekey_path).read()
-            self.privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM,
-                                                     privatekey_content,
-                                                     self.privatekey_passphrase)
+            self.privatekey = crypto_utils.load_privatekey(
+                self.privatekey_path,
+                self.privatekey_passphrase
+            )
+
             req.set_pubkey(self.privatekey)
             req.sign(self.privatekey, self.digest)
             self.request = req

lib/ansible/modules/crypto/openssl_publickey.py

@@ -187,7 +187,7 @@ class PublicKey(object):
                     self.privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, privatekey_content)
                     publickey_content = crypto.dump_publickey(crypto.FILETYPE_PEM, self.privatekey)
 
-                publickey_file = open(self.path, 'w')
+                publickey_file = open(self.path, 'wb')
                 publickey_file.write(publickey_content)
                 publickey_file.close()