ec2_win_password fails for given key_data if module is executed with python3. It works with python2.

[phospi]

Avoiding duplicates

At the time of writing there were 11 issues raised. None of them was referring to ec2_win_password

Affected Branches

At the time of writing there is only 1 branch at all and it is affected by the issue.

SUMMARY

ec2_win_password fails for given key_data if module is executed with python3. It works with python2.

ISSUE TYPE

• Bug Report ("Code is not compatible with python3.")
• Feature Report ("Please make modules python3 compatible.")

COMPONENT NAME

ec2_win_password

ANSIBLE VERSION

Ansible 2.9.5

CONFIGURATION

OS / ENVIRONMENT

STEPS TO REPRODUCE

We have a pem file which is saved in a variable with linebreaks.
If we have a task like this

  - name: get admin pws for systems
     ec2_win_password:
        region: "{{ aws_region }}"
        aws_access_key: "{{ access_key }}"
        aws_secret_key: "{{ secret_key }}"
        security_token: "{{ security_token }}"
        instance_id: "{{ item }}"
        key_data: "{{ sshkeyplain }}"
        key_passphrase: "{{ passphrase }}"
        wait: yes
      no_log: true
      register: passwords
      loop: "{{ system_ids }}"

If you execute this module with python2 backend it works.
If you execute this module with python3 backend it fails. ("unable to parse key data")

EXPECTED RESULTS

I expect the key_data to be parsed correctly with python3 backend.

ACTUAL RESULTS

Error when executing "load_pem_private_key" in python3 plain.

key = load_pem_private_key(key_data, b_key_passphrase, default_backend())
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/var/lib/awx/venv/ansible/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
    return backend.load_pem_private_key(data, password)
  File "/var/lib/awx/venv/ansible/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1089, in load_pem_private_key
    password,
  File "/var/lib/awx/venv/ansible/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1282, in _load_key
    mem_bio = self._bytes_to_bio(data)
  File "/var/lib/awx/venv/ansible/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 473, in _bytes_to_bio
    data_ptr = self._ffi.from_buffer(data)
TypeError: from_buffer() cannot return the address of a unicode object

SOLUTION PROPOSAL

Our tests showed that explicit encoding is compatible with python2 and python3. Please verify.

key = load_pem_private_key(key_data.encode("ascii"), b_key_passphrase, default_backend())