From a63795b875af222b82b865e20f616086482613b6 Mon Sep 17 00:00:00 2001
From: Nikolaos Kakouros <nkak@kth.se>
Date: Thu, 17 Aug 2023 10:34:56 +0000
Subject: [PATCH] Use new easyrsa commands instead of openssl

---
 tasks/convert.yml | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/tasks/convert.yml b/tasks/convert.yml
index 73e56cc..d009982 100644
--- a/tasks/convert.yml
+++ b/tasks/convert.yml
@@ -13,12 +13,10 @@
 
 - name: Convert private keys to PKCS#8
   command: >-
-    openssl pkcs8 -topk8
-      -in '{{ easyrsa_pki_dir }}/private/{{ item.name }}.key'
-      -out '{{ easyrsa_pki_dir }}/private/{{ item.name }}.p8'
-      {{ '-passin pass:' + item.pass | string if item.pass | default(None) else '' }}
-      {{ '-passout pass:' + item.pass | string if item.pass | default(None) else
-        '-nocrypt' }}
+    easyrsa
+      {{ '--passin=pass:' + item.pass | string if item.pass | default(None) else '' }}
+      {{ '--passout=pass:' + item.pass | string if item.pass | default(None) else '' }}
+    export-p8 {{ item.name }}
   args:
     creates: "{{ easyrsa_pki_dir }}/private/{{ item.name }}.p8"
   loop: "{{ easyrsa_to_pkcs8 }}"
@@ -33,12 +31,10 @@
 
 - name: Convert private keys to PKCS#1
   command: >-
-    openssl rsa
-      -in '{{ easyrsa_pki_dir }}/private/{{ item.name }}.key'
-      -out '{{ easyrsa_pki_dir }}/private/{{ item.name }}.p1'
-      {{ '-passin pass:' + item.pass | string if item.pass | default(None) else '' }}
-      {{ '-aes256 -passout pass:' + item.pass | string if item.pass | default(None) else
-         '' }}
+    easyrsa
+      {{ '--passin=pass:' + item.pass | string if item.pass | default(None) else '' }}
+      {{ '--passout=pass:' + item.pass | string if item.pass | default(None) else '' }}
+    export-p1 {{ item.name }}
   args:
     creates: "{{ easyrsa_pki_dir }}/private/{{ item.name }}.p1"
   loop: "{{ easyrsa_to_pkcs1 }}"