openssl_privatekey: forgot to add secp256r1 (#58605)

* Forgot to add secp256r1. This one is the interoperable one.

* Add changelog.

changelogs/fragments/58605-openssl_privatekey-secp256r1.yml

@@ -0,0 +1,2 @@
+bugfixes:
+- "openssl_privatekey - ``secp256r1`` got accidentally forgotten in the curve list."

lib/ansible/modules/crypto/openssl_privatekey.py

@@ -62,7 +62,7 @@ options:
     curve:
         description:
             - Note that not all curves are supported by all versions of C(cryptography).
-            - For maximal interoperability, C(secp384r1) or C(secp256k1) should be used.
+            - For maximal interoperability, C(secp384r1) or C(secp256r1) should be used.
             - We use the curve names as defined in the
               L(IANA registry for TLS,https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8).
         type: str
@@ -71,6 +71,7 @@ options:
             - secp521r1
             - secp224r1
             - secp192r1
+            - secp256r1
             - secp256k1
             - brainpoolP256r1
             - brainpoolP384r1
@@ -178,7 +179,7 @@ curve:
     description: Elliptic curve used to generate the TLS/SSL private key.
     returned: changed or success, and I(type) is C(ECC)
     type: str
-    sample: secp256k1
+    sample: secp256r1
 filename:
     description: Path to the generated TLS/SSL private key file.
     returned: changed or success
@@ -454,6 +455,7 @@ class PrivateKeyCryptography(PrivateKeyBase):
         self._add_curve('secp521r1', 'SECP521R1')
         self._add_curve('secp224r1', 'SECP224R1')
         self._add_curve('secp192r1', 'SECP192R1')
+        self._add_curve('secp256r1', 'SECP256R1')
         self._add_curve('secp256k1', 'SECP256K1')
         self._add_curve('brainpoolP256r1', 'BrainpoolP256R1', deprecated=True)
         self._add_curve('brainpoolP384r1', 'BrainpoolP384R1', deprecated=True)
@@ -613,8 +615,8 @@ def main():
                 'DSA', 'ECC', 'Ed25519', 'Ed448', 'RSA', 'X25519', 'X448'
             ]),
             curve=dict(type='str', choices=[
-                'secp384r1', 'secp521r1', 'secp224r1', 'secp192r1', 'secp256k1',
+                'secp384r1', 'secp521r1', 'secp224r1', 'secp192r1', 'secp256r1',
-                'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1',
+                'secp256k1', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1',
                 'sect571k1', 'sect409k1', 'sect283k1', 'sect233k1', 'sect163k1',
                 'sect571r1', 'sect409r1', 'sect283r1', 'sect233r1', 'sect163r2',
             ]),

test/integration/targets/openssl_privatekey/tasks/impl.yml

@@ -67,6 +67,9 @@
     - curve: secp192r1
       openssl_name: prime192v1
       min_cryptography_version: "0.5"
+    - curve: secp256r1
+      openssl_name: secp256r1
+      min_cryptography_version: "0.5"
     - curve: secp256k1
       openssl_name: secp256k1
       min_cryptography_version: "0.9"