Version information
released Jan 10th 2020
This version is compatible with:
- Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >= 4.7.0 < 7.0.0
Start using this module
Add this module to your Puppetfile:
mod 'jpi-crypto_win', '0.1.2'Learn more about managing modules with a PuppetfileDocumentation
jpi/crypto_win — version 0.1.2 Jan 10th 2020
crypto_win
| AppVeyor | Forge Version | Forge PDK Version | Forge Downloads |
|---|---|---|---|
 |
 |
 |
Manage cryptographic settings on a Windows machine.
Parameters
Logging
event_logging_level- Set Schannel event logging. Defaults to3.
| Decimal | Description |
|---|---|
| 0 | Do not log |
| 1 | Log Error messages |
| 2 | Log Warnings |
| 3 | Log Error and Warning messages |
| 4 | Log Informational and Success events |
| 5 | Log Error, Informational and Success events |
| 6 | Log Warnings, Informational and Success events |
| 7 | Log Everything (Warnings, Errors, Informational and Success events |
Protocols
multi_client- Set Multi-Protocol Unified Hello client protocol. Defaults tofalse.multi_server- Set Multi-Protocol Unified Hello server protocol. Defaults tofalse.tls_1_0_client- Set TLS 1.0 client protocol. Defaults tofalse.tls_1_0_server- Set TLS 1.0 server protocol. Defaults tofalse.tls_1_1_client- Set TLS 1.1 client protocol. Defaults tofalse.tls_1_1_server- Set TLS 1.1 server protocol. Defaults tofalse.tls_1_2_client- Set TLS 1.2 client protocol. Defaults totrue.tls_1_2_server- Set TLS 1.2 server protocol. Defaults totrue.ssl_2_0_client- Set SSL 2.0 client protocol. Defaults tofalse.ssl_2_0_server- Set SSL 2.0 server protocol. Defaults tofalse.ssl_3_0_client- Set SSL 3.0 client protocol. Defaults tofalse.ssl_3_0_server- Set SSL 3.0 server protocol. Defaults tofalse.pct_1_0_client- Set PCT 1.0 client protocol. Defaults tofalse.pct_1_0_server- Set PCT 1.0 server protocol. Defaults tofalse.
Hashes
md5- Set MD5 hash. Defaults tofalse.sha- Set SHA hash. Defaults tofalse.sha256- Set SHA256 hash. Defaults totrue.sha384- Set SHA384 hash. Defaults totrue.sha512- Set SHA512 hash. Defaults totrue.
Key Exchange Algorithms
pkcs- Set PKCS key exchange algorithm. Defaults totrue.ecdh- Set ECDH key exchange algorithm. Default totrue.diffie_hellman- Set Diffie-Hellman key exchange algorithm. Default totrue.
Ciphers
aes_128_128- Set AES 128/128 cipher. Defaults totrue.aes_256_256- Set AES 256/256 cipher. Defaults totrue.rc2_40_128- Set RC2 40/128 cipher. Defaults tofalse.rc2_56_128- Set RC2 56/128 cipher. Defaults tofalse.rc2_128_128- Set RC2 128/128 cipher. Defaults tofalse.rc4_40_128- Set RC4 40/128 cipher. Defaults tofalse.rc4_56_128- Set RC4 56/128 cipher. Defaults tofalse.rc4_64_128- Set RC4 64/128 cipher. Defaults tofalse.rc4_128_128- Set RC4 128/128 cipher. Defaults tofalse.des_56_56- Set DES 56/56 cipher. Defaults tofalse.threedes_168- Set 3DES 168 cipher. Defaults tofalse.null- Set NULL cipher. Defaults tofalse.
Cipher Suits
[COMING SOON, WIP]
Defaults
Below are the defaults for crypto_win.
| Logging | Protocols | Hashes | Key Exchange Algorithms | Ciphers |
|---|---|---|---|---|
| 3 | TLS 1.2 client & server | SHA256, SHA384, SHA512 | PKCS, ECDH, Diffie-Hellman | AES 128/128, AES 256/256 |
Usage
At a minimum include the crypto_win class.
Example
To use all defaults simply include the class.
include crypto_win
To override a default simply supply the parameter and respective boolean.
class { 'crypto_win':
tls_1_1_client => true,
tls_1_1_server => true,
md5 => true,
ecdh => false,
}
License
Crypto_win is released under the MIT license.
Changelog
All notable changes to this project will be documented in this file.
Release 0.1.2
Bugfixes
- The event logging implementation was incorrect. Although it defaults to
true, it was actually setting the reg value to0which is "Do not log". This has been corrected to simply take an integer value allowing the user to set the logging level as needed (0-7).
Release 0.1.1
- pdk 1.13.0 update
- add license file
Release 0.1.0
Features
Bugfixes
Known Issues
Dependencies
- puppetlabs/stdlib (>= 4.20.0)
- puppetlabs/registry (>= 2.0.1)
MIT License Copyright (c) 2019 Joey Piccola Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.