Forge Home

crypto_win

Manage cryptographic settings on a Windows machine.

8,878 downloads

4,870 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.2 (latest)
  • 0.1.1
  • 0.1.0
released Jan 10th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 7.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'jpi-crypto_win', '0.1.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add jpi-crypto_win
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install jpi-crypto_win --version 0.1.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

jpi/crypto_win — version 0.1.2 Jan 10th 2020

crypto_win

AppVeyor Forge Version Forge PDK Version Forge Downloads
AppVeyor Puppet Forge Puppet Forge Puppet Forge

Manage cryptographic settings on a Windows machine.

Parameters

Logging

  • event_logging_level - Set Schannel event logging. Defaults to 3.
Decimal Description
0 Do not log
1 Log Error messages
2 Log Warnings
3 Log Error and Warning messages
4 Log Informational and Success events
5 Log Error, Informational and Success events
6 Log Warnings, Informational and Success events
7 Log Everything (Warnings, Errors, Informational and Success events

Protocols

  • multi_client - Set Multi-Protocol Unified Hello client protocol. Defaults to false.
  • multi_server - Set Multi-Protocol Unified Hello server protocol. Defaults to false.
  • tls_1_0_client - Set TLS 1.0 client protocol. Defaults to false.
  • tls_1_0_server - Set TLS 1.0 server protocol. Defaults to false.
  • tls_1_1_client - Set TLS 1.1 client protocol. Defaults to false.
  • tls_1_1_server - Set TLS 1.1 server protocol. Defaults to false.
  • tls_1_2_client - Set TLS 1.2 client protocol. Defaults to true.
  • tls_1_2_server - Set TLS 1.2 server protocol. Defaults to true.
  • ssl_2_0_client - Set SSL 2.0 client protocol. Defaults to false.
  • ssl_2_0_server - Set SSL 2.0 server protocol. Defaults to false.
  • ssl_3_0_client - Set SSL 3.0 client protocol. Defaults to false.
  • ssl_3_0_server - Set SSL 3.0 server protocol. Defaults to false.
  • pct_1_0_client - Set PCT 1.0 client protocol. Defaults to false.
  • pct_1_0_server - Set PCT 1.0 server protocol. Defaults to false.

Hashes

  • md5 - Set MD5 hash. Defaults to false.
  • sha - Set SHA hash. Defaults to false.
  • sha256 - Set SHA256 hash. Defaults to true.
  • sha384 - Set SHA384 hash. Defaults to true.
  • sha512 - Set SHA512 hash. Defaults to true.

Key Exchange Algorithms

  • pkcs - Set PKCS key exchange algorithm. Defaults to true.
  • ecdh - Set ECDH key exchange algorithm. Default to true.
  • diffie_hellman - Set Diffie-Hellman key exchange algorithm. Default to true.

Ciphers

  • aes_128_128 - Set AES 128/128 cipher. Defaults to true.
  • aes_256_256 - Set AES 256/256 cipher. Defaults to true.
  • rc2_40_128 - Set RC2 40/128 cipher. Defaults to false.
  • rc2_56_128 - Set RC2 56/128 cipher. Defaults to false.
  • rc2_128_128 - Set RC2 128/128 cipher. Defaults to false.
  • rc4_40_128 - Set RC4 40/128 cipher. Defaults to false.
  • rc4_56_128 - Set RC4 56/128 cipher. Defaults to false.
  • rc4_64_128 - Set RC4 64/128 cipher. Defaults to false.
  • rc4_128_128 - Set RC4 128/128 cipher. Defaults to false.
  • des_56_56 - Set DES 56/56 cipher. Defaults to false.
  • threedes_168 - Set 3DES 168 cipher. Defaults to false.
  • null - Set NULL cipher. Defaults to false.

Cipher Suits

[COMING SOON, WIP]

Defaults

Below are the defaults for crypto_win.

Logging Protocols Hashes Key Exchange Algorithms Ciphers
3 TLS 1.2 client & server SHA256, SHA384, SHA512 PKCS, ECDH, Diffie-Hellman AES 128/128, AES 256/256

Usage

At a minimum include the crypto_win class.

Example

To use all defaults simply include the class.

include crypto_win

To override a default simply supply the parameter and respective boolean.

class { 'crypto_win':
  tls_1_1_client => true,
  tls_1_1_server => true,
  md5            => true,
  ecdh           => false,
}

License

Crypto_win is released under the MIT license.