From e22df8473d9e38d387fbb79748c616fc27c9ae9b Mon Sep 17 00:00:00 2001
From: "Gareth J. Greenaway" <gareth@wiked.org>
Date: Mon, 4 Jun 2018 16:00:07 -0700
Subject: [PATCH 1/2] Ensuring that when a passphrase is passed in, it is
 returned as a string from the passphrase callback.

---
 salt/modules/x509.py            |  3 ++-
 tests/unit/modules/test_x509.py | 10 ++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/salt/modules/x509.py b/salt/modules/x509.py
index 00519bb98a..a84ed7676a 100644
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@@ -376,7 +376,7 @@ def _passphrase_callback(passphrase):
     Returns a callback function used to supply a passphrase for private keys
     '''
     def f(*args):
-        return passphrase
+        return salt.utils.stringutils.to_str(passphrase)
     return f
 
 
@@ -837,6 +837,7 @@ def create_private_key(path=None,
     bio = M2Crypto.BIO.MemoryBuffer()
     if passphrase is None:
         cipher = None
+
     rsa.save_key_bio(
         bio,
         cipher=cipher,
diff --git a/tests/unit/modules/test_x509.py b/tests/unit/modules/test_x509.py
index 98fc84146e..c300a56d64 100644
--- a/tests/unit/modules/test_x509.py
+++ b/tests/unit/modules/test_x509.py
@@ -164,3 +164,13 @@ c9bcgp7D7xD+TxWWNj4CSXEccJgGr91StV+gFg4ARQ==
                                       days_valid=3650,
                                       days_remaining=0)
         self.assertIn(b'BEGIN CERTIFICATE', ret)
+
+    @skipIf(not HAS_M2CRYPTO, 'Skipping, M2Crypt is unavailble')
+    def test_create_key(self):
+        '''
+        Test that x509.create_key returns a private key
+        :return:
+        '''
+        ret = x509.create_private_key(text=True,
+                                      passphrase='super_secret_passphrase')
+        self.assertIn(b'BEGIN RSA PRIVATE KEY', ret)

From 99bad3cca6d0d46b733892cb34f94370ffffe97f Mon Sep 17 00:00:00 2001
From: "Gareth J. Greenaway" <gareth@wiked.org>
Date: Mon, 4 Jun 2018 16:04:45 -0700
Subject: [PATCH 2/2] removing unnecessary change

---
 salt/modules/x509.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/salt/modules/x509.py b/salt/modules/x509.py
index a84ed7676a..bb9821c1eb 100644
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@@ -837,7 +837,6 @@ def create_private_key(path=None,
     bio = M2Crypto.BIO.MemoryBuffer()
     if passphrase is None:
         cipher = None
-
     rsa.save_key_bio(
         bio,
         cipher=cipher,