openssl_publickey: Do not fail on empty existing file (#33255)

Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.

This commits aims to ensure that the file is actually a publickey else
returns false for the check.

1 files changed, 7 insertions, 4 deletions

diff --git a/lib/ansible/modules/crypto/openssl_publickey.py b/lib/ansible/modules/crypto/openssl_publickey.py
index 0073f84c0e..3717c93548 100644
--- a/lib/ansible/modules/crypto/openssl_publickey.py
+++ b/lib/ansible/modules/crypto/openssl_publickey.py
@@ -211,10 +211,13 @@ class PublicKey(crypto_utils.OpenSSLObject):
             if not os.path.exists(self.privatekey_path):
                 return False
 
-            current_publickey = crypto.dump_publickey(
-                crypto.FILETYPE_ASN1,
-                crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read())
-            )
+            try:
+                current_publickey = crypto.dump_publickey(
+                    crypto.FILETYPE_ASN1,
+                    crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read())
+                )
+            except crypto.Error:
+                return False
 
             desired_publickey = crypto.dump_publickey(
                 crypto.FILETYPE_ASN1,