Merge branch 'maint'

author: Hans Nilsson <[email protected]> 2017-11-10 12:24:46 +0100
committer: Hans Nilsson <[email protected]> 2017-11-10 12:24:46 +0100
commit: 30147b18b7837034adb94bd2ee2eda3ae2a177bf (patch)
tree: 8da0b26eb4c565fabb3e2a7dfea22ef304d16332 /lib/crypto
parent: 216872073815bfcfc0d3d18c51ae8291967c07dd (diff)
parent: 1d0bd5f30cfd95d0977061618a5e483a8606deca (diff)
download: otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.tar.gz
otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.tar.bz2
otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.zip
14 files changed, 544 insertions, 25 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 0f07a862d2..28cc982c1e 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -499,6 +499,10 @@ static int term2point(ErlNifEnv* env, ERL_NIF_TERM term,
 #endif
 static ERL_NIF_TERM bin_from_bn(ErlNifEnv* env, const BIGNUM *bn);
 
+#ifdef HAS_ENGINE_SUPPORT
+static int zero_terminate(ErlNifBinary bin, char **buf);
+#endif
+
 static int library_refc = 0; /* number of users of this dynamic library */
 
 static ErlNifFunc nif_funcs[] = {
@@ -641,7 +645,6 @@ static ERL_NIF_TERM atom_md5;
 static ERL_NIF_TERM atom_ripemd160;
 
 #ifdef HAS_ENGINE_SUPPORT
-static ERL_NIF_TERM atom_bad_engine;
 static ERL_NIF_TERM atom_bad_engine_method;
 static ERL_NIF_TERM atom_bad_engine_id;
 static ERL_NIF_TERM atom_ctrl_cmd_failed;
@@ -663,7 +666,12 @@ static ERL_NIF_TERM atom_engine_method_store;
 static ERL_NIF_TERM atom_engine_method_pkey_meths;
 static ERL_NIF_TERM atom_engine_method_pkey_asn1_meths;
 static ERL_NIF_TERM atom_engine_method_ec;
+
+static ERL_NIF_TERM atom_engine;
+static ERL_NIF_TERM atom_key_id;
+static ERL_NIF_TERM atom_password;
 #endif
+
 static ErlNifResourceType* hmac_context_rtype;
 struct hmac_context
 {
@@ -1042,7 +1050,6 @@ static int initialize(ErlNifEnv* env, ERL_NIF_TERM load_info)
     atom_ripemd160 = enif_make_atom(env,"ripemd160");
 
 #ifdef HAS_ENGINE_SUPPORT
-    atom_bad_engine = enif_make_atom(env,"bad_engine");
     atom_bad_engine_method = enif_make_atom(env,"bad_engine_method");
     atom_bad_engine_id = enif_make_atom(env,"bad_engine_id");
     atom_ctrl_cmd_failed = enif_make_atom(env,"ctrl_cmd_failed");
@@ -1063,6 +1070,10 @@ static int initialize(ErlNifEnv* env, ERL_NIF_TERM load_info)
     atom_engine_method_pkey_meths = enif_make_atom(env,"engine_method_pkey_meths");
     atom_engine_method_pkey_asn1_meths = enif_make_atom(env,"engine_method_pkey_asn1_meths");
     atom_engine_method_ec = enif_make_atom(env,"engine_method_ec");
+
+    atom_engine = enif_make_atom(env,"engine");
+    atom_key_id = enif_make_atom(env,"key_id");
+    atom_password = enif_make_atom(env,"password");
 #endif
 
     init_digest_types(env);
@@ -3920,9 +3931,69 @@ static int get_pkey_sign_options(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF
 }
 
 
+#ifdef HAS_ENGINE_SUPPORT
+static int get_engine_and_key_id(ErlNifEnv *env, ERL_NIF_TERM key, char ** id, ENGINE **e)
+{
+    ERL_NIF_TERM engine_res, key_id_term;
+    struct engine_ctx *ctx;
+    ErlNifBinary key_id_bin;
+
+    if (!enif_get_map_value(env, key, atom_engine, &engine_res) ||
+        !enif_get_resource(env, engine_res, engine_ctx_rtype, (void**)&ctx) ||
+        !enif_get_map_value(env, key, atom_key_id, &key_id_term) ||
+        !enif_inspect_binary(env, key_id_term, &key_id_bin)) {
+        return 0;
+    }
+    else {
+        *e = ctx->engine;
+        return zero_terminate(key_id_bin, id);
+    }
+}
+
+
+static char *get_key_password(ErlNifEnv *env, ERL_NIF_TERM key) {
+    ERL_NIF_TERM tmp_term;
+    ErlNifBinary pwd_bin;
+    char *pwd;
+    if (enif_get_map_value(env, key, atom_password, &tmp_term) &&
+        enif_inspect_binary(env, tmp_term, &pwd_bin) &&
+        zero_terminate(pwd_bin, &pwd)
+        ) return pwd;
+
+    return NULL;
+}
+
+static int zero_terminate(ErlNifBinary bin, char **buf) {
+    *buf = enif_alloc(bin.size+1);
+    if (!*buf)
+        return 0;
+    memcpy(*buf, bin.data, bin.size);
+    *(*buf+bin.size) = 0;
+    return 1;
+}
+#endif
+
 static int get_pkey_private_key(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_TERM key, EVP_PKEY **pkey)
 {
-    if (algorithm == atom_rsa) {
+    if (enif_is_map(env, key)) {
+#ifdef HAS_ENGINE_SUPPORT
+        /* Use key stored in engine */
+        ENGINE *e;
+        char *id;
+        char *password;
+
+        if (!get_engine_and_key_id(env, key, &id, &e))
+            return PKEY_BADARG;
+        password = get_key_password(env, key);
+        *pkey = ENGINE_load_private_key(e, id, NULL, password);
+        if (!pkey)
+            return PKEY_BADARG;
+        enif_free(id);
+#else
+        return PKEY_BADARG;
+#endif
+    }
+    else if (algorithm == atom_rsa) {
 	RSA *rsa = RSA_new();
 
 	if (!get_rsa_private_key(env, key, rsa)) {
@@ -3983,7 +4054,24 @@ static int get_pkey_private_key(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_
 static int get_pkey_public_key(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_TERM key,
 			       EVP_PKEY **pkey)
 {
-    if (algorithm == atom_rsa) {
+    if (enif_is_map(env, key)) {
+#ifdef HAS_ENGINE_SUPPORT
+        /* Use key stored in engine */
+        ENGINE *e;
+        char *id;
+        char *password;
+
+        if (!get_engine_and_key_id(env, key, &id, &e))
+            return PKEY_BADARG;
+        password = get_key_password(env, key);
+        *pkey = ENGINE_load_public_key(e, id, NULL, password);
+        if (!pkey)
+            return PKEY_BADARG;
+        enif_free(id);
+#else
+        return PKEY_BADARG;
+#endif
+    } else  if (algorithm == atom_rsa) {
 	RSA *rsa = RSA_new();
 
 	if (!get_rsa_public_key(env, key, rsa)) {
@@ -4041,7 +4129,7 @@ static int get_pkey_public_key(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_T
 }
 
 static ERL_NIF_TERM pkey_sign_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[])
-{/* (Algorithm, Type, Data|{digest,Digest}, Key, Options) */
+{/* (Algorithm, Type, Data|{digest,Digest}, Key|#{}, Options) */
     int i;
     const EVP_MD *md = NULL;
     unsigned char md_value[EVP_MAX_MD_SIZE];
@@ -4061,6 +4149,13 @@ enif_get_atom(env,argv[0],buf,1024,ERL_NIF_LATIN1); printf("algo=%s ",buf);
 enif_get_atom(env,argv[1],buf,1024,ERL_NIF_LATIN1); printf("hash=%s ",buf);
 printf("\r\n");
 */
+
+#ifndef HAS_ENGINE_SUPPORT
+    if (enif_is_map(env, argv[3])) {
+        return atom_notsup;
+    }
+#endif
+
     i = get_pkey_sign_digest(env, argv[0], argv[1], argv[2], md_value, &md, &tbs, &tbslen);
     if (i != PKEY_OK) {
 	if (i == PKEY_NOTSUP)
@@ -4082,10 +4177,9 @@ printf("\r\n");
     }
 
 #ifdef HAS_EVP_PKEY_CTX
-/* printf("EVP interface\r\n");
- */
     ctx = EVP_PKEY_CTX_new(pkey, NULL);
     if (!ctx) goto badarg;
+
     if (EVP_PKEY_sign_init(ctx) <= 0) goto badarg;
     if (md != NULL && EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) goto badarg;
 
@@ -4187,6 +4281,12 @@ static ERL_NIF_TERM pkey_verify_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM
     unsigned char *tbs; /* data to be signed */
     size_t tbslen;
 
+#ifndef HAS_ENGINE_SUPPORT
+    if (enif_is_map(env, argv[4])) {
+        return atom_notsup;
+    }
+#endif
+
     if (!enif_inspect_binary(env, argv[3], &sig_bin)) {
 	return enif_make_badarg(env);
     }
@@ -4397,7 +4497,13 @@ static ERL_NIF_TERM pkey_crypt_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM
     int algo_init = 0;
 
 /* char algo[1024]; */
-   
+
+#ifndef HAS_ENGINE_SUPPORT
+    if (enif_is_map(env, argv[2])) {
+        return atom_notsup;
+    }
+#endif
+
     if (!enif_inspect_binary(env, argv[1], &in_bin)) {
 	return enif_make_badarg(env);
     }
diff --git a/lib/crypto/c_src/otp_test_engine.c b/lib/crypto/c_src/otp_test_engine.c
index 414e89c0f6..a66bee2ddf 100644
--- a/lib/crypto/c_src/otp_test_engine.c
+++ b/lib/crypto/c_src/otp_test_engine.c
@@ -26,6 +26,8 @@
 
 #include <openssl/engine.h>
 #include <openssl/md5.h>
+#include <openssl/rsa.h>
+#include <openssl/pem.h>
 
 #define PACKED_OPENSSL_VERSION(MAJ, MIN, FIX, P)	\
     ((((((((MAJ << 8) | MIN) << 8 ) | FIX) << 8) | (P-'a'+1)) << 4) | 0xf)
@@ -41,8 +43,16 @@
 static const char *test_engine_id = "MD5";
 static const char *test_engine_name = "MD5 test engine";
 
+/* The callback that does the job of fetching keys on demand by the Engine */
+EVP_PKEY* test_key_load(ENGINE *er, const char *id, UI_METHOD *ui_method, void *callback_data);
+
+
 static int test_init(ENGINE *e) {
     printf("OTP Test Engine Initializatzion!\r\n");
+    
+    /* Load all digest and cipher algorithms. Needed for password protected private keys */
+    OpenSSL_add_all_algorithms();
+
     return 111;
 }
 
@@ -156,6 +166,7 @@ static int test_engine_digest_selector(ENGINE *e, const EVP_MD **digest,
         ok = 0;
         *digest = NULL;
     }
+    
     return ok;
 }
 
@@ -165,8 +176,11 @@ static int bind_helper(ENGINE * e, const char *id)
     if (!ENGINE_set_id(e, test_engine_id) ||
         !ENGINE_set_name(e, test_engine_name) ||
         !ENGINE_set_init_function(e, test_init) ||
-        !ENGINE_set_digests(e, &test_engine_digest_selector)
-        )
+        !ENGINE_set_digests(e, &test_engine_digest_selector) ||
+        /* For testing of key storage in an Engine: */
+        !ENGINE_set_load_privkey_function(e, &test_key_load) ||
+        !ENGINE_set_load_pubkey_function(e, &test_key_load)
+    )
         return 0;
 
     return 1;
@@ -175,3 +189,74 @@ static int bind_helper(ENGINE * e, const char *id)
 IMPLEMENT_DYNAMIC_CHECK_FN();
 
 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper);
+
+/********************************************************
+ *
+ * Engine storage simulation
+ *
+ */
+int pem_passwd_cb_fun(char *buf, int size, int rwflag, void *password);
+
+EVP_PKEY* test_key_load(ENGINE *er, const char *id, UI_METHOD *ui_method, void *callback_data)
+{
+    EVP_PKEY *pkey = NULL;
+    FILE *f = fopen(id, "r");
+
+    if (!f) {
+            fprintf(stderr, "%s:%d fopen(%s) failed\r\n", __FILE__,__LINE__,id);
+            return NULL;
+    }
+
+    /* First try to read as a private key. If that fails, try to read as a public key: */
+    pkey = PEM_read_PrivateKey(f, NULL, pem_passwd_cb_fun, callback_data);
+    if (!pkey) {
+        /* ERR_print_errors_fp (stderr); */
+        fclose(f);
+        f = fopen(id, "r");
+        pkey = PEM_read_PUBKEY(f, NULL, NULL, NULL);
+    }
+    fclose(f);
+    
+    if (!pkey) {
+        fprintf(stderr, "%s:%d Key read from file failed. ", __FILE__,__LINE__);
+        if (callback_data) 
+            fprintf(stderr, "Pwd = \"%s\". ", (char *)callback_data);
+        fprintf(stderr, "Contents of file \"%s\":\r\n",id);
+        f = fopen(id, "r");
+        { /* Print the contents of the key file */
+            char c;
+            while (!feof(f)) {
+                switch (c=fgetc(f)) {
+                case '\n':
+                case '\r': putc('\r',stdout); putc('\n',stdout); break;
+                default: putc(c, stdout);
+                }
+            }
+        }
+        fclose(f);
+    }
+    
+    return pkey;
+}
+
+
+int pem_passwd_cb_fun(char *buf, int size, int rwflag, void *password) 
+{ 
+    int i;
+
+    fprintf(stderr, "In pem_passwd_cb_fun\r\n");
+    if (!password)
+        return 0;
+
+    i = strlen(password);
+    if (i < size) {
+        /* whole pwd (incl terminating 0) fits */
+        fprintf(stderr, "Got FULL pwd %d(%d) chars\r\n", i, size);
+        memcpy(buf, (char*)password, i+1);
+        return i+1;
+    } else {
+        fprintf(stderr, "Got TO LONG pwd %d(%d) chars\r\n", i, size);
+        /* meaningless with a truncated password */
+        return 0;
+    }
+}
diff --git a/lib/crypto/doc/src/Makefile b/lib/crypto/doc/src/Makefile
index 937bb1419f..a902779383 100644
--- a/lib/crypto/doc/src/Makefile
+++ b/lib/crypto/doc/src/Makefile
@@ -38,7 +38,7 @@ XML_APPLICATION_FILES = ref_man.xml
 XML_REF3_FILES = crypto.xml
 XML_REF6_FILES = crypto_app.xml
 
-XML_PART_FILES = release_notes.xml usersguide.xml
+XML_PART_FILES = usersguide.xml
 XML_CHAPTER_FILES = notes.xml licenses.xml fips.xml engine_load.xml
 
 BOOK_FILES = book.xml
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index 8503f6eabb..72351f1fe5 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -136,6 +136,23 @@
     See also <seealso marker="#supports-0">crypto:supports/0</seealso>
     </p>
 
+    <code>engine_key_ref() = #{engine   := engine_ref(),
+                               key_id   := key_id(),
+                               password => password()}</code>
+
+    <code>engine_key_ref() = term()</code>
+    <p>The result of a call to <seealso marker="#engine_load-3">engine_load/3</seealso>.
+    </p>
+
+    <code>key_id() = string() | binary()</code>
+    <p>Identifies the key to be used. The format depends on the loaded engine. It is passed to
+    the <c>ENGINE_load_(private|public)_key</c> functions in libcrypto.
+    </p>
+
+    <code>password() = string() | binary()</code>
+    <p>The key's password
+    </p>
+
      <code>stream_cipher() = rc4 | aes_ctr </code>
 
      <code>block_cipher() = aes_cbc | aes_cfb8 | aes_cfb128 | aes_ige256 | blowfish_cbc |
@@ -584,7 +601,7 @@
       <type>
 	<v>Type = rsa</v>
 	<v>CipherText = binary()</v>
-	<v>PrivateKey = rsa_private()</v>
+	<v>PrivateKey = rsa_private() | engine_key_ref()</v>
 	<v>Padding = rsa_pkcs1_padding | rsa_pkcs1_oaep_padding | rsa_no_padding</v>
         <v>PlainText = binary()</v>
       </type>
@@ -609,7 +626,7 @@
 	than <c>byte_size(N)-11</c> if <c>rsa_pkcs1_padding</c> is
 	used, and <c>byte_size(N)</c> if <c>rsa_no_padding</c> is
 	used, where N is public modulus of the RSA key.</d>
-	<v>PrivateKey = rsa_private()</v>
+	<v>PrivateKey = rsa_private() | engine_key_ref()</v>
 	<v>Padding = rsa_pkcs1_padding | rsa_no_padding</v>
         <v>CipherText = binary()</v>
       </type>
@@ -628,7 +645,7 @@
       <type>
 	<v>Type = rsa</v>
 	<v>CipherText = binary()</v>
-	<v>PublicKey =  rsa_public() </v>
+	<v>PublicKey =  rsa_public() | engine_key_ref()</v>
 	<v>Padding = rsa_pkcs1_padding | rsa_no_padding</v>
         <v>PlainText = binary()</v>
       </type>
@@ -653,7 +670,7 @@
 	than <c>byte_size(N)-11</c> if <c>rsa_pkcs1_padding</c> is
 	used, and <c>byte_size(N)</c> if <c>rsa_no_padding</c> is
 	used, where N is public modulus of the RSA key.</d>
-	<v>PublicKey = rsa_public()</v>
+	<v>PublicKey = rsa_public() | engine_key_ref()</v>
 	<v>Padding = rsa_pkcs1_padding | rsa_pkcs1_oaep_padding | rsa_no_padding</v>
         <v>CipherText = binary()</v>
       </type>
@@ -706,7 +723,7 @@
 	signed or it is the hashed value of "cleartext" i.e. the
 	digest (plaintext).</d>
 	<v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
-	<v>Key = rsa_private() | dss_private() | [ecdh_private(),ecdh_params()]</v>
+	<v>Key = rsa_private() | dss_private() | [ecdh_private(),ecdh_params()] | engine_key_ref()</v>
 	<v>Options = sign_options()</v>
       </type>
       <desc>
@@ -1018,7 +1035,7 @@ _FloatValue = rand:uniform().     % [0.0; 1.0[</pre>
         or it is the hashed value of "cleartext" i.e. the digest (plaintext).</d>
 	<v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
 	<v>Signature = binary()</v>
-	<v>Key = rsa_public() | dss_public() | [ecdh_public(),ecdh_params()]</v>
+	<v>Key = rsa_public() | dss_public() | [ecdh_public(),ecdh_params()] | engine_key_ref()</v>
 	<v>Options = sign_options()</v>
       </type>
       <desc>
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index b95480e6a9..3e18756cf9 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -54,6 +54,11 @@
          engine_list/0
         ]).
 
+-export_type([engine_ref/0,
+              key_id/0,
+              password/0
+             ]).
+
 
 %% Private. For tests.
 -export([packed_openssl_version/4, engine_methods_convert_to_bitmask/2, get_test_engine/0]).
@@ -468,13 +473,24 @@ sign(Algorithm, Type, Data, Key, Options) ->
     end.
 
 
+
+-type key_id()   :: string() | binary() .
+-type password() :: string() | binary() .
+
+-type engine_key_ref() :: #{engine :=   engine_ref(),
+                            key_id :=   key_id(),
+                            password => password(),
+                            term() => term() 
+                           }.
+
 -type pk_algs() :: rsa | ecdsa | dss .
--type pk_opt() :: list() | rsa_padding() .
+-type pk_key()  :: engine_key_ref() | [integer() | binary()] .
+-type pk_opt()  :: list() | rsa_padding() .
 
--spec public_encrypt(pk_algs(),  binary(), [binary()],             pk_opt()) -> binary().
--spec public_decrypt(pk_algs(),  binary(), [integer() | binary()], pk_opt()) -> binary().
--spec private_encrypt(pk_algs(), binary(), [integer() | binary()], pk_opt()) -> binary().
--spec private_decrypt(pk_algs(), binary(), [integer() | binary()], pk_opt()) -> binary().
+-spec public_encrypt(pk_algs(),  binary(), pk_key(), pk_opt()) -> binary().
+-spec public_decrypt(pk_algs(),  binary(), pk_key(), pk_opt()) -> binary().
+-spec private_encrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
+-spec private_decrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
 
 public_encrypt(Algorithm, In, Key, Options) when is_list(Options) ->
     case pkey_crypt_nif(Algorithm, In, format_pkey(Algorithm, Key), Options, false, true) of
@@ -627,6 +643,8 @@ compute_key(ecdh, Others, My, Curve) ->
                               engine_method_pkey_meths | engine_method_pkey_asn1_meths | 
                               engine_method_ec.
 
+-type engine_ref() :: term().
+
 -spec engine_get_all_methods() ->
     [engine_method_type()].
 engine_get_all_methods() ->
@@ -638,7 +656,7 @@ engine_get_all_methods() ->
 -spec engine_load(EngineId::unicode:chardata(),
                   PreCmds::[{unicode:chardata(), unicode:chardata()}],
                   PostCmds::[{unicode:chardata(), unicode:chardata()}]) ->
-    {ok, Engine::term()} | {error, Reason::term()}.
+    {ok, Engine::engine_ref()} | {error, Reason::term()}.
 engine_load(EngineId, PreCmds, PostCmds) when is_list(PreCmds), is_list(PostCmds) ->
     engine_load(EngineId, PreCmds, PostCmds, engine_get_all_methods()).
 
@@ -1146,6 +1164,11 @@ ensure_int_as_bin(Int) when is_integer(Int) ->
 ensure_int_as_bin(Bin) ->
     Bin.
 
+format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_binary(T) -> format_pwd(M);
+format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_list(T) -> format_pwd(M#{key_id:=list_to_binary(T)});
+format_pkey(_Alg, #{engine:=_           }=M) -> error({bad_key_id, M});
+format_pkey(_Alg, #{}=M) -> error({bad_engine_map, M});
+%%%
 format_pkey(rsa, Key) ->
     map_ensure_int_as_bin(Key);
 format_pkey(ecdsa, [Key, Curve]) ->
@@ -1155,6 +1178,9 @@ format_pkey(dss, Key) ->
 format_pkey(_, Key) ->
     Key.
 
+format_pwd(#{password := Pwd}=M) when is_list(Pwd) -> M#{password := list_to_binary(Pwd)};
+format_pwd(M) -> M.
+
 %%--------------------------------------------------------------------
 %%
 -type rsa_padding() :: 'rsa_pkcs1_padding' | 'rsa_pkcs1_oaep_padding' | 'rsa_no_padding'.
diff --git a/lib/crypto/test/engine_SUITE.erl b/lib/crypto/test/engine_SUITE.erl
index 5f74304fe7..aac8946893 100644
--- a/lib/crypto/test/engine_SUITE.erl
+++ b/lib/crypto/test/engine_SUITE.erl
@@ -43,10 +43,24 @@ all() ->
      unknown_engine,
      pre_command_fail_bad_value,
      pre_command_fail_bad_key,
-     failed_engine_init
+     failed_engine_init,
+     {group, engine_stored_key}
     ].
 
-init_per_suite(Config) ->    
+groups() ->
+    [{engine_stored_key, [],
+      [sign_verify_rsa,
+       sign_verify_dsa,
+       sign_verify_ecdsa,
+       sign_verify_rsa_pwd,
+       priv_encrypt_pub_decrypt_rsa,
+       priv_encrypt_pub_decrypt_rsa_pwd,
+       pub_encrypt_priv_decrypt_rsa,
+       pub_encrypt_priv_decrypt_rsa_pwd
+      ]}].
+
+
+init_per_suite(Config) ->
     try crypto:start() of
 	ok ->
             Config;
@@ -59,9 +73,31 @@ end_per_suite(_Config) ->
     ok.
 
 %%--------------------------------------------------------------------
+init_per_group(engine_stored_key, Config) ->
+    case load_storage_engine(Config) of
+        {ok, E} ->
+            KeyDir = key_dir(Config),
+            [{storage_engine,E}, {storage_dir,KeyDir} | Config];
+        {error, notexist} ->
+            {skip, "OTP Test engine not found"};
+        {error, notsup} ->
+            {skip, "Engine not supported on this OpenSSL version"};
+        {error, bad_engine_id} ->
+            {skip, "Dynamic Engine not supported"};
+        Other ->
+            ct:log("Engine load failed: ~p",[Other]),
+            {fail, "Engine load failed"}
+    end;
 init_per_group(_Group, Config0) ->
     Config0.
 
+end_per_group(engine_stored_key, Config) ->
+    case proplists:get_value(storage_engine, Config) of
+        undefined ->
+            ok;
+        E ->
+            ok = crypto:engine_unload(E)
+    end;
 end_per_group(_, _) ->
     ok.
 
@@ -310,3 +346,141 @@ failed_engine_init(Config) when is_list(Config) ->
        error:notsup ->
           {skip, "Engine not supported on this OpenSSL version"}
    end.
+
+%%%----------------------------------------------------------------
+%%% Pub/priv key storage tests.  Thoose are for testing the crypto.erl
+%%% support for using priv/pub keys stored in an engine.
+
+sign_verify_rsa(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key.pem")},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key.pem")},
+    sign_verify(rsa, sha, Priv, Pub).
+
+sign_verify_dsa(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "dsa_private_key.pem")},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "dsa_public_key.pem")},
+    sign_verify(dss, sha, Priv, Pub).
+
+sign_verify_ecdsa(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "ecdsa_private_key.pem")},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "ecdsa_public_key.pem")},
+    sign_verify(ecdsa, sha, Priv, Pub).
+
+sign_verify_rsa_pwd(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key_pwd.pem"),
+             password => "password"},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key_pwd.pem")},
+    sign_verify(rsa, sha, Priv, Pub).
+
+priv_encrypt_pub_decrypt_rsa(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key.pem")},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key.pem")},
+    priv_enc_pub_dec(rsa, Priv, Pub,  rsa_pkcs1_padding).
+
+priv_encrypt_pub_decrypt_rsa_pwd(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key_pwd.pem"),
+             password => "password"},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key_pwd.pem")},
+    priv_enc_pub_dec(rsa, Priv, Pub,  rsa_pkcs1_padding).
+
+pub_encrypt_priv_decrypt_rsa(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key.pem")},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key.pem")},
+    pub_enc_priv_dec(rsa, Pub, Priv,  rsa_pkcs1_padding).
+
+pub_encrypt_priv_decrypt_rsa_pwd(Config) ->
+    Priv = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_private_key.pem"),
+             password => "password"},
+    Pub  = #{engine => engine_ref(Config),
+             key_id => key_id(Config, "rsa_public_key.pem")},
+    pub_enc_priv_dec(rsa, Pub, Priv,  rsa_pkcs1_padding).
+
+%%%================================================================
+%%% Help for engine_stored_pub_priv_keys* test cases
+%%%
+load_storage_engine(_Config) ->
+    case crypto:get_test_engine() of
+        {ok, Engine} ->
+            try crypto:engine_load(<<"dynamic">>,
+                                   [{<<"SO_PATH">>, Engine},
+                                    <<"LOAD">>],
+                                   [])
+            catch
+                error:notsup ->
+                    {error, notsup}
+            end;
+
+        {error, Error} ->
+            {error, Error}
+    end.
+
+
+key_dir(Config) ->
+    DataDir = unicode:characters_to_binary(proplists:get_value(data_dir, Config)),
+    filename:join(DataDir, "pkcs8").
+
+
+engine_ref(Config) ->
+    proplists:get_value(storage_engine, Config).
+
+key_id(Config, File) ->
+    filename:join(proplists:get_value(storage_dir,Config), File).
+
+pubkey_alg_supported(Alg) ->
+    lists:member(Alg,
+                 proplists:get_value(public_keys, crypto:supports())).
+
+
+pub_enc_priv_dec(Alg, KeyEnc, KeyDec, Padding) ->
+    case pubkey_alg_supported(Alg) of
+        true ->
+            PlainText = <<"Hej på dig">>,
+            CryptoText = crypto:public_encrypt(Alg, PlainText, KeyEnc, Padding),
+            case crypto:private_decrypt(Alg, CryptoText, KeyDec, Padding) of
+                PlainText -> ok;
+                _ -> {fail, "Encrypt-decrypt error"}
+            end;
+        false ->
+            {skip, lists:concat([Alg," is not supported by cryptolib"])}
+    end.
+
+priv_enc_pub_dec(Alg, KeyEnc, KeyDec, Padding) ->
+    case pubkey_alg_supported(Alg) of
+        true ->
+            PlainText = <<"Hej på dig">>,
+            CryptoText = crypto:private_encrypt(Alg, PlainText, KeyEnc, Padding),
+            case crypto:public_decrypt(Alg, CryptoText, KeyDec, Padding) of
+                PlainText -> ok;
+                _ -> {fail, "Encrypt-decrypt error"}
+            end;
+        false ->
+            {skip, lists:concat([Alg," is not supported by cryptolib"])}
+    end.
+
+sign_verify(Alg, Sha, KeySign, KeyVerify) ->
+    case pubkey_alg_supported(Alg) of
+        true ->
+            PlainText = <<"Hej på dig">>,
+            Signature = crypto:sign(Alg, Sha, PlainText, KeySign),
+            case crypto:verify(Alg, Sha, PlainText, Signature, KeyVerify) of
+                true -> ok;
+                _ -> {fail, "Sign-verify error"}
+            end;
+        false ->
+            {skip, lists:concat([Alg," is not supported by cryptolib"])}
+    end.
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_private_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_private_key.pem
new file mode 100644
index 0000000000..778ffac675
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_private_key.pem
@@ -0,0 +1,9 @@
+-----BEGIN PRIVATE KEY-----
+MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAMyitTMR7vPbpqyAXJpqnB0AhFwQ
+F87IE+JKFl5bD/MSkhhRV5sM73HUU1ooXY0FjhZ+cdLUCATuZR5ta4ydANqWIcAB
+gX3IwF1B4zf5SXEKTWkUYneL9dOKtiZLtoG28swrk8xMxwX+0fLHkltCEj6FiTW9
+PFrv8GmIfV6DjcI9AhUAqXWbb3RtoN9Ld28fVMhGZrj3LJUCgYEAwnxGHGBMpJaF
+2w7zAw3jHjL8PMYlV6vnufGHQlwF0ZUXJxRsvagMb/X1qACTu2VPYEVoLQGM3cfH
+EhHoQmvSXGAyTfR7Bmn3gf1n/s/DcFbdZduUCZ/rAyIrfd0eSbc1I+kZk85UCsKK
+w/IYdlqcuYa4Cgm2TapT5uEMqH4jhzEEFgIULh8swEUWmU8aJNWsrWl4eCiuUUg=
+-----END PRIVATE KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_public_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_public_key.pem
new file mode 100644
index 0000000000..0fa5428828
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/dsa_public_key.pem
@@ -0,0 +1,12 @@
+-----BEGIN PUBLIC KEY-----
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBAMyitTMR7vPbpqyAXJpqnB0AhFwQF87I
+E+JKFl5bD/MSkhhRV5sM73HUU1ooXY0FjhZ+cdLUCATuZR5ta4ydANqWIcABgX3I
+wF1B4zf5SXEKTWkUYneL9dOKtiZLtoG28swrk8xMxwX+0fLHkltCEj6FiTW9PFrv
+8GmIfV6DjcI9AhUAqXWbb3RtoN9Ld28fVMhGZrj3LJUCgYEAwnxGHGBMpJaF2w7z
+Aw3jHjL8PMYlV6vnufGHQlwF0ZUXJxRsvagMb/X1qACTu2VPYEVoLQGM3cfHEhHo
+QmvSXGAyTfR7Bmn3gf1n/s/DcFbdZduUCZ/rAyIrfd0eSbc1I+kZk85UCsKKw/IY
+dlqcuYa4Cgm2TapT5uEMqH4jhzEDgYQAAoGAXPygOFYdeKgfLmuIC303cESYXvic
+e2GNJomv8vaWLZmbLVVDfwA1fNsuF1hZkWw8f7aYaN9iZ3yl9u4Yk4TbJKkqfJqd
+dgVt288SUqvi+NMHODUzYi9KAOXxupXffZSvdu54gKRaDuFTZ5XNcRqIJWGYlJYg
+NVHF5FPZ4Bk2FYA=
+-----END PUBLIC KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_private_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_private_key.pem
new file mode 100644
index 0000000000..a45522064f
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_private_key.pem
@@ -0,0 +1,8 @@
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBparGjr0KcdNrVM2J
+G0mW5ltP1QyvxDqBMyWLWo3fruRZv6Qoohl5skd1u4O+KJoM/UrrSTOXI/MDR7NN
+i1yl7O+hgYkDgYYABAG8K2XVsK0ahG9+HIIPwCO0pJY8ulwSTXwIjkCGyB2lpglh
+8qJmRzuyGcfRTslv8wfv0sPlT9H9PKDvgrTUL7rvQQDdOODNgVPXSecUoXoPn+X+
+eqxs77bjx+A5x0t/i3m5PfkaNPh5MZ1H/bWuOOdj2ZXZw0R4rlVc0zVrgnPU8L8S
+BQ==
+-----END PRIVATE KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_public_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_public_key.pem
new file mode 100644
index 0000000000..6d22fe43fe
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/ecdsa_public_key.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBvCtl1bCtGoRvfhyCD8AjtKSWPLpc
+Ek18CI5AhsgdpaYJYfKiZkc7shnH0U7Jb/MH79LD5U/R/Tyg74K01C+670EA3Tjg
+zYFT10nnFKF6D5/l/nqsbO+248fgOcdLf4t5uT35GjT4eTGdR/21rjjnY9mV2cNE
+eK5VXNM1a4Jz1PC/EgU=
+-----END PUBLIC KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key.pem
new file mode 100644
index 0000000000..ea0e3d3958
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCwwb0/ddXGXTFK
+4FLxXdV6a/WJMSoPPS55RvZIAHFsiTtvPLbJ8LxDsZ6wSVZLN0/UQ4wdWn9jftyj
+U5/IxBVG8XOtKimTMvm3/ZOzVLueGHBbrLYscRv9oL85ulTKHWgrZDu0lBX5JJTI
+v5UTCErzJRQbka9DG1GaBgDb1PlXfkzBWMwfsBZmwoC77KvCcIGCgbW/XCY03TP2
+3Tg8drvpByMStddP2FQ4fZ91qFUzPu8uhZEsqSQTFlmhgGEx7dLlky0xvu62RuAD
+RTpINpcWZtWDHTdssOqu653LwwqBY8lBopCZ/4Af8QR3ZYkQhen1YLEbVheXRuzI
+LSCZIiJNAgMBAAECggEBAJH4/fxpqQkvr2Shy33Pu1xlyhnpw01gfn/jrcKasxEq
+aC4eWup86E2TY3U8q4pkfIXU3uLi+O9HNpmflwargNLc1mY8uqb44ygiv5bLNEKE
+9k2PXcdoBfC4jxPyoNFl5cBn/7LK1TazEjiTl15na9ZPWcLG1pG5/vMPYCgsQ1sP
+8J3c4E3aaXIj9QceYxBprl490OCzieGyZlRipncz3g4UShRc/b4cycvDZOJpmAy4
+zbWTcBcSMPVPi5coF0K8UcimiqZkotfb/2RLc433i34IdsIXMM+brdq+g8rmjg5a
++oQPy02M6tFApBruEhAz8DGgaLtDY6MLtyZAt3SjXnUCgYEA1zLgamdTHOqrrmIi
+eIQBnAJiyIfcY8B9SX1OsLGYFCHiPVwgUY35B2c7MavMsGcExJhtE+uxU7o5djtM
+R6r9cRHOXJ6EQwa8OwzzPqbM17/YqNDeK39bc9WOFUqRWrhDhVMPy6z8rmZr73mG
+IUC7mBNx/1GBdVYXIlsXzC96dI8CgYEA0kUAhz6I5nyPa70NDEUYHLHf3IW1BCmE
+UoVbraSePJtIEY/IqFx7oDuFo30d4n5z+8ICCtyid1h/Cp3mf3akOiqltYUfgV1G
+JgcEjKKYWEnO7cfFyO7LB7Y3GYYDJNy6EzVWPiwTGk9ZTfFJEESmHC45Unxgd17m
+Dx/R58rFgWMCgYBQXQWFdtSI5fH7C1bIHrPjKNju/h2FeurOuObcAVZDnmu4cmD3
+U8d9xkVKxVeJQM99A1coq0nrdI3k4zwXP3mp8fZYjDHkPe2pN6rW6L9yiohEcsuk
+/siON1/5/4DMmidM8LnjW9R45HLGWWGHpX7oyco2iJ+Jy/6Tq+T1MX3PbQKBgQCm
+hdsbQJ0u3CrBSmFQ/E9SOlRt0r4+45pVuCOY6yweF2QF9HcXTtbhWQJHLclDHJ5C
+Ha18aKuKFN3XzKFFBPKe1jOSBDGlQ/dQGnKx5fr8wMdObM3oiaTlIJuWbRmEUgJT
+QARjDIi8Z2b0YUhZx+Q9oSXoe3PyVYehJrQX+/BavQKBgQCIr7Zp0rQPbfqcTL+M
+OYHUoNcb14f9f8hXeXHQOqVpsGwxGdRQAU9wbx/4+obKB5xIkzBsVNcJwavisNja
+hegnGjTB/9Hc4m+5bMGwH0bhS2eQO4o+YYM2ypDmFQqDLRfFUlZ5PVHffm/aA9+g
+GanNBCsmtoHtV6CJ1UZ7NmBuIA==
+-----END PRIVATE KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key_pwd.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key_pwd.pem
new file mode 100644
index 0000000000..501662fc35
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_private_key_pwd.pem
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIh888Iq6gxuMCAggA
+MBQGCCqGSIb3DQMHBAic/11YZ8Nt5gSCBMjG/Jb4qiMoBS50iQvHXqcETPE+0NBr
+jhsn9w94LkdRBstMPAsoKmY98Er96Rnde/NfmqlU9CupKTkd7Ce5poBf72Y6KMED
+cPURyjbGRFsu6x9skXB2obhyKYEqAEF2oQAg4Qbe5v1qXBIgDuC/NgiJnM+w2zCZ
+LkHSZB2/NmcnvDzcgPF7TM8pTO23xCJ33m37qjfWvHsgocVqZmL9wQ4+wr/NMYjJ
+pJvX1OHW1vBsZsXh40WchalYRSB1VeO368QfsE8coRJztqbMzdce9EQdMB6Q6jlO
+cetd3moLIoMP4I7HW0/SgokbycTbRiYSvRyU1TGc2WbW6BrFZV24IckcnnVUFatf
+6HKUcaYLG68dJcRgs5QMGkcmgVvlddENHFmHZlo0eym/xSiUl/AT8/5odscm6ML8
+wW5sneax+TF4J2eYmiN7yjAUCodXVTNYNDVKo6uUhntlymbM0o4UitVIbPIfTDHl
+sxJAEZ7vpuPqeNMxUk6G6zipuEjqsVbnuFSBSZmgKiGYcifRPUmqqINa3DdS4WVx
+xaPWdHbHVRD//ze3h/FsA+1lIE5q2kUE0xXseJA1ISog++kJp14XeaaL2j/tx3Ob
+OsbcaOAD/IUw/ItDt9kn0qzfnar7sS0Wov8AmJQxHmH7Lm93jHTLM05yE0AR/eBr
+Mig2ZdC+9OqVC+GPuBkRjSs8NpltQIDroz6EV9IMwPwXm0szSYoyoPLmlHJUdnLs
+ZUef+au6hYkEJBrvuisagnq5eT/fCV3hsjD7yODebNU2CmBTo6X2PRx/xsBHRMWl
+QkoM9PBdSCnKv6HpHl4pchuoqU2NpFjN0BCaad6aHfZSTnqgzK4bEh1oO6dI8/rB
+/eh71JyFFG5J4xbpaqz5Su01V1iwU5leK5bDwqals4M4+ZGHGciou7qnXUmX2fJl
+r6DlMUa/xy+A2ZG0NuZR05yk2oB3+KVNMgp6zFty3XaxwoNtc8GTLtLnBnIh2rlP
+mE1+I65LRWwrNQalPeOAUrYuEzhyp2Df7a8Ykas5PUH7MGR/S0Ge/dLxtE2bJuK4
+znbLAsGhvo/SbNxYqIp6D4iDtd3va6yUGncy41paA/vTKFVvXZDrXcwJQYYCVOGT
+OwdzNuozU8Dc7oxsd8oakfC46kvmVaOrGvZbm56PFfprcaL/Hslska5xxEni/eZe
+WRxZbCBhAVqS1pn5zkDQVUe9uFlR/x39Qi01HIlKLBsjpSs6qQsFArMe8hgXmXLG
+xP+dyVuOE18NzSewdEjeqSRKIM7Qi8EOjZsI4HdSRBY7bh9VhmaVXDZiCSf33TTE
+3y8nimzQAeuGoYg6WqHmWWC2Qnpki2HlaIH/ayXEyQWkP/qvg61e8ovdg9Fy8JOO
+0AacXVt5zj0q00AW5bKx7usi4NIjZedi86hUm6H19aBm7r86BKjwYTEI/GOcdrbV
+9HC/8ayOimgwiAG3gq+aLioWym+Z6KnsbVd7XReVbvM/InQx54WA2y5im0A+/c67
+oQFFPV84XGX9waeqv/K4Wzkm6HW+qVAEM67482VGOf0PVrlQMno6dOotT/Y7ljoZ
+2iz0LmN9yylJnLPDrr1i6gzbs5OhhUgbF5LI2YP2wWdCZTl/DrKSIvQZWl8U+tw3
+ciA=
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key.pem
new file mode 100644
index 0000000000..d3fb5a2cc9
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMG9P3XVxl0xSuBS8V3V
+emv1iTEqDz0ueUb2SABxbIk7bzy2yfC8Q7GesElWSzdP1EOMHVp/Y37co1OfyMQV
+RvFzrSopkzL5t/2Ts1S7nhhwW6y2LHEb/aC/ObpUyh1oK2Q7tJQV+SSUyL+VEwhK
+8yUUG5GvQxtRmgYA29T5V35MwVjMH7AWZsKAu+yrwnCBgoG1v1wmNN0z9t04PHa7
+6QcjErXXT9hUOH2fdahVMz7vLoWRLKkkExZZoYBhMe3S5ZMtMb7utkbgA0U6SDaX
+FmbVgx03bLDqruudy8MKgWPJQaKQmf+AH/EEd2WJEIXp9WCxG1YXl0bsyC0gmSIi
+TQIDAQAB
+-----END PUBLIC KEY-----
diff --git a/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key_pwd.pem b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key_pwd.pem
new file mode 100644
index 0000000000..f74361cead
--- /dev/null
+++ b/lib/crypto/test/engine_SUITE_data/pkcs8/rsa_public_key_pwd.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxquo1Na8C+kjeW0YESGm
+vE1bgNW9xh+SQjU1fv/97ePK8mQW2zO1h/vUNz23pfZAKjQu3rlFW/VgGJQ0LgCs
+8Gr/HbMwNcCJzuFMePUrnWn/qBeR7OKUZCJ3E1pp4kwsTdGDDO7jPtNzKf0bdKlg
+G2GHfZWhUediRX8NsRg12X1odVPuRGVRsyJ952YODk9PFjK7pro7Ynf3Icx7di9d
+PXL5vEcKSRdomXvt1rgM8XVHES94RQqoz60ZhfV2JnPfa9V8qu0KaGntpEr7p4rQ
+5BSiLFPjPOArjsD5tKyo8ldKCdQjLfisEp7AetfMjLPVVPw9o/SmCjDxsYWTVRQ2
+tQIDAQAB
+-----END PUBLIC KEY-----
author	Hans Nilsson <[email protected]>	2017-11-10 12:24:46 +0100
committer	Hans Nilsson <[email protected]>	2017-11-10 12:24:46 +0100
commit	30147b18b7837034adb94bd2ee2eda3ae2a177bf (patch)
tree	8da0b26eb4c565fabb3e2a7dfea22ef304d16332 /lib/crypto
parent	216872073815bfcfc0d3d18c51ae8291967c07dd (diff)
parent	1d0bd5f30cfd95d0977061618a5e483a8606deca (diff)
download	otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.tar.gz otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.tar.bz2 otp-30147b18b7837034adb94bd2ee2eda3ae2a177bf.zip