aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key
diff options
context:
space:
mode:
Diffstat (limited to 'lib/public_key')
-rw-r--r--lib/public_key/doc/src/public_key.xml21
-rw-r--r--lib/public_key/include/public_key.hrl5
-rw-r--r--lib/public_key/src/pubkey_cert_records.erl16
-rw-r--r--lib/public_key/src/pubkey_pem.erl25
-rw-r--r--lib/public_key/src/public_key.erl24
-rw-r--r--lib/public_key/test/pkits_SUITE.erl39
-rw-r--r--lib/public_key/test/public_key.cover4
-rw-r--r--lib/public_key/test/public_key.spec3
-rw-r--r--lib/public_key/test/public_key_SUITE.erl63
-rw-r--r--lib/public_key/test/public_key_SUITE_data/dsa_pub.pem12
-rw-r--r--lib/public_key/test/public_key_SUITE_data/rsa_pub.pem4
-rw-r--r--lib/public_key/test/public_key_SUITE_data/rsa_pub_key.pem4
12 files changed, 166 insertions, 54 deletions
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index c72719fac4..91e058f74e 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -64,8 +64,8 @@
<p><c>decrypt_der() = binary() </c></p>
- <p><c>pki_asn1_type() = 'Certificate' | 'RSAPrivateKey'|
- 'DSAPrivateKey' | 'DHParameter'</c></p>
+ <p><c>pki_asn1_type() = 'Certificate' | 'RSAPrivateKey'| 'RSAPublicKey'
+ 'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter' | 'SubjectPublicKeyInfo'</c></p>
<p><c>pem_entry () = {pki_asn1_type(), der_encoded() | decrypt_der(), not_encrypted |
{"DES-CBC" | "DES-EDE3-CBC", crypto:rand_bytes(8)}}.</c></p>
@@ -207,17 +207,24 @@
<v> Password = string() </v>
</type>
<desc>
- <p>Decodes a pem entry. pem_decode/1 returns a list of
- pem entries.</p>
+ <p>Decodes a pem entry. pem_decode/1 returns a list of pem
+ entries. Note that if the pem entry is of type
+ 'SubjectPublickeyInfo' it will be further decoded to an
+ rsa_public_key() or dsa_public_key().</p>
</desc>
</func>
<func>
<name>pem_entry_encode(Asn1Type, Entity [,{CipherInfo, Password}]) -> pem_entry()</name>
- <fsummary> Creates a pem entry that can be feed to pem_encode/1.</fsummary>
+ <fsummary> Creates a pem entry that can be fed to pem_encode/1.</fsummary>
<type>
- <v>Asn1Type = atom()</v>
- <v>Entity = term()</v>
+ <v>Asn1Type = pki_asn1_type()</v>
+ <v>Entity = term() - The Erlang representation of
+ <c>Asn1Type</c>. If <c>Asn1Type</c> is 'SubjectPublicKeyInfo'
+ then <c>Entity</c> must be either an rsa_public_key() or a
+ dsa_public_key() and this function will create the appropriate
+ 'SubjectPublicKeyInfo' entry.
+ </v>
<v>CipherInfo = {"DES-CBC" | "DES-EDE3-CBC", crypto:rand_bytes(8)}</v>
<v>Password = string()</v>
</type>
diff --git a/lib/public_key/include/public_key.hrl b/lib/public_key/include/public_key.hrl
index 4950597fb5..f29ab859ed 100644
--- a/lib/public_key/include/public_key.hrl
+++ b/lib/public_key/include/public_key.hrl
@@ -73,8 +73,9 @@
-type der_encoded() :: binary().
-type decrypt_der() :: binary().
--type pki_asn1_type() :: 'Certificate' | 'RSAPrivateKey'
- | 'DSAPrivateKey' | 'DHParameter'.
+-type pki_asn1_type() :: 'Certificate' | 'RSAPrivateKey' | 'RSAPublicKey'
+ | 'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter'
+ | 'SubjectPublicKeyInfo'.
-type pem_entry() :: {pki_asn1_type(), der_encoded() | decrypt_der(),
not_encrypted | {Cipher :: string(), Salt :: binary()}}.
-type asn1_type() :: atom(). %% see "OTP-PUB-KEY.hrl
diff --git a/lib/public_key/src/pubkey_cert_records.erl b/lib/public_key/src/pubkey_cert_records.erl
index 20b322b4a4..7a387e487c 100644
--- a/lib/public_key/src/pubkey_cert_records.erl
+++ b/lib/public_key/src/pubkey_cert_records.erl
@@ -23,7 +23,7 @@
-include("public_key.hrl").
--export([decode_cert/1, transform/2]).
+-export([decode_cert/1, transform/2, supportedPublicKeyAlgorithms/1]).
%%====================================================================
%% Internal application API
@@ -80,16 +80,24 @@ transform(Other,_) ->
Other.
%%--------------------------------------------------------------------
-%%% Internal functions
+-spec supportedPublicKeyAlgorithms(Oid::tuple()) -> asn1_type().
+%%
+%% Description: Returns the public key type for an algorithm
+%% identifier tuple as found in SubjectPublicKeyInfo.
+%%
%%--------------------------------------------------------------------
-
-%%% SubjectPublicKey
supportedPublicKeyAlgorithms(?'rsaEncryption') -> 'RSAPublicKey';
supportedPublicKeyAlgorithms(?'id-dsa') -> 'DSAPublicKey';
supportedPublicKeyAlgorithms(?'dhpublicnumber') -> 'DHPublicKey';
supportedPublicKeyAlgorithms(?'id-keyExchangeAlgorithm') -> 'KEA-PublicKey';
supportedPublicKeyAlgorithms(?'id-ecPublicKey') -> 'ECPoint'.
+%%--------------------------------------------------------------------
+%%% Internal functions
+%%--------------------------------------------------------------------
+
+%%% SubjectPublicKey
+
decode_supportedPublicKey(#'OTPSubjectPublicKeyInfo'{algorithm= PA =
#'PublicKeyAlgorithm'{algorithm=Algo},
subjectPublicKey = {0,SPK0}}) ->
diff --git a/lib/public_key/src/pubkey_pem.erl b/lib/public_key/src/pubkey_pem.erl
index 31d881973a..78870e5cd7 100644
--- a/lib/public_key/src/pubkey_pem.erl
+++ b/lib/public_key/src/pubkey_pem.erl
@@ -93,11 +93,11 @@ encode_pem_entries(Entries) ->
encode_pem_entry({Asn1Type, Der, not_encrypted}) ->
StartStr = pem_start(Asn1Type),
- [StartStr, "\n", b64encode_and_split(Der), pem_end(StartStr) ,"\n\n"];
+ [StartStr, "\n", b64encode_and_split(Der), "\n", pem_end(StartStr) ,"\n\n"];
encode_pem_entry({Asn1Type, Der, {Cipher, Salt}}) ->
StartStr = pem_start(Asn1Type),
[StartStr,"\n", pem_decrypt(),"\n", pem_decrypt_info(Cipher, Salt),"\n",
- b64encode_and_split(Der), pem_end(StartStr) ,"\n\n"].
+ b64encode_and_split(Der), "\n", pem_end(StartStr) ,"\n\n"].
decode_pem_entries([], Entries) ->
lists:reverse(Entries);
@@ -145,16 +145,22 @@ split_bin(N, Bin) ->
b64encode_and_split(Bin) ->
split_lines(base64:encode(Bin)).
+split_lines(<<Text:?ENCODED_LINE_LENGTH/binary>>) ->
+ [Text];
split_lines(<<Text:?ENCODED_LINE_LENGTH/binary, Rest/binary>>) ->
[Text, $\n | split_lines(Rest)];
split_lines(Bin) ->
- [Bin, $\n].
+ [Bin].
%% Ignore white space at end of line
join_entry([<<"-----END CERTIFICATE-----", _/binary>>| Lines], Entry) ->
{lists:reverse(Entry), Lines};
join_entry([<<"-----END RSA PRIVATE KEY-----", _/binary>>| Lines], Entry) ->
{lists:reverse(Entry), Lines};
+join_entry([<<"-----END PUBLIC KEY-----", _/binary>>| Lines], Entry) ->
+ {lists:reverse(Entry), Lines};
+join_entry([<<"-----END RSA PUBLIC KEY-----", _/binary>>| Lines], Entry) ->
+ {lists:reverse(Entry), Lines};
join_entry([<<"-----END DSA PRIVATE KEY-----", _/binary>>| Lines], Entry) ->
{lists:reverse(Entry), Lines};
join_entry([<<"-----END DH PARAMETERS-----", _/binary>>| Lines], Entry) ->
@@ -210,15 +216,22 @@ pem_start('Certificate') ->
<<"-----BEGIN CERTIFICATE-----">>;
pem_start('RSAPrivateKey') ->
<<"-----BEGIN RSA PRIVATE KEY-----">>;
+pem_start('RSAPublicKey') ->
+ <<"-----BEGIN RSA PUBLIC KEY-----">>;
+pem_start('SubjectPublicKeyInfo') ->
+ <<"-----BEGIN PUBLIC KEY-----">>;
pem_start('DSAPrivateKey') ->
<<"-----BEGIN DSA PRIVATE KEY-----">>;
pem_start('DHParameter') ->
<<"-----BEGIN DH PARAMETERS-----">>.
-
pem_end(<<"-----BEGIN CERTIFICATE-----">>) ->
<<"-----END CERTIFICATE-----">>;
pem_end(<<"-----BEGIN RSA PRIVATE KEY-----">>) ->
<<"-----END RSA PRIVATE KEY-----">>;
+pem_end(<<"-----BEGIN RSA PUBLIC KEY-----">>) ->
+ <<"-----END RSA PUBLIC KEY-----">>;
+pem_end(<<"-----BEGIN PUBLIC KEY-----">>) ->
+ <<"-----END PUBLIC KEY-----">>;
pem_end(<<"-----BEGIN DSA PRIVATE KEY-----">>) ->
<<"-----END DSA PRIVATE KEY-----">>;
pem_end(<<"-----BEGIN DH PARAMETERS-----">>) ->
@@ -230,6 +243,10 @@ asn1_type(<<"-----BEGIN CERTIFICATE-----">>) ->
'Certificate';
asn1_type(<<"-----BEGIN RSA PRIVATE KEY-----">>) ->
'RSAPrivateKey';
+asn1_type(<<"-----BEGIN RSA PUBLIC KEY-----">>) ->
+ 'RSAPublicKey';
+asn1_type(<<"-----BEGIN PUBLIC KEY-----">>) ->
+ 'SubjectPublicKeyInfo';
asn1_type(<<"-----BEGIN DSA PRIVATE KEY-----">>) ->
'DSAPrivateKey';
asn1_type(<<"-----BEGIN DH PARAMETERS-----">>) ->
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 30398df9cc..fad73e8e92 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -62,6 +62,7 @@
-type dss_digest_type() :: 'none' | 'sha'.
-define(UINT32(X), X:32/unsigned-big-integer).
+-define(DER_NULL, <<5, 0>>).
%%====================================================================
%% API
@@ -90,6 +91,17 @@ pem_encode(PemEntries) when is_list(PemEntries) ->
%% Description: Decodes a pem entry. pem_decode/1 returns a list of
%% pem entries.
%%--------------------------------------------------------------------
+pem_entry_decode({'SubjectPublicKeyInfo', Der, _}) ->
+ {_, {'AlgorithmIdentifier', AlgId, Params}, {0, Key0}}
+ = der_decode('SubjectPublicKeyInfo', Der),
+ KeyType = pubkey_cert_records:supportedPublicKeyAlgorithms(AlgId),
+ case KeyType of
+ 'RSAPublicKey' ->
+ der_decode(KeyType, Key0);
+ 'DSAPublicKey' ->
+ {params, DssParams} = der_decode('DSAParams', Params),
+ {der_decode(KeyType, Key0), DssParams}
+ end;
pem_entry_decode({Asn1Type, Der, not_encrypted}) when is_atom(Asn1Type),
is_binary(Der) ->
der_decode(Asn1Type, Der).
@@ -114,6 +126,18 @@ pem_entry_decode({Asn1Type, CryptDer, {Cipher, Salt}} = PemEntry,
%
%% Description: Creates a pem entry that can be feed to pem_encode/1.
%%--------------------------------------------------------------------
+pem_entry_encode('SubjectPublicKeyInfo', Entity=#'RSAPublicKey'{}) ->
+ Der = der_encode('RSAPublicKey', Entity),
+ Spki = {'SubjectPublicKeyInfo',
+ {'AlgorithmIdentifier', ?'rsaEncryption', ?DER_NULL}, {0, Der}},
+ pem_entry_encode('SubjectPublicKeyInfo', Spki);
+pem_entry_encode('SubjectPublicKeyInfo',
+ {DsaInt, Params=#'Dss-Parms'{}}) when is_integer(DsaInt) ->
+ KeyDer = der_encode('DSAPublicKey', DsaInt),
+ ParamDer = der_encode('DSAParams', {params, Params}),
+ Spki = {'SubjectPublicKeyInfo',
+ {'AlgorithmIdentifier', ?'id-dsa', ParamDer}, {0, KeyDer}},
+ pem_entry_encode('SubjectPublicKeyInfo', Spki);
pem_entry_encode(Asn1Type, Entity) when is_atom(Asn1Type) ->
Der = der_encode(Asn1Type, Entity),
{Asn1Type, Der, not_encrypted}.
diff --git a/lib/public_key/test/pkits_SUITE.erl b/lib/public_key/test/pkits_SUITE.erl
index a20f4e72c6..fd976cb2f3 100644
--- a/lib/public_key/test/pkits_SUITE.erl
+++ b/lib/public_key/test/pkits_SUITE.erl
@@ -25,8 +25,8 @@
-compile(export_all).
-%%-include_lib("public_key/include/public_key.hrl").
--include("public_key.hrl").
+-include_lib("public_key/include/public_key.hrl").
+%%-include("public_key.hrl").
-define(error(Format,Args), error(Format,Args,?FILE,?LINE)).
-define(warning(Format,Args), warning(Format,Args,?FILE,?LINE)).
@@ -43,25 +43,24 @@
-define(NIST6, "2.16.840.1.101.3.2.1.48.6").
%%
-all(doc) ->
- ["PKITS tests for RFC3280 compliance"];
-all(suite) ->
- [signature_verification,
- validity_periods,
+suite() -> [{ct_hooks,[ts_install_cth]}].
+
+all() ->
+ [signature_verification, validity_periods,
verifying_name_chaining,
- %% basic_certificate_revocation_tests,
verifying_paths_with_self_issued_certificates,
- verifying_basic_constraints,
- key_usage,
-%% certificate_policies,
-%% require_explicit_policy,
-%% policy_mappings,
-%% inhibit_policy_mapping,
-%% inhibit_any_policy,
- name_constraints,
-%% distribution_points,
-%% delta_crls,
- private_certificate_extensions].
+ verifying_basic_constraints, key_usage,
+ name_constraints, private_certificate_extensions].
+
+groups() ->
+ [].
+
+init_per_group(_GroupName, Config) ->
+ Config.
+
+end_per_group(_GroupName, Config) ->
+ Config.
+
signature_verification(doc) -> [""];
signature_verification(suite) -> [];
@@ -580,7 +579,7 @@ init_per_testcase(_Func, Config) ->
put(datadir, Datadir),
Config.
-fin_per_testcase(_Func, Config) ->
+end_per_testcase(_Func, Config) ->
%% Nodes = select_nodes(all, Config, ?FILE, ?LINE),
%% rpc:multicall(Nodes, mnesia, lkill, []),
Config.
diff --git a/lib/public_key/test/public_key.cover b/lib/public_key/test/public_key.cover
index 8477c76ef6..ec00814578 100644
--- a/lib/public_key/test/public_key.cover
+++ b/lib/public_key/test/public_key.cover
@@ -1,2 +1,4 @@
+{incl_app,public_key,details}.
-{exclude, ['OTP-PUB-KEY']}. \ No newline at end of file
+
+{excl_mods, public_key, ['OTP-PUB-KEY']}.
diff --git a/lib/public_key/test/public_key.spec b/lib/public_key/test/public_key.spec
index dee9ad44ed..1749822c2d 100644
--- a/lib/public_key/test/public_key.spec
+++ b/lib/public_key/test/public_key.spec
@@ -1,2 +1 @@
-{topcase, {dir, "../public_key_test"}}.
-
+{suites,"../public_key_test",all}.
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 1bc1c8ec75..d130196c15 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -23,10 +23,10 @@
%% Note: This directive should only be used in test suites.
-compile(export_all).
--include_lib("test_server/include/test_server.hrl").
+-include_lib("common_test/include/ct.hrl").
-include_lib("test_server/include/test_server_line.hrl").
--include("public_key.hrl").
+-include_lib("public_key/include/public_key.hrl").
-define(TIMEOUT, 120000). % 2 min
@@ -99,18 +99,21 @@ end_per_testcase(_TestCase, Config) ->
%% Name of a test case.
%% Description: Returns a list of all test cases in this test suite
%%--------------------------------------------------------------------
-all(doc) ->
- ["Test the public_key rsa functionality"];
-
-all(suite) ->
- [app,
- pk_decode_encode,
- encrypt_decrypt,
- sign_verify,
- pkix,
- pkix_path_validation,
- deprecated
- ].
+suite() -> [{ct_hooks,[ts_install_cth]}].
+
+all() ->
+ [app, pk_decode_encode, encrypt_decrypt, sign_verify,
+ pkix, pkix_path_validation, deprecated].
+
+groups() ->
+ [].
+
+init_per_group(_GroupName, Config) ->
+ Config.
+
+end_per_group(_GroupName, Config) ->
+ Config.
+
%% Test cases starts here.
%%--------------------------------------------------------------------
@@ -139,6 +142,15 @@ pk_decode_encode(Config) when is_list(Config) ->
DSAKey = public_key:der_decode('DSAPrivateKey', DerDSAKey),
DSAKey = public_key:pem_entry_decode(Entry0),
+
+ {ok, DSAPubPem} = file:read_file(filename:join(Datadir, "dsa_pub.pem")),
+ [{'SubjectPublicKeyInfo', _, _} = PubEntry0] =
+ public_key:pem_decode(DSAPubPem),
+ DSAPubKey = public_key:pem_entry_decode(PubEntry0),
+ true = check_entry_type(DSAPubKey, 'DSAPublicKey'),
+ PubEntry0 = public_key:pem_entry_encode('SubjectPublicKeyInfo', DSAPubKey),
+ DSAPubPemNoEndNewLines = strip_ending_newlines(DSAPubPem),
+ DSAPubPemEndNoNewLines = strip_ending_newlines(public_key:pem_encode([PubEntry0])),
[{'RSAPrivateKey', DerRSAKey, not_encrypted} = Entry1 ] =
erl_make_certs:pem_to_der(filename:join(Datadir, "client_key.pem")),
@@ -153,6 +165,22 @@ pk_decode_encode(Config) when is_list(Config) ->
true = check_entry_type(public_key:pem_entry_decode(Entry2, "abcd1234"),
'RSAPrivateKey'),
+ {ok, RSAPubPem} = file:read_file(filename:join(Datadir, "rsa_pub.pem")),
+ [{'SubjectPublicKeyInfo', _, _} = PubEntry1] =
+ public_key:pem_decode(RSAPubPem),
+ RSAPubKey = public_key:pem_entry_decode(PubEntry1),
+ true = check_entry_type(RSAPubKey, 'RSAPublicKey'),
+ PubEntry1 = public_key:pem_entry_encode('SubjectPublicKeyInfo', RSAPubKey),
+ RSAPubPemNoEndNewLines = strip_ending_newlines(RSAPubPem),
+ RSAPubPemNoEndNewLines = strip_ending_newlines(public_key:pem_encode([PubEntry1])),
+
+ {ok, RSARawPem} = file:read_file(filename:join(Datadir, "rsa_pub_key.pem")),
+ [{'RSAPublicKey', _, _} = PubEntry2] =
+ public_key:pem_decode(RSARawPem),
+ RSAPubKey = public_key:pem_entry_decode(PubEntry2),
+ RSARawPemNoEndNewLines = strip_ending_newlines(RSARawPem),
+ RSARawPemNoEndNewLines = strip_ending_newlines(public_key:pem_encode([PubEntry2])),
+
Salt0 = crypto:rand_bytes(8),
Entry3 = public_key:pem_entry_encode('RSAPrivateKey', RSAKey0,
{{"DES-EDE3-CBC", Salt0}, "1234abcd"}),
@@ -432,9 +460,16 @@ check_entry_type(#'DSAPrivateKey'{}, 'DSAPrivateKey') ->
true;
check_entry_type(#'RSAPrivateKey'{}, 'RSAPrivateKey') ->
true;
+check_entry_type(#'RSAPublicKey'{}, 'RSAPublicKey') ->
+ true;
+check_entry_type({_Int, #'Dss-Parms'{}}, 'DSAPublicKey') when is_integer(_Int) ->
+ true;
check_entry_type(#'DHParameter'{}, 'DHParameter') ->
true;
check_entry_type(#'Certificate'{}, 'Certificate') ->
true;
check_entry_type(_,_) ->
false.
+
+strip_ending_newlines(Bin) ->
+ string:strip(binary_to_list(Bin), right, 10).
diff --git a/lib/public_key/test/public_key_SUITE_data/dsa_pub.pem b/lib/public_key/test/public_key_SUITE_data/dsa_pub.pem
new file mode 100644
index 0000000000..d3635e5b20
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/dsa_pub.pem
@@ -0,0 +1,12 @@
+-----BEGIN PUBLIC KEY-----
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBALez5tklY5CdFeTMos899pA6i4u4uCts
+zgBzrdBk6cl5FVqzdzWMGTQiynnTpGsrOESinzP06Ip+pG15We2OORwgvCxD/W95
+aCiN0/+MdiXqlsmboBARMzsa+SmBENN3gF/+tuuEAFzOXU1q2cmEywRLyfbM2KIB
+VE/TChWYw2eRAhUA1R64VvcQ90XA8SOKVDmMA0dBzukCgYEAlLMYP0pbgBlgHQVO
+3/avAHlWNrIq52Lxk7SdPJWgMvPjTK9Z6sv88kxsCcydtjvO439j1yqcwk50GQc+
+86ktBWWz93/HkIdnFyqafef4mmWvm2Uq6ClQKS+A0Asfaj8Mys+HUMiI+qsfdjRb
+yIpwb7MX1nsVdsKzALnZNMW27A0DgYQAAoGAfEIAb3mLjtFfiF/tsZb4/DGHdWSb
+6Ir0hFkoBUZ9ymBO70wlfZVSQGs240kZtOMpAOpJL1Dy8oH6PUQ+JyacwZIo8fdq
+19/Kwm6CPrpaEhzErmMvwT2CZJYZ+HOk55ljLkVCiyG7MzEj2+odLKym9yoQsbsJ
+olHzIRpkLk45y4c=
+-----END PUBLIC KEY-----
diff --git a/lib/public_key/test/public_key_SUITE_data/rsa_pub.pem b/lib/public_key/test/public_key_SUITE_data/rsa_pub.pem
new file mode 100644
index 0000000000..cbe81343f7
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/rsa_pub.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANRiyZg0uci74Nc6mnqZ8AoDl88aT7x6
+JA0MfgHIHzteEj7Qg+lE5QxMGAafurVE5vqoHkDfwk4uzzsCAJuz91MCAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/lib/public_key/test/public_key_SUITE_data/rsa_pub_key.pem b/lib/public_key/test/public_key_SUITE_data/rsa_pub_key.pem
new file mode 100644
index 0000000000..3b9d7568ff
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/rsa_pub_key.pem
@@ -0,0 +1,4 @@
+-----BEGIN RSA PUBLIC KEY-----
+MEgCQQDUYsmYNLnIu+DXOpp6mfAKA5fPGk+8eiQNDH4ByB87XhI+0IPpROUMTBgG
+n7q1ROb6qB5A38JOLs87AgCbs/dTAgMBAAE=
+-----END RSA PUBLIC KEY-----