Invalid PKCS8 encoding for private keys in python-rsa backend

[mattsb42-aws]

In the process of investigating the pycrypto/dome dependency on the python-rsa backend, I discovered that the PKCS8 encoding being performed for RSA private keys by the python-rsa backend is incompatible with the other backends.

Digging deeper, I found that the magic prefix[1] being added to the PKCS1 encoded private key[2] is both invalid per the PKCS8 spec[3] and incorrectly sets a static message size.

This results in the serialized keys being unreadable by any other system, and also in the python-rsa backend being unable to deserialize any keys written by a correct system.

Current magic prefix:

Full key from tests, header tweaked to have a valid length

30  # sequence
8204BD  # DER-encoded sequence contents length of 1213 bytes -- INCORRECT STATIC LENGTH
  020100  # integer: 0 -- Version
  300D  # sequence containing 13 bytes -- PrivateKeyAlgorithmIdentifier
    06092A864886F70D010101  # OID -- rsaEncryption
    0500  # NULL -- parameters
  <PKCS1 key added>

Prefix should be:

Full key from tests

30  # sequence
820945  # DER-encoded sequence contents length of 2373 bytes -- LENGTH MUST BE SET PER KEY
  02 01 00  # integer: 0 -- Version
  30  # sequence
  0D  # DER-encoded sequence contents length of 13 bytes -- PrivateKeyAlgorithmIdentifier
    06092A864886F70D010101  # OID -- rsaEncryption
    0500  # NULL -- parameters
  04 # Octet String
  82092F  # DER-encoded octet string length of 2351 bytes -- LENGTH MUST BE SET PER KEY
    <PKCS1 key added>

[1] https://github.com/mpdavis/python-jose/blob/master/jose/backends/rsa_backend.py#L15
[2] https://github.com/mpdavis/python-jose/blob/master/jose/backends/rsa_backend.py#L186
[3] https://tools.ietf.org/html/rfc5208#page-5

[mattsb42-aws]

Addressed in #120. I put it on top of backend-explicit-tests because it's much more difficult to actually isolate and test this behavior before that branch.

[mattsb42-aws]

This is resolved with #129