Add parsing for pkcs1 and pkcs8 encoded rsa keys

[aloucks]

Adds simple functions for parsing pkcs1 and pkcs8 encoded keys and a pem feature that re-exports the pem crate with TryFrom implementations.

The TryFrom implementations will auto-detect pkcs1 or pkcs8 via the header tags.

let pem = rsa::pem::parse(private_key_pem)?;
let private_key = RSAPrivateKey::try_from(pem)?;

let pem = rsa::pem::parse(public_key_pem)?;
let public_key= RSAPublicKey::try_from(pem)?;

Or, manually:

// -----BEGIN RSA PRIVATE KEY-----
let private_key = rsa::parse_private_key_pkcs1(pkcs1_private_key_base64_decoded)?;
// -----BEGIN RSA PUBLIC KEY-----
let public_key = rsa::parse_public_key_pkcs1(pkcs1_public_key_base64_decoded)?;

// -----BEGIN PRIVATE KEY-----
let private_key = rsa::parse_private_key_pkcs8(pkcs8_private_key_base64_decoded)?;
// -----BEGIN PUBLIC KEY-----
let public_key = rsa::parse_public_key_pkcs8(pkcs8_public_key_base64_decoded)?;

Fixes #37

EDIT:

Bikeshed: Should the rsa::parse_[public|private]_key_pkcs[1|8] functions be prefixed with decode_ instead?

[aloucks]

The build is failing on the hex crate with rust 1.36. I believe this is unrelated to the pull request:

error: enum variants on type aliases are experimental
  --> /home/travis/.cargo/registry/src/jackfan.us.kg-1ecc6299db9ec823/hex-0.4.1/src/error.rs:30:13
   |
30 |             Self::InvalidStringLength => write!(f, "Invalid string length"),
   |             ^^^^^^^^^^^^^^^^^^^^^^^^^
error: aborting due to 3 previous errors
error: Could not compile `hex`.

[tarcieri]

Thanks for this, and looks like some unrelated fixes are needed for the hex crate.

This implementation looks okay to me. I'm not super wild about the rsa::parse_[public|private]_key_pkcs functions.

I think those should probably be methods on the individual key types. See the FromPkcs8 trait in the signatory crate as a potential example of an API.

The TryFrom impls look good to me.

[tarcieri]

It seems like this is unnecessary?

[aloucks]

I've removed it and used the full crate path where referenced.

[tarcieri]

Cool, well other than the unrelated errors from hex this looks good to me.

@dignifiedquire @str4d thoughts?

I think we can probably simplify the implementation and eliminate the simple_asn1 dependency by vendoring just the ASN.1 DER support we need and looking for a hardcoded PKCS#8 header ala BearSSL and the corresponding translation in the ecdsa crate, but I think that's a debatable tradeoff and not worth blocking this PR over.

[dignifiedquire]

lgtm overall, some notes, thank you!

[dignifiedquire]

could you add a doctesz for this?

[dignifiedquire]

could you add a doctest for this, so it is easy to see in the docs how it works?

[dignifiedquire]

same here

[aloucks]

@dignifiedquire I've added examples for all of the new functions.

[aloucks]

@dignifiedquire @tarcieri Anything else needed before merging?

[dignifiedquire]

@aloucks sorry for the delay, I want to fix CI before merging, but it looks good thank you 👌

[aloucks]

@dignifiedquire A new version of hex was published and the build is passing now.

[tarcieri]