Support for RSASSA-PSS private key loading #7035
Description
I am working on an implementation of this IETF draft, which lists RSASSA-PSS as a signature scheme and provides a RSASSA-PSS key pair in PEM format (https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#appendix-B.1.2) (it also references https://datatracker.ietf.org/doc/html/rfc8017#section-8.1 for a specification of the configuration details).
While loading the public key for verifying works fine, loading the private key for signing yields this error:
File "/lib/python3.8/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 22, in load_pem_private_key
return ossl.load_pem_private_key(data, password)
File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 823, in load_pem_private_key
return self._load_key(
File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1088, in _load_key
return convert_func(evp_pkey)
File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 626, in _evp_pkey_to_private_key
raise UnsupportedAlgorithm("Unsupported key type.")
cryptography.exceptions.UnsupportedAlgorithm: Unsupported key type.
I realize this issue has already been covered in #2850 and issues that reference it, but those all seem to all be in the context of X.509 certificates, which are not involved in this application. I'm not sure if the implementation burden of RSASSA-PSS private key operations without the related X509 infrastructure is significantly lower, but just wanted to mention this application as a standalone future use for this functionality.