Updating code to support PKCS#8 private key format

[Copilot]

• Add pyasn1 = ">=0.1.3" to [tool.poetry.dependencies] in pyproject.toml (since rsa_signer.py imports it directly)
• Update to_rsa_format docstring in utils.py to accurately describe support for both PKCS#1 and PKCS#8 PEM formats
• Update poetry.lock to reflect pyasn1 as a direct dependency

[gitguardian]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
33066226	Triggered	Generic Private Key	4c465e4	tests/keys/fake_mauth.pkcs8.key	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Revoke and rotate the secret.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[johnduhart]

Keys were generated by the agent for testing and are benign.

[johnduhart]

LGTM, will let @ykitamura-mdsol have the final say.

[Copilot]

Pull request overview

This PR updates the client to accept PKCS#8 PEM private keys (in addition to existing PKCS#1 “RSA PRIVATE KEY” PEMs), and adds tests/fixtures to validate equivalent signing behavior across formats.

Changes:

• Extend to_rsa_format to preserve either PKCS#1 or PKCS#8 PEM headers/footers when normalizing whitespace/newlines.
• Update RSASigner to load PKCS#8 keys by decoding the PKCS#8 structure and extracting the embedded PKCS#1 key.
• Add PKCS#8 test fixtures and unit tests to ensure PKCS#1 and PKCS#8 signatures match.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
mauth_client/utils.py	Normalize key formatting while supporting both PKCS#1 and PKCS#8 PEM envelopes.
mauth_client/rsa_signer.py	Add PKCS#8 key loading path using ASN.1 DER decoding.
tests/utils_test.py	Add formatting tests for PKCS#8 keys.
tests/signer_test.py	Add regression test ensuring PKCS#1/PKCS#8 signatures are identical.
tests/common.py	Allow loading PKCS#8 fixture keys.
tests/keys/fake_mauth.pkcs8.key	Add PKCS#8 private key fixture for tests.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[johnduhart]

@copilot Ensure the lockfile is updated and committed.

[Copilot]

@copilot Ensure the lockfile is updated and committed.

Done — poetry.lock has been regenerated and committed. pyasn1 now appears in the lock file under groups = ["main"], confirming it's tracked as a direct dependency.

[ykitamura-mdsol]

looks good to me. thank you!