Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

Currently when I follow the AWS instruction to importKeyMaterial for asymmetric RSA key using localstack and aws-cli, I'm getting the following exception:
An error occurred (KMSInvalidStateException) when calling the ImportKeyMaterial operation: Unsupported padding, requested wrapping algorithm:'RSA_AES_KEY_WRAP_SHA_256'

Expected Behavior

It is possible to import key material for RSA asymmetric key to localstack.

How are you starting LocalStack?

With the localstack script

Steps To Reproduce

How are you starting localstack (e.g., bin/localstack command, arguments, or docker-compose.yml)

localstack start -d

Client commands (e.g., AWS SDK code snippet, or sequence of "awslocal" commands)

aws kms create-key --origin EXTERNAL --key-spec RSA_4096 --profile localstack

aws kms get-parameters-for-import --key-id b0f79e39-4636-44c3-a6c1-0967b8eb1a8c --wrapping-algorithm RSA_AES_KEY_WRAP_SHA_256 --wrapping-key-spec RSA_4096 --profile localstack

aws kms import-key-material --key-id b0f79e39-4636-44c3-a6c1-0967b8eb1a8c --encrypted-key-material fileb://EncryptedKeyMaterial.bin --import-token fileb://ImportToken.bin --expiration-model KEY_MATERIAL_DOES_NOT_EXPIRE --profile localstack   

I'm following this instruction: AWS KMS documentation: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html for all openssl commands.

Environment

- OS: MacOs 14.5 (23F79)
- LocalStack:
   LocalStack version: 3.4.1.dev
   LocalStack Docker image sha: sha256:cf62a941b36ba7cc49c27e1a9cc01cc17c9512a3ca179b65b1fdcea64ba5b46c
   LocalStack build date: 2024-05-29
   LocalStack build git hash: df6f0a42e
- aws-cli: 2.13.7

Anything else?

Is this wrapping algorithm even supported by localstack? There are no community tests to prove it, but also there is no information in the documentation that it's not supported.