Support for cryptographic operations with larger keys

Currently, this crate allows instantiation of public keys larger than
4096 bit (via `RsaPublicKey::new_with_max_size`), but doing
cryptographic operations with such public keys fails in
`key::check_public`, which always checks the modulus size against the
constant `RsaPublicKey::MAX_SIZE`.

I think it would be nice to cap both public and private key sizes to
4096 bit by default, but to allow opt-in creation of larger keys
(complete with working cryptographic operations).

Author: hko-s

src/key.rs

@@ -228,7 +228,7 @@ impl RsaPublicKey {
 
     /// Create a new public key from its components.
     pub fn new_with_max_size(n: BoxedUint, e: BoxedUint, max_size: usize) -> Result<Self> {
-        check_public_with_max_size(&n, &e, max_size)?;
+        check_public_with_max_size(&n, &e, Some(max_size))?;
 
         let n_odd = Odd::new(n.clone())
             .into_option()
@@ -666,14 +666,19 @@ impl PrivateKeyParts for RsaPrivateKey {
 /// Check that the public key is well formed and has an exponent within acceptable bounds.
 #[inline]
 pub fn check_public(public_key: &impl PublicKeyParts) -> Result<()> {
-    check_public_with_max_size(public_key.n(), public_key.e(), RsaPublicKey::MAX_SIZE)
+    check_public_with_max_size(public_key.n(), public_key.e(), None)
 }
 
 /// Check that the public key is well formed and has an exponent within acceptable bounds.
 #[inline]
-fn check_public_with_max_size(n: &BoxedUint, e: &BoxedUint, max_size: usize) -> Result<()> {
-    if n.bits_vartime() as usize > max_size {
-        return Err(Error::ModulusTooLarge);
+fn check_public_with_max_size(
+    n: &BoxedUint, e: &BoxedUint,
+    max_size: Option<usize>,
+) -> Result<()> {
+    if let Some(max_size) = max_size {
+        if n.bits_vartime() as usize > max_size {
+            return Err(Error::ModulusTooLarge);
+        }
     }
 
     if e >= n || n.is_even().into() || n.is_zero().into() {