Support for cryptographic operations with larger keys

[hko-s]

Currently, this crate allows instantiation of public keys larger than 4096 bit (via RsaPublicKey::new_with_max_size), but doing cryptographic operations with such public keys fails in key::check_public, which always checks the modulus size against the constant RsaPublicKey::MAX_SIZE.

Also, there's no public API to instantiate larger private keys, or to do cryptographic operations with them.

I think it would be nice to cap both public and private key sizes to 4096 bit by default, but to allow opt-in creation of larger keys (complete with working cryptographic operations).

[tarcieri]

You don't need a max_size carrier on the public key. It's checked at construction time, so once constructed there's no need to use it again.

[hko-s]

You don't need a max_size carrier on the public key. It's checked at construction time, so once constructed there's no need to use it again.

Thanks, sounds good!

I was hesitant to drop the modulus size check that currently happens in check_public_with_max_size:

    if public_key.n().bits() > max_size {
        return Err(Error::ModulusTooLarge);
    }

If we can safely drop that bit of logic when doing cryptographic operations, I'm all for it (but I myself couldn't judge if it is safe).

[tarcieri]

RsaPrivateKey's constructor can construct an RsaPublicKey without applying the public key size checks (it can apply its own size checks separately), but all existing APIs on RsaPublicKey should still apply the checks

[hko-s]

I've modified the approach. Cryptographic operations now don't fail for keys larger than 4096 bit, while at least RsaPublicKey::new still enforces the 4096 bit size limit for the modulus.

If this direction seems roughly right, I'm happy to attempt whatever additional cleanup might be required.

[tarcieri]

This seems fine

[hko-s]

Awesome, thanks!