List of problems to solve while refactoring the interface for signature verification

• RSAPublicKey and RSAKeyPair both define verify(signature_args..., md_type, salt_length), is it even legit?..
• RSAKeyPair_OpenSSL implements verify(signature_args..., md_type, salt_length), BUT PublicKey_OpenSSL implements verify(signature_args..., md_type, hash_bytes&). Here's why JWT authentication uses the wrong verification impl (check comment).
• salt_length is size_t, therefore it's not possible to pass options like RSA_PSS_SALTLEN_AUTO == -2 or other predefined constants. Not sure what's the best way to do it in the interface, it's TBD how different paddings and salt work as per documentation first, but this has to be fixed.

• this and this (UPD: this is actually correct api to get the key from a cert), leaving unchanged
• Found out RSAPublicKey_OpenSSL doesn't throw when created with EC DER, silently passes, I think all ctor-s need revision and proper unit testing (UPD: held for RSA, skipped revision of EC for now)
• Check ACL/SCITT for wrappers usage, and how much this affects them (UPD not much certainly)