[dev.boringcrypto.go1.18] crypto/tls: allow BoringCrypto to use 4096-bit keys

FIPS-140 has been updated to allow 4096-bit RSA keys.
Allow them in certificate processing.

This is the Go 1.18 boringcrypto branch version of CL 447655.
Not a straight cherry-pick, because the code in the boringcrypto branch
is different from the code that merged into the main branch.

Fixes #41147 for the Go 1.18 boringcrypto branch.

Change-Id: Iae8a6406a2885e6546df2c28c1791c19cfafb6b5
Reviewed-on: https://go-review.googlesource.com/c/go/+/449639
Run-TryBot: Russ Cox <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Roland Shoemaker <[email protected]>

Author: rsc

src/crypto/tls/boring.go

@@ -91,7 +91,7 @@ func isBoringCertificate(c *x509.Certificate) bool {
 	default:
 		return false
 	case *rsa.PublicKey:
-		if size := k.N.BitLen(); size != 2048 && size != 3072 {
+		if size := k.N.BitLen(); size != 2048 && size != 3072 && size != 4096 {
 			return false
 		}
 	case *ecdsa.PublicKey:

src/crypto/tls/boring_test.go

@@ -309,7 +309,7 @@ func TestBoringCertAlgs(t *testing.T) {
 	// Set up some roots, intermediate CAs, and leaf certs with various algorithms.
 	// X_Y is X signed by Y.
 	R1 := boringCert(t, "R1", boringRSAKey(t, 2048), nil, boringCertCA|boringCertFIPSOK)
-	R2 := boringCert(t, "R2", boringRSAKey(t, 4096), nil, boringCertCA)
+	R2 := boringCert(t, "R2", boringRSAKey(t, 1024), nil, boringCertCA)
 
 	M1_R1 := boringCert(t, "M1_R1", boringECDSAKey(t, elliptic.P256()), R1, boringCertCA|boringCertFIPSOK)
 	M2_R1 := boringCert(t, "M2_R1", boringECDSAKey(t, elliptic.P224()), R1, boringCertCA)