Public key improvements

[infinisil]

While trying to fix #133, I noticed some other things that could be improved on the public key handling. For now only a draft, it will change a bunch still I think. The main reasons for doing this:

• We want to have a smart constructor for public keys, one that verifies that the public key is actually a valid one. This would do the check from #133, but it would also do checks for EdDSA and RSA keys. With this, the user can't ever create an invalid public key.
• Avoid duplication of fields: Previously CosePublicKey was an inlined combination of CoseSignAlg and PublicKey, therefore it duplicated all the fields, which is kind of bad
• Make verify only return an error when the error is caused by the signature or the message. Previously it would also return an error if the public key doesn't match the passed signature algorithm. This error therefore needs to be handled earlier.

[infinisil]

Best reviewed by just looking at the first commit