Add a new constant-time is_zero() check for RsaIdentity
There are some places in the protocol where we have an all-zero RSA
identity that does not truly represent a key, but rather represents
an absent or unknown key. For these, it's better to use
RsaIdentity::is_zero
instead of manually checking for a set of
zero bytes: it expresses the intent better, and ensures that the
operation is constant-time.
I am deliberately not introducing a more general IsZero trait here, or implementing is_zero for anything else: This is the only one we seem to need right now. We can generalize it later if we have to.