Providing a context parameter for signature operations

[athoelke]

Up to now, the API does not have a context parameter in signature functions, although a number of signature schemes are defined with a context. This was partly due to there being no use cases in standards for the context parameter, for the signature algorithms included in the API specification (just EdDSA in v1.2).

The recently standardized FIPS post-quantum signature algorithms, ML-DSA and SLH-DSA, also include a context parameter.

The IETF draft proposal for hybrid signatures using ML-DSA (see https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/), is using a non-empty ML-DSA context parameter.

This suggests that it is time to provide sign-with-context and verify-with-context functions to the API. This should probably all 4 variations of psa_{sign|verify}_{message|hash}_with_context().