feat(ocaml-tls): add key rotation and roundtrip fuzz/property tests
Protocol fuzz (fuzz/fuzz_tls.ml):
- Add roundtrip property tests for alert, version, handshake, certificates,
DH parameters, and digitally-signed: parse -> assemble -> parse must yield
the same value
- Add targeted key_update_roundtrip test exercising both UPDATE_REQUESTED
and UPDATE_NOT_REQUESTED paths (TLS 1.3 key rotation)
Eio fuzz (eio/tests/fuzz/fuzz_tls.ml):
- Add Key_update op to exercise TLS 1.3 key rotation mid-connection,
with request=true/false to cover both peer-update-request variants