feat(identity): add AnySigningKey newtype with ES256/ES256K low-s signing
Mirrors AnyVerifyingKey for the signing side. Provides:
- verifying_key() to derive the public key
- jwt_alg() to get the algorithm identifier (ES256K or ES256)
- sign() to hash and sign a message with low-s normalization
- sign_prehash() to sign a precomputed SHA-256 digest
- signature_to_jws_bytes() to serialize signatures for JWS compact form
Includes 4 unit tests verifying round-trip signing/verification for both
K256 and P256 curves, JWT algorithm selection, and JWS byte serialization.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
authored by