fix: address Phase 2 review cycle 2 issues
Resolves all critical, important, and minor issues identified in the second
review cycle for identity.rs:
Critical (N1): Remove unused `Signature` imports in verify_prehash tests and
relocate per-function `use` statements to module level.
Important (N2): Replace no-op `use percent_encoding;` with direct use of the
percent_decode_str helper function (which already exists and wraps the
percent_encoding crate).
Important (N3): Hoist SigningKey type imports to test module level as
K256SigningKey and P256SigningKey aliases to comply with module organization
rules.
Important (N4): Improve parse_multikey_p256 test by forcing compressed form
unconditionally with to_encoded_point(true) and asserting the hex literal
without soft-gating.
Minor (N5): Add dedicated DnsNoDidRecord error variant for DNS records that
exist but lack did= entries, replacing generic DidResolutionFailed.
Minor (N6): Add dedicated InvalidDidBody error variant for invalid DID format
in HTTPS fallback response, replacing generic DidResolutionFailed with
contradictory status: 200.
Minor (N7): Add #[derive(thiserror::Error)] and #[error(...)] attributes to
AnySignatureError enum so it can chain into miette diagnostics.
Minor (N8): Add symmetric p256-key+k256-sig test case to verify_prehash_curve_mismatch
for complete coverage of curve mismatch scenarios.
All tests pass; cargo fmt and cargo clippy --all-targets pass cleanly.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>