Test PKCS7 with other signature algorithms

[gilles-peskine-arm]

As far as I can see, all the PKCS7 test data uses RSA-PKCS#1v1.5 as the signature algorithm throughout. The goal of this task is to add test data and test cases that use RSA-PSS or ECDSA.

We don't need to have full coverage of PKCS7 with other algorithms, but we should at least have:

• Data and test cases with a good signature with both PSS and ECDSA (a single key size/curve is enough).
• Data and test cases with a bad signature with both PSS and ECDSA (a single key size/curve is enough).
• Test cases when the signature algorithm is not supported. Also, for ECDSA, when the curve is not supported. (That is: a test case with depends_on:!PSA_WANT_… that calls the verify function and checks that it returns the proper error code.) (Related, out of scope here: PKCS7 tests with a digest algorithm that's not supported.)
• Data and test cases with multiple signers using different algorithms.
• At least one test involving data that's signed by a certificate which is itself signed using a different algorithm, to check for cross-contamination.

This is needed both in 3.6 and 4.x. If the testing in 3.6 reveals a lack of functionality (as opposed to an outright bug), we'll either implement it if the impact is minimal (judged by code size and complexity of the change), or document the limitation otherwise.