Add MLDSA{65,87} support

[ptoffy]

Since swift-crypto now supports ML-DSA{65,87}, this adds support for ML-DSA based JWTs. While ML-DSA is now a formalised standard (RFC 204), its usage in JOSE is still in draft state, which means its specification could change.
Because of this, we're hiding the new APIs behind @_spi(PostQuantum) annotations, separating them from the public API and allowing therefore breaking changes, at least until the specification will be finalised.
To use them, simply

@_spi(PostQuantum) import JWTKit

but know that the APIs could be subject to change outside of major versions of JWTKit.

[codecov]

Codecov Report

❌ Patch coverage is 78.04878% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.13%. Comparing base (ed0532b) to head (1e4642c).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
Sources/JWTKit/MLDSA/MLDSASigner.swift	77.27%	5 Missing ⚠️
Sources/JWTKit/MLDSA/MLDSA.swift	60.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #229      +/-   ##
==========================================
- Coverage   83.55%   82.13%   -1.42%     
==========================================
  Files          57       61       +4     
  Lines        1496     1422      -74     
==========================================
- Hits         1250     1168      -82     
- Misses        246      254       +8     

Files with missing lines	Coverage Δ
Sources/JWTKit/JWTKeyCollection.swift	93.10% <100.00%> (-0.59%)	⬇️
Sources/JWTKit/MLDSA/JWTKeyCollection+MLDSA.swift	100.00% <100.00%> (ø)
Sources/JWTKit/MLDSA/MLDSAType.swift	100.00% <100.00%> (ø)
Sources/JWTKit/MLDSA/MLDSA.swift	60.00% <60.00%> (ø)
Sources/JWTKit/MLDSA/MLDSASigner.swift	77.27% <77.27%> (ø)

... and 23 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[fpseverino]

Why don't we hide these algorithms behind a @_spi(PostQuantum), instead of a separate target? I guess it will also be easier to move them to the stable API down the line

[ptoffy]

@fpseverino yes that was in fact the plan in the beginning. And nothing has changed, I just forgot 🙈 done!

[0xTim]

Are we expecting these APIs to ever change? Or should we use a package trait instead of SPI?

[ptoffy]

The RFC isn't final yet so even though unlikely the spec and therefore the APIs might still change

[fpseverino]

We should now depend on the wwdc-25 branch of swift-crypto, which has the latest API for ML-DSA

[fpseverino]

Love it! Just a few notes

I took a quick look at the JOSE draft, and it doesn't seem to me that context strings are used anywhere. But if I'm wrong, or if the draft is updated, that's something we'll have to take into account.

Also, shall we add these algorithms to the README and DocC?

[fpseverino]

Once the JOSE draft is finalised, will removing @_spi be a breaking change? If so, what could we do?

[ptoffy]

@fpseverino it's not breaking because it was never part of the API to begin with (just of the SPI). It will be a simple addition so a minor version is fine

[penny-for-vapor]

Benchmark Report for 1e4642c

Benchmark in progress...