Expose cose sign1 message sign/verify APIs in ccf.crypto

[gaurav137]

The CCF infra has wrappers for COSE verification in C++ (built around t-cose), but these aren't currently exposed in the JS/TS API. Ask is to look at exposing that.

There are scenarios where the CCF app client runs in confidential ACI and presents its attestation report as the means to authenticate to the /app endpoint APIs. The code running in confidential ACI container cannot use user/member cert based auth in such situations. Further the payload of the APIs needs to be signed with a key pair that is generated/re-generated on container start within the CACI instance and whose public key is then added in the report_data of the attestation report. That way one can tie the payload with the attestation report. Using cose signing for the payload is an option that we want to go with. For this we need code in the CCF app that can verify cose sign1 messages.

As a reference, https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.cose.cosesign1message.verifyembedded?view=dotnet-plat-ext-8.0 are the .NET APIs around cose sign/verification.