Allow signature request when public key is not known

[clehner]

Re: spruceid/didkit#272
It is supposed to be possible to use prepare and complete functions for signing with external keypairs. This functionality was partially broken in #253. #253 added checks during signing, which in this case happen in prepare, to ensure that the signing public key is valid for the verification method of the VC issuer / VP holder. The check requires the public key to hash and compare to the verification method's blockchainAccountId property. It fails now when the public key's data is missing (e.g. "x" and "y" properties - elliptic curve points - for Secp256k1). In the case of Ethereum wallets, the signing account address (hash of public key) is known but not necessarily the account's public key (until making a signature and then performing EC recovery), so it is desirable to be able to sign without passing the public key. Previously it was allowed to pass a stub public key with the "x" and "y" missing, to the prepare function. The pre-signing checks could be relaxed or modified to re-allow this use.

Stack

ssi/src/keccak_hash.rs

Line 32 in 8278650

let pk = k256::PublicKey::try_from(ec_params)?;

ssi/src/caip10.rs

Line 129 in 8278650

crate::keccak_hash::hash_public_key(jwk)

ssi/src/did.rs

Line 855 in 8278650

account_id.verify(jwk)?;

ssi/src/vc.rs

Line 765 in 8278650

vmm.match_jwk(jwk)?;

ssi/src/ldp.rs

Line 352 in 8278650

crate::vc::ensure_verification_relationship(issuer, proof_purpose, vm_id, key, resolver)

ssi/src/ldp.rs

Line 405 in 8278650

ensure_or_pick_verification_relationship(&mut options, document, public_key, resolver)