js: Assume IEEE P1363 encoding for ECDSA signatures in ccf.crypto.verifySignature

[letmaik]

The recently added ccf.crypto.verifySignature function in JS (#2661) aims to follow the Web Crypto API in behavior. This is the case for RSASSA-PKCS1-v1_5 but not for ECDSA simply because the Web Crypto API uses r || s following IEEE P1363 as signature encoding and the CCF implementation uses what OpenSSL uses, which is the DER encoding of SEQ(r,s) following RFC 3279. The tests didn't catch it because the Python cryptography package also uses DER encoding. The polyfill tests of the JS package generate and validate signatures using Node's crypto module which by default uses DER but also supports IEEE P1363.

Two options:

1. Switch to IEEE P1363, making it consistent with Web Crypto.
2. Add an additional optional encoding field in the algorithm function argument, next to name and hash. If omitted, it defaults to IEEE P1363 encoding (ieee-p1363), and if its value is der then it assumes DER. The values are from https://nodejs.org/api/crypto.html#crypto_class_sign.

Both options have in common that they switch current behavior to IEEE P1363, so option 2 could always be a future feature if someone needs it.