jar type: add fuzzer for 3rd-party dep

[AdamKorcz]

Summary

This adds a fuzzer for github.com/sassoftware/relic/lib/signjar.Verify(). This API is already covered, but this more focused fuzzer will test it is faster.

This PR also adds additional bug detectors to github.com/sassoftware/relic.

The hash that the OSS-Fuzz script checks out in Relic is the version that Rekor uses.

Release Note

Documentation

[codecov]

Codecov Report

Merging #1360 (186a41a) into main (389d359) will increase coverage by 0.02%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #1360      +/-   ##
==========================================
+ Coverage   64.10%   64.12%   +0.02%     
==========================================
  Files          82       82              
  Lines        7906     7906              
==========================================
+ Hits         5068     5070       +2     
+ Misses       2184     2182       -2     
  Partials      654      654              

Flag	Coverage Δ
e2etests	47.81% <ø> (ø)
unittests	42.67% <ø> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/types/helm/v0.0.1/entry.go	49.18% <0.00%> (ø)
pkg/types/rekord/v0.0.1/entry.go	67.60% <0.00%> (+0.62%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.