ml_kem: Enable zeroization

[bifurcation]

I'm not totally sure I understand the zeroize crate and its sharp edges, but I think this implements zeroization correctly. Basically just starts at kem::DecapsulationKey and works down the stack from there.

[bifurcation]

Thanks for the explanation @tarcieri. I accepted your proposed change, and removed the ZeroizeOnDrop impls for the internal types. So that leaves us in the following state:

• Internal types (in pke.rs and algebra.rs) implement Zeroize
• The public DecapsulationKey type implements Drop (with Zeroize calls) and ZeroizeOnDrop

[tarcieri]

I can cut a v0.2.1 with this feature