Adapt JSON serialization

[danielfett]

This implements JSON serialization as outlined in https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/403 and defined in https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/414

Noteworthy changes:

• To support JSON Serialization with multiple issuer signatures:
  • In the settings.yml files for examples and test cases, issuer_key was renamed to issuer_keys and MAY be an array of keys.
  • The issuer_keys argument to the SDJWTIssuer MAY be an array of keys (but a single key is still supported, so no changes in legacy usages required)
  • The callable cb_get_issuer_key passed to SDJWTVerifier MAY return a JWKSet
  • Example/test case specification.yml files may now specify settings_override to override whatever is defined in the settings.yml

[bc-pi]

• issuer_keys argument to the SDJWTIssuer MAY be an array of keys (but a single key is still supported, so no changes in legacy usages required)

but an update to the name in the settings.yml of dependent projects (like SD-JWT VC) will be needed, no?

[c2bo]

• issuer_keys argument to the SDJWTIssuer MAY be an array of keys (but a single key is still supported, so no changes in legacy usages required)

but an update to the name in the settings.yml of dependent projects (like SD-JWT VC) will be needed, no?

What about catching the old yaml files during parsing, converting to the correct claim names (basically issuer_key -> issuer_keys for both functions parsing yaml files) and outputting a warning that issuer_key is deprecated? That would be a very small change and not break stuff.