[RFC] Change jws.Sign, remove jws.SignMulti

[lestrrat]

Allow jws.Sign() to sign using multiple keys

change the function signature

jws.Sign([]byte, SignOption...) ([]byte, error)

• jws.Sign() accepts a jws.WithCompact() or jws.WithJSON() option to determine serialization format. If neither is provided, jws.WithCompact() is assumed.
• jws.Sign() with a single key produces a JWS in compact serialization format.
• jws.Sign() with multiple keys produces a JWS in JSON serialization format.
• It is an error to use jws.WithCompact() and provide multiple keys.

There will not be any jws.WithKeySet() for jws.Sign(). The reason is that each generated signature could potentially have specific headers associated with them, and there needs to be a way to specify them.

changes in jws.WithKey

jws.WithKey() was originally introduced in #577 to specify a single key for verification, but we'll overload this option to also work for signing.

// simple case
jws.Sign(payload, jws.WithKey(alg, key))
// more complicated case... actually, this is an error, as compact serialization form does not allow public headers :)
jws.Sign(payload, jws.WithKey(alg, key, jws.WithProtected(hdr1), jws.WithPublic(hdr2)))

changes in jws.KeySink

Not decided here yet, but there may need to be a jws.SigningKeySink and jws.VerifyingKeySink because different arguments are expected.

Updates

• No changes are required to the signer, deleted

[lestrrat]

implemented via #581