P2-002: parse full X509Data sub-elements in KeyInfo

[polaz]

Summary

Implement ROADMAP task P2-002 by extending XMLDSig KeyInfo parsing to fully parse X509Data sub-elements.

Scope

• Parse and store X509Certificate (base64 to DER).
• Parse and store X509SubjectName.
• Parse and store X509IssuerSerial (X509IssuerName + X509SerialNumber).
• Parse and store X509SKI.
• Parse and store X509CRL.
• Parse and store dsig11:X509Digest (Algorithm + digest bytes).
• Enforce structural validation for malformed X509IssuerSerial and missing X509Digest Algorithm.
• Add regression tests for malformed and invalid base64 inputs.

Acceptance Criteria

• X509DataInfo holds parsed values, not only counters.
• Invalid structures fail with parse errors.
• Regression tests cover malformed issuer serial, missing digest algorithm, and invalid cert base64.
• cargo check, cargo clippy with warnings denied, cargo nextest run, and doc tests pass.

Estimate

3d (implementation + tests + review)

[coderabbitai]

🔗 Related PRs

#27 - feat(xmldsig): add ecdsa signature verification [merged]
#30 - feat(xmldsig): add full signature verify pipeline [merged]
#32 - feat(xmldsig): add VerifyContext builder policies [merged]
#41 - test(xmldsig): add donor full verification suite accounting [merged]
#47 - feat(xmldsig): add KeyInfo dispatch parsing [closed]

---

📝 Issue Planner

_{Check the box below or use the @coderabbitai plan command to generate an implementation plan and prompts that you can use with your favorite coding assistant.}

• Create Plan

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!