ML-DSA add byte array APIs

[krwq]

This also addresses optional feedback from my last COSE PR.

[Copilot]

Pull Request Overview

This PR adds new byte[]-based overloads for ML-DSA export and signing APIs and updates existing code/tests to adopt these simpler overloads, replacing manual buffer management.

• Introduces byte[] ExportMLDsaPublicKey(), ExportMLDsaSecretKey(), ExportMLDsaPrivateSeed(), SignData(byte[], byte[]?) and VerifyData(byte[], byte[], byte[]?) overloads.
• Updates all X509, PFX, COSE, OpenSSL, and common tests to use the new overloads and removes manual buffer length assertions.
• Extends the reference assembly (ref/System.Security.Cryptography.cs) and implementation (MLDsa.cs, MLDsaImplementation.cs, X509Certificate2.cs, MLDsaX509SignatureGenerator.cs) to support these overloads.

Reviewed Changes

Copilot reviewed 19 out of 19 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
src/libraries/System.Security.Cryptography/tests/X509Certificates/X509Certificate2PemTests.cs	Use new SignData(data) overload instead of manual buffer
src/libraries/System.Security.Cryptography/tests/X509Certificates/PfxTests.cs	Switch to ExportMLDsaPrivateSeed()/ExportMLDsaSecretKey() overloads
src/libraries/System.Security.Cryptography/tests/X509Certificates/ExportTests.cs	Use ExportMLDsaSecretKey() overload
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertificateCreation/PrivateKeyAssociationTests.cs	Use ExportMLDsaPublicKey() and SignData(data) overloads
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs	Use ExportMLDsaSecretKey() overload
src/libraries/System.Security.Cryptography/tests/MLDsaOpenSslTests.Unix.cs	Use SignData(data, context) and ExportMLDsa*() overloads
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs	Simplify public key comparison using new ExportMLDsaPublicKey()
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/MLDsaX509SignatureGenerator.cs	Return SignData(data) directly
src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs	Add and reorder new byte[] overloads for export and signing APIs
src/libraries/System.Security.Cryptography.Cose/tests/TestKeyRing.cs	Add centralized helper for ECDsa/RSA/MLDsa test keys
src/libraries/System.Security.Cryptography.Cose/tests/System.Security.Cryptography.Cose.Tests.csproj	Include new TestKeyRing.cs in test project
src/libraries/System.Security.Cryptography.Cose/tests/CoseTestHelpers.cs	Delegate to TestKeyRing and remove thread-static duplications
src/libraries/Common/tests/.../MLDsa/MLDsaTestsBase.cs	Update tests to use SignData overloads
src/libraries/Common/tests/.../MLDsa/MLDsaTests.cs	Add null-argument validation for new overloads
src/libraries/Common/tests/.../MLDsa/MLDsaTestHelpers.cs	Cover default ReadOnlySpan<byte> in import tests
src/libraries/Common/tests/.../MLDsa/MLDsaImplementationTests.cs	Add tests for null byte[] source imports
src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.cs	Minor formatting around secret-key export
src/libraries/Common/src/System/Security/Cryptography/MLDsaImplementation.cs	Adapt DuplicatePrivateKey to new export APIs
src/libraries/Common/src/System/Security/Cryptography/MLDsa.cs	Implement new byte[] overloads and strengthen span overload checks

Comments suppressed due to low confidence (1)

src/libraries/System.Security.Cryptography.Cose/tests/TestKeyRing.cs:23

• The property references an undeclared backing variable 'field', which will not compile. You should declare a private ECDsa? field for each property (e.g. '_es256') or use auto-properties with initialization.

        internal ECDsa ES256 => field ??= CreateECDsa(_ec256Parameters, true);

[krwq]

/ba-g all these seem unrelated and matched by Build Analysis