[ml-dsa]Implement Zeroize for MLDSASigningKey/[traits,secrets,chacha20poly1305]Implement Zeroize for AEAD Key

[MavenRain]

Add an optional zeroize feature implementing Zeroize, Drop, and
ZeroizeOnDrop for MLDSASigningKey and MLDSAKeyPair. MLDSAKeyPair
clears only the signing key; the verification key is public material.

Gated on not(hax) so hax extraction is unaffected.

Closes #1370.

Add an optional zeroize feature:

• libcrux-secrets: Zeroize for Secret<T> where T: Zeroize, so [U8; N] zeroizes under both default (U8 = u8) and check-secret-independence (U8 = Secret) configurations.
• libcrux-traits: Zeroize for typed_owned::Key<Algo> where Algo::Key: Zeroize. Covers chacha20poly1305::Key and any future AEAD whose key bytes are Zeroize.
• libcrux-chacha20poly1305: zeroize feature forwarding to both.

Drop and ZeroizeOnDrop are not implemented in this PR. Adding them
requires Algo::Key: Zeroize as a bound on typed_owned::Aead (or a
sealed helper trait), which is a larger trait-level change. Happy to
follow up if maintainers want one of those approaches. In the meantime,
callers wanting drop-on-zero can wrap in zeroize::Zeroizing<Key<...>>.

Closes #1375.

[jschneider-bensch]

Thanks! I will review when I have capacity for it.
I'll say upfront (as mentioned in #1332) that I'm a bit apprehensive about adding new cargo features and I'm thinking about different ways to manage array-backed key types (cf. #1390).

[github-actions]

This PR has been marked as stale due to a lack of activity for 60 days. If you believe this pull request is still relevant, please provide an update or comment to keep it open. Otherwise, it will be closed in 7 days.