Support CMS sign/verify for SM2 Key

[dongbeiouba]

Support CMS sign/verify for SM2 Key, rather than just ecdsa and rsa signature. ECDSA and DSA and all provider-delivered signatures implementation is the same by calling cms_generic_sign().

cherry-picked from openssl:

• enable CMS sign/verify for provider-implemented PKEYs.
• Check error return from cms_sd_asn1_ctrl() correctly.

Checklist

• [ ] 在 https://yuque.com/tsdoc 增加或更新了必要的文档
• [ ] 增加或更新了必要的测试用例
• [ ] 对于重要修改，更新了CHANGES文件
• [ ] 当前修改存在对已有API参数或返回值的改变
• [ ] 当前修改存在对旧版本功能的兼容性改变（如网络协议或密码算法）