Allow and ignore 33(x5chain)/34(x5t) in cose_auth

[achamayou]

Although cose_auth currently uses 4(kid) to look up the member key, some signing tools may embed x5t/x5chain, which currently causes the qcbor spiffy parser to fail.

We should allow them through.

Longer term, we may want to allow did members, defined as a did:x509, which would get resolved against those on submission.