JWK in JWT-VC for PKH issuers

[clehner]

Currently, ssi cannot issue JWT VCs for issuers that are based on public key hashes (e.g. did:tz and did:pkh, where the verification method contains a hash of the public key rather than the actual public key), unless either the public key is Secp256k1 and a recoverable signature is used, or the public key is passed as input somehow during the verification process. A solution for non-recoverable signature types is to put the public key in the payload. This is what we are doing for the VC data integrity proof (linked data proof) types mentioned in #152: putting the publicKeyJwk in the proof object. In VC-JWT, the proof object is replaced by a combination of JOSE header parameters and claims. There is a "jwk" header parameter defined that could be used for this: https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.3

Sidetree also has a pattern of including a JWT's signing key in its payload; the jws_decode_verify_inner function defined for that is general to the claim name, and could be moved into ssi::jws (and changed to use ssi::jwk::JWK) for this purpose.