sig: Move hashing into algorithm

sig: Move hashing into algorithm

I think it should be up to the pk algorithm to decide on the hash
function, at least in the usual case.  When we have key rollover and
proper enrolment, a public key declaration by a site should specify
precisely the validation algorithm including the hash function.

For `rsa' we can't do that because in theory people might have bound
the `hash' config key to something unusual.  So provide a way for that
to work.  The approach is to have site.c (the only caller of the sig
closures) find out whether to do the `hash' config key lookup by
seeing whether the pk algorithm wants it.

Then we can move all the hash-related machinations into rsa.c.  (A
future pk algorithm can do this a lot more simply by calling the
appropriate hash functions directly.)

An effect is to move the allocation of the hash result buffer from
per-packet to initialisation (!)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>