do-backs
Signed container, some kind of analogue to ASN.1-based CMS SignedData.
=> https://datatracker.ietf.org/doc/html/rfc5652 CMS

* Ability to embed the data in the signed container
* Ability to create detached signature
* Ability to use non-prehashed signature of the embedded data, potentially
  gaining more security
* Prehashed format is streaming friendly
* You can use [cm/hashed/Merkle] hashing mode to parallelise calculations
* Ability to attach arbitrary additional data
* Ability to store multiple signatures

Stored in a file, it should begin with "cm/signed" [encoding/MAGIC],
unless it is a [cm/pub/]lic key.

<<    [schemas/signed.tcl]
<<    [schemas/av.tcl]
<<    [schemas/fpr.tcl]

Signature is created by signing the:

    data || /tbs || /sig/./tbs

If no "/data" is provided, then the data is detached from the
"cm/signed" structure itself and is fed into hasher before that
structure. You can provide it any way you wish, but for keeping
that detached data closely to the "cm/signed", you should use the
following approach:

    prehash || BLOB(data) || cm/signed

<<    [schemas/prehash.tcl]

With "prehash" you initialise your hashers used during signing process
and feed BLOB's contents (not the encoded BLOB itself!) into the them.
prehash'es /algos must contain /sigs/*/sign/a identifiers:

"/sigs/*/tbs/when" is optional signing time.

Additional values that must be protected (covered by signature) are
placed in "/sigs/*/tbs" map. Non-protected (informational) fields
are placed outside it.

"/pubs" are optionally provided [cm/pub/]lic keys to help creating the
whole verification chain. They are placed outside "/sigs", because some
of them may be shared among signers.

If signed data is also intended to be [cm/encrypted/], then
"/sigs/*/tbs/encrypted-to" should be set to corresponding recipient's
public key fingerprint(s).
