[cm/signed/] with SLH-DSA-SHAKE-256s.
255-bit security level, small variant.
=> https://csrc.nist.gov/pubs/fips/205/final SLH-DSA

"slh-dsa-shake-256s" algorithm identifier
must be used for the signature in pure signing mode.
"slh-dsa-shake-256s-ph" is used in prehash mode.
Algorithm identifiers are also used as a context in the signature.
