Integration of libhydrogen for package/index signatures
The library libhydrogen offers a very simple to sign and verify images. It's especially designed for embedded devices and is both fast while using very short signatures.
As an effort related to #10684 I'd be happy to integrate libhydrogen as an additional mechanism for certificate verification. While RSA etc should stay in place, maybe it could be optionally ifdefed-out