crypto: reject ML-KEM/ML-DSA PKCS#8 import without seed in SubtleCrypto

[panva]

Reject importing ML-KEM and ML-DSA PKCS#8 private keys that do not include a seed, throwing NotSupportedError.

Also add tests for importing PKCS#8 keys with a mismatched expanded key.

Refs: https://redirect.github.com/WICG/webcrypto-modern-algos/pull/34

Note: both of these algorithms are marked as experimental Issues and PRs related to experimental features.

[nodejs-github-bot]

Review requested:

• @nodejs/crypto
• @nodejs/web-standards

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.67%. Comparing base (aaa9151) to head (dc1212a).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #62218   +/-   ##
=======================================
  Coverage   89.67%   89.67%           
=======================================
  Files         676      676           
  Lines      206451   206477   +26     
  Branches    39529    39533    +4     
=======================================
+ Hits       185139   185165   +26     
+ Misses      13451    13443    -8     
- Partials     7861     7869    +8     

Files with missing lines	Coverage Δ
lib/internal/crypto/ml_dsa.js	95.16% <100.00%> (+1.45%)	⬆️
lib/internal/crypto/ml_kem.js	92.10% <100.00%> (+1.72%)	⬆️

... and 28 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/71712/

[anonrig]

Should we just create them on the root scope?