Add context parameter for encryption and signing
As per https://mailarchive.ietf.org/arch/msg/openpgp/sTn6rUeY2FBIkZo6Yn-xnLHYLC4/, it would be useful to enable some domain separation, by having the ability to bind encrypted messages and signatures to some context. For messages, this would fix certain attacks that lead to decryption oracles, as pointed out by https://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2020/12/06/schwenk2020.pdf. For signatures, this would fix certain attacks where a signature is re-used in a context where it wasn't, including (but not limited to) surreptitious forwarding.
For encrypted messages, this could be done by adding the context to the additional data passed to the AEAD algorithm. For signatures, this could be done by adding the context to the hashed data.