(Re-)Introduce minimum hash algorithm lengths for ECDSA and EdDSA
Addresses https://mailarchive.ietf.org/arch/msg/openpgp/8Ar6K10MJfmpHTBRCz2Redt7Lag/.
Require using a hash function with a digest size of at least the field size of the curve (e.g., at least SHA2-256 for P-256), except SHA{2,3}-512 may be used for P-521.
Also, allow using DSA with a hash algorithm longer than the size of q. The following text already describes how to do this, so the existing text prohibiting this seems contradictory.
Edited by Daniel Huigens