ml-dsa: implement ZeroizeOnDrop for KeyPair to robustly zeroize private key material

[extiop]

Hi, thanks for your work on this crate!

Currently, only SigningKey implements zeroization on drop via Drop and ZeroizeOnDrop marker trait (cf. #883 and related PR #917). KeyPair does not implement ZeroizeOnDrop or Zeroize, even though it contains a SigningKey field.

While this works today—because SigningKey's drop will zeroize its fields when a KeyPair is dropped—this approach is fragile. If the implementation of SigningKey changes in the future (for example, if it stops zeroizing on drop, or if sensitive fields are moved to KeyPair), private key material could be left in memory unintentionally.

Suggestion:
Please implement (or derive) ZeroizeOnDrop and Drop for KeyPair as well. This makes the intent explicit, ensures all sensitive material is always zeroized, and protects against future changes in the codebase.

Thanks again!

[tarcieri]

Note: ZeroizeOnDrop is just a marker trait. It's a notable omission, but adding an impl will have no actual effect on zeroization.