feat: Add embeddable api support

[gpeacock]

New APIs — six new Builder methods for the embeddable workflow where the signer lives on the context: needs_placeholder(format) — check if a placeholder embed step is required
placeholder(format) — generate the placeholder bytes to embed in the asset
set_data_hash_exclusions(exclusions) — register where the placeholder was embedded
update_hash_from_stream(format, stream) — hash the asset, skipping exclusion ranges
sign_embeddable(format) — sign and return manifest bytes, zero-padded to placeholder size
set_bmff_mdat_hashes(...) — supply pre-computed mdat chunk hashes for BMFF Merkle workflows

Plus Context::ContextBuilder::with_signer(Signer&&) — attach a signer to a context programmatically.
New test — FullWorkflowWithAJpgContextSigner demonstrating the end-to-end embeddable workflow for a JPEG using a context-attached signer.

[tmathern]

The existing APIs in the header file should stay (especially since the implementation are still here).

The main reason is that they enable to programatically set a Signer on a Context (and not "just" through Settings). It is also used in one of the embeddable tests.
I know embeddable APIs can work just with the Context and expect a Signer on it. So being able to set it programatically makes the API more flexible.

All this to ask to revert the removals from c2pa.hpp.

ps: I am not sure why, sometimes you need the safe to test label to run the tests, sometimes not. Here it didn't run them, but I expect build failrues due to the header change (with_signer is used).

[tmathern]

Such a clean API for a complicated topic! LGTM!

[tmathern]

Suggestion: Bump the version in https://github.com/contentauth/c2pa-c/blob/main/CMakeLists.txt#L17 before merging, so one of us can tag this later!