Fix ML-DSA PKCS8 copying bug

[PranavSenthilnathan]

While I was fixing test failures, this bug was sometimes surfacing as an exception from CopyTo. We were copying the entire ArraySegment<byte>.Array when we should be only copying the relevant span.

The rest of the PR changes are the test failures I was fixing, but otherwise unrelated to the above bug. SHAKE and SHA3 are not supported in netfx.

[Copilot]

Pull Request Overview

This PR fixes a critical bug in ML-DSA PKCS8 key export functionality where the entire backing array was being copied instead of just the relevant segment. Additionally, it addresses test failures related to unsupported hash algorithms on the .NET Framework platform by adding proper platform checks and adjusting test data generation.

• Fixed ArraySegment copying bug in ML-DSA PKCS8 export that could cause buffer overruns
• Added platform-specific hash algorithm support checks for ML-DSA tests
• Updated test data generation to avoid unsupported hash algorithms on netfx

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File	Description
MLDsaCng.Windows.cs	Fixed PKCS8 export bug by copying span instead of entire array
HashInfo.cs	Added helper property to identify supported hash algorithms
MLDsaTestsBase.cs	Added platform checks and fixed test data generation for unsupported algorithms

Comments suppressed due to low confidence (1)

src/libraries/Common/tests/System/Security/Cryptography/HashInfo.cs:104

• The variable name 'field' is ambiguous and unclear. Consider using a more descriptive name like '_knownHashAlgorithmOids' to follow the backing field naming convention.

        internal static HashSet<string> KnownHashAlgorithmOids => field ??= AllHashInfos().Select(h => h.Oid).ToHashSet();

[dotnet-policy-service]

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

[PranavSenthilnathan]

/ba-g #117772 #117854