tuf.keys.create_signature and tuf.keys.verify_signature should have
no awareness of the encodings of the data fed to them. They should
receive bytes, sign those or validate the signatures on those, and
return signatures or validity booleans. They shouldn't need to
deal with ASN.1 or DER or JSON or even encoding things as utf-8.

Future commits will capture those needs in higher level code.

Allow code to expect tuf.keys.create_signature to take bytes without
lots of special flags.

that will deal with metadata encoding to sig.py. These can be
called from code that would previously have had to worry about
ASN.1/DER/JSON/utf-8.

repository_lib functions and sig.get_signature_status can now
forget all about encoding and format and use the new functions
in sig.

create_signature and verify_signature only take binary data
as their 'data' argument, so this commit checks that argument
for the correct format.

Non-binary data must raise tuf.FormatError when provided to
create_signature or verify_signature.

Also fixes test_keys tests for new expectations: binary only.

sign_over_metadata and verify_signature_over_metadata

and have testing use the new sign_over_metadata function.
(Testing will already use the other new function,
verify_signature_over_metadata, because it is called
indirectly by tuf.sig.verify.)

tuf.keys only deals with binary data now.