Also use fully secure ChaChaRng with a full seed, not just a u64.
Now that we always generate an extra proper VerificationKey for each
Tweak::ChangePubkey case, this /should/ never fail: it also helps split out the
actual verification of the signature from the parsing and validation of the key
itself.
The `SpendAuth` test vectors were generated using
`FixedGenerators::SpendingKeyGenerator`, and the `Binding` test vectors
were generated using `FixedGenerators::ValueCommitmentRandomness`.