Browser Encryption signatures are not always encoded corectly

DER encoding is always signed.
Browsers use 'raw' encoding.
Where the r and s values are just concatenated.
If the first bit of r or s is 1,
an additional 0 byte should be added.
The current implementation of `raw2der` does not do this.
