Add docs for ML-DSA and hybrid keys (#29246)

* add api docs for pqc key types

* add pqc key types to docs

* remove slh-dsa and add hybrid

website/content/api-docs/secret/transit.mdx

@@ -67,6 +67,8 @@ values set here cannot be changed after key creation.
   - `managed_key` - External key configured via the [Managed Keys](/vault/docs/enterprise/managed-keys) feature (enterprise only)
   - `aes128-cmac` - AES-128 CMAC (CMAC generation, verification) <EnterpriseAlert inline="true" />
   - `aes256-cmac` - AES-256 CMAC (CMAC generation, verification) <EnterpriseAlert inline="true" />
+  - `ml-dsa` - ML-DSA (asymmetric) (experimental) <EnterpriseAlert inline="true" />
+  - `hybrid` - hybrid signatures combining a post-quantum algorithm and an elliptic curve algorithm (asymmetric) (experimental) <EnterpriseAlert inline="true" />
 
   ~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
      and thus should not be used: `chacha20-poly1305` and `ed25519`.
@@ -79,6 +81,15 @@ values set here cannot be changed after key creation.
 
   ~> **Note**: When key type is `managed_key`, either the `managed_key_name` or
      `managed_key_id` parameter must be specified.
+
+  ~> **Note**: When key type is `ml-dsa`, `parameter_set` must be specified.
+
+  ~> **Note**: When key type is `hybrid`, `parameter_set`, `hybrid_key_type_pqc`,
+  and `hybrid_key_type_ec` are required.
+
+  ~> **Warning**: ML-DSA and hybrid schemes are considered experimental functionality and
+  should not be used in production environments.
+
 - `key_size` `(int: "0", optional)` - The key size in bytes for algorithms
   that allow variable key sizes.  Currently only applicable to HMAC, where
   it must be between 32 and 512 bytes.
@@ -88,6 +99,13 @@ values set here cannot be changed after key creation.
   hour. Uses [duration format strings](/vault/docs/concepts/duration-format).
 - `managed_key_name` `(string: "")` - The name of the managed key to use for this transit key.
 - `managed_key_id` `(string: "")` - The UUID of the managed key to use for this transit key.
+- `parameter_set` `(string:"")` - The parameter set to use for ML-DSA. Required for
+ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
+- `hybrid_key_type_pqc` `(string: "")` - The post-quantum algorithm to use for hybrid signatures.
+Currently, ML-DSA is the only supported key type.
+- `hybrid_key_type_ec` `(string: "")` - The elliptic curve algorithm to use for hybrid signatures.
+Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
+
 ### Sample payload
 
 ```json

website/content/docs/secrets/transit/index.mdx

@@ -90,6 +90,8 @@ types also generate separate HMAC keys):
   for more information. <EnterpriseAlert inline="true" />
 - `aes128-cmac`: CMAC with a 128-bit AES key; supporting CMAC generation and verification. <EnterpriseAlert inline="true" />
 - `aes256-cmac`: CMAC with a 256-bit AES key; supporting CMAC generation and verification. <EnterpriseAlert inline="true" />
+- `ml-dsa` - ML-DSA; supports signing and signature verification (experimental) <EnterpriseAlert inline="true" />
+- `hybrid` - combination of two signature algorithms; supports signing and signature verification (experimental) <EnterpriseAlert inline="true" />
 
 ~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
 and thus should not be used: `chacha20-poly1305` and `ed25519`.
@@ -100,6 +102,9 @@ supports HMAC, and behaves identically to other algorithms with
 respect to the HMAC operations but supports key import. By default,
 the HMAC key type uses a 256-bit key.
 
+~> **Warning**: ML-DSA and hybrid schemes are considered experimental functionality and
+should not be used in production environments.
+
 RSA operations use one of the following methods:
 
  - OAEP (encrypt, decrypt), with SHA-256 hash function and MGF,