CMM decrypt contract makes an incorrect statement about the algorithm suite

[mattsb42-aws]

The decrypt contract for the CMM interface currently states that:

If the decrypt materials request contains an algorithm suite, the decryption materials returned SHOULD contain the same algorithm suite.

While it is true that on encryption the CMM MAY alter the algorithm suite, once the suite is set by the CMM on encryption, everything is locked in and the client itself enforces this. If a CMM on decryption alters the algorithm suite, the result MUST fail at the CMM because (baring some very specific edge cases that we do not support) it will fail further down the decryption process.

Also, every decryption materials request MUST contain an algorithm suite because every encrypted message header MUST contain an algorithm suite ID.