Document that non-Encryption SDK exceptions can be raised

[alex-chew]

The API documentation for the Python Encryption SDK lists custom exception types, but the APIs may let through exceptions from underlying libraries (e.g. InvalidTag and InvalidSignature) from pyca/cryptography. We should add a note to the documentation stating this.

Alternatively (or additionally) we can try to wrap these kind of exceptions into Encryption SDK custom exceptions with additional context.

[mattsb42-aws]

Philosophical note from the original author: this was not intentional. I would consider this a bug.