split CSR, CRL and SPKAC out of X509 and implement lazy loading

[terrafrost]

This PR splits CSR, CRL and SPKAC out of X509 and into their own classes and implements lazy loading, which addresses #2073.

The documentation for this new API can be found here:

https://terrafrost.com/phpseclib/v4/docs/file/x509

When phpseclib 4.0 is released the documentation that currently lives at the above URL will be moved to phpseclib.com. Reason being that the above isn't just documenting features new to phpseclib 4.0 but also constitutes a complete site redesign and rebranding of phpseclib.

With phpseclib 3.0 one would read a certificate thusly:

use phpseclib3\File\X509;

$x509 = new X509();
$cert = $x509->loadX509(file_get_contents('google.crt'));

print_r($cert);

With phpseclib 4.0 you would now read a certificate like so:

use phpseclib3\File\X509;

$x509 = X509::load(file_get_contents('google.crt'));

print_r($x509);

Creating new X509 certificates has also changed. Here's how you'd create a self-signed certificate with phpseclib 3.0:

$subject = new X509(); 
$subject->setPublicKey($pubKey); // $pubKey is a PublicKey objet
$subject->setDN('/O=phpseclib demo cert'); 

$issuer = new X509(); 
$issuer->setPrivateKey($privKey); // $privKey is a PrivateKey object
$issuer->setDN('/O=phpseclib demo cert'); 

$x509 = new X509(); 
$result = $x509->sign($issuer, $subject); 
echo $x509->saveX509($result);

Here's how you'd create a self-signed certificate with phpseclib 4.0:

$x509 = new X509($pubKey); // $pubKey is a PublicKey object
$x509->setDN('/O=phpseclib demo cert'); // if the DN's are the same this'll update both the subject and issuer DN's; if the DN's are different this will throw an exception
$privKey->sign($issuer); // $privKey is a PrivateKey object
echo $x509;

One big difference is that private keys can now sign objects implementing the \phpseclib3\File\Common\Signable interface. When such an object is passed to the sign() method the methods that that object implements tell the PrivateKey object what bytes the signature should be created from and where the signature should be placed.

https://terrafrost.com/phpseclib/v4/docs/file/x509#signing also discusses the use of PFX's to sign certificates. PFX support will be implemented by December 31 of this year at the latest.

The CRL, CSR and SPKAC objects all work similarly.

In-so-far as lazy loading is concerned... as discussed at https://terrafrost.com/phpseclib/v4/docs/file/detail-constructed#speed-and-memory-usage there are actually several different "modes" that phpseclib v4 supports. Here's a breakdown of the time and memory usage of each of those "modes" on a 2.2mb CRL with 40,000+ revoked serial numbers:

	Peak Memory	Initial Search	Subsequent Searches
Eager Loading	323mb	2.01s	0.01s
Lazy Loading	151mb	0.44s	0.08s
Lazy Loading (with cache clearing)	43mb	0.44s	0.36s
phpseclib v3	290mb	1.30s	0.01s

290mb vs 43mb is an improvement of almost 6.7x.

This work has been commissioned by the Sovereign Tech Fund: