Added pkcs7 support (this PR was split, do not merge)

[bkstein]

This branch extends the wrapper mainly for PKCS7 applications. I use it for:

• creation of a CSR with a challenge password attribute
• creation of a signed PKCS7 containing an enveloped PKCS7 with an encrypted CSR
• extraction of certificates from a PKCS7

As this is my first contribution to rust-openssl, I'd appreciate a reviewer's opinion for this:

• I understand, the PKCS7 struct should be opaque, but I had to expose the inner structure of openssl's PKCS7 to the wrapper. There is no other way to get access to the certificates in a PKCS7. openssl's api misses something like PKCS7_get0_certificates(). All I found was the implementation of openssl pkcs -in p7.pem -print-certs, which also reads the inner fields: certs = p7->d.sign->cert;

[Skepfyr]

Hi, this PR is very large so reviewing and merging it will take a pretty large time commitment from one of us. I may be able to look at it at some point but I can't make any promises. Also, it's marked as a draft and has some git conflict markers in it, which makes me very hesitant to review. Is this ready (barring the merge conflicts)?

[bkstein]

The only reason for the Draft marker is a race condition in OpenSSL, which is encountered by a test (asn1_type_type_compatibility). See #1730. I still want to analyze the problem. But note, that the code changes in rust-openssl are not affected. It's only some preparation code for the test, that crashes in multithreaded environments. This could also be a flaw in OpenSSL (actually, I assume it is).
In short: if I can see a realistic chance, that my PR might be reviewed and possibly be merged in the near future :), I offer to
analyze that race condition to make sure, we have no skeletons in the closet.
I will also resolve the merge conflicts (I do this anyway from time to time).
Would it help, if I separated the PR into multiple smaller PRs?

[Skepfyr]

Splitting it up into smaller PRs would be helpful. Obviously investigating that flaky test would be useful, but don't feel obligated.

[bkstein]

@Skepfyr I will try to split the PR, but I'm not sure, if I will be able to detangle this without dropping something. My plan is to make 4 PRs:

1. a small one with X509Purpose stuff, see Issues with current implementation of X509_PURPOSE constants #1782.
2. one with the openssl-sys changes
3. one for X509 certificates and other basics
4. one for PKCS7 related changes
   Please note, that the changes will depend on each other. 4 on 3 on 2 on 1.

[Skepfyr]

That sounds reasonable. It's probably sensible to leave this PR up so that we can check it's all there once everything's merged.

[bkstein]

@Skepfyr I completed the split. I think it's best to review the PR's in order:

• X509_PURPOSE #1788
• Preparing openssl-sys for PKCS7 and X509 extensions #1789
• X509 and X509Req extensions #1790
• PKCS7 creation and reading #1791
  Each PR contains the predecessor(s), so merging PKCS7 creation and reading #1791 would be sufficient, but more work at a single blow.