Introduce binary signing

Build process

• new build option WITH_SIGNING supported by make and cmake
• create CA certificate (config.sh --create-cert) or use own pre-built certificate (config.sh --add-cert)
• embed certificate as config_cert variable to config.c (config.sh --make-config.mak)
• sign SHA1 hash of binary with private key after build
• append signature to binary (upx binaries are supported as well)
• build process uses the new options in config.sh (--create-cert, --add-cert, --cert-file, --cert-info, --sign-marker)

Runtime signature verification

• extract public key from built-in certificate
• read signature from running binary
• verify SHA1 hash of running binary with extracted public key against signature
• stop running oscam if the verification process fails

Runtime certificate/signature information

• oscam startlog informs about signature verification status and certificate validity
• oscam.version shows signature and certificate details