const-oid: add `ObjectIdentifierRef`

[tarcieri]

Adds a repr(transparent) newtype for a [u8] which is guaranteed to contain a valid BER serialization of an OID. This is a similar approach to how Path/PathBuf or OsStr/OsString work (except with ObjectIdentifier being stack-allocated instead of heap allocated).

An unsafe pointer cast is required to go from &[u8] to &ObjectIdentifierRef, so unfortunately this means the crate is no longer forbid(unsafe_code), however it's been lowered to deny(unsafe_code) to ensure contributors think twice before adding more.

Borrow and Deref impls have been added to the owned ObjectIdentifier type, allowing common functionality to be moved to ObjectIdentifierRef, allowing both types to exist while eliminating code duplication.

A PartialEq impl allows them to be compared.

The db module continues to use ObjectIdentifier for now, however hopefully this approach would allow #1212 to be reinstated and for ObjectIdentifierRefs to be used for the database eventually (i.e. revert the revert in #1299)

NOTE: this PR also relaxes the previous requirement that an OID have at least three arcs. It is now allowed to only have two. It also removes the Error::NotEnoughArcs variant that covered that particular case.

[tarcieri]

An unsafe pointer cast is required to go from &[u8] to &ObjectIdentifierRef, so unfortunately this means the crate is no longer forbid(unsafe_code)

Sidebar: really wish these could eventually be "safe transmutes"