Fix deprecation warnings

[aj-dt]

Fixes deprecation warnings for

• SecTrustGetCertificateAtIndex
• SecTrustCopyPublicKey
• SecTrustEvaluate

The deprecation warnings are fixed by delegating the same tasks to new functions in pinning_utils.m, which use if (@available(...)) to call the correct functions based on platform version, e.g. SecTrustCopyPublicKey on iOS < 14 and SecTrustCopyKey on iOS >= 14.

The replcaements for SecTrustCopyPublicKey and SecTrustGetCertificateAtIndex are straightforward.

The replacement for SecTrustEvaluate is more subtle, because SecTrustEvaluate and its replacement SecTrustEvaluateWithError behave differently: SecTrustEvaluate will return success even when the certificate is not trusted (e.g. for trustResult = kSecTrustResultRecoverableTrustFailure). But SecTrustEvaluateWithError will return failure when the certificate is not trusted (e.g. for kSecTrustResultRecoverableTrustFailure). This means that beyond just replacing SecTrustEvaluate() -> evaluateTrust(), it was necessary to adjust the if statements evaluating the result to reflect this change.

The changes were evaluated by running the unit tests after setting the minimum deployment target successively to iOS 11 and iOS 15.

[aj-dt]

Several additional changes made on subsequent commits:

• replaced deprecated uses of [NSURLSession new] in the tests with [NSURLSession sessionWithConfiguration]
• replaced usage of @available() with a dlsym-based approach for determining when to choose SecTrustCopyCertificateChain over SecTrustGetCertificateAtIndex at runtime. The problem here was that @available is not handled well by older compilers when the platform version is higher than the max-version known by that compiler, which was the case for an @available targeting iOS 15 and Xcode 12.5.1.
• added entries for tvOS, watchOS in the @available statements.