Use ursa as an optionalDependency

[mgcrea]

I've seen that ursa have been removed by some commit. However, considered the large performance gap, wouldn't it be interesting to add it back as an optional dependency, if it builds then it's fine and can be used to generate privateKeys, if not we leverage the JS code as usual. There is the sync issue but I guess this could be opt-in with an option.

I'm using something like this in my project:

function generateFastKeyPair(bits = 2048, exponent = 65537) {
  try {
    const keyPair = require('ursa').generatePrivateKey(bits, exponent);
    return Promise.resolve({
      privateKey: pki.privateKeyFromPem(keyPair.toPrivatePem().toString()),
      publicKey: pki.publicKeyFromPem(keyPair.toPublicPem().toString())
    });
  } catch (err) {
    return pki.rsa.generateKeyPairAsync({bits, workers: -1}); // bluebird promisified
  }
}

[dlongley]

We could potentially add it in as an optional dependency. We also need to make use of the Web Crypto API when available, eventually, for the browser-side. We should probably just automatically check for its existence and use it if available and if the "js only" forge flag isn't set.