Python: Add ECDSA signing code.

[eranmes]

Add a module for producing ECDSA signatures that are suitable for use in CT log implementations (both 6962 and 6962-bis):

• Produce deterministic signatures.
• Signature bytes are DER-encoded.
• Signature is wrapped in a DigitallySigned protobuf for easy TLS serialization.

This is necessary for a reference implementation of a 6962-bis log.

[RJPercival]

I think we should merge PR #953 first, as that ecdsa module has issues and we'd be better off not expanding its use.

[eranmes]

To follow up:

• ECDSA signatures produced by the cryptography.io package are not deterministic.
• Cryptography.io uses openssl underneath so OpenSSL has to support it first: https://mail.python.org/pipermail/cryptography-dev/2016-December/000698.html
• I've requested this feature in OpenSSL, but even once implemented, will take a while to make it to a stable release.

So I think we should stay with the ecdsa package here for now.

[RJPercival]

That's a shame. I've filed an issue with OpenSSL to track this (https://github.com/openssl/openssl/issues/2078). I guess the ecdsa package is the best option we have.

[eranmes]

@RJPercival PTAL.