Allow selecting CryptoAPI physical store

[JeremyRand]

CryptoAPI has the concept of a "physical store"; changing the physical store of a cert impacts what users it applies to (and maybe some other things, like which applications it applies to and whether it's synced via Group Policy and/or Active Directory). The physical store is encoded in the path of the registry key where the cert blob is located. Right now, certinject always uses the Enterprise physical store, which is used for certs synced via Active Directory. Various other physical stores exist.

It would be useful to allow the user to specify which physical store a cert is injected to.

[JeremyRand]

List of all the physical stores I could find on a Windows 7 machine that I had lying around (via searching the registry for Root keys):

• HKCU\Software\Microsoft\SystemCertificates: This is the Registry physical store for the current user.
• HKLM\SOFTWARE\Microsoft\Cryptography\Services\ncdns\SystemCertificates: This is the Registry physical store for the ncdns service. (Other services are expected to have their own physical stores; ncdns is just an example.)
• HKLM\SOFTWARE\Microsoft\EnterpriseCertificates: This is the Enterprise physical store for the system. It is synced via Active Directory.
• HKLM\SOFTWARE\Microsoft\SystemCertificates: This is the Registry physical store for the system.
• HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates: This is the Group Policy physical store for the system. It is synced via Group Policy.
• The HKCU physical store also has analogues for other users via HKU, naturally.

I'm pretty sure that there are additional physical stores on Windows 8 or higher.

[JeremyRand]

https://github.com/namecoin/certinject/pull/4 added support for system, current-user, enterprise, and group-policy. We still need to add support for HKU and Services physical stores.