Improve processing of certificates with more sequences

[saalistaja]

Currently we fail on java.lang.ClassCastException: org.bouncycastle.asn1.ASN1Integer incompatible with org.bouncycastle.asn1.DLSequence when a certificate does not contain the PSD2 sequence as the first one.

We should be more robust and allow processing of similar sequences like:

0 = {DLSequence@1600} "[0.4.0.1862.1.1]"
1 = {DLSequence@1587} "[0.4.0.1862.1.3, 20]"
2 = {DLSequence@1601} "[0.4.0.1862.1.4]"
3 = {DLSequence@1602} "[0.4.0.1862.1.6, [0.4.0.1862.1.6.3]]"
4 = {DLSequence@1603} "[0.4.0.19495.2, [[[0.4.0.19495.1.1, PSP_AS], [0.4.0.19495.1.2, PSP_PI], [0.4.0.19495.1.3, PSP_AI], [0.4.0.19495.1.4, PSP_IC]], Erste, AT-ERS]]"

The cause lies at https://github.com/wultra/powerauth-webflow/blob/develop/powerauth-tpp-engine-model/src/main/java/io/getlime/security/powerauth/app/tppengine/model/certificate/ICACertificateParser.java#L106

DLSequence mandates = (DLSequence) sequence.getObjectAt(1);
if (psd2.equals(id.getId())) {
  ...

Unfortunately the root exception is swallowed so I tried to provide as much as possible notes here.

[romanstrobl]

I can look at it after the release.