Support responses without embedded certificate info

[colonel-sanders]

The KeyInfo element within a signature is optional, and some Identity Providers choose to leave it out of a Response. This PR allows such Responses to still be validated through the use of options[:certificate].

The main changes here:

• Renamed the existing Samlr::Tools::Certificate class to Samlr::Tools::CertificateBuilder, because it does fill a very similar role to the other Builder classes
• Added a new class Samlr::Certificate
• Updated the samlr command-line tool to accept a --certificate parameter. Note, since this parameter is an IO object, the value could be a local file or a URL

Feedback is appreciated!

[morten]

Very nice. Thanks. Will merge and push v1.1.0 shortly.