Provide a way to export PKCS12 in a way compatible with major OS (closes #7293)

[schwabe]

This mainly to get comments if this is a good way for the API to implement this or if another approach should be taken.

[reaperhulk]

I think a compatibility class is fine, but there are a lot of questions about what every other serialization method that accepts KeySerializationEncryption will do when (incorrectly) passing this new class. Additionally, we should be very explicit about what this supports (e.g. macOS 12.x and below, Windows Server 2016 and below, Android 12 and below). I'd also like to determine what the minimum degradation is to support this. e.g. can we just do SHA1 MAC and leave it AES256? Or is 3DES a hard requirement?

[schwabe]

In my tests AES128 and AES256 did not work. Only the 3DES and SHA1 were working. I did not test Windows 2016 but for Android and macOS this seems to be a hard requirement. I renamed the security class PKCS12CompatibilityEncryption to make it more clear that it is PKCS12 only. I see your point but I am unsure how a better API would be. Something like doing a special encryption class only for PKCS12?

I have successfully tested generating PKCS12 files using the PKCS12CompatibilityEncryption that worked on Android 12 and macos 15.

[reaperhulk]

Obsoleted by #7560, but thanks for working on this, it helped significantly in that other PR's evolution.