HDDS-10778. Separate certificate codec from in memory and persisted storage

[Galsza]

What changes were proposed in this pull request?

As the ongoing crypto-compliance effort, it's important to make CertificateCodec as simple as possible and make it pluggable.

Please describe your PR in detail: The codec itself should only be responsible for encoding and decoding certificates. This PR aims at doing most of this work, however there are still some questions left for later. Right now the certificate reading and writing is done through JCAPemWriter and the provider is using BouncyCastle which needs to be moved to the crypto module.

Writing and reading certificates to/from files have been moved to the CertificateStorage class. This class could be static with a tiny effort as functionally it only contains methods that are essentially taking 3 things: a certificate in some format, a path and some details about the certificate and based on these 3 things it writes an encoded version of the certificate to a file.

Adding an instance variable with the certificate location to CertificateStorage doesn't really simplify this code as most of the writes can't be simplified simply because in each call it's actually the caller that knows the path where the certificate should be written, and these are different from each other. For example it's only the caller that knows if the certificate should be written to a temporary new directory because it's during a certificate rotation, or that it should just go to the default certificate directory.

https://issues.apache.org/jira/browse/HDDS-10778

How was this patch tested?

Already existing tests should cover the changes, green CI here: https://github.com/Galsza/ozone/actions/runs/9632416837