common: introduce ceph::crypto::zeroize_for_security().

common: introduce ceph::crypto::zeroize_for_security().

For the sake of compliance with FIPS memory where security
material (like keys) was stored, should be cleaned when it
isn't used anymore. This is intended to limit the impact of
other security problems allowing to inspect memory.

In many cases such sanitization is performed with `memset`
or `bzero` to zeroize the memory. However, C++ language,
due to the as-if rule [1], provides less guarantees than
necessary to ensure that a call to e.g. `memset` will be
always translated into intended stores. This isn't something
specific to it nor `bzero`. All a compiler needs to know
to perform dead store elimination is the code itself (to
exclude e.g. `volatile` fencing). Presumably it could assume
how the things from standard library look internally – like
with an inlineable function [2].

[1] https://en.cppreference.com/w/cpp/language/as_if
[2] https://godbolt.org/z/XJnAnA

The problem was already discussed in the GCC bug reports
which finally have been marked as "invalid":
  * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=8537,
  * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71388.

Because of that we want to perform the security clean-ups
with a dedicated procedure that takes responsibility of
prohibiting compilers from optimizing it out. OpenSSL
already provides such utility: `OPESNSSL_cleanse`. This
commit integrates it into Ceph's abstractions over crypto.

The intended clients are some current user of `memset` and
`bzero` found using the GCC's `deprecated` attribute. See:
https://gist.github.com/rzarzynski/db9b4ca6b3d409d2ab8d38f4d6678063.

Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
(cherry picked from commit c16266cec254f0ca0e0330f4bb84c3b53386e0ba)