x509 Certificate Conversion

When dealing with Yubikeys, the attestation certificate is an x509 certificate. So if you're validating the attestation chain, once you're done you need to convert the public key of the leaf certificate (the attestation certificate) to an SSH Public Key type. This adds a helper function for that.

The only reason it's in the Yubikey module is because the yubikey-piv library has a really handy function to do most of the heavy lifting for the conversion. Maybe one day I can reimplement and then it can be moved out but will still require more core dependencies.