Oscrypto

- Added support for OpenSSL 1.1.0
- Allow using OpenSSL on OS X and Windows
- Prevent FFI library references from being garbage collected before parent
`asymmetric.PublicKey`, `asymmetric.PrivateKey` and `asymmetric.Certificate`
objects
- Improved handling of `errSecAuthFailed` error that occurs when calling
`asymmetric.generate_*()` functions on OS X in some virtualenvs

- Allow `cffi` files to be removed from source tree when embedding

- Updated [asn1crypto](https://github.com/wbond/asn1crypto) dependency to
`0.18.1`.

- Backwards compatibility break: `trust_list.get_list()` now returns a list of
3-element tuples containing the certificate byte string, a set of trust OIDs
and a set of reject OIDs. Previously it returned a list of certificate byte
strings.
- `trust_list` now makes OS trust information OIDs available via the
`trust_list.get_list()` function, and writes OpenSSL-compatible trust
information to the CA certs file when calling `trust_info.get_path()` on
Windows and OS X.
- Removed reliance on opaque OpenSSL struct information for compatibility with
upcoming OpenSSL 1.1.0 release
- Improved handling of client authentication and socket read errors when using
OpenSSL
- Added Windows XP support

- Added `asymmetric.generate_dh_parameters()` and
`asymmetric.dump_dh_parameters()`
- Improve disconnection handling of `tls.TLSSocket` on Windows
- Ensure that certificates signed using MD5 and MD2 are rejected on Windows
when using the `extra_trust_roots` parameter of `tls.TLSSession`

- Fixed `trust_list` to work with new Security.framework behavior on OS X
10.11 El Capitan
- Fixed an occasional bug with `tls.TLSSocket()` on Windows when using TLSv1.2
and the server negotiated using a `DHE_RSA` key exchange
- Fixed a bug on Windows 10 where a TLS handshake would fail if the TLS record
was not completely received within one call to `socket.recv()`
- Fixed a bug where a private key would not be encoded with PEM encoding when
requested, if no passphrase was provided to `asymmetric.dump_private_key()`