This will allow RRSIG.Sign to use generic crypto.Signer implementations.
This is a interface breaking change, even if the required changes are most
likely just type asserions from crypto.PrivateKey to the underlying type or
crypto.Signer.
Now PrivateKey is an interface exposing Sign() and String(). Common
implementations are wrappers for {rsa|dsa|ecdsa}.PrivateKey but
this allows for custom signers, and abstracts away the private-ops
code to a single place.
This is based on @miekg's sig0 branch. That branch diverged from master
and I didn't want to wander off on a rebase.
As implemented there's no allowance for multi-envelope (TCP) support.
TODO:
* unpackUint32() could be moved out and used elsewhere
* tests
* multi-envelope support (if useful)