Add time-stamping functionality to git tag

This commit introduces command line options for git tag to allow adding trusted
time-stamps from a Time Stamping Authority according to RFC3161.

The SHA-1 has used for a time-stamp signature is generated from the header data
and the tag message, if present. After obtaining the time-stamp signature, it is
inserted into the object header under the `timesig`-key in a custom PEM-like
format. If the tag is also GPG-signed, the GPG signature includes the time-stamp
signature to prevent attackers from altering the time-stamp signature or
replacing it.

However, it is still possible to create tags with only a GPG signature or only a
time-stamp, although it is recommended to additionally GPG-sign time-stamp
signatures for the reasons stated above.

In contrast to the GPG signature, the time-stamp signatures are part of
the header, emulating the way GPG signatures of signed commits are stored. This
facilitates implementing RFC3161 time-stamps for commits eventually.

Signed-off-by: Anton Würfel <anton.wuerfel@fau.de>
Signed-off-by: Phillip Raffeck <phillip.raffeck@fau.de>