Add SAML Assertion Encryption and Metadata Encryption Support

[nevzatcirak]

This PR introduces the ability to encrypt SAML Assertions and sign the root Response element, enhancing security compliance with SAML 2.0 standards.
The implementation follows a hybrid encryption approach where the assertion data is encrypted using a symmetric key (e.g., AES-256), which is then encrypted using the Service Provider's public key (RSA-OAEP).

Key Changes:
• Assertion Encryption: Implemented logic to wrap assertions in saml:EncryptedAssertion elements using the xml-encryption library.
• Response Signing: Added support for signing the outer samlp:Response element in addition to the assertion signature.
• Metadata Update: Updated createIdPMetadataXML to advertise encryption support and algorithms via KeyDescriptor (use="encryption").
• Refactoring: Standardized ID generation and improved the sign utility to better handle KeyInfo placement.
• Tests: Added unit tests covering encryption flows, metadata generation, and response structure validation.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ nevzatcirak
❌ Nevzat ÇIRAK

---

Nevzat ÇIRAK seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}