Add LDAP Distinguished Name Helper and Credential Audit Context

- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values.
- Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context.
- Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events.
- Introduced AuthorityAuditSink for persisting audit records with structured logging.
- Added CryptoPro related classes for certificate resolution and signing operations.

src/__Libraries/StellaOps.Cryptography/Audit/AuthEventRecord.cs

@@ -90,14 +90,24 @@ public enum AuthEventOutcome
     Failure,
 
     /// <summary>
-    /// Operation failed due to a lockout policy.
-    /// </summary>
-    LockedOut,
-
-    /// <summary>
-    /// Operation was rejected due to rate limiting or throttling.
-    /// </summary>
-    RateLimited,
+    /// Operation failed due to a lockout policy.
+    /// </summary>
+    LockedOut,
+
+    /// <summary>
+    /// Operation requires the subject to successfully perform a fresh authentication step (e.g. password reset).
+    /// </summary>
+    RequiresFreshAuth,
+
+    /// <summary>
+    /// Operation requires multi-factor authentication before it can succeed.
+    /// </summary>
+    RequiresMfa,
+
+    /// <summary>
+    /// Operation was rejected due to rate limiting or throttling.
+    /// </summary>
+    RateLimited,
 
     /// <summary>
     /// Operation encountered an unexpected error.