Improve tool-openssl compatability for x509 and verify subcommands

[skmcgrail]

Description of changes:

• OpenSSL supports passing lower-case pem or der when using the -inform argument to the x509 sub-command.
• Add support for the -untrusted flag to the verify sub-command which allows for passing in a set of one or more chain certificates which may be used in the certificate chain building and validation.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 79.51807% with 17 lines in your changes missing coverage. Please review.

Project coverage is 79.05%. Comparing base (154f998) to head (cd931e0).
Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
tool-openssl/verify.cc	82.50%	7 Missing ⚠️
tool/args.cc	69.23%	2 Missing and 2 partials ⚠️
tool-openssl/s_client.cc	0.00%	3 Missing ⚠️
tool/client.cc	0.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2196      +/-   ##
==========================================
- Coverage   79.05%   79.05%   -0.01%     
==========================================
  Files         612      612              
  Lines      106159   106210      +51     
  Branches    15002    15008       +6     
==========================================
+ Hits        83923    83961      +38     
- Misses      21582    21599      +17     
+ Partials      654      650       -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[smittals2]

Can we add a test for the new -untrusted option?

I remember there were some issues with output being differently formatted between OpenSSL and AWS-LC (I don't remember if this was X509 or verify though). If that is why this test was not added, ignore the comment.

[smittals2]

Intentional to