Issue #10730: Use crypto_api for generating nonces and improve hashing

Issue #10730: Use crypto_api for generating nonces and improve hashing

A new Crypto API function crypto_generate_uri_safe_nonce has been added
which generates base64 encoded URI safe alphabet nonces according to
RFC4648. This nonce creation function can thus be used throughout
MantisBT where we need a random nonce. The primary use at the moment is
with form_api tokens.

Hashing throughout the codebase has been improved to use the newly
implemented $g_crypto_master_salt configuration option. This deprecates
a number of older salt configuration options as we now derive salts
from the master salt as needed. The Whirlpool hashing function is used
to generate stronger hashes (instead of the original md5 hashing that is
now deprecated).

RSS keys, cookie strings, lost password confirmation hashes, CAPTCHA
keys, form CSRF tokens and so forth have all been upgraded to make use
of the new Crypto API infrastructure and better hashing/salting methods.