apple-codesign: Replace aws-sdk-s3 with rust-s3

[KYovchevski]

We found that aws-sdk-s3 is a pretty heavy dependency which also requires CMake.
Replacing it with rust-s3 removes this dependency on CMake and also speeds up the build times. It also allows us to remove tokio and a few other dependencies for apple-codesign, though some are still included in the tree through other dependencies.

The build times below are the quickest I could get over a few clean builds of apple-codesign.

Previous:

• default features (--features="notarize") - 126s
• --no-default-features - 105s

Now:

• default features (--features="notarize") - 108s
• --no-default-features - 104s

Also includes some unrelated formatting changes because I ran cargo fmt, but the bulk of the changes are in notarization.rs.

[indygreg]

This looks like a meaningful improvement. The aws-* crate tree feels a bit bloated and I too don't like the longer build times.

I had this PR applied locally and was going to push it.

I saw from the Cargo.lock changes that we add a dependency on openssl-sys. That didn't sit well with me because I don't want to take a dependency on OpenSSL. We could point the rust-s3 crate at an alternate crypto implementation via a *-rustls-tls feature, which I'd prefer.

But then I was thinking about the likely future, where we gain support for using AWS KMS to perform code signing. That would almost certainly use an aws-* crate. Then we'd have the official AWS crates and a 3rd party crate for S3. That feels kludgy. And the aws-* crates would insist on using Amazon's crypto stack (aws-lc-sys), which is the thing introducing the cmake dependency. So we'd be back where we started.

Then there's the interaction with #212 and how we should handle HTTP proxies.

I'm sympathetic to the short-term build time wins. But I'm not convinced this is the best long-term direction due to likely incorporation of native KMS signing support someday.

[KYovchevski]

The main goal with the PR was actually removing the dependency on CMake, since we are using apple-codesign in a project which explicitly aims to avoid requiring anything extra aside from cargo and rustup. The build-time speedup was a nice bonus.

The dependency on openssl-sys is a good catch that I missed. I'll change the TLS backend to hopefully avoid that, since it should also be a problem for us.

Admittedly, I am not very familiar with the Amazon ecosystem and AWS KMS in particular, but I see the concern with having both rust-s3 and many of the aws-* crates at the same in the future. I also don't currently know if our project would benefit from AWS KMS, but I imagine that if we are choosing between it and avoiding a CMake dependency, we'd be choosing the latter.

If possible, I would be open to refactor this with a feature that controls which S3 backend is being used (aws vs rust-s3). That way both options are on the table, and there's no need to have both dependencies in the tree once support for AWS KMS is implemented.