Refactor memory allocation for the symmetric ciphers context structures.

Use the OpenSSL HMAC implementation, and thus also the OpenSSL EVP_sha1()
implementation.

Experiments show about a 1.5x speedup on Intel CPUs with AVX2.

When building with OpenSSL, pass the AES_ICM key to the EVP context (and
thus, do AES key expansion) in srtp_cipher_init, not srtp_cipher_set_iv.

This means that AES key expansion is done once per key, rather than once
per packet, resulting in a 2-3x speedup for AES-128.

When building with OpenSSL, pass the AES_GCM key to the EVP context (and
thus, do AES key expansion) in srtp_cipher_init, not srtp_cipher_set_iv.

Improves AES_GCM performance 2x-3x.

Changes for OpenSSL 1.1.0 compatibility.

In OpenSSL 1.1.0, EVP_CIPHER_CTX, HMAC_CTX, and EVP_MD_CTX are opaque
types, and have to be allocated with *_new methods and deallocated with
*_free.

EVP_CIPHER_CTX_new/free is present in OpenSSL 1.0.1 and later, but
HMAC_CTX_new and EVP_MD_CTX_new are new in OpenSSL 1.1.0.

Use the _new unconditionally for ciphers, and conditionally use the old
or new APIs for HMAC and MD.

No noticible performance change for older OpenSSL.