test(integration): add async cert verify and offload 'stress' test

[kaukabrizvi]

Goal

Add an mTLS “stress” integration test that exercises the full async path: async certificate validation + async pkey verify offload, using rustls as client and s2n-tls as server (TLS 1.3).

Why

This combination adds additional complexity to the mTLS handshake path and ensures that async callback ordering, offload behavior, and multi-message handshake handling remain correct. In addition to the async cert verify callback tests introduced in #5638, applications may configure mTLS with both asynchronous certificate validation and asynchronous public-key verification, so it’s valuable to have integration coverage for that full path.

How

• Adds a new integration test that drives a full TLS 1.3 mTLS handshake using rustls → s2n-tls.
• Registers an async certificate-validation callback and defers acceptance until the test supplies the decision.
• Registers an async pkey-verify offload callback (s2n_config_set_async_offload_callback) so that CertificateVerify signature checking is suspended and later resumed.
• Steps the handshake in phases, receiving the async operations, performing them, and ensuring the connection resumes correctly.

Callouts

• Introduces a small restructuring of the integration/mtls tests: the stress test is in mtls/async_verify_and_offload.rs, while mod.rs holds the shared helpers and the basic, sync, and async cert-verify tests. This keeps the stress test isolated while still reusing common helpers. Future public-key offload coverage (across client/server, TLS 1.2/1.3, sync/async) can also live in this folder and follow the same structure.
• The rustls→s2n TLS 1.3 variant is temporarily #[ignore] due to an existing s2n-tls bug where multi-message async cert validation clears queued handshake messages. The #[ignore] should be removed once fix: refactor negotiate loop to fix issue with async callback #5641 is merged.

Testing

I validated the test as follows:

• Rebased on the fixes from fix: refactor negotiate loop to fix issue with async callback #5641, then verified (via debug prints) that the TLS 1.3 handshake progresses correctly and that both async callbacks fire at the expected points, so the test passes.
• Confirmed the expected failure mode without those fixes: the handshake hangs, and only the cert-verify callback counter increments, while the pkey-offload callback is never caleld, because the server never receives the CertificateVerify message due to the bug.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.