Add support for SHA256-RSA-MGF1

[Pe-te]

Problem:

Our IDP is forcing us to switch to the following signing method,
but this method is not supported by the current goxmldsig library (Release v1.5.0):

http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1

The error message we saw was the following:

Unknown signature method: http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1

---

Hackaround:

We were able to get a working version that works in our case (simple login)
by adding these two lines of code in the xml_constants.go:

At line 49 add the signature method:

	SHA256RSAMGF1SignatureMethod = "http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1"

At line 120 link the signature algorithm to the signature method:

	SHA256RSAMGF1SignatureMethod: x509.SHA256WithRSAPSS, 

Probably there are a hundred more places that need to be changed for a full PR,
but I thought I'll leave that snippet here in case someone runs into the same issue.

[ahacker1-securesaml]

Looks good to me, can you make PR.

Most SAML libraries DO NOT support http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1 , how much clients are they breaking?

[Pe-te]

Not sure how many clients are connecting with golang, probably most of them still use Java or C#, where the signature method seems to be supported.
In our case it's a higher 5 digit number of endusers affected by the change.

Have created a pull request with our quick fix, but like I said, not sure if it needs more unit tests or extra logic.
#162

[Pe-te]

@ahacker1-securesaml, what would be needed to merge this change? would like to get rid of our private fork. 😄