Implement bit-sliced AES block cipher

This is the first step towards implementing AEGIS-128L and AEGIS-256 in pure PHP, with the eventual hope of polyfilling those functions ahead of their landing in PHP 8.4's ext-sodium.

While we *may* be able to use a table look-up version of AES for the actual bulk data processing for AEGIS, we do _at least_ want a bitsliced implementation of the AES round function for the Init() step.

This implementation is based heavily on the work of Thomas Pornin's BearSSL project.

See https://www.bearssl.org/constanttime.html#aes