Add support for the export_keying_material function to the SSL library.

Tested with Python 3.7.4 and Python master branch:

https://github.com/wingel/cpython/tree/export_keying_material-3.7.4
https://github.com/wingel/cpython/tree/export_keying_material-master

Is this the correct format for a patch?  Should I include the automatically generated clinic changes in my patch or not?  What about the "versionadded::" string in the documentation?  Should I include a line like that or does it only generate unneccessary conflicts?  Anything else I need to do?

Could you please explain the purpose of the feature and why you want to expose the interface? What's the use case?

As this is a new feature, Python 3.7 and 3.8 are out of scope.

I'm doing an implementation of the NTS protocol for my customer Netnod:

https://github.com/Netnod/nts-poc-python

NTS is draft RFC on its way to become a standard:

https://datatracker.ietf.org/doc/draft-ietf-ntp-using-nts-for-ntp/

NTS requires the export_keying_material functionality as described in RFC5705.

Basically it's a part of the TLS standard, is used by 10 existing protocols with more on the way.  And I can't implement a NTS key establishment server or client without the function.  That's why I added the functionality and verified that it works both with the stable 3.7.4 release and with the master branch of the cpython repository.

I tested with 3.7.4 first on my machine because that's the release of Python that comes with Ubuntu and I wanted to have as few differences as as possible compared to the distribution version.  I then forward ported the patch to the master branch and verified that my NTS implementation still works with that branch.