Add Debian packaging, Makefile, manpages, tests, and design doc

Introduces a static-binary build and Debian package (amd64/arm64) with
version/commit/date stamped via -ldflags. Ships section-1 manpages for
ctool, ctfetch, and ctail. Adds a `version` subcommand reachable as
`ctool version`, `ctool -version`, `ctool --version`, `ctool fetch
version`, `ctool tail version`, and via the ctfetch/ctail symlinks. Adds
tests covering the dispatcher, fetch/tail argument parsing, and the
formatter/helper functions. Adds a retrofit design document modelled on
the vpp-maglev one, with FRs and NFRs for each tool and the dispatcher.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

debian/ctool.control.in

@@ -0,0 +1,24 @@
+Package: ctool
+Version: @VERSION@
+Architecture: @ARCH@
+Maintainer: Pim van Pelt <pim@ipng.ch>
+Section: net
+Priority: optional
+Description: Tools for working with Static CT log tiles
+ ctool is a busybox-style binary that fetches and decodes entries
+ from Static CT API logs (c2sp.org/static-ct-api).
+ .
+ ctool fetch reads one or more log entries from a data tile —
+ either by leaf index or by dumping a whole tile URL / local file —
+ and prints them as structured JSON. Optional modifiers decode
+ embedded SCTs, fetch the issuer certificate from the log, and
+ enrich each SCT with operator and state information from the
+ Chrome CT log list.
+ .
+ ctool tail follows a log's /checkpoint endpoint and prints a
+ one-line summary per certificate or precertificate as new data
+ tiles complete. Useful for live monitoring of a log's growth.
+ .
+ The package installs ctool under /usr/bin along with ctfetch
+ and ctail symlinks, which invoke the matching subcommand
+ directly for scripting convenience.