Refactor: libcrmcommon: ensure crm_md5sum() never passes NULL to md5_buffer()

This has no benefit other than quieting a coverity false positive,
because md5_buffer() won't dereference buffer when len is zero.
But it's an equally good approach (NULL and "" result in same hash,
and it's no less readable or efficient).