Be more considerate about sensitive key material in kept memory

[eugeneia]

Currently, Vita makes no special effort to isolate sensitive key material from other memory. Key material exists in the configuration (YANG configuration, the SAD written to /var/run/snabb) as well as in the heap when it is (de)serialized in and out of the SAD. Possible steps to gain control of key material in memory include:

• zeroing key material when no longer needed (lib.ipsec.esp could use a :destroy() method, and the apps that handle key material could zero keys as well)
• investigate/extend lib.yang with regards to encoding binary blobs containing key material as to avoid "loosing" them in the heap in their string representations.

[eugeneia]

A sensible first goal would be to make sure that ephemeral keys are effectively wiped out of memory after their SA has expired.