Implement and use secure cryptographic APIs that handle keying material

[lvh]

A secure API has several requirements. Hopefully this list is exhaustive, but we have no guarantees.

• Coordinate with abstractj/kalium on how to implement direct ByteBuffer APIs: abstractj/kalium#21
• Implement those APIs in kalium.
• Expose those APIs in caesium.
• Use those APIs in icecap.
• Explicitly clear keying material when we're done with it: #31
• Document all these efforts on the security wiki page