NewService API, simplify certificate loading and pushpackage signing APIs.

[nathany]

• NewService API extracts topic from cert, closes Extract bundle-id from certificate #22
• pushpackage: use TLS cert for signing instead of x509 cert and privateKey
• certificate: return TLS cert directly since it can be used for NewService and pushpackage.Sign
• reorganize push code

[nathany]

@macteo Apologies in the delay in getting to this. Mind doing a quick code review? What do you think of this for the API?

[nathany]

After making this change, I realized that I can simplify the pkg.Sign API to use tls.Certificate. I'm going to make those revisions on this branch.

[bolshoy]

@nathany there still needs to be a way to specify the notification topic. For example, we have two topics, one regular and one voip. The certificate contains both topics, but when you send the notification you must put a specific topic. At the moment, Apple just adds ".voip" suffix to a voip topic, so a flag can also work.

[nathany]

Hm. Okay. So we need to add Topic back to Headers then.