Implement NOISE_NK (psk0) key exchange

[spinda]

Related to #45, implement a key exchange pattern wherein an anonymous (ephemeral) client and a server whose static public key is known to that client can safely communicate bidirectionally.

[jedisct1]

Thanks! Having NK would be useful, but the API should probably be slightly different.

Unlike N, the client can use a long-term key pair. So, instead of generating a new one in nk_1, we should accept an already existing key pair.

Similarly, the client public key is an information the server application may want to use. So, we may want to fill this in nk_2.

[spinda]

How's this look? The idea is to support passing NULL for client_eph_kp into hydro_kx_nk_1 to have it generate an ephemeral key pair automatically, and similarly passing NULL for the peer_eph_pk output parameter into hydro_kx_nk_2 if the server doesn't need to check the public key.

[spinda]

Hey, I still need NK, but never received any feedback on the revised changeset. Would appreciate it if you could give this another look.

[spinda]

I see this was rolled into 1669168. Thanks!