Continuation of #230
Closes #85
Related to gotify/server#416

I've adopted some of the code and translated it to Kotlin, but most parts are rewritten.
Here's a summary:

• You can now configure a client certificate (PKCS#12) including password in the advanced settings (on the login screen)
• The certificate contents are no longer stored in the shared preferences but the certificates are copied as a whole over to the app's file directory; the helper functions all just require input streams, so we cut the additional loading from shared preferences into another local bytestream beforehand, which then was forwared to the helper functions
• Because of the new cert retrieval logic, upgrades from previous app versions will lead to ignored ca certs
• We can not preview the CN of the client cert as with the CA cert as it's encrypted
• I just know login and basic messages work when configuring no CA but a client cert

Testing the following cases is still to be done:

• Fully functional when not configuring anything
• Fully functional when only configuring CA cert
• Fully functional when only configuring client cert (fixed in 60946e4)
• Fully functional when configuring CA cert and client cert

Maybe taking a look at image loading is important as well.

And I will add some kind of hint that you have to give a password, it seems like (according to my trial and error) the Java client key implementation requires one.

For reference my reverse proxy settings (Caddy, docs for client_authentication):

(require_client_cert) {
    tls {
        client_auth {
            mode require
            trusted_leaf_cert_file client.crt
        }
    }
}

my.domain:1234 {
    import require_client_cert
    # gotify on port 8080
    reverse_proxy localhost:8080
    tls internal
}