Add initial network security config implementation

Initial implementation of a unified application wide static
network security configuration.

This currently encompases:
* Trust decisions such as what trust anchors to use as well as static
  certificate pinning.
* Policy on what to do with cleartext traffic.

In order to prevent issues due to interplay of various components in an
application and their potentially different security requirements
configuration can be specified at a per-domain granularity in addition
to application wide defaults.

This change contains the internal data structures and trust management
code, hooking these up in application startup will come in a future
commit.

Change-Id: I53ce5ba510a4221d58839e61713262a8f4c6699c