kms: fix semantics for HSMs added by 56df5fe4 (#34)

This commit fixes the semantics of the `HSMs` and `ActiveHSMs`,
now `ConfiguredHSMs` fields.

Before, the `HSMs` field contained all HSMs "present" at the KMS
server (configured ones and ones with an on-disk entry), and the
`ActiveHSMs` field contain only the configured HSMs for which an
on-disk entry exists.

The problem with such an approach is that you cannot distinguish
between HSMs that are configured but don't have an on-disk entry
(because it got deleted) and HSMs that have an on-disk entry but
are not configured. Both would appear in the list of `HSMs` but
not in the list of `ActiveHSMs`.

This commit fixes this. Now, the `HSMs` list contains only HSMs
with an on-disk entry and the `ConfiguredHSMs` list contains only
HSMs for which a configuration is currently present.

The list of all HSMs (what the `HSMs` field used to be) is simply
the union of `HSMs` and `ConfiguedHSMs`. Configured HSMs without
an on-disk entry appear in `ConfiguredHSMs` but not in `HSMs` and
HSMs without a configuration but a (stale or fallback) on-disk entry
appear in `HSMs` but not in `ConfiguredHSMs`.

This semantic change can be made since support for multiple HSMs is
not released yet.

Signed-off-by: Andreas Auernhammer <github@aead.dev>

Author: aead