[BREAKING] AES GCM encryption now requires a user provided nonce

[lawliet89]

Fixes #70

I understand that wrt Content encryption, the RFC for JWE literally says:

    Generate a random JWE Initialization Vector of the correct size
    for the content encryption algorithm (if required for the
    algorithm); otherwise, let the JWE Initialization Vector be the
    empty octet sequence.

and nothing on the CEK:

    When Key Wrapping, Key Encryption, or Key Agreement with Key
    Wrapping are employed, encrypt the CEK to the recipient and let
    the result be the JWE Encrypted Key.

but in the JWA RFC, it says the following wrt to AES GCM

Keys used with AES GCM must follow the constraints in Section 8.3 of
[NIST.800-38D], which states: "The total number of invocations of the
authenticated encryption function shall not exceed 2^32, including
all IV lengths and all instances of the authenticated encryption
function with the given key". In accordance with this rule, AES GCM
MUST NOT be used with the same key value more than 2^32 times.

An IV value MUST NOT ever be used multiple times with the same AES
GCM key. One way to prevent this is to store a counter with the key
and increment it with every use. The counter can also be used to
prevent exceeding the 2^32 limit above.

This security consideration does not apply to the composite AES-CBC
HMAC SHA-2 or AES Key Wrap algorithms.

So I am implementing this and if anyone has any feedback, we can discuss.