rfc2136 provider: expect base64 encoded TSIG key

[Avarei]

What this PR does / why we need it: Usually both tsig key tools generate, and dns servers are configured using the base64 encoded version of the TSIG Key. This PR reduces complexity by removing base64 encoding during runtime, which removes the need to decode it for the Kubernetes Secret.

This also makes integration with external secret providers easier, as the binary data from the tsig key could be difficult to copy.

Which issue(s) this PR fixes: Fixes #346

Special notes for your reviewer: the diff in go.mod is due to running go mod tidy

Release note:

rfc2136 provider expects TSIGSecret in base64 encoded format (previously base64 decoded was expected)

[CLAassistant]

All committers have signed the CLA.

[gardener-robot]

@Avarei Thank you for your contribution.

[gardener-robot-ci-3]

Thank you @Avarei for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

[Avarei]

@MartinWeindel fyi