Modify encryption scheme

Modify encryption scheme

[Problem] Current encryption scheme makes it impossible to remove an entry
protected with custom user password from database.
[Solution] Encryption scheme modified. Store is responsible for encrypting data
with user password. Service encrypts it with app key. Data encrypted with old
scheme that is being read will be automatically reencrypted with new scheme.

[Verification] Run tests from upcoming commit:
ckm-tests-internal -t ENCRYPTION_SCHEME_TEST

Change-Id: I8ed514290d9e75bbc89d74b006939e3cbb0b8bd2