Add optional packet encryption

[Measurity]

• [x] Add RSA API for creating and loading private/public key pairs
• [x] Add AES API for symmetric encryption of packets
• [ ] Add negotiation between client and server (encrypted using RSA) for which password to use for AES packet encryption
• [ ] Make packet encryption optional via server configuration

Ideally would use DTLS, which prevents decryption of all (recorded) messages (if the private key is ever leaked). But I leave that as a future improvement.

Closes #1996