Change encryption approach for keystore for better quantum safety

[SmithSamuelM]

Make keystore better post quantum safe when used remotely such as with Signify.

Symmetric encryption ECC (ChaCha, Salsa) is already post quantum safe but the use of the private key exposes such encryption to side channel attacks.

https://crypto.stackexchange.com/questions/70492/how-resistant-are-stream-ciphers-like-salsa20-or-chacha-in-a-post-quantum-world

Asymmetric encryption ECC is vulnerable to post quantum attack on the public encryption key which can be inverted by post quantum to get the private decryption key without a side channel attack.

So if use symmetric encryption do not ever share the priave decryption key. If use asymmetric encryption use one of the new post quantum asymmetric encryption/decryption algorithms.

For Signify need to adapt how the keystore is used since not protected by local OS access control and encryption

• [ ] Add to prms SES (Symmetric Encryption Secret)
• [ ] Add to prms sym (bool) short for symmetric True means use SES insted of AEID False means use AEID
• [ ] Add Symcrypter class for symmetric encrypt/decrypt
• [ ] Add Sypher class for symmetrically encrypted secrets (salt and seed) with appropriate CESR codes for each type of secret
• [ ] When using SES then encrypt/decrypt private keys with SES
• [ ] Add logic to change to/from No encryption, Asymmetric Encryption, Symmetric Encryption and to update encryption kes of each type.
• [ ]