Update CryptoManager secret key encryption public API:

1. Encapsulate Cipher object in CryptoManager instance.
2. Cipher key identifier (tag) and initialization vector prefix the cipher text.
3. New API consists of encrypt and getOutputCipherStream (with optional cipher transformation parameter), and decrypt and getInputCipherStream.

Limitations:
This is an update of the API only. The keys are stored in a Map object in the CryptoManager instance, so 
1. The implementation works for a single instance only (e.g., no encrypted passwords in a replication domain).
2. The key map does not persists across instance restarts.
Both persistent key storage in a stand-alone instance and the secret key distribution protocol (via ADS) for replicated topologies needs to be implemented.

Other shortcomings:
1. The exception messages need to be added to the message catalogue.
2. The implementation could benefit from a review.
3. Only simple success test cases are implemented in the unit tests.
4. The uses of getInputCipherStream and getOutputCipherStream should be reviewed, since the cipher transformation used - as of now it is always the preferred (default) cipher transformation - is still stored in the backup info file, where it might be informative, but is redundant (the cipher info is encoded as the prologue of the backup data).
5. The preferred cipher, etc., should be configurable.