Extend engine to AES symmetric key encryption / decryption

[ZacharyEspiritu]

Copied from #24:

We can extend the engine to Cloud KMS keys that have key purposes of types ENCRYPT_DECRYPT (i.e. AES) and ASYMMETRIC_DECRYPT (i.e. RSA encryption). Currently, the backing layer is algorithm-agnostic and so most of the backing layer structure should be immediately reusable. The bulk of the work involved would be:

• Add the requisite Cloud KMS API calls to the GrpcClient implementation (for example, AsymmetricDecrypt for ASYMMETRIC_DECRYPT keys; Encrypt and Decrypt for ENCRYPT_DECRYPT keys).
• Expose those API calls to the bridge layer by adding them to the CryptoKeyHandle implementation.
• In the bridge layer, write OpenSSL callbacks for AES / RSA implementations that call the corresponding API methods exposed in CryptoKeyHandle.
• For ENCRYPT_DECRYPT keys, add AES functionality to the key loader in the bridge layer. (At the time of writing, all ASYMMETRIC_DECRYPT keys are RSA keys, so those keys should be able to reuse the existing RSA key loader code.)

The engine could also support key generation OpenSSL APIs. For example, the engine currently defines the callback for RSA_meth_set_keygen as a null pointer (since it is unimplemented), but in the future this could be defined to make Cloud KMS API calls to create private keys on the fly.