[crypto] Split Bytes class

This CL breaks out the Secret class from the Bytes class. A number of
paranoid but expensive functions are only needed for security sensitve
secrets, e.g. mandatory_memset in the destructor of keys. This split
allows only the data that needs the paranoia to pay for it.

Change-Id: Ib3fdc23ef7c0f86a6549c639353ac72bb35ebedf

[fvm-host] Convert compress enum to flags

This CL replaces the compress_type_t to a uint32_t flags field.
This allows other values to be plumbed through, like one for
fvm::kSparseFlagZxcrypt.

Change-Id: I030a749947f5a02402ddf2b9fbe528ee98900911

[paver] Add zxcrypt support

This CL adds a flag to FVM sparse containers. This flag
indicates to the disk paver that it should use a zxcrypt volume
on top of the FVM partition. The ability to set the flag in the
host FVM tool will be added in a later CL.

Change-Id: Ica8a416ca7244b1bf8e045ededb2bcfe845092f5

[zxcrypt] Don't cache parent block information

This CL removes the copy of the block_info_t from the zxcrypt
device. Caching such information caused it to be invalid after FVM
resizes. This also caused the 'synthetic' block size to be removed,
which hasn't been needed since the Jan. refactor, and which broke
atomicity with lower layers.

ZX-1948 #comment Fixed

Change-Id: I8d2e9ab8eb965f7ead1796eb38d9dc0e6ee939f8

[zxcrpyt] Add extra debug output for test flake

This CL adds extra output if Volume::Create fails unexpected, as
observed in one test flake. The observed flake could only have been
caused by an unusual block_info_t or fvm_info_t, so this CL now dumps
both on error.

ZX-1948 #comment Adds debug output

Change-Id: Ifbc53a58e8165a9680832f7f8ef7eedcf9e3dda1

[zxcrypt] Refactor TestDevice

This CL refactors TestDevice's lifecycle, especially with regards to its
block fifo lifecycle management.

I am fairly certain the root cause of the test flake was the way I was
using |fdio_watch_directory| did not guarantee I wouldn't get the wrong
device when aggressively un/binding. That method calls a provided
callback whenever files are added, removed, etc. to a directory.
Watching a directory in the /dev tree is the only way to be notified of
new devices being added or removed right now. Notably, it immediately
invokes the callback with an 'add' event for each existing files.

Previously, since multiple devices could be added by binding a single
driver (i.e., the requested driver, auto-detected FVM drivers and a
mid-layer driver for each), the code watched the /dev/class/block
directory for an alias whose topological path ended in the right suffix.
This was racy since we might get an 'add' event for a device from a
previous test that hadn't quite unbound, and mtach the suffix.

The new approach recursively calls |fdio_watch_directory| for each
element in the topological path, thus guaranteeing we can only bind to
the new ramdisk created for each test.

ZX-1659 #comment Fixes the test flake

Change-Id: I3fbf571e5d81a528ecccb9067fe8742e1cf4a151

[zxcrypt] Rewrite TestDevice a unit test helpers

There's some outstanding flake in the zxcrypt unit tests, but current
output from failed tests isn't sufficiently useful in isolating it.
This CL attempts to improve the reporting of unexpected errors by
converting the methods of zxcrypt::testing::TestDevice to be unit test
helpers as defined in unittest.h.

ZX-1659

Change-Id: Ie23b323e559099ce4b2527ff07a87aee669f4449

[zxcrypt] Improve Volume support for Cipher, FVM

This CL modifies three areas of Volume:
1. It moves all metadata to the first two FVM slices and doesn't use
the last one.
2. It tweaks some tests and test conditions to accomdate changes in
ramdisks.
3. It refactors Bind to initialize one cipher at a time.

Change-Id: Iff7629473e93beb5fb38a3d97002cc799fc67da1

[zxcrypt] Rename superblock to volume

zxcrypt::Superblock evolved beyond just an interface for a single block
of metadata into something more like a zxcrypt volume interface. This
CL renames the class to reflect that.

Change-Id: I8602a9531687df31e84f701e277f07238c519b6e