Security improvements on API keys

[Fevol]

Currently the API keys are stored in a plaintext file within the plugin's data.json. Some users might want a more secure solution, such that if their vault's files get leaked, the API keys of the translation services are (reasonably) protected.

I don't know what the most secure way to do this will be; and what people consider to be secure enough, so I'd love to hear your opinion on this matter!

Encrypt

Encrypt the API keys stored within data.json with an user provided password, this password can be added in local storage such that the user does not need to re-enter it each time Obsidian is booted up

Tasks

• [x] Setup SubtleCrypto for encryption of password strings
• [x] Add API key storage option inside settings page
• [x] Prompt user to set password on selecting this storage option
• [x] Store password in local storage such that the user only needs to enter it once for the device (add non-peristent option such that the user needs to enter password on plugin start-up)
• [x] Automatically encrypt/decrypt API keys inside data.json on (de)selecting option
• [x] On construction of translation service handler, decrypt the API key
• [x] Apply sufficient salt to the password
• [x] (? Do not allow two devices using different storage settings, as this could cause conflicting states with file synchronization services ?)

Do not save

User needs to add API key for translation service every time plugin is started up (API key never gets saved on disk)

Tasks

• [x] Intercept write of API key to options if setting is enabled