Support wrapping plaintext in closure

[voltone]

See also https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/sensitive_data

[voltone]

Just to clarify: it would be possible to implement the core aspect of this feature purely in my application by overriding after_decrypt/1 to return the closure. But that would not support the reverse direction: passing a closure in an insert/update. For that I'd have to unwrap the closure in cast/1, and it is not overridable.

So a minimal change might be instead to make cast/1 overridable in all default types. But I think the benefit of explicit support for this feature in Cloak.Ecto is that it raises awareness of this technique to other users of the library.

[danielberkompas]

This looks great, apologies for the long delay. ⭐