Server (in-memory) caching of decrypted secrets

[mcpherrinm]

Keywhiz decrypts secrets each time they're read from the database.

If there's a secret assigned to many clients, the Keywhiz server will have to load that secret from the database each time, and decrypt it.

There's room for potential optimization here, by having some cache of decrypted secrets.

The security implications need to be carefully considered, but our threat model allows (and keywhiz currently has) decrypted secrets in application memory.

This isn't currently a problem at Square's scale: The amount of CPU we have for redundancy purposes is more than sufficient.