feat: encryption keys in database (#3265)

* enable overwrite of adminUser fields in defaults.yaml

* create schema and table

* cli: create keys

* cli: create keys

* read encryptionkey from db

* merge v2

* file names

* cleanup defaults.yaml

* remove custom errors

* load encryptionKeys on start

* cleanup

* fix merge

* update system defaults

* fix error message

internal/api/grpc/management/server.go

@@ -1,13 +1,13 @@
 package management
 
 import (
-	"github.com/caos/zitadel/internal/crypto"
 	"google.golang.org/grpc"
 
 	"github.com/caos/zitadel/internal/api/authz"
 	"github.com/caos/zitadel/internal/api/grpc/server"
 	"github.com/caos/zitadel/internal/command"
 	"github.com/caos/zitadel/internal/config/systemdefaults"
+	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/query"
 	"github.com/caos/zitadel/pkg/grpc/management"
 )
@@ -24,18 +24,23 @@ type Server struct {
 	query           *query.Queries
 	systemDefaults  systemdefaults.SystemDefaults
 	assetAPIPrefix  string
-	PasswordHashAlg crypto.HashAlgorithm
-	UserCodeAlg     crypto.EncryptionAlgorithm
+	passwordHashAlg crypto.HashAlgorithm
+	userCodeAlg     crypto.EncryptionAlgorithm
 }
 
-func CreateServer(command *command.Commands, query *query.Queries, sd systemdefaults.SystemDefaults, assetAPIPrefix string, userCrypto *crypto.AESCrypto) *Server {
+func CreateServer(command *command.Commands,
+	query *query.Queries,
+	sd systemdefaults.SystemDefaults,
+	assetAPIPrefix string,
+	userCodeAlg crypto.EncryptionAlgorithm,
+) *Server {
 	return &Server{
 		command:         command,
 		query:           query,
 		systemDefaults:  sd,
 		assetAPIPrefix:  assetAPIPrefix,
-		PasswordHashAlg: crypto.NewBCrypt(sd.SecretGenerators.PasswordSaltCost),
-		UserCodeAlg:     userCrypto,
+		passwordHashAlg: crypto.NewBCrypt(sd.SecretGenerators.PasswordSaltCost),
+		userCodeAlg:     userCodeAlg,
 	}
 }