keystore: Add flag for blobs to be unencrypted

In order to let apps use keystore more productively, make the blob
encryption optional. As more hardware-assisted keystores (i.e., hardware
that has a Keymaster HAL) come around, encrypting blobs start to make
less sense since the thing it's encrypting is usually a token and not
any raw key material.

Bug: 8122243
Change-Id: If9af0d992d68edec006e630c687df3d03a7c9608