Happy flow for creating realms works

But needs more validating...

IdentityShroud.Core/Services/MasterEncryptionService.cs

@@ -0,0 +1,23 @@
+using IdentityShroud.Core.Contracts;
+using IdentityShroud.Core.Security;
+
+namespace IdentityShroud.Core.Services;
+
+/// <summary>
+/// 
+/// </summary>
+/// <param name="encryptionKey">Encryption key as base64, must be 32 bytes</param>
+public class EncryptionService(string keyBase64) : IEncryptionService
+{
+    private readonly byte[] encryptionKey = Convert.FromBase64String(keyBase64);
+
+    public byte[] Encrypt(byte[] plain)
+    {
+        return AesGcmHelper.EncryptAesGcm(plain, encryptionKey);
+    }
+
+    public byte[] Decrypt(byte[] cipher)
+    {
+        return AesGcmHelper.DecryptAesGcm(cipher, encryptionKey);
+    }
+}