Expose encrypted data from the keyring

This makes it possible to request the encrypted data directly in application code. It will be used to download service account credential during "nomulus login".

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222847905

java/google/registry/keyring/kms/KmsKeyring.java

@@ -155,10 +155,27 @@ public class KmsKeyring implements Keyring {
     return getString(StringKeyLabel.JSON_CREDENTIAL_STRING);
   }
 
+  @Override
+  public String getEncryptedData(String keyName) {
+    KmsSecret secret = getSecret(keyName);
+    return ofy().load().key(secret.getLatestRevision()).now().getEncryptedValue();
+  }
+
+  private String getEncryptedData(KmsSecret secret) {
+    return ofy().load().key(secret.getLatestRevision()).now().getEncryptedValue();
+  }
+
   /** No persistent resources are maintained for this Keyring implementation. */
   @Override
   public void close() {}
 
+  private KmsSecret getSecret(String keyName) {
+    KmsSecret secret =
+        ofy().load().key(Key.create(getCrossTldKey(), KmsSecret.class, keyName)).now();
+    checkState(secret != null, "Requested secret '%s' does not exist.", keyName);
+    return secret;
+  }
+
   private String getString(StringKeyLabel keyLabel) {
     return KeySerializer.deserializeString(getDecryptedData(keyLabel.getLabel()));
   }
@@ -185,11 +202,8 @@ public class KmsKeyring implements Keyring {
   }
 
   private byte[] getDecryptedData(String keyName) {
-    KmsSecret secret =
-        ofy().load().key(Key.create(getCrossTldKey(), KmsSecret.class, keyName)).now();
-    checkState(secret != null, "Requested secret '%s' does not exist.", keyName);
-    String encryptedData = ofy().load().key(secret.getLatestRevision()).now().getEncryptedValue();
-
+    KmsSecret secret = getSecret(keyName);
+    String encryptedData = getEncryptedData(secret);
     try {
       return kmsConnection.decrypt(secret.getName(), encryptedData);
     } catch (Exception e) {