Add master source lookup dispatcher

There should be a pseudo dispatcher implementation which doesn't provide actual decryption but just lookup of secret values by reference (via its `decrypt` method). The `encrypt` should just validate the given reference is resolvable by a master source.
That way the password are completely managed externally in one of the master sources.