feat(crypto,pki): implement Wave 1 — hybrid KEM + PKI

aura-crypto: X25519 + ML-KEM-768 (FIPS 203) hybrid KEM, HKDF-SHA256 session
key derivation, ChaCha20-Poly1305 AeadSession with counter nonces; genuine
NIST ACVP ML-KEM-768 KAT (decapsulation vector). 16 tests green, clippy clean.

aura-pki: self-signed CA, server/client cert issuance (rcgen 0.14), mutual
X.509 chain verification via rustls-webpki, CRL revocation. 8 tests green.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

crates/aura-pki/Cargo.toml

@@ -6,10 +6,17 @@ license.workspace = true
 description = "Aura PKI: CA, X.509 issuance and mutual-auth verification"
 
 [dependencies]
-rcgen.workspace = true
+# `x509-parser` feature enables Issuer::from_ca_cert_pem (parsing an existing CA
+# cert to reconstruct the issuer). Merged on top of the workspace default features.
+rcgen = { workspace = true, features = ["x509-parser"] }
 rustls.workspace = true
 rustls-pki-types.workspace = true
 x509-parser.workspace = true
 uuid.workspace = true
 thiserror.workspace = true
 anyhow.workspace = true
+# Chain verification against the Aura CA trust anchor. 0.103 is already in the
+# workspace lockfile (pulled transitively), so this adds no new resolution.
+webpki = { package = "rustls-webpki", version = "0.103", default-features = false, features = ["ring"] }
+# Certificate validity windows (not_before / not_after). Already in the lockfile.
+time = { version = "0.3", default-features = false, features = ["std"] }