Move all crypto operations into one crate, with a single crypto backend

[data-sync-user]

Currently, we have a few places where we do crypto in syncstorage, this is not exhaustive but:

• We verify JSON web tokens in the tokenserver’s tokenserver-auth crate
• We have HMAC and HKDF operations in a few places
• We use a random number generator in a few places
• We verify HAWK headers in syncstorage/web/auth
• We use TLS for reqwest

However, we don’t have a clear story of which one crypto backend to use, and multiple have snuck into our dependency tree, namely:

• For TLS and HAWK verification we use ring (ring gets pulled in through reqwest and the hawk crates)
• For HMAC and HKDF we use the hmac and hkdf rust crates directly
• Historically, we’ve used openssl for the JWT verification, however that would change in https://github.com/mozilla-services/syncstorage-rs/pull/1513 to use ring as well

To avoid future foot-guns and accidentally using multiple crypto backends, let's have one crate (maybe syncstorage-common, maybe another crate altogether) export all crypto operations.

Ideally there would be a trait, that can be implemented by various backends to allow easy switching, however for now we should pick one backend and stick with it for all implementations.

Note that configuring reqwest and hawk to use other crypto backends has to happen using rust features, so may be out of scope for this ticket b

┆Issue is synchronized with this Jira Task