Rewrite SubtleCrypto implementation, mostly in Rust (#42754)

This PR completely replaces the implementation of `crypto.subtle`. The new implementation is primarily written in Rust, with minimal JS. In particular, this includes moving the "normalize an algorithm" logic into Rust.

We also now keep `CryptoKey` key material entirely in Rust, not accessible to V8; it also stays in a typed form (rather than shuffling bytes over the op boundary on every call). The JS `CryptoKey` object only stores an index into a slab of keys owned by the isolate. The Rust side also keeps a weak reference to the JS object, which allows the key to be garbage collected and also doubly ensures that CryptoKeys can't be improperly minted.

In support of this, ops now use new traits `ToV8` and `FromV8` to convert their return values and arguments, rather than always using serde_v8. Any type that implements the serde traits automatically gets the old treatment, but we need CryptoKey in particular to get custom handling.

To conform more closely to the WebCrypto specification, this PR also adds the ability to throw properly typed exceptions (`DOMException`, `TypeError`) from Rust via new error structs that are translated on the op boundary.

The new implementation is also more complete and adds support for more primitives, like the P-521 elliptic curve, encryption/decryption with AES-CTR/AES-CBC/RSA-OAEP, and a bit more stuff. Still not everything is supported; missing algorithms are HKDF, AES-KW, ECDH, and X25519.

I've added a lot of new tests to the test suite and added an interop test that checks that exported keys, signatures, and encrypted data match Node.js behaviour. This found a lot of bugs.

GitOrigin-RevId: aabf4959659d415bafa0a3845c36ddfefe3ae1f6

Author: goffrie