feat(crypto/unstable): add AES-GCM encrypt/decrypt helpers

[tomas-zijdemans]

High-level wrappers around Web Crypto's AES-GCM that generate a random 96-bit nonce and produce wire format (nonce (12 bytes) || ciphertext || tag (16 bytes)). Inspired by Golang's NewGCMWithRandomNonce.

AES-GCM is the only AEAD cipher in the Web Crypto spec, using it correctly requires the caller to: generate a 12-byte random nonce, call crypto.subtle.encrypt, concatenate nonce + ciphertext + tag, and reverse the process on decrypt with length validation. These two helpers solve this common use case.

Future streaming complement: WICG proposal #185

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.17%. Comparing base (4936f23) to head (8677832).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7012   +/-   ##
=======================================
  Coverage   94.16%   94.17%           
=======================================
  Files         618      619    +1     
  Lines       48802    48849   +47     
  Branches     8601     8609    +8     
=======================================
+ Hits        45954    46003   +49     
+ Misses       2779     2777    -2     
  Partials       69       69           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.