feat: Implement DefaultCryptoHmac for compliance-aware HMAC operations

- Added DefaultCryptoHmac class implementing ICryptoHmac interface.
- Introduced purpose-based HMAC computation methods.
- Implemented verification methods for HMACs with constant-time comparison.
- Created HmacAlgorithms and HmacPurpose classes for well-known identifiers.
- Added compliance profile support for HMAC algorithms.
- Included asynchronous methods for HMAC computation from streams.

docs/product-advisories/ADVISORY_INDEX.md

@@ -363,7 +363,7 @@ These are the authoritative advisories to reference for implementation:
 - **Sprint:** Multiple (see below)
 - **Related Sprints:**
   - SPRINT_100_identity_signing.md (CLOSED - historical)
-  - SPRINT_314_docs_modules_authority.md (Docs)
+  - SPRINT_0314_0001_0001_docs_modules_authority.md (Docs)
   - SPRINT_0514_0001_0001_sovereign_crypto_enablement.md (Crypto)
 - **Gaps:** `31-Nov-2025 FINDINGS.md` (AU1–AU10 remediation task AUTH-GAPS-314-004)
 - **Related Docs:**

docs/product-advisories/archived/27-Nov-2025-superseded/28-Nov-2025 - Authentication and Authorization Architecture.md

@@ -380,7 +380,7 @@ stella auth revoke verify --bundle revocation.json --key pubkey.pem
 ## 13. Sprint Mapping
 
 - **Historical:** SPRINT_100_identity_signing.md (CLOSED)
-- **Documentation:** SPRINT_314_docs_modules_authority.md
+- **Documentation:** SPRINT_0314_0001_0001_docs_modules_authority.md
 - **PostgreSQL:** SPRINT_3401_0001_0001_postgres_authority.md
 - **Crypto:** SPRINT_0514_0001_0001_sovereign_crypto_enablement.md