EC generation and request context

[aram356]

Parent epic

#532

Description

Implement the core EC data types, generation logic, and per-request context struct that all subsequent stories depend on.

Scope: ec/identity.rs, ec/mod.rs, trusted-server.toml [ec] section, Settings struct update.

Acceptance criteria

• generate_ec(passphrase, ip) produces a deterministic 71-char string: 64-char lowercase hex hash + . + 6-char random alphanumeric suffix. HMAC inputs are normalize_ip(ip) as message and passphrase as key.
• normalize_ip() truncates IPv6 to /64 (first 4 groups), passes IPv4 unchanged.
• IP is sourced from req.get_client_ip_addr() — no header fallback.
• EcContext::read_from_request(req, settings, geo) reads the ts-ec cookie and X-ts-ec header. Sets cookie_was_present, ec_was_present, ec_value, and cookie_ec_value (when header and cookie carry different valid EC values). Validates values via ec_hash() — malformed values are treated as absent; if header is invalid, falls back to cookie. Captures client_ip from req.get_client_ip_addr() as Option<IpAddr>. Calls build_consent_context() with the EC hash as identity key and stores the result as consent: ConsentContext.
• EcContext::generate_if_needed(settings, kv) generates a new EC when ec_value == None && allows_ec_creation(&consent), sets ec_generated = true, writes initial KV entry via kv.create_or_revive() (best-effort). Never returns an error — organic traffic must not 500 on EC failure.
• [ec] settings block parses from TOML: passphrase, ec_store, partner_store, admin_token_hash, pull_sync_concurrency. EdgeCookie does not derive Default — omitting [ec] is a startup error. #[validate(nested)] on the ec field.
• All unit tests in identity.rs pass (HMAC determinism, format, IP normalization).

Spec ref

docs/internal/ssc_technical_spec.md §2, §3, §4, §5.4, §14.1