Remove torut dependency

[eval-exec]

What problem does this PR solve?

Problem Summary:

CKB depended on torut for onion service key/address handling and Tor controller commands. That dependency also pulled in old transitive crates that required cargo-deny RustSec ignores.

What is changed and how it works?

What's Changed:

• Remove torut from workspace dependencies and Cargo.lock.
• Replace Tor controller usage with local code for PROTOCOLINFO, AUTHENTICATE, cookie/SAFECOOKIE authentication, GETINFO, and ADD_ONION.
• Add local Tor v3 key/address derivation while preserving the existing 64-byte base64 onion private key file format.
• Remove the torut-specific RustSec ignore entries from deny.toml.

Related changes

• PR to update owner/repo: none
• Need to cherry-pick to the release branch: no

Check List

Tests

• Unit test
• Manual test (add detailed scripts or steps below)

Manual test details:

cargo check -p ckb-onion
cargo nextest run -p ckb-onion

Also attempted:

cargo check -p ckb-launcher

This failed in the local native tikv-jemalloc-sys build before reaching launcher code.

Side effects

• Breaking backward compatibility: no. Existing onion private key files keep the same 64-byte base64 format.
• Performance regression: no expected performance impact; this path runs during Tor onion service setup and health checks.