[crypto] simplify AesCcm public APIs and introduce internal Engine (openthread#13215)

This commit refactors the `AesCcm` class to simplify its public interface,
decoupling the high-level API from the underlying cryptographic execution.

Key improvements:
- Redesigned the API from a series of procedural method calls
  (`Init()`, `Header()`, `Payload()`, `Finalize()`) into a unified,
  stateful model. Callers now pre-configure the operation parameters using
  dedicated setters (`SetKey()`, `SetNonce()`, `SetAuthData()`,
  `SetTagLength()`) and execute the entire cryptographic operation in a
  single step via unified `Process()` methods.
- Introduced a nested `Engine` class to encapsulate the low-level AES-CCM
  mathematical and cryptographic state. The `Engine` provides clean internal
  interfaces for both optimized one-shot (single-part) and multi-part
  operations.
- This architectural separation allows the outer `AesCcm` class to focus on
  parameter validation, high-level buffer management, and complex `Message`
  chunk iterations, while the `Engine` remains focused purely on the
  cryptographic core. This also provides a clean extension point to easily
  route one-shot operations to platform-specific hardware acceleration APIs
  in the future.
- Updated `Mac` and `Mle` modules to use the simplified APIs, reducing
   boilerplate code.
- Retained a static `Perform()` wrapper to support the legacy public
  `otCrypto` API.
- Updated unit tests to validate the new stateful interfaces, including
  robust in-place message chunk processing and separate-buffer
  validations.

Author: abtink

src/core/api/crypto_api.cpp

@@ -64,22 +64,11 @@ void otCryptoAesCcm(const otCryptoKey *aKey,
                     bool               aEncrypt,
                     void              *aTag)
 {
-    AesCcm aesCcm;
-
     AssertPointerIsNotNull(aNonce);
     AssertPointerIsNotNull(aPlainText);
     AssertPointerIsNotNull(aCipherText);
     AssertPointerIsNotNull(aTag);
 
-    aesCcm.SetKey(AsCoreType(aKey));
-    aesCcm.Init(aHeaderLength, aLength, aTagLength, aNonce, aNonceLength);
-
-    if (aHeaderLength != 0)
-    {
-        OT_ASSERT(aHeader != nullptr);
-        aesCcm.Header(aHeader, aHeaderLength);
-    }
-
-    aesCcm.Payload(aPlainText, aCipherText, aLength, aEncrypt ? AesCcm::kEncrypt : AesCcm::kDecrypt);
-    aesCcm.Finalize(aTag);
+    AesCcm::Perform(aEncrypt ? AesCcm::kEncrypt : AesCcm::kDecrypt, AsCoreType(aKey), aTagLength, aNonce, aNonceLength,
+                    aHeader, aHeaderLength, aPlainText, aCipherText, aLength, aTag);
 }